I am not the best at computer stuff, but the online game I play has been having a huge influx of account hackings due to keloggers/backdoors whatever you call them. Would you please look over this log and let me know if there is anything of concern in it? Any and all help would be very appreciated.... Thanks so much!!







Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:30:10 PM, on 11/28/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiSmart.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1202314960390
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Ribitt\Desktop\My Pictures\MaiNwetwurk.bmp

--
End of file - 6604 bytes

This post has been edited by ribitt: Nov 28 2008, 06:28 PM

Hello ribitt,

Welcome to Geekstogo.

Your Java is out of date, older versions are vunerable to attack.

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
• Accept any prompts.
• Open JavaRa.exe again and select Search For Updates.
• Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

Next

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Finally in this post

• Please download random's system information tool (RSIT) by random/random from here.
• It is important that is saved to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

When you return please post

• MBAM report
• the two RSIT logs - log.txt and info.txt

Note: It is likely the reports will not fit on one post. It might be necessary to break the logs up to get them on the forum. Just use as many posts as you need, that's fine.

Thanks so much for taking the time to look over my post - before receiving your reply I did run malwarebyte's and found /removed the following: Malwarebytes' Anti-Malware 1.30
Database version: 1433
Windows 5.1.2600 Service Pack 3

11/29/2008 2:58:26 AM
mbam-log-2008-11-29 (02-58-26).txt

Scan type: Full Scan (C:\|)
Objects scanned: 110832
Time elapsed: 33 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.Antivirus2008) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

After installing the new Java version here is the log for todayMalwarebytes' Anti-Malware 1.30
Database version: 1433
Windows 5.1.2600 Service Pack 3

12/1/2008 10:31:58 PM
mbam-log-2008-12-01 (22-31-58).txt

Scan type: Quick Scan
Objects scanned: 50752
Time elapsed: 4 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

And the requested logs
Logfile of random's system information tool 1.04 (written by random/random)
Run by Ribitt at 2008-12-01 22:38:15
Microsoft Windows XP Professional Service Pack 3
System drive C: has 180 GB (75%) free of 238 GB
Total RAM: 2046 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:38:21 PM, on 12/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Saitek\Software\Profiler.exe
C:\Program Files\Saitek\Software\SaiSmart.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\Ribitt\Desktop\Exe's and Drivers\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Ribitt.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [SaiSmart] C:\Program Files\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1202314960390
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - C:\Documents and Settings\Ribitt\Desktop\My Pictures\MaiNwetwurk.bmp

--
End of file - 6912 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-08-30 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-01 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-08-30 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-01 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-08-30 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"P17Helper"=Rundll32 P17.dll []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-01 136600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
"Ulead AutoDetector v2"=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe [2007-08-02 95504]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-06-09 185896]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-27 1261336]
"Profiler"=C:\Program Files\Saitek\Software\Profiler.exe [2004-08-19 159744]
"SaiSmart"=C:\Program Files\Saitek\Software\SaiSmart.exe [2004-08-19 98304]
"SaiMfd"=C:\Program Files\Saitek\Software\SaiMfd.exe [2004-08-19 135168]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PopUpStopperFreeEdition"=C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe [2005-03-17 536576]
"CTZDetec.exe"=C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [2007-12-18 401408]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe"="C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======File associations======

.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*

======List of files/folders created in the last 3 months======

2008-12-01 22:38:15 ----D---- C:\rsit
2008-12-01 22:22:45 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-01 22:22:45 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-01 22:22:45 ----A---- C:\WINDOWS\system32\java.exe
2008-12-01 22:22:45 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-20 03:08:09 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-11-20 03:07:47 ----D---- C:\Documents and Settings\Ribitt\Application Data\Logitech
2008-11-20 03:05:37 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-11-20 03:04:56 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2008-11-20 03:04:52 ----A---- C:\WINDOWS\system32\KemXML.dll
2008-11-20 03:04:52 ----A---- C:\WINDOWS\system32\KemWnd.dll
2008-11-20 03:04:52 ----A---- C:\WINDOWS\system32\KemUtil.dll
2008-11-20 03:04:52 ----A---- C:\WINDOWS\system32\kemutb.dll
2008-11-20 03:04:36 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2008-11-20 03:04:32 ----D---- C:\Program Files\Common Files\Logishrd
2008-11-20 03:04:29 ----D---- C:\Program Files\Logitech
2008-11-20 03:04:27 ----D---- C:\Documents and Settings\Ribitt\Application Data\InstallShield
2008-11-18 07:29:36 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-11-18 07:29:29 ----D---- C:\WINDOWS\Logs
2008-11-17 16:13:05 ----D---- C:\Documents and Settings\Ribitt\Application Data\GetRightToGo
2008-10-25 02:07:30 ----HD---- C:\WINDOWS\PIF
2008-10-15 19:05:40 ----D---- C:\Program Files\Microsoft Group Policy
2008-10-15 04:55:16 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-15 04:54:40 ----D---- C:\WINDOWS\Prefetch
2008-10-14 20:45:42 ----D---- C:\Documents and Settings\Ribitt\Application Data\Windows Search
2008-10-14 20:32:38 ----D---- C:\Program Files\Windows Desktop Search
2008-10-14 20:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-10-14 20:31:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-14 20:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-14 20:30:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-14 20:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-14 20:30:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-14 20:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-14 20:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-14 20:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-14 20:30:22 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-14 20:27:08 ----D---- C:\WINDOWS\system32\scripting
2008-10-14 20:27:07 ----D---- C:\WINDOWS\system32\en
2008-10-14 20:27:07 ----D---- C:\WINDOWS\system32\bits
2008-10-14 20:27:07 ----D---- C:\WINDOWS\l2schemas
2008-10-14 20:24:36 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-14 20:18:58 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-14 12:46:13 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2008-10-14 03:51:05 ----A---- C:\WINDOWS\system32\SAIKICK.dll
2008-10-14 03:51:05 ----A---- C:\WINDOWS\system32\SAIHOOK.dll
2008-10-14 03:51:05 ----A---- C:\WINDOWS\system32\REnum.exe
2008-10-14 03:51:04 ----A---- C:\WINDOWS\system32\SAICFG.dll
2008-10-14 03:51:04 ----A---- C:\WINDOWS\system32\PrfAct.exe
2008-10-14 03:51:04 ----A---- C:\WINDOWS\system32\Nx.exe
2008-10-14 03:51:00 ----A---- C:\WINDOWS\system32\msvcr70.dll
2008-10-14 03:51:00 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-10-14 03:51:00 ----A---- C:\WINDOWS\system32\atl70.dll
2008-10-14 03:23:18 ----HD---- C:\WINDOWS\system32\GroupPolicy
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwssr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrses.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrstr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsth.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrssv.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrssl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrssk.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsru.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrspt.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrspl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsno.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2008-09-05 04:35:07 ----D---- C:\Documents and Settings\Ribitt\Application Data\Mozilla

======List of files/folders modified in the last 3 months======

2008-12-01 22:31:43 ----D---- C:\WINDOWS\Temp
2008-12-01 22:23:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-01 22:22:45 ----D---- C:\WINDOWS\system32
2008-12-01 22:22:33 ----SHD---- C:\WINDOWS\Installer
2008-12-01 22:22:30 ----D---- C:\Program Files\Java
2008-11-30 22:37:45 ----D---- C:\WINDOWS
2008-11-30 21:44:31 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-29 03:01:39 ----SHD---- C:\System Volume Information
2008-11-29 03:01:39 ----D---- C:\WINDOWS\system32\Restore
2008-11-29 02:15:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-29 02:15:18 ----D---- C:\WINDOWS\system32\drivers
2008-11-28 18:06:03 ----D---- C:\WINDOWS\system32\Macromed
2008-11-28 03:09:14 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-28 03:09:13 ----HD---- C:\WINDOWS\inf
2008-11-20 03:05:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-20 03:05:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-20 03:04:34 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-20 03:04:32 ----D---- C:\Program Files\Common Files
2008-11-20 03:04:29 ----RD---- C:\Program Files
2008-11-18 10:33:03 ----D---- C:\WINDOWS\Help
2008-11-18 08:08:07 ----RSD---- C:\WINDOWS\assembly
2008-11-18 08:08:07 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-18 07:29:39 ----D---- C:\WINDOWS\system32\DirectX
2008-11-18 07:29:24 ----D---- C:\WINDOWS\WinSxS
2008-11-18 07:29:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-18 07:27:21 ----D---- C:\Program Files\Internet Explorer
2008-11-16 15:40:42 ----SH---- C:\boot.ini
2008-11-16 15:40:42 ----A---- C:\WINDOWS\win.ini
2008-11-16 15:40:42 ----A---- C:\WINDOWS\system.ini
2008-11-16 15:37:19 ----D---- C:\WINDOWS\nview
2008-11-13 18:52:23 ----D---- C:\Program Files\World of Warcraft
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-15 19:04:16 ----A---- C:\WINDOWS\imsins.BAK
2008-10-15 19:03:29 ----D---- C:\WINDOWS\system32\wbem
2008-10-15 05:02:25 ----D---- C:\Program Files\MSN Messenger
2008-10-15 05:01:45 ----A---- C:\WINDOWS\OEWABLog.txt
2008-10-15 05:01:33 ----A---- C:\WINDOWS\setuplog.txt
2008-10-15 04:53:54 ----D---- C:\WINDOWS\system32\Setup
2008-10-15 04:53:53 ----D---- C:\WINDOWS\msagent
2008-10-15 04:53:52 ----D---- C:\WINDOWS\srchasst
2008-10-15 04:53:52 ----D---- C:\WINDOWS\AppPatch
2008-10-15 04:53:50 ----RSD---- C:\WINDOWS\Fonts
2008-10-15 01:00:30 ----D---- C:\WINDOWS\security
2008-10-14 20:32:46 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-14 20:32:40 ----D---- C:\WINDOWS\system32\en-US
2008-10-14 20:31:40 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-14 20:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-10-14 20:30:23 ----D---- C:\Program Files\Messenger
2008-10-14 20:27:34 ----D---- C:\Program Files\Windows Media Player
2008-10-14 20:27:18 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-14 20:27:18 ----D---- C:\WINDOWS\network diagnostic
2008-10-14 20:27:18 ----D---- C:\WINDOWS\ime
2008-10-14 20:27:08 ----D---- C:\WINDOWS\system32\usmt
2008-10-14 20:27:07 ----D---- C:\WINDOWS\PeerNet
2008-10-14 20:27:07 ----D---- C:\Program Files\Movie Maker
2008-10-14 20:24:26 ----D---- C:\WINDOWS\system32\npp
2008-10-14 20:24:26 ----D---- C:\WINDOWS\mui
2008-10-14 20:24:23 ----D---- C:\Program Files\NetMeeting
2008-10-14 20:24:21 ----D---- C:\WINDOWS\system32\Com
2008-10-14 20:24:19 ----D---- C:\Program Files\Windows NT
2008-10-14 20:24:19 ----D---- C:\Program Files\Outlook Express
2008-10-14 20:24:16 ----D---- C:\Program Files\Common Files\System
2008-10-14 20:23:58 ----D---- C:\WINDOWS\system32\oobe
2008-10-14 20:23:57 ----D---- C:\WINDOWS\system
2008-10-14 20:18:57 ----D---- C:\WINDOWS\ehome
2008-10-14 03:51:05 ----D---- C:\Program Files\Saitek
2008-10-14 02:56:19 ----D---- C:\WINDOWS\Registration
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwss.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwimg.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvwddi.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvshell.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvmobls.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvmctray.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvmccss.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvmccs.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nview.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvgames.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvdisps.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvcpl.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvcolor.exe
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvappbar.exe
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-09-17 23:55:00 ----A---- C:\WINDOWS\system32\keystone.exe
2008-09-13 15:13:21 ----D---- C:\Program Files\Wrath of the Lich King Beta
2008-09-05 05:21:00 ----D---- C:\Documents and Settings\Ribitt\Application Data\AVGTOOLBAR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-08-30 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-08-30 26824]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-08-30 76040]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;SB Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2007-06-15 1127936]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SaiH8000;SaiH8000; C:\WINDOWS\system32\DRIVERS\SaiH8000.sys [2004-09-22 56576]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2004-08-19 15616]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiNtBus.sys [2004-08-19 26752]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-05 611664]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-30 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-30 231704]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-01 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.04 2008-12-01 22:38:22

======Uninstall list======

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Administrative Templates for Windows XP-->MsiExec.exe /I{69C1F0AC-2017-46B2-9DC9-ED880CDF4E40}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BookWorm Deluxe-->C:\Program Files\BookWorm Deluxe\UNWISE.EXE C:\Program Files\BookWorm Deluxe\INSTALL.LOG
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Creative EAX Settings-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 /remove
Creative Media Lite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x9 /remove
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\setup.exe" -l0x9 /remove
Creative Speaker Settings-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove
Creative ZEN Stone User's Guide-->"C:\Program Files\Creative\Creative ZEN Stone\UGRemove.exe" /Product_Name:ZENStoneUG
Device Control-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove
Games by Petersonic 1.00-->C:\Program Files\PC-home\Games by Petersonic\Uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0009 -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenOffice.org 2.3-->MsiExec.exe /I{2F29D6D2-824E-4FEF-8AED-7013F39F642A}
PhotoImpact X3-->C:\Program Files\InstallShield Installation Information\{15803703-25FA-4C01-A062-3F4A59937E87}\setup.exe -runfromtemp -l0x0409
Pop-Up Stopper Free Edition-->C:\PROGRA~1\PANICW~1\POP-UP~1\UNWISE.EXE C:\PROGRA~1\PANICW~1\POP-UP~1\INSTALL.LOG
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
SST Programming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}\setup.exe" AddRem
The Lord of the Rings Online™: Shadows of Angmar™ v07.12.30.54-->"C:\Program Files\Turbine\The Lord of the Rings Online\unins000.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Wrath of the Lich King Beta-->C:\Program Files\Common Files\Blizzard Entertainment\Wrath of the Lich King\Uninstall.exe

======Security center information======

AV: AVG Anti-Virus Free

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

Hello ribitt,

Question: Is the desktop picture of your choosing? Sometimes these can be installed by malware and other times the owner puts them there themselves.

Next

Kaspersky on line scanner is very thorough. It can take a long time and for periods may seem not to be working. Just be patient and let it do its job.

Kaspersky works with Internet Explorer and Firefox 3.

Go to Kaspersky website and perform an online antivirus scan.

• Read through the requirements and privacy statement and click on Accept button.
• It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
• When the downloads have finished, click on Settings.
• Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
  Spyware, Adware, Dialers, and other potentially dangerous programs
  Archives
  Mail databases
• Click on My Computer under Scan.
• Once the scan is complete, it will display the results. Click on View Scan Report.
• You will see a list of infected items there. Click on Save Report As....
• Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

Copy and paste that information in your next post.

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.