[gordolake]

I've tried all kinds of fixes most requiring re registering dll and flushing the software component folder. So I ned some one much more savvy in this field to advise and help this problem. TIA

Steve

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:02:52 PM, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\WINDOWS\system32\sdpasvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Buyertools Reminder\Reminder.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Echo Digital Audio\Console3\launch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Adobe Photoshop Lightroom 2\lightroom.exe
C:\Program Files\Trend Micro\HijackThis\analyse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.abc.net.au/abckids/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.8.9.254:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: {5aae4136-34e9-5f0b-81b4-59a584391b42} - {24b19348-5a95-4b18-b0f5-9e436314eaa5} - C:\WINDOWS\system32\xpuudh.dll
O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - (no file)
O2 - BHO: (no name) - {4AB6ED25-B084-41D5-9D5D-30B40D245B49} - C:\WINDOWS\system32\vtUolIyx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [ASRInst_V] C:\WINDOWS\system32\regsvr32.exe "C:\Program Files\Common Files\Panasonic\PSL_DMOG726Dec.dll" /s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [5816085a] rundll32.exe "C:\WINDOWS\system32\dacvbfuk.dll",b
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Buyertools Reminder] "C:\Program Files\Buyertools Reminder\Reminder.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Start the tray icon.lnk = C:\Program Files\Echo Digital Audio\Console3\launch.exe
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\PANTONE COLORVISION\Startup\ColorVisionStartup.exe
O8 - Extra context menu item: Add to &Windows Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://favorites.li...?v=13,0,1609,00
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.h...DataManager.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1156068343079
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenu...yerAX_Win32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.c...oad/XUpload.ocx
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: xpuudh.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: SDPAUMS server service (SDPASVC) - Matsushita Electric Industrial Co.,Ltd. - C:\WINDOWS\system32\sdpasvc.exe

--
End of file - 11857 bytes

Edited by gordolake, 13 October 2008 - 06:04 AM.

[Advertisements]

Hello

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)

[Rorschach112]

Hello

Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)

[gordolake]

Hi, Thanks for the quick reply, Here is the log you requested.

steve

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.40GHz )
BIOS : Ver 1.00PARTTBL;
USER : HP Pavilion ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081012-0] 4.8.1229 (Not Activated)
C:\ (Local Disk) - NTFS - Total : 93 Go Free : 44 Go
D:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total : 931 Go Free : 782 Go

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( Mon 13/10/2008|23:19 )

--------------------\\ Listing folders in APPLIC~1

[18/09/2008|10:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[13/10/2008|09:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Mozilla

[26/08/2006|01:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ableton
[02/08/2008|12:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ACD Systems
[31/07/2008|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[20/08/2006|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[02/11/2007|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Autodesk
[18/09/2008|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Avg8
[26/08/2006|04:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CanonBJ
[15/01/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Digital Film Tools
[13/07/2008|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> EnterNHelp
[22/10/2007|08:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[26/08/2006|01:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[20/08/2006|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> hpqwmi
[20/08/2006|08:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[03/08/2008|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[18/09/2007|10:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[20/08/2006|08:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> muvee Technologies
[21/04/2008|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PhotoME
[29/06/2007|11:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pinnacle
[11/01/2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[07/06/2008|11:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Trance Pad
[13/07/2008|10:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ultima_T15
[20/08/2006|09:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[08/03/2008|09:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[24/02/2007|08:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion

[20/08/2006|08:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[03/09/2006|06:35] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Ableton
[03/05/2007|03:20] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> ACD Systems
[13/06/2008|10:09] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Adobe
[25/08/2006|05:58] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> AdobeUM
[20/08/2006|08:42] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Apple Computer
[02/11/2007|08:38] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Autodesk
[14/08/2007|07:55] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Canon
[06/10/2008|10:55] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Deckadance
[15/01/2008|09:06] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Digital Film Tools
[02/04/2008|07:41] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> FileMaker
[24/12/2007|10:46] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Flickr
[13/01/2007|05:31] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> FUJIFILM
[24/08/2008|11:58] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> GeoSetter
[25/08/2006|05:03] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Google
[04/09/2006|12:54] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Help
[20/08/2006|08:33] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Identities
[25/08/2006|09:44] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> InterVideo
[30/08/2006|12:16] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Leadertech
[26/08/2006|12:38] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Logitech
[16/12/2007|02:00] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Macromedia
[04/08/2008|05:48] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Microsoft
[18/06/2008|11:45] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Mozilla
[27/08/2006|03:58] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> muvee Technologies
[27/08/2007|01:00] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Nikon
[19/07/2007|06:25] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Nvu
[15/01/2008|08:47] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> onOne Software
[25/02/2008|11:53] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> SecondLife
[08/12/2007|12:33] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> SmartFTP
[30/08/2006|12:16] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Sonic
[20/06/2008|02:45] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> StarExplorer
[30/06/2007|12:09] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Steinberg
[09/09/2006|04:05] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Sun
[13/01/2008|11:19] C:\DOCUME~1\HPPAVI~1\APPLIC~1\<DIR> Zango

[07/04/2008|06:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Google
[18/09/2008|10:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[18/09/2008|10:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[13/10/2008 06:37 PM][--a------] C:\WINDOWS\tasks\Schedule Task Weekly.job
[13/10/2008 09:54 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[04/08/2004 11:00 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[26/08/2006|01:41] C:\Program Files\<DIR> Ableton
[02/08/2008|03:53] C:\Program Files\<DIR> Adobe
[18/09/2008|11:05] C:\Program Files\<DIR> Alwil Software
[13/08/2008|11:14] C:\Program Files\<DIR> AML Products
[25/08/2006|02:08] C:\Program Files\<DIR> AnswerWorks 4.0
[22/10/2007|09:38] C:\Program Files\<DIR> Armadillo Run Demo
[20/08/2006|08:38] C:\Program Files\<DIR> ATI Technologies
[04/09/2006|12:48] C:\Program Files\<DIR> Audacity
[25/08/2006|02:09] C:\Program Files\<DIR> AutoCAD 2006
[31/10/2007|10:50] C:\Program Files\<DIR> AutoCAD Civil 3D 2008
[02/08/2008|12:20] C:\Program Files\<DIR> Autodesk
[25/08/2006|01:04] C:\Program Files\<DIR> Autodesk Revit Building 8.1
[09/07/2008|07:05] C:\Program Files\<DIR> AVG
[27/08/2006|11:17] C:\Program Files\<DIR> BatteryInfo
[28/01/2008|01:15] C:\Program Files\<DIR> BayGenie
[01/07/2005|11:56] C:\Program Files\<DIR> BitLord
[23/03/2008|01:54] C:\Program Files\<DIR> B‹zune Audio
[22/10/2007|07:34] C:\Program Files\<DIR> Bonjour
[13/10/2008|09:57] C:\Program Files\<DIR> Buyertools Reminder
[12/10/2008|12:02] C:\Program Files\<DIR> Cheetah Burner
[03/08/2008|12:52] C:\Program Files\<DIR> Common Files
[20/08/2006|08:25] C:\Program Files\<DIR> ComPlus Applications
[20/08/2006|08:34] C:\Program Files\<DIR> CONEXANT
[29/09/2007|06:36] C:\Program Files\<DIR> DOFChart
[18/09/2006|06:35] C:\Program Files\<DIR> Echo Digital Audio
[23/04/2007|10:45] C:\Program Files\<DIR> EDIROL
[31/08/2008|03:11] C:\Program Files\<DIR> ERUNT
[14/06/2008|12:15] C:\Program Files\<DIR> Flickr Uploadr
[13/05/2008|09:38] C:\Program Files\<DIR> Free WMA to MP3 Converter
[04/09/2006|12:54] C:\Program Files\<DIR> FreeRIP2
[23/08/2008|07:16] C:\Program Files\<DIR> GeoSetter
[09/01/2008|12:46] C:\Program Files\<DIR> Google
[25/08/2006|01:28] C:\Program Files\<DIR> Grisoft
[27/04/2008|11:49] C:\Program Files\<DIR> Hewlett-Packard
[27/04/2008|11:51] C:\Program Files\<DIR> Hp
[20/08/2006|08:57] C:\Program Files\<DIR> HPQ
[05/10/2008|10:00] C:\Program Files\<DIR> Image-Line
[15/06/2008|12:08] C:\Program Files\<DIR> ImageMagick-6.4.1-Q16
[13/08/2008|11:25] C:\Program Files\<DIR> ImTOO
[20/08/2006|09:00] C:\Program Files\<DIR> Intel
[15/08/2008|07:54] C:\Program Files\<DIR> Internet Explorer
[20/08/2006|08:59] C:\Program Files\<DIR> InterVideo
[20/08/2006|08:42] C:\Program Files\<DIR> iPod
[20/08/2006|08:42] C:\Program Files\<DIR> iTunes
[18/07/2008|07:21] C:\Program Files\<DIR> Java
[08/10/2006|04:53] C:\Program Files\<DIR> JHC Software
[03/08/2008|12:52] C:\Program Files\<DIR> Lavasoft
[12/09/2006|09:23] C:\Program Files\<DIR> Logitech
[01/07/2007|12:20] C:\Program Files\<DIR> Lost Auction
[25/04/2007|04:15] C:\Program Files\<DIR> M-Audio
[25/08/2008|12:46] C:\Program Files\<DIR> Messenger
[25/08/2006|05:00] C:\Program Files\<DIR> Microsoft ActiveSync
[09/03/2008|05:06] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[20/08/2006|08:28] C:\Program Files\<DIR> microsoft frontpage
[11/05/2008|01:27] C:\Program Files\<DIR> Microsoft Office
[25/08/2006|04:59] C:\Program Files\<DIR> Microsoft.NET
[23/03/2008|04:42] C:\Program Files\<DIR> MIDIOX
[08/10/2006|04:32] C:\Program Files\<DIR> MixMeister BPM Analyzer
[25/08/2008|12:41] C:\Program Files\<DIR> Movie Maker
[13/10/2008|09:57] C:\Program Files\<DIR> Mozilla Firefox
[20/08/2006|08:24] C:\Program Files\<DIR> MSN
[20/08/2006|08:24] C:\Program Files\<DIR> MSN Gaming Zone
[19/11/2006|08:39] C:\Program Files\<DIR> MSXML 4.0
[30/10/2007|06:16] C:\Program Files\<DIR> MSXML 6.0
[20/08/2006|08:48] C:\Program Files\<DIR> muvee Technologies
[25/08/2008|12:37] C:\Program Files\<DIR> NetMeeting
[02/08/2008|04:19] C:\Program Files\<DIR> Nikon
[01/09/2006|09:51] C:\Program Files\<DIR> Online Services
[22/06/2008|12:16] C:\Program Files\<DIR> onOne Software
[25/08/2008|12:37] C:\Program Files\<DIR> Outlook Express
[12/08/2008|12:09] C:\Program Files\<DIR> Outsim
[16/09/2006|06:44] C:\Program Files\<DIR> Panasonic
[06/10/2007|03:50] C:\Program Files\<DIR> PANTONE COLORVISION
[02/04/2008|07:40] C:\Program Files\<DIR> PhotoByter v5.2
[27/06/2008|12:10] C:\Program Files\<DIR> PhotoME
[10/05/2007|09:09] C:\Program Files\<DIR> picture-shark
[08/01/2007|02:29] C:\Program Files\<DIR> PrintKey2000
[21/01/2007|04:38] C:\Program Files\<DIR> Prosidio
[25/02/2007|10:05] C:\Program Files\<DIR> quad
[20/08/2006|08:42] C:\Program Files\<DIR> QuickTime
[24/04/2007|12:36] C:\Program Files\<DIR> RdDrv001
[02/11/2007|06:49] C:\Program Files\<DIR> Red Kawa
[13/10/2008|09:23] C:\Program Files\<DIR> Registry Easy
[12/10/2008|04:59] C:\Program Files\<DIR> Registry Mechanic
[01/09/2008|12:48] C:\Program Files\<DIR> SecondLife
[08/12/2007|12:33] C:\Program Files\<DIR> SmartFTP Client
[08/12/2007|12:33] C:\Program Files\<DIR> SmartFTP Client 2.5 Setup Files
[20/08/2006|08:56] C:\Program Files\<DIR> Sonic
[20/06/2008|02:40] C:\Program Files\<DIR> Star Explorer
[30/06/2007|12:51] C:\Program Files\<DIR> Steinberg
[20/08/2006|08:37] C:\Program Files\<DIR> Synaptics
[09/04/2007|04:49] C:\Program Files\<DIR> Time Control Productions
[18/09/2007|10:35] C:\Program Files\<DIR> TOSHIBA
[22/06/2008|01:19] C:\Program Files\<DIR> TreeComp
[09/06/2008|10:23] C:\Program Files\<DIR> Trend Micro
[20/08/2006|08:33] C:\Program Files\<DIR> Uninstall Information
[06/01/2007|06:14] C:\Program Files\<DIR> vert antenna
[17/04/2007|11:13] C:\Program Files\<DIR> VstPlugins
[20/08/2006|08:35] C:\Program Files\<DIR> WIDCOMM
[08/03/2008|09:16] C:\Program Files\<DIR> Windows Live
[29/08/2007|04:22] C:\Program Files\<DIR> Windows Media Connect 2
[25/08/2008|12:37] C:\Program Files\<DIR> Windows Media Player
[25/08/2008|12:37] C:\Program Files\<DIR> Windows NT
[20/08/2006|08:27] C:\Program Files\<DIR> WindowsUpdate
[25/08/2006|01:32] C:\Program Files\<DIR> WinRAR
[20/08/2006|08:28] C:\Program Files\<DIR> xerox
[24/02/2007|08:08] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[02/02/2008|09:43] C:\Program Files\Common Files\<DIR> Adobe
[30/10/2007|06:05] C:\Program Files\Common Files\<DIR> Autodesk Shared
[25/08/2006|02:08] C:\Program Files\Common Files\<DIR> Designer
[20/08/2006|08:56] C:\Program Files\Common Files\<DIR> InstallShield
[20/08/2006|08:56] C:\Program Files\Common Files\<DIR> Java
[12/09/2006|09:23] C:\Program Files\Common Files\<DIR> Logitech
[22/10/2007|07:24] C:\Program Files\Common Files\<DIR> Macrovision Shared
[22/08/2008|08:50] C:\Program Files\Common Files\<DIR> Microsoft Shared
[20/08/2006|08:26] C:\Program Files\Common Files\<DIR> MSSoap
[20/08/2006|08:48] C:\Program Files\Common Files\<DIR> muvee Technologies
[02/08/2008|03:42] C:\Program Files\Common Files\<DIR> Nikon
[21/08/2006|06:17] C:\Program Files\Common Files\<DIR> ODBC
[16/09/2006|06:44] C:\Program Files\Common Files\<DIR> Panasonic
[20/08/2006|08:26] C:\Program Files\Common Files\<DIR> Services
[20/08/2006|08:54] C:\Program Files\Common Files\<DIR> Sonic Shared
[21/08/2006|06:17] C:\Program Files\Common Files\<DIR> SpeechEngines
[20/08/2006|08:56] C:\Program Files\Common Files\<DIR> SureThing Shared
[09/05/2008|07:02] C:\Program Files\Common Files\<DIR> Symantec Shared
[25/08/2008|12:37] C:\Program Files\Common Files\<DIR> System
[20/08/2006|08:55] C:\Program Files\Common Files\<DIR> TiVo Shared
[08/03/2008|09:15] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
[03/08/2008|12:52] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

--------------------\\ Process

( 51 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\nsjD.tmp
C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\nstB.tmp
C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\nstC.tmp
C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\nszE.tmp

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 23:33:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 121

--------------------\\ Searching for other infections

C:\WINDOWS\system32\xyIloUtv.ini
C:\WINDOWS\system32\xyIloUtv.ini2
==> VUNDO <==

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\HPPAVI~1\Desktop\piv2000\20061611_173332_PIV2000 DOCS\Piv2000\D\DOCS\CLIENT\COOP\Ridge\Admin Building\Wall Cracks.doc.nco
C:\DOCUME~1\HPPAVI~1\Desktop\piv2000\20062112_165033_PIV2000 DOCS\Piv2000\D\DOCS\CLIENT\COOP\Ridge\Admin Building\Wall Cracks.doc.nco
C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\0WMH2E1O\ImageLine_Toxic_Biohazard_VSTi_v1.0+Crack.rar[1].torrent
C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\WDE2JKQG\PictureCode.Noise.Ninja.v2.2.0.for.Adobe.Photoshop.Incl.Keygen-SSG.rar[1].torrent
C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\Z9A82HSE\Adobe_Photoshop_Lightroom_2.1_RC1_Build_508271_Final_+_keygen[1].torrent


[F:27][D:9]-> C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp
[F:101][D:0]-> C:\DOCUME~1\HPPAVI~1\Cookies
[F:14025][D:19]-> C:\DOCUME~1\HPPAVI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Mon 13/10/2008|23:47 - Option : [1]

--------------------\\ Scan completed at 23:47:37

[Rorschach112]

You got infected because you downloaded cracks

Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  :Processes
  explorer.exe
  
  :Services
  
  :Reg
  
  :Files
  C:\WINDOWS\system32\xyIloUtv.ini
  C:\WINDOWS\system32\xyIloUtv.ini2
  C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\0WMH2E1O\ImageLine_Toxic_Biohazard_VSTi_v1.0+Crack.rar[1].torrent
  C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\WDE2JKQG\PictureCode.Noise.Ninja.v2.2.0.for.Adobe.Photoshop.Incl.Keygen-SSG.rar[1].torrent
  C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\Z9A82HSE\Adobe_Photoshop_Lightroom_2.1_RC1_Build_508271_Final_+_keygen[1].torrent
  
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

[gordolake]

OTmovit3 log follows

Edited by gordolake, 14 October 2008 - 03:49 AM.

[gordolake]

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\WINDOWS\system32\xyIloUtv.ini moved successfully.
C:\WINDOWS\system32\xyIloUtv.ini2 moved successfully.
C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\0WMH2E1O\ImageLine_Toxic_Biohazard_VSTi_v1.0+Crack.rar[1].torrent moved successfully.
C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\WDE2JKQG\PictureCode.Noise.Ninja.v2.2.0.for.Adobe.Photoshop.Incl.Keygen-SSG.rar[1].torrent moved successfully.
C:\DOCUME~1\HPPAVI~1\Local Settings\Temporary Internet Files\Content.IE5\Z9A82HSE\Adobe_Photoshop_Lightroom_2.1_RC1_Build_508271_Final_+_keygen[1].torrent moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\etilqs_NKKo6IFayItTYcoYWBiS scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\fb_3464.lck scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_664.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10142008_173744

Files moved on Reboot...
File C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\etilqs_NKKo6IFayItTYcoYWBiS not found!
File C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\fb_3464.lck not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_664.dat not found!
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\urlclassifier3.sqlite moved successfully.

Edited by gordolake, 14 October 2008 - 03:41 AM.

[gordolake]

rsit log.txt follows

Logfile of random's system information tool 1.04 (written by random/random)
Run by HP Pavilion at 2008-10-14 17:59:43
Microsoft Windows XP Professional Service Pack 3
System drive C: has 46 GB (48%) free of 95 GB
Total RAM: 1022 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:59:51 PM, on 14/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\WINDOWS\system32\sdpasvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Buyertools Reminder\Reminder.exe
C:\Program Files\Echo Digital Audio\Console3\launch.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP Pavilion\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\HP Pavilion.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.abc.net.au/abckids/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.8.9.254:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - (no file)
O2 - BHO: (no name) - {591E44E8-734B-4289-9514-B78785F25C5F} - C:\WINDOWS\system32\vtUolIyx.dll
O2 - BHO: {2f8b3053-a81b-7089-da04-e6ad2e711296} - {692117e2-da6e-40ad-9807-b18a3503b8f2} - C:\WINDOWS\system32\faxfaq.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [ASRInst_V] C:\WINDOWS\system32\regsvr32.exe "C:\Program Files\Common Files\Panasonic\PSL_DMOG726Dec.dll" /s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Buyertools Reminder] "C:\Program Files\Buyertools Reminder\Reminder.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Start the tray icon.lnk = C:\Program Files\Echo Digital Audio\Console3\launch.exe
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\PANTONE COLORVISION\Startup\ColorVisionStartup.exe
O8 - Extra context menu item: Add to &Windows Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://favorites.li...?v=13,0,1609,00
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.h...DataManager.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1156068343079
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenu...yerAX_Win32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.c...oad/XUpload.ocx
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: faxfaq.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: SDPAUMS server service (SDPASVC) - Matsushita Electric Industrial Co.,Ltd. - C:\WINDOWS\system32\sdpasvc.exe

--
End of file - 11760 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Schedule Task Weekly.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{314A5833-8490-4a3b-904A-110444F25E50}]
WINXML2 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{591E44E8-734B-4289-9514-B78785F25C5F}]
C:\WINDOWS\system32\vtUolIyx.dll [2008-10-12 265216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{692117e2-da6e-40ad-9807-b18a3503b8f2}]
C:\WINDOWS\system32\faxfaq.dll [2008-10-14 111616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C7A8947-5935-4430-AC0E-E7D04697414E}]
Buyertools - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL [2007-06-12 680960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-22 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-02 102492]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-02 692316]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2004-10-22 229438]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-08-20 98304]
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-04-01 794624]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2005-11-03 28160]
"Logitech BT Wizard"=LBTWiz.exe -silent []
"ASRInst_V"=C:\WINDOWS\system32\regsvr32.exe [2008-04-14 11776]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"RegistryMechanic"= []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-20 78008]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-04-06 67128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-06 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Buyertools Reminder"=C:\Program Files\Buyertools Reminder\Reminder.exe [2008-05-08 6513152]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
ColorVisionStartup.lnk - C:\Program Files\PANTONE COLORVISION\Startup\ColorVisionStartup.exe

C:\Documents and Settings\HP Pavilion\Start Menu\Programs\Startup
Start the tray icon.lnk - C:\Program Files\Echo Digital Audio\Console3\launch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="faxfaq.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-09 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2005-11-23 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{903C377B-E501-4A35-A6B2-1E3994711EA1}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\vtUolIyx
"notification packages"=
scecli
scecli
scecli
scecli
scecli
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe"="C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG Free\avgcc.exe"="C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Disabled:RTC App Sharing"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\lightroom.exe"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\lightroom.exe:*:Enabled:Adobe Photoshop Lightroom"
"C:\Program Files\SmartFTP Client\SmartFTP.exe"="C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\system32\mssetup.exe"="C:\WINDOWS\system32\mssetup.exe:*:Enabled:Microsoft Internet Sharing"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.reg - open - "regedit.exe" "%1"
.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2008-10-14 17:59:43 ----D---- C:\rsit
2008-10-14 17:42:34 ----SH---- C:\WINDOWS\system32\clipoltk.ini
2008-10-14 17:42:27 ----A---- C:\WINDOWS\system32\ktlopilc.dll
2008-10-14 17:40:20 ----A---- C:\WINDOWS\system32\faxfaq.dll
2008-10-14 17:40:08 ----A---- C:\WINDOWS\system32\whjuornk.dll
2008-10-14 17:39:26 ----ASH---- C:\WINDOWS\system32\xyIloUtv.ini2
2008-10-14 17:39:25 ----ASH---- C:\WINDOWS\system32\xyIloUtv.ini
2008-10-14 17:37:44 ----D---- C:\_OTMoveIt
2008-10-13 23:18:58 ----A---- C:\lopR.txt
2008-10-13 23:10:32 ----D---- C:\Lop SD
2008-10-13 22:19:51 ----A---- C:\WINDOWS\system32\xpuudh.dll
2008-10-13 22:19:18 ----A---- C:\WINDOWS\system32\srmbrkuo.dll
2008-10-13 22:17:21 ----SH---- C:\WINDOWS\system32\kufbvcad.ini
2008-10-13 21:27:06 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-13 21:14:18 ----D---- C:\WINDOWS\CSC
2008-10-13 20:23:52 ----D---- C:\WINDOWS\SDOld
2008-10-13 19:41:35 ----SH---- C:\WINDOWS\system32\rpsvsjpc.ini
2008-10-13 19:41:26 ----A---- C:\WINDOWS\system32\cpjsvspr.dll
2008-10-13 19:38:38 ----A---- C:\WINDOWS\system32\rbpdwx.dll
2008-10-13 19:38:26 ----A---- C:\WINDOWS\system32\nqlcitbf.dll
2008-10-13 18:34:08 ----D---- C:\Program Files\Registry Easy
2008-10-13 17:56:32 ----D---- C:\VundoFix Backups
2008-10-13 17:56:32 ----A---- C:\VundoFix.txt
2008-10-12 19:39:22 ----SH---- C:\WINDOWS\system32\hgbqgeca.ini
2008-10-12 19:38:21 ----A---- C:\WINDOWS\system32\bedlly.dll
2008-10-12 19:38:15 ----A---- C:\WINDOWS\system32\fgtytthd.dll
2008-10-12 12:31:50 ----SH---- C:\WINDOWS\system32\hgkpdujb.ini
2008-10-12 12:31:43 ----A---- C:\WINDOWS\system32\bjudpkgh.dll
2008-10-12 12:30:10 ----A---- C:\WINDOWS\system32\loczjq.dll
2008-10-12 12:30:05 ----A---- C:\WINDOWS\system32\bteitfsc.dll
2008-10-12 12:29:37 ----A---- C:\WINDOWS\system32\5335cc24-.txt
2008-10-12 12:28:27 ----A---- C:\WINDOWS\system32\vtUolIyx.dll
2008-10-12 12:23:22 ----A---- C:\WINDOWS\system32\yaywxWmk.dll
2008-10-12 12:23:21 ----A---- C:\WINDOWS\system32\ddcDtqnN.dll.vir
2008-10-12 12:16:06 ----A---- C:\WINDOWS\system32\dvdTools.exe
2008-10-12 12:02:10 ----A---- C:\WINDOWS\system32\viscomwave.dll
2008-10-12 12:02:10 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2008-10-12 12:02:10 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2008-10-12 12:02:09 ----D---- C:\Program Files\Cheetah Burner
2008-10-12 12:02:09 ----A---- C:\WINDOWS\system32\FoxImager.dll
2008-09-25 21:14:10 ----A---- C:\WINDOWS\system32\xa6156203.exe
2008-09-25 21:14:06 ----A---- C:\WINDOWS\system32\xa6151968.exe
2008-09-18 23:05:43 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-09-18 23:05:40 ----D---- C:\Program Files\Alwil Software
2008-09-18 22:56:54 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8

======List of files/folders modified in the last 1 months======

2008-10-14 17:59:41 ----D---- C:\WINDOWS\Prefetch
2008-10-14 17:58:13 ----D---- C:\Program Files\Buyertools Reminder
2008-10-14 17:58:00 ----D---- C:\Program Files\Mozilla Firefox
2008-10-14 17:54:50 ----D---- C:\WINDOWS\Temp
2008-10-14 17:53:14 ----D---- C:\WINDOWS\system32
2008-10-14 17:51:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-14 17:13:40 ----D---- C:\WINDOWS
2008-10-13 22:42:06 ----D---- C:\WINDOWS\security
2008-10-13 22:41:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-13 22:36:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-13 22:34:19 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-13 22:31:12 ----HD---- C:\WINDOWS\inf
2008-10-13 22:31:11 ----D---- C:\WINDOWS\Help
2008-10-13 21:14:37 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-13 18:37:06 ----SD---- C:\WINDOWS\Tasks
2008-10-13 18:34:08 ----RD---- C:\Program Files
2008-10-12 16:59:31 ----D---- C:\Program Files\Registry Mechanic
2008-10-06 22:55:02 ----D---- C:\Documents and Settings\HP Pavilion\Application Data\Deckadance
2008-10-05 22:00:53 ----D---- C:\Program Files\Image-Line
2008-10-03 22:38:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-29 18:26:33 ----D---- C:\WINDOWS\system32\Macromed
2008-09-25 21:16:45 ----SHD---- C:\WINDOWS\Installer
2008-09-19 19:10:10 ----D---- C:\WINDOWS\system32\config
2008-09-18 23:06:05 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-20 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-20 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-20 42912]
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-20 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-20 94416]
R2 Audsub3;Audsub3; \??\C:\WINDOWS\SYSTEM32\Drivers\Audsub3.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-20 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-09 988672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-03-10 371712]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-06-02 16896]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-06-02 30235]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2004-06-02 43683]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-06-02 53816]
R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-11-17 293120]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-11-17 280192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 echondgo;Indigo Service; C:\WINDOWS\system32\drivers\echondgo.sys [2007-03-27 132992]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-09-14 13872]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-16 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-16 207232]
R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2005-11-03 27136]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-11-03 69376]
R3 MA_CMIDI;M-Audio USB Driver; C:\WINDOWS\system32\drivers\ma_cmidi.sys [2006-08-16 21888]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-05-03 9856]
R3 RDID1009;EDIROL UM-1; C:\WINDOWS\system32\Drivers\rdwm1009.sys [2006-09-28 79393]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-02 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-03-16 159488]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-16 703232]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-06-02 147864]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cvspydr2;ColorVision Spyder 2; C:\WINDOWS\system32\DRIVERS\cvspydr2.sys [2002-04-02 33024]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 EchoIndigoIO;Echo Indigo io Service; C:\WINDOWS\system32\drivers\echondgo.sys [2007-03-27 132992]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-08-13 36608]
S3 MEI006E;MEI006E; C:\WINDOWS\system32\drivers\MEI006E.sys [2003-09-05 15760]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 RDID1027;EDIROL PCR; C:\WINDOWS\system32\Drivers\rdwm1027.sys [2006-09-28 79393]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-03 611664]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-20 16056]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-09 352256]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-20 147640]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-06-03 163840]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE [2005-11-23 81920]
R2 MA_CMIDI_InstallerService;M-Audio Series II MIDI Installer; C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [2007-01-08 94208]
R2 SDPASVC;SDPAUMS server service; C:\WINDOWS\system32\sdpasvc.exe [2001-08-07 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-20 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-24 348344]
R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\shared\hpqwmi.exe [2005-03-04 98304]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-10-30 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-10-22 654848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-31 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2004-10-13 327680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

Edited by gordolake, 14 October 2008 - 03:54 AM.

[gordolake]

info.txt follows

info.txt logfile of random's system information tool 1.04 2008-10-14 17:59:55

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
55mm v7.5 for Adobe Photoshop & Compatible Applications-->C:\WINDOWS\unvise32.exe c:\program files\adobe\adobe photoshop cs3\plug-ins\55mm_v7.5_uninstal.log
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop Lightroom 2.1-->MsiExec.exe /I{D15604C1-8516-4233-AF08-F2685365ACA2}
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.0-->"C:\Program Files\Audacity\unins000.exe"
AutoCAD 2006 - English-->MsiExec.exe /I{5783F2D7-4001-0409-0012-0060B0CE6BBA}
AutoCAD Civil 3D 2008 ANZ Country Kit-->MsiExec.exe /X{C56033D2-E0AF-46A0-9C8A-211C9680AA13}
AutoCAD Civil 3D 2008 SP2-->Msiexec.exe /uninstall {1C500B62-B044-4216-8011-604640F4F925} /package {5783F2D7-6000-0409-0002-0060B0CE6BBA} /qb
AutoCAD Civil 3D 2008-->C:\Program Files\AutoCAD Civil 3D 2008\Setup\Setup.exe /P {5783F2D7-6000-0409-0002-0060B0CE6BBA} /M C3D
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
Autodesk Revit Building 8.1-->MsiExec.exe /X{7EBC0489-5E47-498D-BE31-B094484612E9}
AV Bros. Puzzle Pro 2.2 (Remove Only)-->C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\AV Bros Puzzle Pro 2.2\AVUninstall.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BitLord 1.1-->C:\Program Files\BitLord\uninst.exe
BizuneVST 1.1 + Mantragora 1.1-->MsiExec.exe /X{0075E4D2-4479-436C-B8E7-8BEB9AC3F8BC}
BizuneVST Standalone-->MsiExec.exe /I{ABEE416C-A5C2-4CC2-8CCF-AFE0F143B229}
Bluetooth by hp-->MsiExec.exe /X{90535871-81B9-4D99-8A13-A7EE97F2D7FE}
Buyertools Reminder-->"C:\Program Files\Buyertools Reminder\Uninstall.exe" "C:\Program Files\Buyertools Reminder\install.log" -u
Camera Control Pro 2-->MsiExec.exe /X{FE96C49B-DB90-405E-A00E-09E38372F880}
Canon MP150-->"C:\WINDOWS\system32\CanonMP Uninstaller Information\{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe" /U:{CA9A3609-3ECC-4574-8824-A8161A71A603} /L0x0009
Cheetah DVD Burner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}\Setup.exe"
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Conexant AC-97 Audio-->CIAunwdm.exe
Conexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.inf
Deckadance-->C:\Program Files\Image-Line\Deckadance\uninstall.exe
DOFMaster Hyperfocal Chart--> -f"C:\Program Files\DOFChart\Uninst.isu"
Echo Indigo-->C:\Program Files\Echo Digital Audio\Indigo\uninst.exe
Enigma-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F145099-1224-4C5B-84F2-7AE6DC699F1A}\setup.exe" -l0x9 -removeonly
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
Expert MININEC Classic -->C:\WINDOWS\iun506.exe C:\Expert_MININEC_Classic\irunin.ini
FL Studio 6-->C:\Program Files\Image-Line\FL Studio 6\uninstall.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
Flickr Uploadr 3.0.5-->"C:\Program Files\Flickr Uploadr\uninstall.exe"
Free WMA to MP3 Converter 1.08-->"C:\Program Files\Free WMA to MP3 Converter\unins000.exe"
FreeRIP v2.50-->"C:\Program Files\FreeRIP2\unins000.exe"
GeoSetter 2.5.3-->"C:\Program Files\GeoSetter\unins000.exe"
gigabeat V30 Manual-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A444268D-904A-446A-A5A2-472EB83CE1B2}\Setup.exe" -l0x9 -removeonly
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
G-tune 2.50-->C:\WINDOWS\wpktui10.exe "c:\program files\JHC Software\G-tune V2\wpktui.ui"
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP Wireless Assistant 1.01 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Image-Line PoiZone v2.1-->C:\PROGRA~1\IMAGE-~1\PoiZone\UNINST~1\UNWISE.EXE C:\PROGRA~1\IMAGE-~1\PoiZone\UNINST~1\INSTALL.LOG
ImageMagick 6.4.1-7 Q16 (07/01/08)-->"C:\Program Files\ImageMagick-6.4.1-Q16\unins000.exe"
iTunes-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE20E2F5-1903-4AAE-B1AF-2046E586C925}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java™ 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Live 4.0.1-->C:\PROGRA~1\Ableton\LIVE40~1.1\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE40~1.1\Install\INSTALL.LOG
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x9 UNINSTALL -removeonly
Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
M-Audio Series II MIDI-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe" -l0x9 -removeonly
MFC80-->MsiExec.exe /I{818CBFBE-F23E-45E3-B67B-55FBCF945F37}
Micron Groove-Mod-->MsiExec.exe /X{9D66CAC7-DF94-4468-8FFD-8740A46ECA79}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microzune Editor-->MsiExec.exe /X{23043577-70DE-488F-96BC-656D2D65F0F2}
MIDI-OX-->MsiExec.exe /I{ABC52CF9-2D43-4278-A152-CB2CD3ED8FE9}
MixMeister BPM Analyzer 1.0-->"C:\Program Files\MixMeister BPM Analyzer\unins000.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
muvee autoProducer 4.0 - SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{534AA552-E1F1-4965-B2AA-FBDEB0730D60}\setup.exe" -l0x9
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Notebook BatteryInfo -->"C:\Program Files\BatteryInfo\uninstall.exe"
OziExplorer 3.95-->c:\OziExplorer\unins000.exe
PCR Editor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B85CF65-FC3A-4C81-99DF-5C902D2A0180}\setup.exe" UNINSTALL_XXX
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PhotoFrame Pro 3.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5F073685-ADDB-4D5A-98E9-0F795989A57F}\setup.exe" -l0x9 -uninst -removeonly
PhotoME-->"C:\Program Files\PhotoME\unins000.exe"
PhotoPresets with One-Click WOW!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{235674B0-A35F-4811-8A8F-E8F42A919EA3}\setup.exe" -l0x9 -uninst -removeonly
picture-shark 1.0-->C:\Program Files\picture-shark\UnGins.exe "C:\Program Files\picture-shark\install.log"
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
PrintKey2000-->C:\PROGRA~1\PRINTK~1\UNWISE.EXE C:\PROGRA~1\PRINTK~1\INSTALL.LOG
quad-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\quad\ST6UNST.LOG"
Quick Launch Buttons 5.10 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninst
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE
Registry Easy v4.7-->"C:\Program Files\Registry Easy\unins000.exe"
Registry Mechanic 7.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
SD-JukeboxV5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82625564-5A7A-11D7-AECE-00105A5D0C38}\setup.exe" -l0x9
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
SmartFTP Client 2.5 Setup Files (remove only)-->C:\Program Files\SmartFTP Client 2.5 Setup Files\uninst-sftp.exe
SmartFTP Client-->MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spyder2-->C:\WINDOWS\unvise32.exe C:\Program Files\PANTONE COLORVISION\uninstal.log
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{612DC38A-B36A-4699-88EB-12C7394DE2FC} /l1033
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TreeComp-->MsiExec.exe /I{30A01D71-86B1-4C24-8B1B-F9CCBDE094CC}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
verticals-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\vert antenna\ST6UNST.LOG"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081013-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=c:\program files\imagemagick-6.4.1-q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Autodesk Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\

-----------------EOF-----------------

[Rorschach112]

Hello

Please click on Start > Control Panel > Add/Remove Programs and uninstall the following programs(if present):

J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java™ 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}



Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  :Processes
  explorer.exe
  
  :Services
  
  :Reg
  
  :Files
  C:\WINDOWS\system32\clipoltk.ini
  C:\WINDOWS\system32\ktlopilc.dll
  C:\WINDOWS\system32\faxfaq.dll
  C:\WINDOWS\system32\whjuornk.dll
  C:\WINDOWS\system32\xyIloUtv.ini2
  C:\WINDOWS\system32\xyIloUtv.ini
  C:\WINDOWS\system32\xpuudh.dll
  C:\WINDOWS\system32\srmbrkuo.dll
  C:\WINDOWS\system32\kufbvcad.ini
  C:\WINDOWS\system32\rpsvsjpc.ini
  C:\WINDOWS\system32\cpjsvspr.dll
  C:\WINDOWS\system32\rbpdwx.dll
  C:\WINDOWS\system32\nqlcitbf.dll
  C:\WINDOWS\system32\hgbqgeca.ini
  C:\WINDOWS\system32\bedlly.dll
  C:\WINDOWS\system32\fgtytthd.dll
  C:\WINDOWS\system32\hgkpdujb.ini
  C:\WINDOWS\system32\bjudpkgh.dll
  C:\WINDOWS\system32\loczjq.dll
  C:\WINDOWS\system32\bteitfsc.dll
  C:\WINDOWS\system32\5335cc24-.txt
  C:\WINDOWS\system32\vtUolIyx.dll
  C:\WINDOWS\system32\yaywxWmk.dll
  C:\WINDOWS\system32\ddcDtqnN.dll.vir
  C:\WINDOWS\system32\xa6156203.exe
  C:\WINDOWS\system32\xa6151968.exe
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.



Also post a new Rsit log

[gordolake]

hi ok doing java remove now, there is also a Java™ 6 Update 7, should it go too.

Edited by gordolake, 14 October 2008 - 05:11 AM.

[Rorschach112]

Nope leave that, it is the current version

[gordolake]

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\WINDOWS\system32\clipoltk.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\ktlopilc.dll
C:\WINDOWS\system32\ktlopilc.dll NOT unregistered.
C:\WINDOWS\system32\ktlopilc.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\faxfaq.dll
C:\WINDOWS\system32\faxfaq.dll NOT unregistered.
C:\WINDOWS\system32\faxfaq.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\whjuornk.dll
C:\WINDOWS\system32\whjuornk.dll NOT unregistered.
C:\WINDOWS\system32\whjuornk.dll moved successfully.
C:\WINDOWS\system32\xyIloUtv.ini2 moved successfully.
C:\WINDOWS\system32\xyIloUtv.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\xpuudh.dll
C:\WINDOWS\system32\xpuudh.dll NOT unregistered.
C:\WINDOWS\system32\xpuudh.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\srmbrkuo.dll
C:\WINDOWS\system32\srmbrkuo.dll NOT unregistered.
C:\WINDOWS\system32\srmbrkuo.dll moved successfully.
C:\WINDOWS\system32\kufbvcad.ini moved successfully.
C:\WINDOWS\system32\rpsvsjpc.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\cpjsvspr.dll
C:\WINDOWS\system32\cpjsvspr.dll NOT unregistered.
C:\WINDOWS\system32\cpjsvspr.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\rbpdwx.dll
C:\WINDOWS\system32\rbpdwx.dll NOT unregistered.
C:\WINDOWS\system32\rbpdwx.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\nqlcitbf.dll
C:\WINDOWS\system32\nqlcitbf.dll NOT unregistered.
C:\WINDOWS\system32\nqlcitbf.dll moved successfully.
C:\WINDOWS\system32\hgbqgeca.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\bedlly.dll
C:\WINDOWS\system32\bedlly.dll NOT unregistered.
C:\WINDOWS\system32\bedlly.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\fgtytthd.dll
C:\WINDOWS\system32\fgtytthd.dll NOT unregistered.
C:\WINDOWS\system32\fgtytthd.dll moved successfully.
C:\WINDOWS\system32\hgkpdujb.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\bjudpkgh.dll
C:\WINDOWS\system32\bjudpkgh.dll NOT unregistered.
C:\WINDOWS\system32\bjudpkgh.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\loczjq.dll
C:\WINDOWS\system32\loczjq.dll NOT unregistered.
C:\WINDOWS\system32\loczjq.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\bteitfsc.dll
C:\WINDOWS\system32\bteitfsc.dll NOT unregistered.
C:\WINDOWS\system32\bteitfsc.dll moved successfully.
C:\WINDOWS\system32\5335cc24-.txt moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\vtUolIyx.dll
C:\WINDOWS\system32\vtUolIyx.dll NOT unregistered.
C:\WINDOWS\system32\vtUolIyx.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\yaywxWmk.dll
C:\WINDOWS\system32\yaywxWmk.dll NOT unregistered.
C:\WINDOWS\system32\yaywxWmk.dll moved successfully.
C:\WINDOWS\system32\ddcDtqnN.dll.vir moved successfully.
C:\WINDOWS\system32\xa6156203.exe moved successfully.
C:\WINDOWS\system32\xa6151968.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\etilqs_qprIKF49Tsuz5EbRCDcl scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\fb_3804.lck scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_700.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10142008_221346

Files moved on Reboot...
File C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\etilqs_qprIKF49Tsuz5EbRCDcl not found!
File C:\DOCUME~1\HPPAVI~1\LOCALS~1\Temp\fb_3804.lck not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_700.dat moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\HP Pavilion\Local Settings\Application Data\Mozilla\Firefox\Profiles\13s9h2uh.default\urlclassifier3.sqlite moved successfully.

[gordolake]

Logfile of random's system information tool 1.04 (written by random/random)
Run by HP Pavilion at 2008-10-14 22:25:42
Microsoft Windows XP Professional Service Pack 3
System drive C: has 46 GB (48%) free of 95 GB
Total RAM: 1022 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:50 PM, on 14/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\WINDOWS\system32\sdpasvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Buyertools Reminder\Reminder.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Echo Digital Audio\Console3\launch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP Pavilion\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\HP Pavilion.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.abc.net.au/abckids/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 61.8.9.254:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - (no file)
O2 - BHO: (no name) - {591E44E8-734B-4289-9514-B78785F25C5F} - C:\WINDOWS\system32\vtUolIyx.dll (file missing)
O2 - BHO: {2f8b3053-a81b-7089-da04-e6ad2e711296} - {692117e2-da6e-40ad-9807-b18a3503b8f2} - C:\WINDOWS\system32\faxfaq.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Buyertools - {7C7A8947-5935-4430-AC0E-E7D04697414E} - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [ASRInst_V] C:\WINDOWS\system32\regsvr32.exe "C:\Program Files\Common Files\Panasonic\PSL_DMOG726Dec.dll" /s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Buyertools Reminder] "C:\Program Files\Buyertools Reminder\Reminder.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Start the tray icon.lnk = C:\Program Files\Echo Digital Audio\Console3\launch.exe
O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\PANTONE COLORVISION\Startup\ColorVisionStartup.exe
O8 - Extra context menu item: Add to &Windows Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - C:\Program Files\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://favorites.li...?v=13,0,1609,00
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.h...DataManager.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1156068343079
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenu...yerAX_Win32.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.c...oad/XUpload.ocx
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: faxfaq.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: SDPAUMS server service (SDPASVC) - Matsushita Electric Industrial Co.,Ltd. - C:\WINDOWS\system32\sdpasvc.exe

--
End of file - 11791 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Schedule Task Weekly.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{314A5833-8490-4a3b-904A-110444F25E50}]
WINXML2 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{591E44E8-734B-4289-9514-B78785F25C5F}]
C:\WINDOWS\system32\vtUolIyx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{692117e2-da6e-40ad-9807-b18a3503b8f2}]
C:\WINDOWS\system32\faxfaq.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C7A8947-5935-4430-AC0E-E7D04697414E}]
Buyertools - C:\PROGRA~1\BUYERT~1\IEBUTT~1.DLL [2007-06-12 680960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-22 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-02 102492]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-02 692316]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2004-10-22 229438]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-08-20 98304]
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-04-01 794624]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2005-11-03 28160]
"Logitech BT Wizard"=LBTWiz.exe -silent []
"ASRInst_V"=C:\WINDOWS\system32\regsvr32.exe [2008-04-14 11776]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"RegistryMechanic"= []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-20 78008]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-04-06 67128]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-06 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Buyertools Reminder"=C:\Program Files\Buyertools Reminder\Reminder.exe [2008-05-08 6513152]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
ColorVisionStartup.lnk - C:\Program Files\PANTONE COLORVISION\Startup\ColorVisionStartup.exe

C:\Documents and Settings\HP Pavilion\Start Menu\Programs\Startup
Start the tray icon.lnk - C:\Program Files\Echo Digital Audio\Console3\launch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="faxfaq.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-09 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll [2005-11-23 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{903C377B-E501-4A35-A6B2-1E3994711EA1}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\vtUolIyx
"notification packages"=
scecli
scecli
scecli
scecli
scecli
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe"="C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG Free\avgcc.exe"="C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Disabled:RTC App Sharing"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\lightroom.exe"="C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.2\lightroom.exe:*:Enabled:Adobe Photoshop Lightroom"
"C:\Program Files\SmartFTP Client\SmartFTP.exe"="C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\system32\mssetup.exe"="C:\WINDOWS\system32\mssetup.exe:*:Enabled:Microsoft Internet Sharing"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.reg - open - "regedit.exe" "%1"
.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2008-10-14 17:59:43 ----D---- C:\rsit
2008-10-14 17:37:44 ----D---- C:\_OTMoveIt
2008-10-13 23:18:58 ----A---- C:\lopR.txt
2008-10-13 23:10:32 ----D---- C:\Lop SD
2008-10-13 21:27:06 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-13 21:14:18 ----D---- C:\WINDOWS\CSC
2008-10-13 20:23:52 ----D---- C:\WINDOWS\SDOld
2008-10-13 18:34:08 ----D---- C:\Program Files\Registry Easy
2008-10-13 17:56:32 ----D---- C:\VundoFix Backups
2008-10-13 17:56:32 ----A---- C:\VundoFix.txt
2008-10-12 12:16:06 ----A---- C:\WINDOWS\system32\dvdTools.exe
2008-10-12 12:02:10 ----A---- C:\WINDOWS\system32\viscomwave.dll
2008-10-12 12:02:10 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2008-10-12 12:02:10 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2008-10-12 12:02:09 ----D---- C:\Program Files\Cheetah Burner
2008-10-12 12:02:09 ----A---- C:\WINDOWS\system32\FoxImager.dll
2008-09-18 23:05:43 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-09-18 23:05:40 ----D---- C:\Program Files\Alwil Software
2008-09-18 22:56:54 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8

======List of files/folders modified in the last 1 months======

2008-10-14 22:24:42 ----D---- C:\Program Files\Mozilla Firefox
2008-10-14 22:24:33 ----D---- C:\Program Files\Buyertools Reminder
2008-10-14 22:17:14 ----D---- C:\WINDOWS\Temp
2008-10-14 22:14:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-14 22:13:52 ----D---- C:\WINDOWS\system32
2008-10-14 22:12:44 ----SHD---- C:\WINDOWS\Installer
2008-10-14 22:12:36 ----D---- C:\Program Files\Java
2008-10-14 22:09:12 ----D---- C:\WINDOWS\Prefetch
2008-10-14 17:13:40 ----D---- C:\WINDOWS
2008-10-13 22:42:06 ----D---- C:\WINDOWS\security
2008-10-13 22:41:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-13 22:36:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-13 22:34:19 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-13 22:31:12 ----HD---- C:\WINDOWS\inf
2008-10-13 22:31:11 ----D---- C:\WINDOWS\Help
2008-10-13 21:14:37 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-13 18:37:06 ----SD---- C:\WINDOWS\Tasks
2008-10-13 18:34:08 ----RD---- C:\Program Files
2008-10-12 16:59:31 ----D---- C:\Program Files\Registry Mechanic
2008-10-06 22:55:02 ----D---- C:\Documents and Settings\HP Pavilion\Application Data\Deckadance
2008-10-05 22:00:53 ----D---- C:\Program Files\Image-Line
2008-10-03 22:38:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-29 18:26:33 ----D---- C:\WINDOWS\system32\Macromed
2008-09-19 19:10:10 ----D---- C:\WINDOWS\system32\config
2008-09-18 23:06:05 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-20 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-20 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-20 42912]
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-20 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-20 94416]
R2 Audsub3;Audsub3; \??\C:\WINDOWS\SYSTEM32\Drivers\Audsub3.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-20 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-09 988672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-03-10 371712]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-06-02 16896]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-06-02 30235]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2004-06-02 43683]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-06-02 53816]
R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-11-17 293120]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-11-17 280192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 echondgo;Indigo Service; C:\WINDOWS\system32\drivers\echondgo.sys [2007-03-27 132992]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-09-14 13872]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-16 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-16 207232]
R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2005-11-03 27136]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-11-03 69376]
R3 MA_CMIDI;M-Audio USB Driver; C:\WINDOWS\system32\drivers\ma_cmidi.sys [2006-08-16 21888]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-05-03 9856]
R3 RDID1009;EDIROL UM-1; C:\WINDOWS\system32\Drivers\rdwm1009.sys [2006-09-28 79393]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-02 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-03-16 159488]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-16 703232]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-06-02 147864]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cvspydr2;ColorVision Spyder 2; C:\WINDOWS\system32\DRIVERS\cvspydr2.sys [2002-04-02 33024]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 EchoIndigoIO;Echo Indigo io Service; C:\WINDOWS\system32\drivers\echondgo.sys [2007-03-27 132992]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-08-13 36608]
S3 MEI006E;MEI006E; C:\WINDOWS\system32\drivers\MEI006E.sys [2003-09-05 15760]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 RDID1027;EDIROL PCR; C:\WINDOWS\system32\Drivers\rdwm1027.sys [2006-09-28 79393]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-03 611664]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-20 16056]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-09 352256]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-20 147640]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-06-03 163840]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE [2005-11-23 81920]
R2 MA_CMIDI_InstallerService;M-Audio Series II MIDI Installer; C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [2007-01-08 94208]
R2 SDPASVC;SDPAUMS server service; C:\WINDOWS\system32\sdpasvc.exe [2001-08-07 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-20 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-24 348344]
R3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\shared\hpqwmi.exe [2005-03-04 98304]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-10-30 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-10-22 654848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-31 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2004-10-13 327680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

[gordolake]

info.txt logfile of random's system information tool 1.04 2008-10-14 22:31:04

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
55mm v7.5 for Adobe Photoshop & Compatible Applications-->C:\WINDOWS\unvise32.exe c:\program files\adobe\adobe photoshop cs3\plug-ins\55mm_v7.5_uninstal.log
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop Lightroom 2.1-->MsiExec.exe /I{D15604C1-8516-4233-AF08-F2685365ACA2}
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audacity 1.2.0-->"C:\Program Files\Audacity\unins000.exe"
AutoCAD 2006 - English-->MsiExec.exe /I{5783F2D7-4001-0409-0012-0060B0CE6BBA}
AutoCAD Civil 3D 2008 ANZ Country Kit-->MsiExec.exe /X{C56033D2-E0AF-46A0-9C8A-211C9680AA13}
AutoCAD Civil 3D 2008 SP2-->Msiexec.exe /uninstall {1C500B62-B044-4216-8011-604640F4F925} /package {5783F2D7-6000-0409-0002-0060B0CE6BBA} /qb
AutoCAD Civil 3D 2008-->C:\Program Files\AutoCAD Civil 3D 2008\Setup\Setup.exe /P {5783F2D7-6000-0409-0002-0060B0CE6BBA} /M C3D
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
Autodesk Revit Building 8.1-->MsiExec.exe /X{7EBC0489-5E47-498D-BE31-B094484612E9}
AV Bros. Puzzle Pro 2.2 (Remove Only)-->C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\AV Bros Puzzle Pro 2.2\AVUninstall.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BitLord 1.1-->C:\Program Files\BitLord\uninst.exe
BizuneVST 1.1 + Mantragora 1.1-->MsiExec.exe /X{0075E4D2-4479-436C-B8E7-8BEB9AC3F8BC}
BizuneVST Standalone-->MsiExec.exe /I{ABEE416C-A5C2-4CC2-8CCF-AFE0F143B229}
Bluetooth by hp-->MsiExec.exe /X{90535871-81B9-4D99-8A13-A7EE97F2D7FE}
Buyertools Reminder-->"C:\Program Files\Buyertools Reminder\Uninstall.exe" "C:\Program Files\Buyertools Reminder\install.log" -u
Camera Control Pro 2-->MsiExec.exe /X{FE96C49B-DB90-405E-A00E-09E38372F880}
Canon MP150-->"C:\WINDOWS\system32\CanonMP Uninstaller Information\{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe" /U:{CA9A3609-3ECC-4574-8824-A8161A71A603} /L0x0009
Cheetah DVD Burner-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}\Setup.exe"
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Conexant AC-97 Audio-->CIAunwdm.exe
Conexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.inf
Deckadance-->C:\Program Files\Image-Line\Deckadance\uninstall.exe
DOFMaster Hyperfocal Chart--> -f"C:\Program Files\DOFChart\Uninst.isu"
Echo Indigo-->C:\Program Files\Echo Digital Audio\Indigo\uninst.exe
Enigma-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F145099-1224-4C5B-84F2-7AE6DC699F1A}\setup.exe" -l0x9 -removeonly
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
Expert MININEC Classic -->C:\WINDOWS\iun506.exe C:\Expert_MININEC_Classic\irunin.ini
FL Studio 6-->C:\Program Files\Image-Line\FL Studio 6\uninstall.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
Flickr Uploadr 3.0.5-->"C:\Program Files\Flickr Uploadr\uninstall.exe"
Free WMA to MP3 Converter 1.08-->"C:\Program Files\Free WMA to MP3 Converter\unins000.exe"
FreeRIP v2.50-->"C:\Program Files\FreeRIP2\unins000.exe"
GeoSetter 2.5.3-->"C:\Program Files\GeoSetter\unins000.exe"
gigabeat V30 Manual-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A444268D-904A-446A-A5A2-472EB83CE1B2}\Setup.exe" -l0x9 -removeonly
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
G-tune 2.50-->C:\WINDOWS\wpktui10.exe "c:\program files\JHC Software\G-tune V2\wpktui.ui"
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP Wireless Assistant 1.01 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Image-Line PoiZone v2.1-->C:\PROGRA~1\IMAGE-~1\PoiZone\UNINST~1\UNWISE.EXE C:\PROGRA~1\IMAGE-~1\PoiZone\UNINST~1\INSTALL.LOG
ImageMagick 6.4.1-7 Q16 (07/01/08)-->"C:\Program Files\ImageMagick-6.4.1-Q16\unins000.exe"
iTunes-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE20E2F5-1903-4AAE-B1AF-2046E586C925}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Live 4.0.1-->C:\PROGRA~1\Ableton\LIVE40~1.1\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE40~1.1\Install\INSTALL.LOG
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x9 UNINSTALL -removeonly
Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
M-Audio Series II MIDI-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe" -l0x9 -removeonly
MFC80-->MsiExec.exe /I{818CBFBE-F23E-45E3-B67B-55FBCF945F37}
Micron Groove-Mod-->MsiExec.exe /X{9D66CAC7-DF94-4468-8FFD-8740A46ECA79}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microzune Editor-->MsiExec.exe /X{23043577-70DE-488F-96BC-656D2D65F0F2}
MIDI-OX-->MsiExec.exe /I{ABC52CF9-2D43-4278-A152-CB2CD3ED8FE9}
MixMeister BPM Analyzer 1.0-->"C:\Program Files\MixMeister BPM Analyzer\unins000.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
muvee autoProducer 4.0 - SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{534AA552-E1F1-4965-B2AA-FBDEB0730D60}\setup.exe" -l0x9
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Notebook BatteryInfo -->"C:\Program Files\BatteryInfo\uninstall.exe"
OziExplorer 3.95-->c:\OziExplorer\unins000.exe
PCR Editor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B85CF65-FC3A-4C81-99DF-5C902D2A0180}\setup.exe" UNINSTALL_XXX
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PhotoFrame Pro 3.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5F073685-ADDB-4D5A-98E9-0F795989A57F}\setup.exe" -l0x9 -uninst -removeonly
PhotoME-->"C:\Program Files\PhotoME\unins000.exe"
PhotoPresets with One-Click WOW!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{235674B0-A35F-4811-8A8F-E8F42A919EA3}\setup.exe" -l0x9 -uninst -removeonly
picture-shark 1.0-->C:\Program Files\picture-shark\UnGins.exe "C:\Program Files\picture-shark\install.log"
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
PrintKey2000-->C:\PROGRA~1\PRINTK~1\UNWISE.EXE C:\PROGRA~1\PRINTK~1\INSTALL.LOG
quad-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\quad\ST6UNST.LOG"
Quick Launch Buttons 5.10 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninst
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE
Registry Easy v4.7-->"C:\Program Files\Registry Easy\unins000.exe"
Registry Mechanic 7.0-->"C:\Program Files\Registry Mechanic\unins000.exe"
SD-JukeboxV5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82625564-5A7A-11D7-AECE-00105A5D0C38}\setup.exe" -l0x9
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
SmartFTP Client 2.5 Setup Files (remove only)-->C:\Program Files\SmartFTP Client 2.5 Setup Files\uninst-sftp.exe
SmartFTP Client-->MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spyder2-->C:\WINDOWS\unvise32.exe C:\Program Files\PANTONE COLORVISION\uninstal.log
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{612DC38A-B36A-4699-88EB-12C7394DE2FC} /l1033
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TreeComp-->MsiExec.exe /I{30A01D71-86B1-4C24-8B1B-F9CCBDE094CC}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
verticals-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\vert antenna\ST6UNST.LOG"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081013-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=c:\program files\imagemagick-6.4.1-q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Autodesk Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\

-----------------EOF-----------------

Edited by gordolake, 14 October 2008 - 05:31 AM.

[Rorschach112]

Hello

1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present):

O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - (no file)
O2 - BHO: (no name) - {591E44E8-734B-4289-9514-B78785F25C5F} - C:\WINDOWS\system32\vtUolIyx.dll (file missing)
O2 - BHO: {2f8b3053-a81b-7089-da04-e6ad2e711296} - {692117e2-da6e-40ad-9807-b18a3503b8f2} - C:\WINDOWS\system32\faxfaq.dll (file missing)
O20 - AppInit_DLLs: faxfaq.dll

2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.



Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  :Processes
  explorer.exe
  
  :Services
  
  :Reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  "{903C377B-E501-4A35-A6B2-1E3994711EA1}"=-
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
  "authentication packages"=msv1_0
  
  :Files
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.



Also post a new Rsit log