View Full Version : Vundo / Virtumonde
DannyKing
2009-01-05, 03:15
SB S&D said that I had the Virtumonde trojan.
Here is my HJT logs.
Thank you in advance for all your help.. :)
Danny
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:02:24 PM, on 1/4/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\FreePOPs\freepopsd.exe
C:\Program Files\MemTurbo\MemTurbo.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cybertown.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: _URLHandler - {23A6F4C1-32EA-40AF-B42B-E0A99E2A74A6} - D:\PROGRA~1\Romeo\ROMEOS~1.DLL
O1 - Hosts: 80.190.201.251 www.blaxxun.com
O1 - Hosts: 80.190.201.251 ww2.blaxxun.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: VizController Class - {0F9CECE1-0306-4BB0-8BEF-C9EA3841E38A} - D:\Program Files\Vyooh\DiskView\VizBHO.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\FCBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: DiskView - {6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - D:\Program Files\Vyooh\DiskView\VizBar.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe"
O4 - HKLM\..\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\ADOBE\SHOCKW~1\SWHELP~2.EXE -Update -1100458 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.04506.648; InfoPath.2)
O4 - HKUS\S-1-5-18\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: freepopsd.exe.lnk = C:\Program Files\FreePOPs\freepopsd.exe
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo\MemTurbo.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Append to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\FCIEXT.dll/FCIEXT.htm
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\FCIEXT.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.angelfire.com
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O15 - Trusted Zone: cyber.cybertown.com
O15 - Trusted Zone: ivnwww.cybertown.com
O15 - Trusted Zone: http://www.cybertown.com
O15 - Trusted Zone: http://www.gamescolony.org
O15 - Trusted Zone: http://www.myfreepaysite.com
O15 - Trusted Zone: http://www.myvrtown.com
O15 - Trusted Zone: http://www.oddesseyevolution.net
O15 - Trusted Zone: http://*.tech-ct.com
O15 - Trusted Zone: http://www.youtube.com
O15 - Trusted Zone: http://www.zoneedit.com
O16 - DPF: {03A99563-4F42-4DCF-A069-C728A71164A3} - http://apps.vivaty.com/downloads/player/install.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,avgrsstx.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program Files\RelevantKnowledge\rlai.dll,
O20 - Winlogon Notify: hgGabcYP - hgGabcYP.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\WINDOWS\system32\lxdncoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 16306 bytes
shelf life
2009-01-09, 04:14
hi,
did you add all those URL's to your trusted zone (015).
we will get a download to use:
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)in your reply.
DannyKing
2009-01-09, 06:38
No I did NOT add all those sites to my trusted sites. A few I recognize but most of them do not look familiar.
Here are my two log files:
log.txt
Logfile of random's system information tool 1.05 (written by random/random)
Run by Danny King at 2009-01-09 00:19:42
Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (9%) free of 29 GB
Total RAM: 767 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:06 AM, on 1/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\FreePOPs\freepopsd.exe
C:\Program Files\MemTurbo\MemTurbo.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\logon.scr
C:\Documents and Settings\Danny King\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Danny King.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cybertown.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: _URLHandler - {23A6F4C1-32EA-40AF-B42B-E0A99E2A74A6} - D:\PROGRA~1\Romeo\ROMEOS~1.DLL
O1 - Hosts: 80.190.201.251 www.blaxxun.com
O1 - Hosts: 80.190.201.251 ww2.blaxxun.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: VizController Class - {0F9CECE1-0306-4BB0-8BEF-C9EA3841E38A} - D:\Program Files\Vyooh\DiskView\VizBHO.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\FCBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: DiskView - {6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - D:\Program Files\Vyooh\DiskView\VizBar.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe"
O4 - HKLM\..\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\ADOBE\SHOCKW~1\SWHELP~2.EXE -Update -1100458 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.04506.648; InfoPath.2)
O4 - HKUS\S-1-5-18\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: freepopsd.exe.lnk = C:\Program Files\FreePOPs\freepopsd.exe
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo\MemTurbo.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Append to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\FCIEXT.dll/FCIEXT.htm
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\FCIEXT.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.angelfire.com
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O15 - Trusted Zone: cyber.cybertown.com
O15 - Trusted Zone: ivnwww.cybertown.com
O15 - Trusted Zone: http://www.cybertown.com
O15 - Trusted Zone: http://www.gamescolony.org
O15 - Trusted Zone: http://www.myfreepaysite.com
O15 - Trusted Zone: http://www.myvrtown.com
O15 - Trusted Zone: http://www.oddesseyevolution.net
O15 - Trusted Zone: http://*.tech-ct.com
O15 - Trusted Zone: http://www.youtube.com
O15 - Trusted Zone: http://www.zoneedit.com
O16 - DPF: {03A99563-4F42-4DCF-A069-C728A71164A3} - http://apps.vivaty.com/downloads/player/install.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,avgrsstx.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program Files\RelevantKnowledge\rlai.dll,
O20 - Winlogon Notify: hgGabcYP - hgGabcYP.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\WINDOWS\system32\lxdncoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 16343 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{CB24038D-D89C-4CB8-9E67-509EE0F2756A}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F9CECE1-0306-4BB0-8BEF-C9EA3841E38A}]
VizController Class - D:\Program Files\Vyooh\DiskView\VizBHO.dll [2007-07-25 30512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Toolbar - C:\Program Files\Lexmark Toolbar\toolband.dll [2007-12-01 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-07-06 308856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-08-29 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{601ED020-FB6C-11D3-87D8-0050DA59922B}]
WsftpBrowserHelper Class - C:\Program Files\WS_FTP Pro\wsbho2k0.dll [2003-05-23 131118]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-09-21 5759816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-05-07 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B3868B4-EBA8-48FA-A19B-E1DFB99066FA}]
BHO Class - C:\Program Files\FlashCapture\FCBHO.dll [2003-06-13 507977]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-07-10 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-05-07 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-05-07 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-09-21 5759816]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-07-10 2055960]
{6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - DiskView - D:\Program Files\Vyooh\DiskView\VizBar.dll [2007-07-25 49968]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Toolbar - C:\Program Files\Lexmark Toolbar\toolband.dll [2007-12-01 266240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"nwiz"=nwiz.exe /install []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"COMODO Firewall Pro"=C:\Program Files\COMODO\Firewall\cfp.exe [2008-12-04 1797880]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-04 1261336]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"COMODO Internet Security"=C:\Program Files\COMODO\Firewall\cfp.exe [2008-12-04 1797880]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-12-25 1783808]
"lxdnmon.exe"=C:\Program Files\Lexmark 2600 Series\lxdnmon.exe [2008-03-27 660136]
"lxdnamon"=C:\Program Files\Lexmark 2600 Series\lxdnamon.exe [2008-03-27 16040]
"FaxCenterServer"=C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2008-03-27 320168]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2007-12-30 1365504]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-04-21 5724184]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-10-26 243072]
"Gadwin PrintScreen 2.6"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2003-07-16 913408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2008-09-21 160592]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\ADOBE\SHOCKW~1\SWHELP~2.EXE [2008-06-17 439736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apache2"=2
C:\Documents and Settings\Danny King\Start Menu\Programs\Startup
freepopsd.exe.lnk - C:\Program Files\FreePOPs\freepopsd.exe
MemTurbo.lnk - C:\Program Files\MemTurbo\MemTurbo.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\guard32.dll,avgrsstx.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program Files\RelevantKnowledge\rlai.dll,"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hgGabcYP]
hgGabcYP.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2006-02-28 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{A98D0065-7326-41B5-B8D9-C5B692CDB82F}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\ddcyXPFV
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"RunStartupScriptSync"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"RunStartupScriptSync"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=144
"NoDrives"=00000000
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IMApp.exe"="C:\Program Files\IncrediMail\bin\IMApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"D:\Program Files\Irrational Games\Freedom Force\fforce.exe"="D:\Program Files\Irrational Games\Freedom Force\fforce.exe:*:Enabled:FreedomForce"
"C:\Program Files\Crazy Browser\Crazy Browser.exe"="C:\Program Files\Crazy Browser\Crazy Browser.exe:*:Enabled:Crazy Browser"
"E:\Terminator 3 - War of the Machines\T3.exe"="E:\Terminator 3 - War of the Machines\T3.exe:*:Enabled:T3"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"D:\Shareaza\Shareaza.exe"="D:\Shareaza\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
"C:\Program Files\WS_FTP Pro\wsftppro.exe"="C:\Program Files\WS_FTP Pro\wsftppro.exe:*:Enabled:WS_FTP Pro Application"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"D:\MOHAA\MOHAA.exe"="D:\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault"
"D:\Program Files\ICQ6\ICQ.exe"="D:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\Program Files\Destiny\RadioDestiny Broadcaster\RadioDestiny Broadcaster.exe"="D:\Program Files\Destiny\RadioDestiny Broadcaster\RadioDestiny Broadcaster.exe:*:Enabled:RadioDestiny Broadcaster"
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
"D:\Program Files\Counter-Strike 1.6\hl.exe"="D:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\HLSW\hlsw.exe"="D:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"D:\Program Files\Counter-Strike 1.6\hlds.exe"="D:\Program Files\Counter-Strike 1.6\hlds.exe:*:Enabled:HLDS Launcher"
"D:\Program Files\Romeo\RomeoBurner.exe"="D:\Program Files\Romeo\RomeoBurner.exe:*:Enabled:Romeo"
"C:\Program Files\GreenBrowser\GreenBrowser.exe"="C:\Program Files\GreenBrowser\GreenBrowser.exe:*:Enabled:GreenBrowser Web Browser"
"D:\Program Files\Hey, Joe!\HeyJoe.exe"="D:\Program Files\Hey, Joe!\HeyJoe.exe:*:Enabled:Hey, Joe! - Messages sending utility"
"E:\Program Files\PHP Expert Editor\phpxedit.exe"="E:\Program Files\PHP Expert Editor\phpxedit.exe:*:Enabled:phpxedit"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Avant Browser\avant.exe"="C:\Program Files\Avant Browser\avant.exe:*:Enabled:Avant Browser"
"E:\quake 3 arena2\quake3.exe"="E:\quake 3 arena2\quake3.exe:*:Enabled:quake3"
"C:\Program Files\Microsoft Office\Office12\outlook.exe"="C:\Program Files\Microsoft Office\Office12\outlook.exe:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\groove.exe"="C:\Program Files\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\onenote.exe"="C:\Program Files\Microsoft Office\Office12\onenote.exe:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\IncrediMail\bin\ImSc.exe"="C:\Program Files\IncrediMail\bin\ImSc.exe:*:Enabled:IncrediMail"
"D:\BitTorrent\BitTorrent.exe"="D:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\WINDOWS\Temp\~os4.tmp\ossproxy.exe"="C:\WINDOWS\Temp\~os4.tmp\ossproxy.exe:*:Enabled:ossproxy.exe"
"E:\Quake3ArenaGOLD\Quake3\quake3.exe"="E:\Quake3ArenaGOLD\Quake3\quake3.exe:*:Enabled:quake3"
"C:\Program Files\River Past\Video Perspective\VideoPerspective.exe"="C:\Program Files\River Past\Video Perspective\VideoPerspective.exe:*:Enabled:River Past Video Perspective"
"C:\WINDOWS\System32\mmc.exe"="C:\WINDOWS\System32\mmc.exe:*:Enabled:Microsoft Management Console"
"D:\Program Files\GameHouse Games Collection\Wheel of Fortune\Wheel of Fortune.exe"="D:\Program Files\GameHouse Games Collection\Wheel of Fortune\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune"
"C:\Program Files\IncrediMail\bin\ImLc.exe"="C:\Program Files\IncrediMail\bin\ImLc.exe:*:Enabled:IncrediMail"
"C:\WINDOWS\System32\lxdncoms.exe"="C:\WINDOWS\System32\lxdncoms.exe:*:Enabled:Lexmark Communications System"
"C:\Program Files\Lexmark 2600 Series\lxdnamon.exe"="C:\Program Files\Lexmark 2600 Series\lxdnamon.exe:*:Enabled:Lexmark Device Monitor"
"C:\Program Files\Lexmark 2600 Series\frun.exe"="C:\Program Files\Lexmark 2600 Series\frun.exe:*:Enabled:Lexmark Productivity Studio"
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader"
"C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe"="C:\Program Files\Lexmark Fax Solutions\FaxCtr.exe:*:Enabled:Fax software"
"C:\Program Files\Lexmark 2600 Series\lxdnMON.EXE"="C:\Program Files\Lexmark 2600 Series\lxdnMON.EXE:*:Enabled:Printer Device Monitor"
"C:\WINDOWS\System32\SPOOL\drivers\W32X86\3\lxdnpswx.exe"="C:\WINDOWS\System32\SPOOL\drivers\W32X86\3\lxdnpswx.exe:*:Enabled:Printer Status Window Interface"
"C:\WINDOWS\System32\SPOOL\drivers\W32X86\3\lxdntime.exe"="C:\WINDOWS\System32\SPOOL\drivers\W32X86\3\lxdntime.exe:*:Enabled:Lexmark Connect Time Executable"
"C:\WINDOWS\System32\SPOOL\drivers\W32X86\3\lxdnjswx.exe"="C:\WINDOWS\System32\SPOOL\drivers\W32X86\3\lxdnjswx.exe:*:Enabled:Job Status Window Interface"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5944dc3-6f16-11dd-805c-0002e31c2ab8}]
shell\AutoRun\command - H:\InstallTomTomHOME.exe
======File associations======
.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*
======List of files/folders created in the last 1 months======
2009-01-09 00:19:42 ----D---- C:\rsit
2009-01-04 20:45:10 ----D---- C:\Program Files\Trend Micro
2009-01-02 23:55:29 ----A---- C:\WINDOWS\system32\PolarZIPLight.dll
2008-12-30 21:08:41 ----D---- C:\Documents and Settings\Danny King\Application Data\FaxCtr
2008-12-28 01:08:46 ----D---- C:\Documents and Settings\Danny King\Application Data\Lexmark Productivity Studio
2008-12-28 01:06:24 ----D---- C:\logs
2008-12-28 01:05:35 ----A---- C:\WINDOWS\system32\lxdnvs.dll
2008-12-28 01:05:27 ----A---- C:\WINDOWS\system32\lxdncoin.dll
2008-12-28 01:04:39 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2008-12-28 01:04:29 ----A---- C:\WINDOWS\system32\lxdncaps.dll
2008-12-28 01:04:28 ----A---- C:\WINDOWS\system32\lxdndrs.dll
2008-12-28 01:04:28 ----A---- C:\WINDOWS\system32\lxdncnv4.dll
2008-12-28 01:03:43 ----A---- C:\WINDOWS\system32\LXF3PMON.DLL
2008-12-28 01:03:43 ----A---- C:\WINDOWS\system32\LXF3FXPU.DLL
2008-12-28 01:03:23 ----A---- C:\WINDOWS\system32\LXF3PMRC.DLL
2008-12-28 01:03:23 ----A---- C:\WINDOWS\system32\lxf3oem.dll
2008-12-28 01:03:23 ----A---- C:\WINDOWS\system32\IMHOST32.DLL
2008-12-28 01:03:23 ----A---- C:\WINDOWS\system32\IMGMAN32.DLL
2008-12-28 01:02:58 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\FaxCtr
2008-12-28 01:02:36 ----D---- C:\Program Files\Lexmark Fax Solutions
2008-12-28 01:01:34 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-12-28 01:01:11 ----D---- C:\Program Files\Lexmark Tools for Office
2008-12-28 00:57:57 ----D---- C:\Program Files\Lexmark Toolbar
2008-12-28 00:57:45 ----A---- C:\WINDOWS\system32\lxdnwupd.exe
2008-12-28 00:57:45 ----A---- C:\WINDOWS\system32\lxdnwupd.dll
2008-12-28 00:57:43 ----A---- C:\WINDOWS\system32\lxdnrwrd.ini
2008-12-28 00:57:18 ----A---- C:\WINDOWS\system32\LXDNinst.dll
2008-12-28 00:57:17 ----A---- C:\WINDOWS\system32\lxdnutil.dll
2008-12-28 00:57:17 ----A---- C:\WINDOWS\system32\lxdninpa.dll
2008-12-28 00:57:17 ----A---- C:\WINDOWS\system32\lxdniesc.dll
2008-12-28 00:57:17 ----A---- C:\WINDOWS\system32\LXDNhcp.dll
2008-12-28 00:57:16 ----A---- C:\WINDOWS\system32\lxdnusb1.dll
2008-12-28 00:57:15 ----A---- C:\WINDOWS\system32\lxdnserv.dll
2008-12-28 00:57:15 ----A---- C:\WINDOWS\system32\lxdnprox.dll
2008-12-28 00:57:14 ----A---- C:\WINDOWS\system32\lxdnpmui.dll
2008-12-28 00:57:14 ----A---- C:\WINDOWS\system32\lxdnlmpm.dll
2008-12-28 00:57:14 ----A---- C:\WINDOWS\system32\lxdnjswr.dll
2008-12-28 00:57:13 ----A---- C:\WINDOWS\system32\lxdninsr.dll
2008-12-28 00:57:13 ----A---- C:\WINDOWS\system32\lxdninsb.dll
2008-12-28 00:57:13 ----A---- C:\WINDOWS\system32\lxdnins.dll
2008-12-28 00:57:13 ----A---- C:\WINDOWS\system32\lxdnih.exe
2008-12-28 00:57:12 ----A---- C:\WINDOWS\system32\lxdnhbn3.dll
2008-12-28 00:57:12 ----A---- C:\WINDOWS\system32\lxdngrd.dll
2008-12-28 00:57:12 ----A---- C:\WINDOWS\system32\lxdngf.dll
2008-12-28 00:57:11 ----A---- C:\WINDOWS\system32\lxdncur.dll
2008-12-28 00:57:11 ----A---- C:\WINDOWS\system32\lxdncub.dll
2008-12-28 00:57:11 ----A---- C:\WINDOWS\system32\lxdncu.dll
2008-12-28 00:57:11 ----A---- C:\WINDOWS\system32\lxdncoms.exe
2008-12-28 00:57:10 ----A---- C:\WINDOWS\system32\lxdncomm.dll
2008-12-28 00:57:10 ----A---- C:\WINDOWS\system32\lxdncomc.dll
2008-12-28 00:57:10 ----A---- C:\WINDOWS\system32\lxdncfg.exe
2008-12-28 00:57:09 ----A---- C:\WINDOWS\system32\LXDNcfg.dll
2008-12-28 00:56:58 ----D---- C:\Program Files\Lexmark 2600 Series
2008-12-27 17:34:20 ----D---- C:\Program Files\Remove Empty Directories
2008-12-26 00:56:07 ----D---- C:\Program Files\WinClamAVShield
2008-12-25 23:19:23 ----D---- C:\Documents and Settings\Danny King\Application Data\Spyware Terminator
2008-12-25 23:19:20 ----D---- C:\Program Files\Spyware Terminator
2008-12-25 23:19:20 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spyware Terminator
2008-12-25 16:34:41 ----A---- C:\WINDOWS\system32\1712ded5-.txt
2008-12-25 14:13:17 ----A---- C:\VundoFix.txt
2008-12-25 14:12:36 ----D---- C:\VundoFix Backups
2008-12-25 12:53:44 ----D---- C:\Program Files\Empty Dir Remover
2008-12-18 01:01:20 ----D---- C:\WINDOWS\ie8updates
2008-12-13 18:51:57 ----D---- C:\Documents and Settings\Danny King\Application Data\Wildfire
2008-12-13 18:34:42 ----H---- C:\WINDOWS\system32\spv1_WCssg.ini
2008-12-12 21:41:52 ----A---- C:\WINDOWS\Pool.INI
2008-12-12 01:13:53 ----HD---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-12 01:13:40 ----HD---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-12 01:03:27 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 01:03:01 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-12 00:11:07 ----D---- C:\Documents and Settings\Danny King\Application Data\Opera
2008-12-12 00:10:30 ----D---- C:\Program Files\Opera
2008-12-11 23:14:27 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2008-12-11 23:14:26 ----A---- C:\WINDOWS\system32\WowCtl.dll
2008-12-11 23:14:26 ----A---- C:\WINDOWS\system32\dXTList.dll
2008-12-11 23:14:26 ----A---- C:\WINDOWS\system32\dXPSystm.dll
2008-12-11 00:55:33 ----D---- C:\Documents and Settings\Danny King\Application Data\funkitron
======List of files/folders modified in the last 1 months======
2009-01-08 18:36:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-04 15:46:02 ----A---- C:\WINDOWS\WinInit.ini
2008-12-30 23:33:00 ----SH---- C:\boot.ini
2008-12-30 23:33:00 ----A---- C:\WINDOWS\win.ini
2008-12-30 23:33:00 ----A---- C:\WINDOWS\SYSTEM.INI
2008-12-14 08:59:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 01:14:08 ----A---- C:\WINDOWS\imsins.BAK
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2006-02-28 37376]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-08-29 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-07-10 26824]
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-12-04 101776]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-11-19 31504]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-07-10 76040]
R2 BrPar;Brother Parallel Driver; C:\WINDOWS\System32\Drivers\BrPar.sys [2000-07-23 19537]
R2 enodpl;enodpl; C:\WINDOWS\system32\DRIVERS\enodpl.sys [2008-09-19 7552]
R2 litdpl;litdpl; C:\WINDOWS\system32\DRIVERS\litdpl.sys [2008-09-19 4736]
R2 RVIEG01;VSC Engine; \??\D:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys []
R3 FA312;NETGEAR FA330/FA312/FA311 Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\FA312nd5.sys [2001-08-17 16074]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-05-20 47360]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-02-28 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-02-28 20480]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2003-08-19 73984]
S1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys []
S2 MCSTRM;MCSTRM; C:\WINDOWS\system32\drivers\MCSTRM.sys []
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 _IOMEGA_ACTIVE_DISK_SERVICE_;Iomega Active Disk; C:\Program Files\Iomega\AutoDisk\ADService.exe [2002-09-24 151552]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 875288]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe [2008-12-04 618232]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-05-07 147456]
R2 lxdn_device;lxdn_device; C:\WINDOWS\system32\lxdncoms.exe [2008-02-27 594600]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2008-02-27 98984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-12-25 570880]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 Iomega App Services;Iomega App Services; C:\PROGRA~1\Iomega\System32\AppServices.exe [2002-09-04 73728]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2008-10-22 170640]
S2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-12-28 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-04-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Imapi Helper;Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [2006-01-05 163840]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
S4 Iomega Activity Disk2;Iomega Activity Disk2; []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
DannyKing
2009-01-09, 06:40
Here is the info.txt file. It was too long to post both text files
info.txt logfile of random's system information tool 1.05 2009-01-09 00:20:14
======Uninstall list======
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1Click DVD Copy 5.3.1.7-->"D:\Program Files\LG Software Innovations\1Click DVD Copy 5\unins000.exe"
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
3DVIA player 4.1-->MsiExec.exe /X{4E868D3D-6EEB-4273-926C-2287236B5B79}
3Planesoft Screensaver Manager 1.1-->"C:\Program Files\3Planesoft Screensaver Manager\unins000.exe"
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Active Disk-->C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\AutoDisk\uninstal.log
Adobe Acrobat 8.1.2 Professional-->msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player-->C:\WINDOWS\system32\ADOBE\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\ADOBE\SHOCKW~1\INSTALL.LOG
AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
Alien Skin Exposure-->D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\Exposure\Unwise32.exe D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\Exposure\INSTALL.LOG
Alien Skin Eye Candy 5 Impact-->D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\EYECAN~1\Unwise32.exe D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\EYECAN~1\INSTALL.LOG
Alien Skin Eye Candy 5 Nature-->D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\EYECAN~2\Unwise32.exe D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\EYECAN~2\INSTALL.LOG
Alien Skin Eye Candy 5 Textures-->D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\EYECAN~3\UNWISE.EXE D:\JASCSO~1\PAINTS~2\plugins\ALIENS~1\EYECAN~3\INSTALL.LOG
Alien Skin Xenofex 2.0-->D:\JASCSO~1\PAINTS~2\plugins\ALIENS~2\UNWISE.EXE D:\JASCSO~1\PAINTS~2\plugins\ALIENS~2\INSTALL.LOG
AMP Font Viewer-->"D:\Program Files\AMP Font Viewer\uninstall.exe"
Ancient Castle 3D Screensaver 1.1-->"C:\Program Files\Ancient Castle 3D Screensaver\unins000.exe"
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
Avant Browser (remove only)-->"C:\Program Files\Avant Browser\uninst.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVS Video Converter 5.6-->"D:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.2-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Band-in-a-Box 2006-->D:\bb\unins000.exe
Belarc Advisor 7.2-->C:\PROGRA~1\BELARC\ADVISOR\Uninstall.exe C:\PROGRA~1\BELARC\ADVISOR\INSTALL.LOG
Blade Runner-->"d:\Program Files\Westwood\Blade Runner\unins000.exe"
blaxxun Contact-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A34386F8-7655-4E3B-9F51-D3064F607C89}\Setup.exe" -l0x9 UNINSTALL-L0x9
Blaze Media Pro-->"C:\Documents and Settings\All Users.WINDOWS\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\setup_blazemp.exe" REMOVE=TRUE MODIFY=FALSE
BS Contact VRML-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CA6B50B-EA91-43AF-9347-6E85F16D0329}\Setup.exe" -l0x9
CD Bank Cataloguer (remove only)-->"D:\Program Files\CD Bank\uninstall.exe"
Character Tool-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99E2ED20-903D-43EE-99D1-FDFF550B58DA}\Setup.exe"
Cheatbook Database 2008-->"D:\Program Files\Cheatbook Database 2008\Uninstal.exe"
Christmas 3D Screensaver 1.0-->"C:\Program Files\Christmas 3D Screensaver\unins000.exe"
Christmas Tree 3D Screensaver 1.0-->"C:\Program Files\Christmas Tree 3D Screensaver\unins000.exe"
CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
Clock Tower 3D Screensaver 1.1-->"C:\Program Files\Clock Tower 3D Screensaver\unins000.exe"
CoffeeCup GIF Animator-->D:\PROGRA~1\COFFEE~1\GIFANI~1\UNWISE.EXE D:\PROGRA~1\COFFEE~1\GIFANI~1\GAinst.LOG
CoffeeCup Website Color Schemer-->C:\PROGRA~1\COFFEE~1\CO3E71~1\UNWISE.EXE C:\PROGRA~1\COFFEE~1\CO3E71~1\Schemer.log
COMODO Firewall Pro-->C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
Coral Clock 3D Screensaver 1.0-->"C:\Program Files\Coral Clock 3D Screensaver\unins000.exe"
Cortona3D Viewer-->MsiExec.exe /X{7D228E96-4124-4DDB-A4B3-C89FBCABC77F}
Counter-Strike 1.6-->d:\Program Files\Counter-Strike 1.6\Uninstal.exe
Crazy Browser version 3.0.0 RC1-->"C:\Program Files\Crazy Browser\unins000.exe"
Cuckoo Clock 3D Screensaver 1.0-->"C:\Program Files\Cuckoo Clock 3D Screensaver\unins000.exe"
Decal Converter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BB207D6-0E1E-11D5-9B6A-00C04F7EC248}\Setup.exe"
Deer Drive-->"C:\WINDOWS\Deer Drive\uninstall.exe" "/U:E:\Program Files\Deer Drive\Uninstall\uninstall.xml"
Discovery 3D Screensaver 1.1-->"C:\Program Files\Discovery 3D Screensaver\unins000.exe"
DiskView-->MsiExec.exe /I{15F81E1F-0055-463B-BBCA-0862FB2BFF9D}
djDecks (remove only)-->"D:\Program Files\djDecks\uninstall.exe"
Duplicate Cleaner 1.2-->"D:\Program Files\Duplicate Cleaner\unins000.exe"
Earth 3D Screensaver 1.0-->"C:\Program Files\Earth 3D Screensaver\unins000.exe"
Eye Candy 4000-->D:\JASCSO~1\PAINTS~2\plugins\EYECAN~1\UNWISE.EXE D:\JASCSO~1\PAINTS~2\plugins\EYECAN~1\INSTALL.LOG
Fantasy Moon 3D Screensaver 1.3-->"C:\Program Files\Fantasy Moon 3D Screensaver\unins000.exe"
filehippo.com Update Checker-->"D:\Program Files\filehippo.com\uninstall.exe"
FileZilla Client 3.1.5-->C:\Program Files\FileZilla\uninstall.exe
Fireplace 3D Screensaver 1.0-->"C:\Program Files\Fireplace 3D Screensaver\unins000.exe"
Fireside Christmas 3D Screensaver 1.0-->"C:\Program Files\Fireside Christmas 3D Screensaver\unins000.exe"
Flag 3D Screensaver 1.0-->"C:\Program Files\Flag 3D Screensaver\unins000.exe"
FlashCapture v1.5-->"C:\Program Files\FlashCapture\unins000.exe"
Flux Studio 2.1-->MsiExec.exe /X{B9770421-CF21-4742-9531-79F77F1C3F06}
Freedom Force Editor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9BAF7D2D-EF9B-4CFF-8695-A92112B9EA6F}\Setup.exe" -l0x9
Freedom Force-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75AD7D33-EF26-4609-9D8D-CBF7F9AC5E08}\Setup.exe" -l0x9
Galleon 3D Screensaver 1.3-->"C:\Program Files\Galleon 3D Screensaver\unins000.exe"
GameHouse Games Collection: Bejeweled 2-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\BEJEWE~1\Install.log
GameHouse Games Collection: Bewitched-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\BEWITC~1\Install.log
GameHouse Games Collection: Casino Island To Go-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\CASINO~1\Install.log
GameHouse Games Collection: Feeding Frenzy-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\FEEDIN~1\Install.log
GameHouse Games Collection: GameHouse Sudoku-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\GAMEHO~1\Install.log
GameHouse Games Collection: Gutterball 2-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\GUTTER~2\Install.log
GameHouse Games Collection: Gutterball-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\GUTTER~1\Install.log
GameHouse Games Collection: Hamsterball-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\HAMSTE~1\Install.log
GameHouse Games Collection: Holiday Express-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\HOLIDA~1\Install.log
GameHouse Games Collection: Iggle Pop!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\IGGLEP~1\Install.log
GameHouse Games Collection: Incadia-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\Incadia\Install.log
GameHouse Games Collection: Incredible Ink-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\INCRED~1\Install.log
GameHouse Games Collection: Insaniquarium Deluxe-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\INSANI~1\Install.log
GameHouse Games Collection: Inspector Parker-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\INSPEC~1\Install.log
GameHouse Games Collection: Invadazoid-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\INVADA~1\Install.log
GameHouse Games Collection: Jewel Quest-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\JEWELQ~1\Install.log
GameHouse Games Collection: Lemonade Tycoon-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\LEMONA~1\Install.log
GameHouse Games Collection: Luxor-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\Luxor\Install.log
GameHouse Games Collection: Mad Caps-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MADCAP~1\Install.log
GameHouse Games Collection: Magic Ball 2 - New Worlds-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAGICB~3\Install.log
GameHouse Games Collection: Magic Ball 2-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAGICB~2\Install.log
GameHouse Games Collection: Magic Ball-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAGICB~1\Install.log
GameHouse Games Collection: Magic Inlay-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAGICI~1\Install.log
GameHouse Games Collection: Magic Vines-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAGICV~1\Install.log
GameHouse Games Collection: Mah Jong Adventures-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAHJON~1\Install.log
GameHouse Games Collection: Mah Jong Medley-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAHJON~2\Install.log
GameHouse Games Collection: Mah Jong Quest-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAHJON~3\Install.log
GameHouse Games Collection: Mahjong Garden To Go-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAHJON~4\Install.log
GameHouse Games Collection: Mahjong Towers Eternity-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MA32CC~1\Install.log
GameHouse Games Collection: Maui Wowee-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\MAUIWO~1\Install.log
GameHouse Games Collection: Phlinx To Go-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\PHLINX~1\Install.log
GameHouse Games Collection: Pin High Country Club Golf-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\PINHIG~1\Install.log
GameHouse Games Collection: Pizza Frenzy-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\PIZZAF~1\Install.log
GameHouse Games Collection: Platypus-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\Platypus\Install.log
GameHouse Games Collection: Poker Superstars-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\POKERS~1\Install.log
GameHouse Games Collection: Puzzle Express-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\PUZZLE~2\Install.log
GameHouse Games Collection: Puzzle Inlay-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\PUZZLE~1\Install.log
GameHouse Games Collection: Puzzle Solitaire-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\PUZZLE~3\Install.log
GameHouse Games Collection: QBz-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\QBz\Install.log
GameHouse Games Collection: Reader's Digest Super Word Power-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\READER~1\Install.log
GameHouse Games Collection: Ricochet Lost Worlds - Recharged-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\RICOCH~2\Install.log
GameHouse Games Collection: Ricochet Lost Worlds-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\RICOCH~1\Install.log
GameHouse Games Collection: Ricochet-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\Ricochet\Install.log
GameHouse Games Collection: Roller Rush-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\ROLLER~1\Install.log
GameHouse Games Collection: Saints & Sinners Bingo-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SAINTS~1\Install.log
GameHouse Games Collection: SCRABBLE-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SCRABBLE\Install.log
GameHouse Games Collection: Shape Shifter-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SHAPES~1\Install.log
GameHouse Games Collection: Slingo Deluxe-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SLINGO~1\Install.log
GameHouse Games Collection: Spelvin-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\Spelvin\Install.log
GameHouse Games Collection: Splash-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\Splash\Install.log
GameHouse Games Collection: Spring Sprang Sprung-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SPRING~1\Install.log
GameHouse Games Collection: Super 5-Line Slots-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPER5~1\Install.log
GameHouse Games Collection: Super Blackjack!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERB~1\Install.log
GameHouse Games Collection: Super Bounce Out!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERB~2\Install.log
GameHouse Games Collection: Super Candy Cruncher-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERC~1\Install.log
GameHouse Games Collection: Super Collapse! II Platinum-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERC~4\Install.log
GameHouse Games Collection: Super Collapse! II-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERC~3\Install.log
GameHouse Games Collection: Super Collapse!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERC~2\Install.log
GameHouse Games Collection: Super Fruit Frolic-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERF~1\Install.log
GameHouse Games Collection: Super GameHouse Solitaire Vol. 1-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERG~1.1\Install.log
GameHouse Games Collection: Super GameHouse Solitaire Vol. 2-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERG~1.2\Install.log
GameHouse Games Collection: Super GameHouse Solitaire Vol. 3-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERG~1.3\Install.log
GameHouse Games Collection: Super Gem Drop-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERG~1\Install.log
GameHouse Games Collection: Super Glinx!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERG~2\Install.log
GameHouse Games Collection: Super Letter Linker-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERL~1\Install.log
GameHouse Games Collection: Super Mah Jong Solitaire-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERM~1\Install.log
GameHouse Games Collection: Super Nisqually-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERN~1\Install.log
GameHouse Games Collection: Super PileUp!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERP~1\Install.log
GameHouse Games Collection: Super Pool-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERP~2\Install.log
GameHouse Games Collection: Super Pop & Drop!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERP~3\Install.log
GameHouse Games Collection: Super Rumble Cube-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERR~1\Install.log
GameHouse Games Collection: Super SpongeBob Collapse!-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERS~1\Install.log
GameHouse Games Collection: Super TextTwist-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERT~1\Install.log
GameHouse Games Collection: Super WHATword-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERW~1\Install.log
GameHouse Games Collection: Super Wild Wild Words-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\SUPERW~2\Install.log
GameHouse Games Collection: Tap a Jam-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TAPAJA~1\Install.log
GameHouse Games Collection: Ten Pin Championship Bowling Pro-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TENPIN~1\Install.log
GameHouse Games Collection: Tennis Titans-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TENNIS~1\Install.log
GameHouse Games Collection: Tradewinds 2-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TRADEW~1\Install.log
GameHouse Games Collection: Trivia Machine-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TRIVIA~1\Install.log
GameHouse Games Collection: Tropical Swaps-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TROPIC~1\Install.log
GameHouse Games Collection: Tumblebugs-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TUMBLE~1\Install.log
GameHouse Games Collection: Turtle Bay-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TURTLE~1\Install.log
GameHouse Games Collection: Twistingo-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\TWISTI~1\Install.log
GameHouse Games Collection: Ultimate Dominoes-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\ULTIMA~1\Install.log
GameHouse Games Collection: Varmintz Deluxe-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\VARMIN~1\Install.log
GameHouse Games Collection: Walls of Jericho, The-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\WALLSO~1\Install.log
GameHouse Games Collection: Wheel of Fortune-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\WHEELO~1\Install.log
GameHouse Games Collection: Word Jolt-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\WORDJO~1\Install.log
GameHouse Games Collection: Word Slinger-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\WORDSL~1\Install.log
GameHouse Games Collection: WordJong To Go-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\WORDJO~2\Install.log
GameHouse Games Collection: Zuma Deluxe-->D:\PROGRA~1\GAMEHO~1\unwise.exe /U D:\PROGRA~1\GAMEHO~1\ZUMADE~1\Install.log
GameSpot Download Manager-->"C:\Program Files\GameSpot\uninstall.exe"
Google SketchUp 6 Exporters-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EB459C2F-41CA-4222-B9CA-F8EBA40B8DAB}\setup.exe" -l0x9 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
Google SketchUp LayOut 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C12D609B-EB71-411B-82C3-9BE6D40435D7}\setup.exe" -l0x9 -removeonly
Google SketchUp Pro 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12E75B98-8463-4C1F-8DDA-F6CF31566A55}\setup.exe" -l0x9 -removeonly
Groove Games\Land Of The Dead-->D:\Program Files\Groove Games\Land Of The Dead\System\Setup.exe uninstall "LandOfTheDead"
Halloween 3D Screensaver 1.1-->"C:\Program Files\Halloween 3D Screensaver\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HLSW v1.1.6-->"d:\Program Files\HLSW\unins000.exe"
Hot Rod Garage to Glory-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5D7474-999D-4FEE-891C-995B0B4FFE9B}\setup.exe"
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Ice Clock 3D Screensaver 1.1-->"C:\Program Files\Ice Clock 3D Screensaver\unins000.exe"
ICQ6-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IncrediMail Xe-->C:\Program Files\IncrediMail\bin\ImSetup.exe /remove /addon:IncrediMail /log:IncMail.log
Insaniquarium Patch Installer 1.2-->C:\WINDOWS\iun6002.exe "D:\insane\Insaniquarium\irunin.ini"
IomegaWare 4.0.2-->C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\uninstal.log
Ipswitch WS_FTP Pro-->C:\WINDOWS\ISUNINST.EXE -f"C:\PROGRA~1\WS_FTP~1\uninst.isu" -c"C:\PROGRA~1\WS_FTP~1\FTPInstUtils.dll"
Java 2 Runtime Environment, SE v1.4.2_17-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142170}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Kaspersky Online Scanner-->C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Koi Fish 3D Screensaver 1.0-->"C:\Program Files\Koi Fish 3D Screensaver\unins000.exe"
Lagoon 3D Screensaver 1.0-->"C:\Program Files\Lagoon 3D Screensaver\unins000.exe"
Lantern 3D Screensaver 1.0-->"C:\Program Files\Lantern 3D Screensaver\unins000.exe"
Lexmark 2600 Series-->C:\Program Files\Lexmark 2600 Series\Install\x86\Uninst.exe
Lexmark Fax Solutions-->C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst
Lexmark Toolbar-->regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll"
Lexmark Tools for Office-->regsvr32.exe /s /u "C:\Program Files\Lexmark Tools for Office\CustomOfficeRibbon.dll"
Living 3D Dinosaurs Full Screen Saver-->"C:\PROGRA~1\SCREEN~1.COM\Living 3D Dinosaurs Full\UNINSTAL.EXE"
Macromedia Dreamweaver MX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x9 mmUninstall
Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Manual video for trueSpace7.6-->"d:\trueSpace76\unins000.exe"
Mechanical Clock 3D Screensaver 1.0-->"C:\Program Files\Mechanical Clock 3D Screensaver\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Mozilla Firefox (2.0.0.14)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Multiple Choice Quiz Maker 6.2.0-->"C:\Program Files\Multiple Choice Quiz Maker\unins000.exe"
Multiverse Client-->MsiExec.exe /I{A5E08284-41D3-4ACB-804D-47FBE5976A59}
Nature 3D Screensaver 1.1-->"C:\Program Files\Nature 3D Screensaver\unins000.exe"
Nautilus 3D Screensaver 1.2-->"C:\Program Files\Nautilus 3D Screensaver\unins000.exe"
NetAlyzer 0.3-->"C:\Program Files\PepiMK Software\NetAlyzer\unins000.exe"
Netscape Navigator (9.0)-->C:\Program Files\Netscape\Navigator 9\uninstall\helper.exe
NSIS FreePOPs (remove only)-->"C:\Program Files\FreePOPs\uninstall.exe"
NVIDIA Display Driver-->C:\WINDOWS\System32\nvudisp.exe Uninstall C:\WINDOWS\System32\nvdisp.nvu,NVIDIA Display Driver
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Opera 9.62-->MsiExec.exe /X{8318FEFD-F467-44D6-82B8-129374BFE9B1}
PD Particles-->C:\WINDOWS\ST5UNST.EXE -n "d:\Program Files\PD Particles\ST5UNST.LOG"
PDF to Word-->"C:\Program Files\PDF to Word\unins000.exe"
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
PerfOpt XP 1.0-->MsiExec.exe /X{187A9BBF-7C40-42A6-899C-65F2ACF8CAD6}
PG Music DirectX Plugins 1.3.4.1-->"D:\Program Files\PowerTracks DirectX Plugins\unins000.exe"
PSP Thumbnail Handler-->C:\Program Files\PSP Thumbnail Handler\Setup.exe /uninstall
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RadioDestiny Broadcaster-->"D:\Program Files\Destiny\RadioDestiny Broadcaster\uninst.exe"
Rainlendar2 (remove only)-->"C:\Program Files\Rainlendar2\uninst.exe"
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RegAlyzer-->"C:\Program Files\Safer Networking\RegAlyzer\unins000.exe"
Remove Empty Directories 2.1-->C:\Program Files\Remove Empty Directories\uninst.exe
River Past Video Perspective-->"C:\WINDOWS\Video Perspective Uninstaller.exe"
Robocop (remove only)-->"E:\Program Files\Titus\Robocop\uninstall.exe"
Rock Legend-->"D:\Program Files\Rock Legend\unins000.exe"
Romeo 2.3.2-->"D:\Program Files\Romeo\unins000.exe"
Safari-->MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
SC Audio CD creator 3.5.0.2-->"E:\Program Files\SoftwareClub.ws\SC Audio CD creator\unins000.exe"
SC DVD-Video Maker-->"D:\Program Files\SoftwareClub.ws\DVD-Video Maker\unins000.exe"
Security Task Manager 1.7e-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Security Task Manager"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB960714)-->"C:\WINDOWS\ie8updates\KB960714-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Security Update for Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SereneScreen Marine Aquarium 2.6-->"C:\Program Files\SereneScreen\Marine Aquarium 2.6\unins000.exe"
SlimBrowser (remove only)-->"C:\Program Files\SlimBrowser\uninst.exe"
Space Hound 32-->E:\Hound32\UNWISE.EXE E:\Hound32\INSTALL.LOG
Spider Writer 5.2-->C:\WINDOWS\uninst.exe -f"d:\spider writer 5.2\DeIsL3.isu" -cd:\SPIDER~1.2\_ISREG32.DLL
Spirit of Fire 3D Screensaver 2.4-->"C:\Program Files\Spirit of Fire 3D Screensaver\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
SpywareBlaster 4.0-->"C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"C:\Program Files\SpywareGuard\unins000.exe"
Star Wars 3D Screensaver 1.3-->"C:\Program Files\Star Wars 3D Screensaver\unins000.exe"
StickyPad-->MsiExec.exe /I{4AC3BEAD-0906-4676-BF85-12306330A66C}
Style Studio v3.8-->"e:\Program Files\Style Studio 3\unins000.exe"
The Lost Watch 3D Screensaver 1.0-->"C:\Program Files\The Lost Watch 3D Screensaver\unins000.exe"
The One Ring 3D Screensaver 1.0-->"C:\Program Files\The One Ring 3D Screensaver\unins000.exe"
TomTom HOME-->D:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
Tropical Fish 3D Screensaver 1.0-->"C:\Program Files\Tropical Fish 3D Screensaver\unins000.exe"
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Tweak-XP Pro 4-->C:\WINDOWS\iun6002.exe "C:\Program Files\Tweak-XP Pro 4\irunin.ini"
Uninstall trueSpace7.6-->"d:\trueSpace76\unins001.exe"
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Valentine 3D Screensaver 1.0-->"C:\Program Files\Valentine 3D Screensaver\unins000.exe"
Valve Hammer Editor-->D:\PROGRA~1\VALVEH~1\UNWISE.EXE D:\PROGRA~1\VALVEH~1\INSTALL.LOG
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
VIA Platform Device Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Virtual DJ Studio 4.0-->"D:\Program Files\Virtual DJ Studio\unins000.exe"
Virtual Sound Canvas DXi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{745877DC-8FFE-4E4C-ABBC-589B887A47D1}\setup.exe" UNINSTALL_XXX
Visual Terrain Maker-->"C:\Program Files\Visual Terrain Maker\Uninstall.exe" "C:\Program Files\Visual Terrain Maker\install.log"
Vivaty Studio 1.0 Beta-->MsiExec.exe /X{6ECDE046-DB0D-4501-8FD7-1A32DBF29A07}
Vizx3d 1.2-->MsiExec.exe /I{B4649631-6C5A-438A-A634-0747580EBEA3}
Voyage of Columbus 3D Screensaver 1.0-->"C:\Program Files\Voyage of Columbus 3D Screensaver\unins000.exe"
Watermill 3D Screensaver 2.0-->"C:\Program Files\Watermill 3D Screensaver\unins000.exe"
Win IP Config 2.7-->C:\Program Files\peko Software\Win IP Config\uninst.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinAVI Video Converter-->"D:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8 Beta 2-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sign-in Assistant-->MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WordWeb Pro-->C:\Program Files\WordWeb\uninst.exe
Wrestling MPire 2008 (Career Edition) Trial-->D:\Program Files\MDickie\Wrestling MPire 2008 (Career Edition) Trial\Uninstal.exe
Xara X1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD0BE4EF-6BF6-466C-9CDE-C50E45D6317B}\setup.exe" -l0x9
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Messenger-->C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Ziekerdanziek's Avatar Plug-in 3.0-->"C:\Program Files\Canal Numedia\bat\uninst.exe"
Zortam Mp3 Media Studio 8.60-->"D:\Program Files\Zortam Mp3 Media Studio\unins000.exe"
======Hosts File======
80.190.201.251 www.blaxxun.com
80.190.201.251 ww2.blaxxun.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
======Security center information======
AV: AVG Anti-Virus Free (disabled)
FW: COMODO Firewall
System event log
Computer Name: DANNY
Event Code: 1001
Message: Windows Defender scan has finished.
Scan ID: {56C56CBF-D34A-4BB8-B328-F3C452C1BEB1}
Scan Type: AntiSpyware
Scan Parameters: Quick Scan
User: NT AUTHORITY\NETWORK SERVICE
Scan Time: 0:24:53
Record Number: 16769
Source Name: WinDefend
Time Written: 20081016015715.000000-240
Event Type: information
User:
Computer Name: DANNY
Event Code: 1000
Message: Windows Defender scan has started.
Scan ID: {56C56CBF-D34A-4BB8-B328-F3C452C1BEB1}
Scan Type: AntiSpyware
Scan Parameters: Quick Scan
User: NT AUTHORITY\NETWORK SERVICE
Record Number: 16768
Source Name: WinDefend
Time Written: 20081016013222.000000-240
Event Type: information
User:
Computer Name: DANNY
Event Code: 7036
Message: The Terminal Services service entered the running state.
Record Number: 16767
Source Name: Service Control Manager
Time Written: 20081016011202.000000-240
Event Type: information
User:
Computer Name: DANNY
Event Code: 7035
Message: The Terminal Services service was successfully sent a start control.
Record Number: 16766
Source Name: Service Control Manager
Time Written: 20081016011201.000000-240
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DANNY
Event Code: 7036
Message: The Application Layer Gateway Service service entered the running state.
Record Number: 16765
Source Name: Service Control Manager
Time Written: 20081016011156.000000-240
Event Type: information
User:
Application event log
Computer Name: DANNY
Event Code: 1000
Message: Faulting application incmail.exe, version 5.2.5.2567, faulting module unknown, version 0.0.0.0, fault address 0x00924d97.
Record Number: 1419
Source Name: Application Error
Time Written: 20080804173857.000000-240
Event Type: error
User:
Computer Name: DANNY
Event Code: 1000
Message: Faulting application psp.exe, version 7.0.0.0, faulting module psp.exe, version 7.0.0.0, fault address 0x001d2e91.
Record Number: 1418
Source Name: Application Error
Time Written: 20080802155652.000000-240
Event Type: error
User:
Computer Name: DANNY
Event Code: 1000
Message: Faulting application psp.exe, version 7.0.0.0, faulting module psp.exe, version 7.0.0.0, fault address 0x001d2e91.
Record Number: 1417
Source Name: Application Error
Time Written: 20080802155628.000000-240
Event Type: error
User:
Computer Name: DANNY
Event Code: 1000
Message: Faulting application psp.exe, version 7.0.0.0, faulting module psp.exe, version 7.0.0.0, fault address 0x001d2e91.
Record Number: 1416
Source Name: Application Error
Time Written: 20080802155423.000000-240
Event Type: error
User:
Computer Name: DANNY
Event Code: 1000
Message: Faulting application psp.exe, version 7.0.0.0, faulting module psp.exe, version 7.0.0.0, fault address 0x001d2e91.
Record Number: 1415
Source Name: Application Error
Time Written: 20080802155345.000000-240
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\PHP\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0800
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"PHPRC"=C:\PHP\
"VLIGHT_ROOT"=d:\trueSpace76\tS\VirtuaLight
-----------------EOF-----------------
shelf life
2009-01-10, 00:03
hi,
ok;
start HJT, click the "Scan" button. check the items below, close any open windows, then click "Fixed checked"
O15 - Trusted Zone: http://www.angelfire.com
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O15 - Trusted Zone: cyber.cybertown.com
O15 - Trusted Zone: ivnwww.cybertown.com
O15 - Trusted Zone: http://www.cybertown.com
O15 - Trusted Zone: http://www.gamescolony.org
O15 - Trusted Zone: http://www.myfreepaysite.com
O15 - Trusted Zone: http://www.myvrtown.com
O15 - Trusted Zone: http://www.oddesseyevolution.net
O15 - Trusted Zone: http://*.tech-ct.com
O15 - Trusted Zone: http://www.youtube.com
O15 - Trusted Zone: http://www.zoneedit.com
Is Malwarebytes coming up clean after a scan?
DannyKing
2009-01-10, 03:34
Here is my new hjt log
And yes malware came up clean.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:28:18 PM, on 1/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\WINDOWS\system32\lxdncoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\FreePOPs\freepopsd.exe
C:\Program Files\MemTurbo\MemTurbo.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\logon.scr
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cybertown.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: _URLHandler - {23A6F4C1-32EA-40AF-B42B-E0A99E2A74A6} - D:\PROGRA~1\Romeo\ROMEOS~1.DLL
O1 - Hosts: 80.190.201.251 www.blaxxun.com
O1 - Hosts: 80.190.201.251 ww2.blaxxun.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: VizController Class - {0F9CECE1-0306-4BB0-8BEF-C9EA3841E38A} - D:\Program Files\Vyooh\DiskView\VizBHO.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: FCBHOBHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\FCBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: DiskView - {6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - D:\Program Files\Vyooh\DiskView\VizBar.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe"
O4 - HKLM\..\Run: [lxdnamon] "C:\Program Files\Lexmark 2600 Series\lxdnamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\ADOBE\SHOCKW~1\SWHELP~2.EXE -Update -1100458 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.1; .NET CLR 3.0.04506.648; InfoPath.2)
O4 - HKUS\S-1-5-18\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: freepopsd.exe.lnk = C:\Program Files\FreePOPs\freepopsd.exe
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo\MemTurbo.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Append to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save F&lash with FlashCapture - res://C:\Program Files\FlashCapture\FCIEXT.dll/FCIEXT.htm
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\FCIEXT.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {03A99563-4F42-4DCF-A069-C728A71164A3} - http://apps.vivaty.com/downloads/player/install.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,avgrsstx.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program,Files\RelevantKnowledge\rlai.dll,C:\Program Files\RelevantKnowledge\rlai.dll,
O20 - Winlogon Notify: hgGabcYP - hgGabcYP.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\WINDOWS\system32\lxdncoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
--
End of file - 16199 bytes
shelf life
2009-01-10, 15:10
hi,
ok thanks for the info. these items in your host file;
O1 - Hosts: 80.190.201.251 www.blaxxun.com
O1 - Hosts: 80.190.201.251 ww2.blaxxun.com
do you recognize the website?
this app:
C:\Program Files\MemTurbo
if this is some type of memory management booster/optimizer etc, its not needed. windows can manage memory on its own.
see these links:
http://www.bitsum.com/winmemboost.asp
http://windowsitpro.com/article/articleid/41095/the-memory-optimization-hoax.html
DannyKing
2009-01-10, 20:38
Yes I recognize those two sites. I am into 3D web chat sites and 3D VRML modeling and those are the sites to allow chat in a 3D chat site.
And yes that IS a memory management program. I did not know that they didn't help. It always seemed to help me.
So I should remove the memory management program and do another scan?
At least I can get onto the net now on my old puter.
Danny
shelf life
2009-01-11, 01:15
hi,
ok good . Thanks for the info. looks good to me.
So I should remove the memory management program
thats up to you.
Is spy bot coming up clean now?
DannyKing
2009-01-11, 11:17
Spybot came up clean except for 3 tracking cookies which I had deleted.
Thank you so very very very much for al your help and patience.
Danny
DannyKing
2009-01-11, 11:24
One thing though... my system is running very very slow now... any idea why? And yes I know it may be a mixture of things or it may be something that you cannot determine at this time... I still want to thank you for all that you have done.
Danny
shelf life
2009-01-11, 16:10
hi,
your welcome. i see you have spyware terminator, windows defender, spyware guard, Spybot-S&D IE Protection.
These can be processes that run in the background. Real time protection processes. Often they can overlap in what they do. Having two or more of these running at the same time can be a drag on system resources. this dosnt include your anti-virus which should be running in the background. Check icons by the system clock and see if you have 2 or more real time protection processes running.
DannyKing
2009-01-11, 19:26
I have spyware terminator and windows defender both running.
shelf life
2009-01-12, 02:58
hi,
try disabling one of them.
heres how to disable windows defender:
* Click Start > Programs > Windows Defender or launch from the system tray icon.
* Click on Tools & Settings > Options.
* Under Real-time protection options, uncheck the "Real-time protection" check box.
* Click Save.
* Go to Start > Control Panel > Security > Windows Defender, at the bottom of the Window Defenders page uncheck under Administrator Options "use Windows Defender" and then Save.
* (When we are done, you can re-enable Defender using the same steps but this time place a check next to "Turn on real-time protection" check box.)
or you can disable spyware term., not sure how. you can visit there website if its not apparent in the software.
DannyKing
2009-01-12, 05:19
hi,
try disabling one of them.
heres how to disable windows defender:
* Click Start > Programs > Windows Defender or launch from the system tray icon.
* Click on Tools & Settings > Options.
* Under Real-time protection options, uncheck the "Real-time protection" check box.
* Click Save.
* Go to Start > Control Panel > Security > Windows Defender, at the bottom of the Window Defenders page uncheck under Administrator Options "use Windows Defender" and then Save.
* (When we are done, you can re-enable Defender using the same steps but this time place a check next to "Turn on real-time protection" check box.)
or you can disable spyware term., not sure how. you can visit there website if its not apparent in the software.
I did not see Windows Defender under Control Panel, Security... but I did disable it and I disabled Spyware term and enabled the AVG real time protector.
Do I need to run another scan now or what do we do now?
Danny
shelf life
2009-01-13, 02:57
hi,
We did this so you could see if it helps your computers performance.
Are you having any of the signs of malware like pop ups or page redirects?
DannyKing
2009-01-14, 13:28
No, nothing like that at the moment. :)
Danny
shelf life
2009-01-15, 03:30
hi,
if you see a bunch of icons by the system clock all these things are running in the background. For most software thats not needed. You do want your AV running and firewall if you use one. For others: click the icon and look for setting/preferences/options to have the software not start when windows does.
DannyKing
2009-01-15, 05:40
OK... done
shelf life
2009-01-17, 16:04
hi,
ok good. you can help control what starts up at boot time with msconfig.
http://www.netsquirrel.com/msconfig/
Malwarebytes is a good malware removing app to have. They have a free version that must be updated manually. Paid version has auto updates and that real time protection we where talking about. You only need 2 or 3 anti-malware on your computer.
http://www.malwarebytes.org/
check your java version:
Vulnerabilities in versions of Sun Java may be responsible for some malware installs via your browser.
It is important to keep Sun Java up to date and also to remove older versions.
* 1. Uninstall old versions of Sun Java via Add/Remove Programs.
* 2. Click the Remove or Change/Remove button
* 3. Reboot your PC if prompted.
to check if you have the latest version of Java and to download the latest version:
http://www.java.com/en/download/help/testvm.xml?ff3
some info for you:
Reducing Your Risk To Malware:
The Short Version:
1) Keep your OS (http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us),(Windows) browser (IE, FireFox) and other Software (http://secunia.com/vulnerability_scanning/online/) up to date to "patch" vulnerabilities. Always install Service Packs.
2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons.You may be installing more than you think.
3) Install and keep them all updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless.
4) Refrain from clicking on links or attachments you receive via E-Mail, IM, Chat Rooms or Social Sites, no matter how tempting or legitimate the message.
5) Don't click on ads/pop ups or offers from websites requesting that you need to install software to your computer.
6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website?
7) Set up and use limited accounts for everyday use, rather than administrator accounts. Limited accounts (http://www.microsoft.com/protect/computer/advanced/useraccount.mspx) can help prevent *malware from installing.*
8) Install and know the limitations of a software firewall.
9) Consider using an alternate browser and E-mail client. Internet Explorer and OutLook Express are popular targets for malicious code because they are widely used. See also: Hardening or Securing Internet Explorer. (http://www.microsoft.com/downloads/details.aspx?FamilyID=6AA4C1DA-6021-468E-A8CF-AF4AFE4C84B2&displaylang=en)
10) If your habits include: warez, cracks etc or you install files via p2p networks then you are much more likely to encounter malicious code. Do you trust the source? Do you really need another malware source?
A longer version in link below.
Happy Safe Surfing.
DannyKing
2009-01-19, 13:23
Thank you so very much for helping me and for all of the great solutions and suggestions.
I hope I never have to come back here for help but it is a great comfort knowing there are people like you here to help us.
Again, thank you
Danny