1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive pc not letting me run kasperky anivirus or adaware

Discussion in 'Malware and Virus Removal Archive' started by shardtard, 2008/10/21.

Thread Status:
Not open for further replies.
  1. 2008/10/21
    shardtard

    shardtard Inactive Thread Starter

    Joined:
    2008/04/30
    Messages:
    10
    Likes Received:
    0
    [Inactive]pc not letting me run kasperky anivirus or adaware

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Buddha at 2008-10-21 12:58:24
    Microsoft Windows XP Professional Service Pack 3
    System drive E: has 60 GB (42%) free of 144 GB
    Total RAM: 2046 MB (74% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:58:32 PM, on 10/21/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\Ati2evxx.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\system32\Ati2evxx.exe
    E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    E:\WINDOWS\system32\spoolsv.exe
    E:\WINDOWS\Explorer.EXE
    E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    E:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
    E:\WINDOWS\system32\Rundll32.exe
    E:\WINDOWS\System32\DLA\DLACTRLW.EXE
    E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    E:\Program Files\PowerISO\PWRISOVM.EXE
    E:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEA.EXE
    E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    E:\WINDOWS\system32\PnkBstrA.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
    E:\WINDOWS\system32\msiexec.exe
    E:\Program Files\Mozilla Firefox\firefox.exe
    E:\download\RSIT.exe
    E:\Program Files\trend micro\Buddha.exe

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - E:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [StartCCC] E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [CTSysVol] E:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
    O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe "
    O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
    O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe "
    O4 - HKLM\..\Run: [DLA] E:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [PWRISOVM.EXE] E:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
    O4 - HKLM\..\Run: [brastk] brastk.exe
    O4 - HKCU\..\Run: [EPSON Stylus CX8400 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEA.EXE /FU "E:\WINDOWS\TEMP\E_S85.tmp" /EF "HKCU "
    O4 - HKCU\..\Run: [brastk] E:\WINDOWS\system32\brastk.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
    O20 - AppInit_DLLs: karna.dat
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
    O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 4444 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - Ask Toolbar - E:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-08-20 262144]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC "=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
    "CTSysVol "=E:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe [2005-10-31 57344]
    "P17Helper "=Rundll32 P17.dll []
    "UpdReg "=E:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
    "AVP "=E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-12-18 227856]
    "CTXFIREG "=CTxfiReg.exe []
    "WinampAgent "=E:\Program Files\Winamp\winampa.exe []
    "DLA "=E:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-28 122940]
    "ISUSPM Startup "=E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
    "ISUSScheduler "=E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
    "PWRISOVM.EXE "=E:\Program Files\PowerISO\PWRISOVM.EXE [2008-03-14 233472]
    "SunJavaUpdateSched "=E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "brastk "=E:\WINDOWS\system32\brastk.exe [2008-10-20 10240]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "EPSON Stylus CX8400 Series "=E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEA.EXE [2007-02-15 179200]
    "brastk "=E:\WINDOWS\system32\brastk.exe [2008-10-20 10240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
    E:\Program Files\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lphcg61j0epbp]
    E:\WINDOWS\system32\lphcg61j0epbp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMrhcl61j0epbp]
    E:\Program Files\rhcl61j0epbp\rhcl61j0epbp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    E:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2005-09-23 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Sonic CinePlayer Quick Launch.lnk]
    E:\PROGRA~1\COMMON~1\SONICS~1\CineTray.exe [2005-10-15 114688]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS "= "karna.dat "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    E:\WINDOWS\system32\Ati2evxx.dll [2007-09-29 122880]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    E:\WINDOWS\system32\klogon.dll [2007-12-18 219664]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-04-19 52224]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders "=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\clbdriver.sys]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "NoDispScrSavPage "=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun "=145
    "NoSMMyDocs "=01000000
    "NoSMMyPictures "=01000000

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "E:\Program Files\uTorrent\uTorrent.exe "= "E:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "
    "E:\Program Files\Sierra\FEAR\FEAR.exe "= "E:\Program Files\Sierra\FEAR\FEAR.exe:*:Enabled:FEAR "
    "E:\Program Files\Sierra\FEAR\FEARMP.exe "= "E:\Program Files\Sierra\FEAR\FEARMP.exe:*:Enabled:FEAR "
    "E:\Program Files\Sierra\FEAR\FEARXP\FEARXP.exe "= "E:\Program Files\Sierra\FEAR\FEARXP\FEARXP.exe:*:Enabled:FEARXP "
    "E:\Program Files\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe "= "E:\Program Files\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe:*:Enabled:FEARXP2 "
    "E:\WINDOWS\system32\PnkBstrA.exe "= "E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:pnkBstrA "
    "E:\WINDOWS\system32\PnkBstrB.exe "= "E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:pnkBstrB "
    "E:\Program Files\Steam\SteamApps\shardtard\team fortress 2\hl2.exe "= "E:\Program Files\Steam\SteamApps\shardtard\team fortress 2\hl2.exe:*:Enabled:hl2 "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2ee8b48-314e-11dd-bae7-001cf0917a20}]
    shell\Auto\command - H:\setup.exe
    shell\AutoRun\command - E:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe


    ======File associations======

    .reg - open - regedit.exe "%1" %*
    .scr - open - "%1" %*

    ======List of files/folders created in the last 3 months======

    2008-10-21 12:58:25 ----D---- E:\Program Files\trend micro
    2008-10-21 12:58:24 ----D---- E:\rsit
    2008-10-21 12:57:23 ----D---- E:\Program Files\Sun
    2008-10-21 12:57:12 ----A---- E:\WINDOWS\system32\javaws.exe
    2008-10-21 12:57:12 ----A---- E:\WINDOWS\system32\javaw.exe
    2008-10-21 12:57:12 ----A---- E:\WINDOWS\system32\java.exe
    2008-10-21 12:56:23 ----D---- E:\Program Files\Spybot - Search & Destroy
    2008-10-21 12:56:23 ----D---- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-20 07:38:23 ----D---- E:\WINDOWS\LastGood
    2008-10-19 16:33:58 ----A---- E:\WINDOWS\system32\wini10251.exe
    2008-10-19 16:33:29 ----A---- E:\WINDOWS\brastk.exe
    2008-10-19 16:32:20 ----A---- E:\WINDOWS\system32\brastk.exe
    2008-10-11 05:26:13 ----D---- E:\Documents and Settings\Buddha\Application Data\Media Player Classic
    2008-10-11 05:25:35 ----A---- E:\WINDOWS\system32\rmoc3260.dll
    2008-10-11 05:25:35 ----A---- E:\WINDOWS\system32\pndx5032.dll
    2008-10-11 05:25:35 ----A---- E:\WINDOWS\system32\pndx5016.dll
    2008-10-11 05:25:34 ----D---- E:\Program Files\Real Alternative
    2008-10-11 05:25:34 ----D---- E:\Documents and Settings\All Users\Application Data\Real
    2008-10-01 04:21:21 ----D---- E:\Documents and Settings\Buddha\Application Data\dvdcss
    2008-10-01 03:32:24 ----A---- E:\WINDOWS\iun506.exe
    2008-10-01 03:32:12 ----D---- E:\Program Files\Chess3D
    2008-09-23 19:13:18 ----D---- E:\Program Files\SelectRebates
    2008-08-20 06:19:05 ----D---- E:\Documents and Settings\All Users\Application Data\Azureus
    2008-08-20 06:19:00 ----D---- E:\Documents and Settings\Buddha\Application Data\Azureus
    2008-08-20 06:18:57 ----D---- E:\Program Files\AskSBar
    2008-08-20 06:18:26 ----D---- E:\Program Files\Vuze
    2008-08-15 17:34:42 ----D---- E:\Documents and Settings\Buddha\Application Data\Malwarebytes
    2008-08-15 17:34:39 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
    2008-08-15 17:34:39 ----D---- E:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-08-14 03:06:24 ----HDC---- E:\WINDOWS\$NtUninstallKB952954$
    2008-08-14 03:06:20 ----HDC---- E:\WINDOWS\$NtUninstallKB946648$
    2008-08-14 03:06:16 ----HDC---- E:\WINDOWS\$NtUninstallKB953839$
    2008-08-14 03:06:11 ----HDC---- E:\WINDOWS\$NtUninstallKB950974$
    2008-08-14 03:05:03 ----HDC---- E:\WINDOWS\$NtUninstallKB951072-v2$
    2008-08-14 03:04:56 ----HDC---- E:\WINDOWS\$NtUninstallKB952287$
    2008-08-14 03:04:52 ----HDC---- E:\WINDOWS\$NtUninstallKB951066$
    2008-08-14 03:04:17 ----HDC---- E:\WINDOWS\$NtUninstallKB953838$
    2008-08-10 07:44:26 ----D---- E:\Documents and Settings\All Users\Application Data\EPSON
    2008-08-10 07:42:35 ----D---- E:\Program Files\EPSON
    2008-08-10 07:05:18 ----SHD---- E:\Config.Msi
    2008-08-09 04:33:03 ----N---- E:\WINDOWS\system32\pxinsi64.exe
    2008-08-09 04:33:03 ----N---- E:\WINDOWS\system32\pxcpyi64.exe
    2008-07-25 04:34:54 ----A---- E:\WINDOWS\system32\dpl100.dll
    2008-07-25 04:34:52 ----A---- E:\WINDOWS\system32\dtu100.dll
    2008-07-25 04:34:50 ----A---- E:\WINDOWS\system32\dpuGUI10.dll
    2008-07-25 04:34:46 ----A---- E:\WINDOWS\system32\dpv11.dll
    2008-07-25 04:34:46 ----A---- E:\WINDOWS\system32\dpus11.dll
    2008-07-25 04:34:46 ----A---- E:\WINDOWS\system32\dpuGUI11.dll
    2008-07-25 04:34:46 ----A---- E:\WINDOWS\system32\dpu11.dll
    2008-07-25 04:34:46 ----A---- E:\WINDOWS\system32\dpu10.dll
    2008-07-25 04:34:42 ----A---- E:\WINDOWS\system32\divx_xx07.dll
    2008-07-25 04:34:40 ----A---- E:\WINDOWS\system32\divx_xx11.dll
    2008-07-25 04:34:40 ----A---- E:\WINDOWS\system32\divx_xx0c.dll
    2008-07-25 04:34:40 ----A---- E:\WINDOWS\system32\divx_xx0a.dll
    2008-07-25 04:34:36 ----A---- E:\WINDOWS\system32\DivX.dll
    2008-07-25 04:34:30 ----A---- E:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-07-23 12:48:40 ----A---- E:\WINDOWS\system32\ssldivx.dll
    2008-07-23 12:48:40 ----A---- E:\WINDOWS\system32\libdivx.dll
    2008-07-23 12:47:34 ----A---- E:\WINDOWS\system32\dtu100.dll.manifest
    2008-07-23 12:47:34 ----A---- E:\WINDOWS\system32\dpl100.dll.manifest
    2008-07-23 12:46:38 ----A---- E:\WINDOWS\system32\DivXWMPExtType.dll

    ======List of files/folders modified in the last 3 months======

    2008-10-21 12:58:29 ----D---- E:\WINDOWS\Prefetch
    2008-10-21 12:58:25 ----RD---- E:\Program Files
    2008-10-21 12:57:54 ----D---- E:\download
    2008-10-21 12:57:24 ----SHD---- E:\WINDOWS\Installer
    2008-10-21 12:57:12 ----D---- E:\WINDOWS\system32
    2008-10-21 12:57:11 ----D---- E:\Program Files\Java
    2008-10-21 12:56:06 ----D---- E:\Program Files\Mozilla Firefox
    2008-10-21 12:52:11 ----D---- E:\WINDOWS\system32\drivers
    2008-10-20 07:39:01 ----HD---- E:\WINDOWS\inf
    2008-10-20 07:38:55 ----D---- E:\torrent
    2008-10-20 07:38:23 ----D---- E:\WINDOWS\Temp
    2008-10-20 07:38:23 ----D---- E:\WINDOWS
    2008-10-20 07:38:19 ----D---- E:\WINDOWS\system32\CatRoot2
    2008-10-20 07:36:24 ----A---- E:\WINDOWS\SchedLgU.Txt
    2008-10-20 07:09:27 ----D---- E:\Documents and Settings\Buddha\Application Data\uTorrent
    2008-10-19 16:33:30 ----RSHDC---- E:\WINDOWS\system32\dllcache
    2008-10-19 16:12:28 ----D---- E:\Program Files\Steam
    2008-10-19 16:10:28 ----D---- E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-10-18 06:32:47 ----D---- E:\Program Files\DivX
    2008-10-13 22:54:16 ----D---- E:\Warcraft III
    2008-10-11 05:26:34 ----D---- E:\Documents and Settings\Buddha\Application Data\Real
    2008-10-11 05:25:27 ----D---- E:\Program Files\Common Files\Real
    2008-10-11 05:25:23 ----D---- E:\Program Files\Common Files
    2008-09-06 14:48:54 ----D---- E:\Documents and Settings\Buddha\Application Data\Winamp
    2008-09-06 08:33:42 ----D---- E:\Program Files\Winamp
    2008-09-02 02:14:39 ----D---- E:\Documents and Settings\Buddha\Application Data\Mozilla
    2008-08-27 04:10:47 ----D---- E:\Program Files\DC++
    2008-08-15 17:26:10 ----A---- E:\WINDOWS\win.ini
    2008-08-15 17:26:10 ----A---- E:\WINDOWS\system.ini
    2008-08-15 13:23:55 ----SHD---- E:\System Volume Information
    2008-08-15 13:23:55 ----D---- E:\WINDOWS\system32\Restore
    2008-08-14 03:06:22 ----A---- E:\WINDOWS\imsins.BAK
    2008-08-14 03:06:21 ----D---- E:\Program Files\Messenger
    2008-08-14 03:06:19 ----HD---- E:\WINDOWS\$hf_mig$
    2008-08-13 13:55:47 ----D---- E:\Documents and Settings\Buddha\Application Data\DivX
    2008-08-10 07:06:16 ----D---- E:\Documents and Settings\Buddha\Application Data\Vso
    2008-08-05 14:11:01 ----A---- E:\WINDOWS\system32\MRT.exe
    2008-07-25 04:36:00 ----A---- E:\WINDOWS\system32\DivXsm.exe
    2008-07-23 12:50:52 ----A---- E:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 12:50:50 ----N---- E:\WINDOWS\system32\pxmas.dll
    2008-07-23 12:50:48 ----N---- E:\WINDOWS\system32\pxwave.dll
    2008-07-23 12:50:48 ----N---- E:\WINDOWS\system32\pxsfs.dll
    2008-07-23 12:50:48 ----N---- E:\WINDOWS\system32\pxhpinst.exe
    2008-07-23 12:50:48 ----N---- E:\WINDOWS\system32\pxdrv.dll
    2008-07-23 12:50:46 ----N---- E:\WINDOWS\system32\vxblock.dll
    2008-07-23 12:50:46 ----N---- E:\WINDOWS\system32\pxinsa64.exe
    2008-07-23 12:50:46 ----N---- E:\WINDOWS\system32\pxcpya64.exe
    2008-07-23 12:50:46 ----N---- E:\WINDOWS\system32\pxafs.dll
    2008-07-23 12:50:46 ----N---- E:\WINDOWS\system32\px.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdPPM;AMD HwPState Processor Driver; E:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
    R1 DLACDBHM;DLACDBHM; E:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-07-07 5628]
    R1 DLARTL_N;DLARTL_N; E:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-07-07 22684]
    R1 klif;Klif; \??\E:\WINDOWS\system32\drivers\klif.sys []
    R1 SCDEmu;SCDEmu; E:\WINDOWS\system32\drivers\SCDEmu.sys [2008-03-14 46652]
    R2 DLABOIOM;DLABOIOM; E:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-28 25628]
    R2 DLADResN;DLADResN; E:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-28 2496]
    R2 DLAIFS_M;DLAIFS_M; E:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-28 86524]
    R2 DLAOPIOM;DLAOPIOM; E:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-28 14684]
    R2 DLAPoolM;DLAPoolM; E:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-28 6364]
    R2 DLAUDF_M;DLAUDF_M; E:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-28 87004]
    R2 DLAUDFAM;DLAUDFAM; E:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-28 92700]
    R2 DRVNDDM;DRVNDDM; E:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-07-07 40544]
    R2 MaVctrl;MaVctrl; E:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2007-01-16 11986]
    R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-09-29 2456064]
    R3 AtiHdmiService;ATI Function Driver for HDMI Service; E:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
    R3 ctsfm2k;Creative SoundFont Management Device Driver; E:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
    R3 FETNDISB;D-Link PCI Fast Ethernet Adapter Driver Service; E:\WINDOWS\system32\DRIVERS\dlkfet5b.sys [2007-05-16 43008]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 hidusb;Microsoft HID Class Driver; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter; E:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
    R3 mouhid;Mouse HID Driver; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
    R3 ossrv;Creative OS Services Driver; E:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
    R3 P17;SB Live! 24-bit; E:\WINDOWS\system32\drivers\P17.sys [2007-06-15 1127936]
    R3 pcouffin;VSO Software pcouffin; E:\WINDOWS\System32\Drivers\pcouffin.sys [2008-05-25 47360]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S3 btaudio;Bluetooth Audio Device; E:\WINDOWS\system32\drivers\btaudio.sys []
    S3 BTDriver;Bluetooth Virtual Communications Driver; E:\WINDOWS\system32\DRIVERS\btport.sys []
    S3 BTWDNDIS;Bluetooth LAN Access Server; E:\WINDOWS\system32\DRIVERS\btwdndis.sys []
    S3 btwhid;btwhid; E:\WINDOWS\system32\DRIVERS\btwhid.sys []
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; E:\WINDOWS\System32\Drivers\btwusb.sys []
    S3 mamotou;mamotou; E:\WINDOWS\system32\DRIVERS\mamotou.sys [2007-02-02 49377]
    S3 motccgp;Motorola USB Composite Device Driver; E:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-11-02 18176]
    S3 motccgpfl;MotCcgpFlService; E:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-22 7680]
    S3 MotDev;Motorola Inc. USB Device; E:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 42112]
    S3 motmodem;Motorola USB CDC ACM Driver; E:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
    S3 usbaudio;USB Audio Driver (WDM); E:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Microsoft USB Generic Parent Driver; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Microsoft USB PRINTER Class; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 USBSTOR;USB Mass Storage Driver; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 Wdf01000;Wdf01000; E:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
    S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-04-19 40704]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]
    S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-06-05 611664]
    R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2007-09-29 483328]
    R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2008-06-25 66872]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2007-06-13 520192]
    S2 AVP;Kaspersky Anti-Virus 7.0; E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-12-18 227856]
    S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-04-19 823808]

    -----------------EOF-----------------


    info.txt logfile of random's system information tool 1.04 2008-10-21 12:58:34

    ======Uninstall list======

    --> "E:\Program Files\Creative\SBAudigy\Program\SETUP.EXE" /S /U /W
    -->E:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->E:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    -->E:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    -->E:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    -->E:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9 /remove
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9
    -->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 E:\WINDOWS\INF\PCHealth.inf
    3D Windows XP Screen Saver-->rundll32.exe setupapi.dll,InstallHinfSection UninstallInstall 132 E:\WINDOWS\system32\3D Windows XP.inf
    530TX+-->E:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C71A1FD7-EB23-45AA-A9AA-8DFEC0881875}
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe Flash Player ActiveX-->E:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Reader 7.0.8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
    Ask Toolbar-->rundll32 E:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
    ATI - Software Uninstall Utility-->E:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
    ATI Display Driver-->rundll32 E:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    ATI HYDRAVISION-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe"
    ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
    ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
    AVIVO Codecs-->MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}
    CDex extraction audio--> "E:\Program Files\CDex_150\uninstall.exe "
    Chess3D 2.8-->E:\WINDOWS\iun506.exe E:\Program Files\Chess3D\irunin.ini
    City Life--> "E:\Program Files\Steam\steam.exe" steam://uninstall/4400
    ConvertXtoDVD 2.2.3.258--> "E:\Program Files\VSO\ConvertXtoDVD\unins000.exe "
    Creative EAX Console-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9 /remove
    Creative EAX Settings-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 /remove
    Creative Software AutoUpdate-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove
    Creative Speaker Settings-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove
    Creative System Information-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
    DC++ 0.707--> "E:\Program Files\DC++\uninstall.exe "
    Device Control-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove
    DivX Codec-->E:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->E:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->E:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->E:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    D-Link PCI Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $D-Link
    EPSON Printer Software-->E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
    FEAR Extraction Point-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}\setup.exe" -l0x9 -removeonly
    FEAR Perseus Mandate-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{8D0BB1D1-E9FB-49E9-A9C1-09C00F38DA0C}\setup.exe" -l0x9 -removeonly
    FEAR-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x9 /zU -removeonly
    GTK+ Runtime 2.12.8 rev a (remove only)-->E:\Program Files\Common Files\GTK\2.0\uninst.exe
    Half-Life 2: Episode One--> "E:\Program Files\Steam\steam.exe" steam://uninstall/380
    Half-Life 2: Episode Two--> "E:\Program Files\Steam\steam.exe" steam://uninstall/420
    Half-Life 2--> "E:\Program Files\Steam\steam.exe" steam://uninstall/220
    HijackThis 2.0.2--> "E:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Windows XP (KB952287)--> "E:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
    Iceows V4.20b-->E:\Program Files\ICEOWS\Setup.exe /uninstall
    Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
    Kaspersky Anti-Virus 7.0-->MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
    Malwarebytes' Anti-Malware--> "E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
    Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "E:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5--> "E:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe "
    Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)--> "E:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Motorola Driver Installation 3.5.0-->MsiExec.exe /I{D2BD3C8F-9D7F-472B-BDF9-7309A5CB813A}
    Motorola Software Update-->MsiExec.exe /I{D523D985-7E7D-4A06-BEB6-3F49131A118C}
    Mozilla Firefox (3.0.3)-->E:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    Oblivion-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9 -removeonly
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
    Pidgin-->E:\Program Files\Pidgin\pidgin-uninst.exe
    Portal--> "E:\Program Files\Steam\steam.exe" steam://uninstall/400
    PowerISO--> "E:\Program Files\PowerISO\uninstall.exe "
    PunkBuster Services-->E:\WINDOWS\system32\pbsvc.exe -u
    Real Alternative 1.9.0--> "E:\Program Files\Real Alternative\unins000.exe "
    Roxio Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    Roxio CinePlayer-->MsiExec.exe /I{26792CA7-D87A-4DBE-896B-C2F66B344511}
    Roxio Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
    Roxio Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
    Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Roxio MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    Security Update for Microsoft .NET Framework 2.0 (KB928365)-->E:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
    Security Update for Windows XP (KB923689)--> "E:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB923789)-->E:\WINDOWS\system32\MacroMed\Flash\genuinst.exe E:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Security Update for Windows XP (KB941569)--> "E:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB946648)--> "E:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB950759)--> "E:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB950760)--> "E:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB950762)--> "E:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB950974)--> "E:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951066)--> "E:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951376)--> "E:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951376-v2)--> "E:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951698)--> "E:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951748)--> "E:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB952954)--> "E:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB953838)--> "E:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB953839)--> "E:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
    Sound Blaster Audigy-->RunDll32 E:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "E:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x9 /remove
    Spybot - Search & Destroy--> "E:\Program Files\Spybot - Search & Destroy\unins000.exe "
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Team Fortress 2--> "E:\Program Files\Steam\steam.exe" steam://uninstall/440
    Tweak UI--> "E:\WINDOWS\system32\mshta.exe" "res://E:\WINDOWS\system32\TweakUI.exe/uninstall.hta "
    Update for Windows XP (KB898461)--> "E:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
    Update for Windows XP (KB942763)--> "E:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe "
    Update for Windows XP (KB951072-v2)--> "E:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
    Update for Windows XP (KB951978)--> "E:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
    URGE for Windows Media Player-->MsiExec.exe /X{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AD}
    VideoLAN VLC media player 0.8.6h-->E:\Program Files\VideoLAN\VLC\uninstall.exe
    Winamp--> "E:\Program Files\Winamp\UninstWA.exe "
    Windows Media Format 11 runtime--> "E:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime--> "E:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
    Windows Media Player 11--> "E:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11--> "E:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
    Windows XP Service Pack 3--> "E:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "

    ======Security center information======

    AV: Kaspersky Anti-Virus

    ======Environment variables======

    "ComSpec "=%SystemRoot%\system32\cmd.exe
    "Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;E:\Program Files\ATI Technologies\ATI.ACE\Core-Static
    "windir "=%SystemRoot%
    "FP_NO_HOST_CHECK "=NO
    "OS "=Windows_NT
    "PROCESSOR_ARCHITECTURE "=x86
    "PROCESSOR_LEVEL "=15
    "PROCESSOR_IDENTIFIER "=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION "=4f02
    "NUMBER_OF_PROCESSORS "=1
    "PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP "=%SystemRoot%\TEMP
    "TMP "=%SystemRoot%\TEMP
    "SonicCentral "=E:\Program Files\Common Files\Sonic Shared\Sonic Central\

    -----------------EOF-----------------
     
    shardtard,
    #1
  2. 2008/10/22
    hrlow2

    hrlow2 Banned

    Joined:
    2008/10/09
    Messages:
    48
    Likes Received:
    0
    hello shardtard. Have you tried MalwareBytes? It may find something that could be blocking you. My question is "E" drive? Everything on mine (log files,etc.) is on "C" to start, then goes to others. OS is on "C ". Where does "E" come from?
     
    hrlow2,
    #2


  3. to hide this advert.

  4. 2008/10/22
    hrlow2

    hrlow2 Banned

    Joined:
    2008/10/09
    Messages:
    48
    Likes Received:
    0
    hello again. I just took anotherlook at log and did not see any firewall listed. Did see in Program Files a listing for GameSpy in Registry(HKEY Local Machine). GameSpy ( whenever it manages to get on my machine) gets flagged as malware and removed. I use SuperAntiSpyware,SpywareGuard,Spybot S&D, and MalwareBytes. They will go a long way to keep you out of trouble.
     
    hrlow2,
    #3
  5. 2008/10/23
    Juliet

    Juliet Well-Known Member

    Joined:
    2008/09/15
    Messages:
    976
    Likes Received:
    6
    Instructions posted for this user are customized for this user only. The tools used may cause damage if used on a computer with different infections. If you think you have similar problems, please post a HJT log and start a new topic.





    Print this topic or save to notepad, it will make it easier for you to follow the instructions and complete all of the necessary steps as we will need to close every window that is open later in the fix.





    Hi and welcome


    Download SDFix or from Here and save it to your Desktop


    Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix)

    Please then reboot your computer in Safe Mode by doing the following
    :
    • Restart your computer
    • After hearing your computer beep once during startup, but before the Windows
      icon appears, tap the F8 key continually;
    • Instead of Windows loading as normal, the Advanced Options Menu should appear;
    • Select the first option, to run Windows in Safe Mode, then press Enter.
    • Choose your usual account.
    • Open the extracted SDFix folder and double click RunThis.cmd to start the script.
    • Type Y to begin the cleanup process.
    • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
    • Press any Key and it will restart the PC.
    • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load
      your desktop icons.
    • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the
      forum).
    • Finally paste the contents of the SDFix Report.txt back on the forum with a new HijackThis log



    NEXT**
    Please download Malwarebytes' Anti-Malware to your desktop

    Additional Link

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad. Please save it to a convenient location.
    * You can also access the log by doing the following:

    o Click on the Malwarebytes' Anti-Malware icon to launch the program.
    o Click on the Logs tab.
    o Click on the log at the bottom of those listed to highlight it.
    o Click Open.

    Tutorial if needed
    http://thespykiller.co.uk/index.php/topic,5946.0.html

    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



    In your next reply post:
    SDFix report.txt
    Malwarebytes' Anti-Malware log
    New HJT log taken after the above scans have run

    Please give me an update on how the computer is at the moment.

    You may need several replies to post the requested logs, otherwise they might get cut off.
     
    Last edited: 2008/11/18
    Juliet,
    #4
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...