Logfile of random's system information tool 1.06 (written by random/random)
Run by Fadi at 2009-09-04 23:51:27
Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (31%) free of 70 GB
Total RAM: 1014 MB (57% free)

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{5E7E013F-46FD-4871-B7CC-DD60151351FA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-06-13 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-11-19 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-19 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-19 118784]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-11-17 397312]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-11-29 761947]
"ShowLOMControl"=1 []
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2005-12-28 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2005-12-28 602182]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-12-09 49152]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-06-13 127036]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2005-09-17 52848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
DSLMON.lnk - C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\DSLMON.exe

C:\Documents and Settings\Fadi\Start Menu\Programs\Startup
ihaupd32.exe
uecupd32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\bdeaffdbe]
C:\WINDOWS\system32\bdeaffdbe.dll [2005-06-16 312847]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-19 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ec01aa88-83c4-11dd-a964-4d6564696130}]
shell\autorun\command - E:\RECYCLER\autorun.exe
shell\open\command - E:\RECYCLER\autorun.exe

======List of files/folders created in the last 1 months======

2009-09-04 23:51:28 ----D---- C:\Program Files\trend micro
2009-09-04 23:51:27 ----D---- C:\rsit
2009-09-04 23:23:32 ----SHD---- C:\Config.Msi
2009-09-04 23:21:08 ----SHD---- C:\RECYCLER
2009-09-04 22:18:40 ----D---- C:\WINDOWS\temp
2009-09-04 22:18:38 ----A---- C:\ComboFix.txt
2009-09-04 22:09:35 ----SD---- C:\321
2009-09-04 20:33:49 ----A---- C:\Boot.bak
2009-09-04 20:33:38 ----RASHD---- C:\cmdcons
2009-09-04 20:28:58 ----A---- C:\WINDOWS\zip.exe
2009-09-04 20:28:58 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-09-04 20:28:58 ----A---- C:\WINDOWS\SWSC.exe
2009-09-04 20:28:58 ----A---- C:\WINDOWS\SWREG.exe
2009-09-04 20:28:58 ----A---- C:\WINDOWS\sed.exe
2009-09-04 20:28:58 ----A---- C:\WINDOWS\PEV.exe
2009-09-04 20:28:58 ----A---- C:\WINDOWS\NIRCMD.exe
2009-09-04 20:28:58 ----A---- C:\WINDOWS\grep.exe
2009-09-04 20:28:50 ----D---- C:\WINDOWS\ERDNT
2009-09-04 20:28:41 ----D---- C:\Qoobox
2009-09-04 19:58:45 ----A---- C:\qseoqy.exe
2009-09-04 19:58:44 ----A---- C:\ybdvlwme.exe
2009-09-04 19:58:43 ----A---- C:\otcw.exe
2009-09-04 19:58:24 ----A---- C:\lqjbmsj.exe
2009-09-04 19:32:11 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-09-04 19:32:02 ----D---- C:\Program Files\Symantec

======List of files/folders modified in the last 1 months======

2009-09-04 23:51:34 ----D---- C:\WINDOWS\Prefetch
2009-09-04 23:51:28 ----RD---- C:\Program Files
2009-09-04 23:40:44 ----HD---- C:\WINDOWS\inf
2009-09-04 23:40:44 ----D---- C:\WINDOWS
2009-09-04 23:40:41 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-04 23:40:28 ----A---- C:\WINDOWS\ModemLog_Standard 33600 bps Modem.txt
2009-09-04 23:40:26 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2009-09-04 23:40:23 ----D---- C:\WINDOWS\Registration
2009-09-04 23:40:03 ----SHD---- C:\WINDOWS\CSC
2009-09-04 23:23:41 ----D---- C:\WINDOWS\system32
2009-09-04 23:23:31 ----SHD---- C:\WINDOWS\Installer
2009-09-04 22:42:40 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-09-04 22:42:27 ----D---- C:\WINDOWS\system32\drivers
2009-09-04 22:34:30 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-09-04 22:16:44 ----A---- C:\WINDOWS\system.ini
2009-09-04 22:14:33 ----D---- C:\WINDOWS\AppPatch
2009-09-04 22:14:23 ----D---- C:\Program Files\Common Files
2009-09-04 20:52:44 ----D---- C:\WINDOWS\system32\config
2009-09-04 20:51:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-04 20:33:49 ----RASH---- C:\boot.ini
2009-09-04 20:08:07 ----D---- C:\WINDOWS\Minidump
2009-09-04 19:38:06 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-09-04 19:38:03 ----D---- C:\Program Files\Common Files\Symantec Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-03-17 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2006-03-17 22684]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 fse6ea6;fse6ea6; C:\WINDOWS\System32\drivers\fse6ea6.sys [2009-07-21 18528]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 jgi05d7;jgi05d7; C:\WINDOWS\System32\drivers\jgi05d7.sys [2009-07-21 18528]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-11-29 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-03-09 21275]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-06-13 25724]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-06-13 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-06-13 86844]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-06-13 14716]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-06-13 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-06-13 88476]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-06-13 94460]
R2 drvnddm;drvnddm; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-03-17 40544]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-12-28 13568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2005-02-16 128825]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-12-01 936960]
R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-12-01 192512]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-19 1364030]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-07-15 28544]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-13 51328]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-07-15 307968]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-17 1047816]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-29 191936]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-29 47104]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2005-11-29 36736]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-04 1428096]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-01 669696]
S1 a058083c;a058083c; C:\WINDOWS\System32\drivers\a058083c.sys []
S1 a058083c;a058083c; C:\WINDOWS\System32\drivers\a058083c.sys []
S1 nkla0fd;nkla0fd; C:\WINDOWS\System32\drivers\nkla0fd.sys [2009-07-21 18528]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-13 31744]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-03-02 50007]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\Fadi\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ICAM3NT5;Intel USB Video Camera III; C:\WINDOWS\System32\Drivers\Icam3.sys [2001-08-17 141056]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2006-12-10 47360]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 symevent;symevent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-11-29 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-11-29 108800]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-11-29 36480]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-11-29 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-11-29 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-29 50048]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ccevtmgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2005-09-17 192112]
R2 ccsetmgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2005-09-17 169584]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-12-28 114753]
R2 matlabserver;MATLAB Server; C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe [2002-06-18 503808]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [2005-12-06 380928]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-12-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-12-28 540745]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-05-31 1251720]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2005-12-28 262217]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S4 Bluetooth Hid Switch Service;Bluetooth Hid Switch Service; C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe [2005-08-30 188416]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

 

info.txt logfile of random's system information tool 1.06 2009-09-04 23:52:23

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\InstallShield Installation Information\{02FB2C63-5763-4CDD-99E6-566C57189742}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{1CA432A0-DBC7-4C5D-A6B6-5DF0E2E44BB0}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe -runfromtemp -l0x0009/cont -removeonly
-->C:\Program Files\InstallShield Installation Information\{3475FBEC-E0F5-4A3F-823E-6C1DEA10F1AF}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{3881DD58-780F-4FCF-8A16-6E6800C2FEE0}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{4067A0B5-FB0B-479C-8735-6F48F8E21872}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{9225EABF-4457-403B-A82B-91614C9DDDF7}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{E8581ECC-8BEA-4E91-AB5E-587654EBB2A7}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{E9CCEA28-3608-4078-8A07-997646E1A357}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\InstallShield Installation Information\{FD7FF74D-0AB5-48D6-929C-7E93A5162521}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.5 Language Support-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
Adobe Reader 7.0.9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Reader Chinese Traditional Fonts-->MsiExec.exe /I{AC76BA86-7AD7-2448-0000-705000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
ARTEuro-->MsiExec.exe /I{1D3C662A-F6C6-4767-A788-7AA43A9A1317}
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Broadcom Management Programs-->MsiExec.exe /I{26E1BFB0-E87E-4696-9F89-B467F01F81E5}
ccCommon-->MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Commandos Strike Force-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{544DB849-AB59-4C12-A333-2F214E24870F}\Setup.exe" -l0x9  -removeonly
Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Support 5.0.0 (630)-->rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall
Digital Line Detect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Huawei SmartAX MT810-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe" -l0x9 -L0x9
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
Internal Network Card Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x9 UNINSTALL APPDRVNT4
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Magic ISO Maker v5.4 (build 0251)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
MATLAB 6.5-->C:\MATLAB6p5\uninstall\uninstall.exe C:\MATLAB6p5
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSN Messenger 7.5-->MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
NetWaiting-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Nokia Connectivity Cable Driver-->MsiExec.exe /X{B3164E9E-BE08-4F3B-94BC-C6D09C0205E1}
Nokia PC Suite-->MsiExec.exe /I{D5577624-0626-4C4B-87AA-D966DA1739D6}
Norton Internet Security 2006-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\Temp{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe" /X
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
PowerDVD 5.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
QuickSet-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9  APPDRVNT4
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 /removeonly uninstall -removeonly
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x9 UNINSTALL -removeonly
Symantec KB-DocID:2003093015493306-->MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Tcl/Tk 8.3.0 for Windows-->C:\PROGRA~1\Tcl\UNWISE.EXE C:\PROGRA~1\Tcl\INSTALL.LOG
Update for Windows Internet Explorer 8 (KB969497)-->"C:\WINDOWS\ie8updates\KB969497-IE8\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
VideoLAN VLC media player 0.8.4a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Vuze-->C:\Program Files\Azureus\uninstall.exe
Windows Driver Package - Nokia Modem  (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]-->C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XviD 1.1 final uninstall-->"C:\Program Files\XviD\unins000.exe"

======Security center information======

FW: Norton Internet Worm Protection (disabled)

======System event log======

Computer Name: ATLANTIS
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 638
Source Name: Tcpip
Time Written: 20090603134139.000000+180
Event Type: warning
User:

Computer Name: ATLANTIS
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 637
Source Name: Tcpip
Time Written: 20090603132800.000000+180
Event Type: warning
User:

Computer Name: ATLANTIS
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Record Number: 632
Source Name: W32Time
Time Written: 20090603055222.000000+180
Event Type: warning
User:

Computer Name: ATLANTIS
Event Code: 7000
Message: The General Purpose USB Driver (adildr.sys) service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Record Number: 612
Source Name: Service Control Manager
Time Written: 20090602160648.000000+180
Event Type: error
User:

Computer Name: ATLANTIS
Event Code: 7000
Message: The General Purpose USB Driver (adildr.sys) service failed to start due to the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Record Number: 591
Source Name: Service Control Manager
Time Written: 20090602123715.000000+180
Event Type: error
User:

=====Application event log=====

Computer Name: ATLANTIS
Event Code: 1000
Message: Faulting application acrord32.exe, version 7.0.8.218, faulting module acrord32.dll, version 7.0.8.218, fault address 0x000811a6.

Record Number: 3361
Source Name: Application Error
Time Written: 20090629125749.000000+180
Event Type: error
User:

Computer Name: ATLANTIS
Event Code: 1000
Message: Faulting application acrord32.exe, version 7.0.8.218, faulting module acrord32.dll, version 7.0.8.218, fault address 0x00385fb4.

Record Number: 3311
Source Name: Application Error
Time Written: 20090624123203.000000+180
Event Type: error
User:

Computer Name: ATLANTIS
Event Code: 1001
Message: Fault bucket 1180947459.

Record Number: 3163
Source Name: Application Hang
Time Written: 20090613171508.000000+180
Event Type: error
User:

Computer Name: ATLANTIS
Event Code: 1002
Message: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 3162
Source Name: Application Hang
Time Written: 20090613171504.000000+180
Event Type: error
User:

Computer Name: ATLANTIS
Event Code: 2000
Message: Accepted Safe Mode action : Microsoft Office Word.

Record Number: 3050
Source Name: Microsoft Office 11
Time Written: 20090605143154.000000+180
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;c:\matlab6p5\bin\win32;C:\PROGRA~1\Tcl\bin;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip

-----------------EOF-----------------

 

FW: Norton Internet Worm Protection *disabled*   {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\iTunes\iTunesHelper.exe
fC:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Huawei Technologies\Huawei SmartAX MT810\DSLMON.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
svchost
svchost.exe
C:\Documents and Settings\Fadi\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_06\bin\jusched.exe"
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ShowLOMControl] 1 (0x1)
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\documents and settings\fadi\start menu\programs\startup\ihaupd32.exe
StartupFolder: c:\documents and settings\fadi\start menu\programs\startup\uecupd32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dslmon.lnk - c:\program files\huawei technologies\huawei smartax mt810\DSLMON.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143860028796
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game04.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
TCP: {672B43F6-44DB-438A-A6C6-19AF8F73DF4B} = 212.0.138.13 212.0.138.12
Notify: bdeaffdbe - c:\windows\system32\bdeaffdbe.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 fse6ea6;fse6ea6;c:\windows\system32\drivers\fse6ea6.sys [2009-7-21 18528]
R1 jgi05d7;jgi05d7;c:\windows\system32\drivers\jgi05d7.sys [2009-7-21 18528]
R2 ccevtmgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2005-9-17 192112]
R2 ccsetmgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2005-9-17 169584]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-3-9 1251720]
S1 a058083c;a058083c;c:\windows\system32\drivers\a058083c.sys [2009-7-22 0]
S1 nkla0fd;nkla0fd;c:\windows\system32\drivers\nkla0fd.sys [2009-7-21 18528]
S3 ICAM3NT5;Intel USB Video Camera III;c:\windows\system32\drivers\Icam3.sys [2006-12-1 141056]

=============== Created Last 30 ================

2009-09-04 22:42 89,472 a------- c:\windows\system32\drivers\c724ffa8.sys
2009-09-04 22:09 <DIR> --ds---- C:\321
2009-09-04 21:35 <DIR> --d----- c:\windows\system32\dllcache\cache
2009-09-04 20:33 <DIR> a-dshr-- C:\cmdcons
2009-09-04 20:28 230,912 a------- c:\windows\PEV.exe
2009-09-04 20:28 161,792 a------- c:\windows\SWREG.exe
2009-09-04 20:28 98,816 a------- c:\windows\sed.exe
2009-09-04 19:58 705 a------- C:\qseoqy.exe
2009-09-04 19:58 705 a------- C:\ybdvlwme.exe
2009-09-04 19:58 705 a------- C:\otcw.exe
2009-09-04 19:58 105,472 a------- C:\lqjbmsj.exe
2009-09-04 19:32 108,168 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-04 19:32 87,768 a------- c:\windows\system32\S32EVNT1.DLL
2009-09-04 19:32 <DIR> --d----- c:\program files\Symantec

==================== Find3M  ====================

2009-09-04 20:29 182,656 a------- c:\windows\system32\dllcache\ndis.sys
2009-09-04 20:29 182,656 a------- c:\windows\system32\dllcache\cache\ndis.sys
2009-09-04 20:29 182,656 -------- c:\windows\system32\drivers\ndis.sys
2009-07-25 16:11 705 a------- C:\uputc.exe
2009-07-25 09:30 184,848 a------- C:\hmgol.exe
2009-07-23 20:03 56,320 a------- c:\windows\system32\drivers\smss.exe_
2009-07-23 20:03 56,320 a------- C:\rqhldhc.exe
2009-07-23 20:03 705 a------- C:\gxqd.exe
2009-07-23 13:50 0 a------- c:\windows\system32\drivers\a058083c.sys
2009-07-21 22:40 5,120 a------- C:\udjnn.exe
2009-07-21 22:15 13,312 a------- C:\uudoam.exe
2009-07-21 22:15 13,312 a------- C:\errigh.exe
2009-07-21 22:15 18,528 a------- c:\windows\system32\drivers\jgi05d7.sys
2009-07-21 22:15 10,752 a------- C:\luqkal.exe
2009-07-21 22:15 18,528 a------- c:\windows\system32\drivers\fse6ea6.sys
2009-07-21 22:14 18,528 a------- c:\windows\system32\drivers\nkla0fd.sys
2009-07-21 22:14 11,264 a------- C:\cnhtlnsc.exe
2009-07-21 22:14 12,800 a------- c:\windows\system32\sysstsdw.exe
2009-07-21 16:16 34 a------- c:\documents and settings\fadi\jagex_runescape_preferences.dat
2009-06-16 17:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 17:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 17:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 17:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2007-04-20 10:21 81,920 a------- c:\docume~1\fadi\applic~1\ezpinst.exe
2007-04-20 10:21 47,360 a------- c:\docume~1\fadi\applic~1\pcouffin.sys
2006-04-18 16:48 251 a------- c:\program files\wt3d.ini
2007-05-09 13:51 104 ---shr-- c:\windows\system32\37D168B2DC.sys
2007-05-09 13:51 6,216 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-05-09 14:28 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008050920080510\index.dat

============= FINISH: 22:44:20.46 ===============

DDS (Ver_09-07-30.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 16/03/2006 11:40:10 PM
System Uptime: 09/04/2009 10:40:00 PM (3552 hours ago)

Motherboard: Dell Inc. |  | 0FF049
Processor: Genuine Intel(R) CPU           T2300  @ 1.66GHz | Microprocessor | 1664/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 68 GiB total, 21.441 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\1BB99050424FC000
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\1BB99050424FC000
Service: NIC1394

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Fadi 6300
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Fadi 6500c
Device ID: ROOT\WPD\0001
Manufacturer: Nokia
Name: Fadi 6500c
PNP Device ID: ROOT\WPD\0001
Service: WUDFRd

==== System Restore Points ===================

RP854: 07/06/2009 06:51:10 PM - System Checkpoint
RP855: 08/06/2009 07:32:06 PM - System Checkpoint
RP856: 09/06/2009 08:53:54 PM - System Checkpoint
RP857: 10/06/2009 03:06:44 PM - Software Distribution Service 3.0
RP858: 11/06/2009 08:47:46 PM - System Checkpoint
RP859: 13/06/2009 08:41:03 AM - System Checkpoint
RP860: 14/06/2009 11:45:21 AM - System Checkpoint
RP861: 15/06/2009 06:51:34 PM - System Checkpoint
RP862: 16/06/2009 10:45:10 PM - System Checkpoint
RP863: 18/06/2009 02:42:53 AM - System Checkpoint
RP864: 19/06/2009 03:56:47 PM - System Checkpoint
RP865: 20/06/2009 07:55:28 PM - System Checkpoint
RP866: 21/06/2009 11:49:01 PM - System Checkpoint
RP867: 23/06/2009 03:49:50 AM - System Checkpoint
RP868: 24/06/2009 07:48:18 AM - System Checkpoint
RP869: 25/06/2009 07:46:54 PM - System Checkpoint
RP870: 26/06/2009 11:37:02 PM - System Checkpoint
RP871: 28/06/2009 03:03:10 AM - System Checkpoint
RP872: 29/06/2009 07:04:05 AM - System Checkpoint
RP873: 30/06/2009 11:02:49 AM - System Checkpoint
RP874: 01/07/2009 11:03:46 AM - System Checkpoint
RP875: 02/07/2009 11:53:24 AM - System Checkpoint
RP876: 03/07/2009 04:51:58 PM - System Checkpoint
RP877: 04/07/2009 07:48:47 PM - System Checkpoint
RP878: 05/07/2009 09:33:07 PM - System Checkpoint
RP879: 07/07/2009 01:31:43 AM - System Checkpoint
RP880: 08/07/2009 09:29:30 AM - System Checkpoint
RP881: 09/07/2009 02:03:07 PM - System Checkpoint
RP882: 10/07/2009 06:03:52 PM - System Checkpoint
RP883: 11/07/2009 07:47:42 PM - System Checkpoint
RP884: 13/07/2009 01:00:18 AM - System Checkpoint
RP885: 14/07/2009 08:56:44 AM - System Checkpoint
RP886: 15/07/2009 10:10:33 AM - System Checkpoint
RP887: 16/07/2009 03:00:33 AM - Software Distribution Service 3.0
RP888: 17/07/2009 09:56:27 AM - System Checkpoint
RP889: 18/07/2009 01:02:27 PM - System Checkpoint
RP890: 19/07/2009 01:41:20 PM - System Checkpoint
RP891: 20/07/2009 05:53:58 PM - System Checkpoint
RP892: 21/07/2009 08:12:17 PM - System Checkpoint
RP893: 22/07/2009 03:14:01 PM - Removed Apple Mobile Device Support
RP894: 22/07/2009 04:25:23 PM - Installed AVG Free 8.5
RP895: 22/07/2009 07:43:46 PM - Removed Bonjour
RP896: 22/07/2009 07:44:58 PM - Removed Apple Software Update
RP897: 22/07/2009 07:49:34 PM - Removed AVG Free 8.5
RP898: 22/07/2009 07:50:37 PM - Installed AVG Free 8.5
RP899: 22/07/2009 10:22:55 PM - Restore Operation
RP900: 24/07/2009 10:21:10 AM - System Checkpoint
RP901: 25/07/2009 10:21:32 AM - System Checkpoint
RP902: 04/09/2009 08:21:40 PM - System Checkpoint

==== Installed Programs ======================

7-Zip 4.57
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.0.9
Adobe Reader Chinese Traditional Fonts
Adobe Shockwave Player 11
ARTEuro
Azureus
Bluetooth Stack for Windows by Toshiba
Broadcom Management Programs
ccCommon
CCleaner (remove only)
Commandos Strike Force
Conexant HDA D110 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Defraggler (remove only)
Dell Driver Reset Tool
Dell Support 5.0.0 (630)
Dell System Restore
Digital Line Detect
GemMaster Mystic
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Huawei SmartAX MT810
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
Internal Network Card Power Management
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 6
Learn2 Player (Uninstall Only)
Magic ISO Maker v5.4 (build 0251)
MATLAB 6.5
mCore
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
mIWA
mLogView
mMHouse
Modem Helper
mPfMgr
mPfWiz
mProSafe
MSN
MSN Messenger 7.5
MSRedist
mSSO
MSVC80_x86
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mWMI
mXML
mZConfig
NetWaiting
Nokia Connectivity Cable Driver
Nokia PC Suite
Norton Internet Security 2006
Otto
PC Connectivity Solution
PowerDVD 5.7
QuickSet
QuickTime
RealPlayer
Recuva (remove only)
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB973346)
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sony Picture Utility
Sony USB Driver
Symantec KB-DocID:2003093015493306
Synaptics Pointing Device Driver
Tcl/Tk 8.3.0 for Windows
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update Rollup 2 for Windows XP Media Center Edition 2005
VideoLAN VLC media player 0.8.4a
Viewpoint Media Player
Virtual DJ - Atomix Productions
Vuze
WebFldrs XP
Windows Driver Package - Nokia Modem  (05/22/2008 3.8)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Presentation Foundation
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
XviD 1.1 final uninstall

==== Event Viewer Messages From Past Week ========

04/09/2009 10:04:07 PM, error: Service Control Manager [7031]  - The Remote Procedure Call (RPC) service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: .
04/09/2009 10:04:05 PM, error: Service Control Manager [7034]  - The SSDP Discovery Service service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:04:03 PM, error: Service Control Manager [7034]  - The TCP/IP NetBIOS Helper service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:04:03 PM, error: Service Control Manager [7031]  - The Universal Plug and Play Device Host service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: .
04/09/2009 10:04:03 PM, error: Service Control Manager [7031]  - The Remote Registry service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: .
04/09/2009 10:03:45 PM, error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:03:36 PM, error: Service Control Manager [7034]  - The Intel(R) PROSet/Wireless Event Log service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:03:28 PM, error: Service Control Manager [7034]  - The Media Center Scheduler Service service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:03:00 PM, error: Service Control Manager [7034]  - The Symantec Settings Manager service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:02:56 PM, error: Service Control Manager [7034]  - The Symantec Event Manager service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:02:53 PM, error: Service Control Manager [7034]  - The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 10:02:48 PM, error: Service Control Manager [7034]  - The HTTP SSL service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 09:33:00 PM, error: PlugPlayManager [11]  - The device Root\legacy_104285d206768488f5210915c300db5b\0000 disappeared from the system without first being prepared for removal.
04/09/2009 08:52:22 PM, error: PlugPlayManager [12]  - The device 'Fips' (Root\LEGACY_FIPS\0000) disappeared from the system without first being prepared for removal.
04/09/2009 08:52:22 PM, error: PlugPlayManager [11]  - The device Root\legacy_sfxdrv\0000 disappeared from the system without first being prepared for removal.
04/09/2009 08:37:25 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
04/09/2009 08:30:15 PM, error: Service Control Manager [7034]  - The Machine Debug Manager service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 08:30:15 PM, error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: .
04/09/2009 08:24:25 PM, error: DCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {BA126AD1-2166-11D1-B1D0-00805FC1270E}  to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20).  This security permission can be modified using the Component Services administrative tool.
04/09/2009 08:03:34 PM, error: Service Control Manager [7034]  - The MATLAB Server service terminated unexpectedly.  It has done this 1 time(s).
04/09/2009 07:55:46 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Windows Network Data Management System Service service to connect.
04/09/2009 07:54:47 PM, error: Service Control Manager [7031]  - The Media Center Receiver Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: .
04/09/2009 07:54:47 PM, error: Service Control Manager [7000]  - The General Purpose USB Driver (adildr.sys) service failed to start due to the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
04/09/2009 07:54:47 PM, error: Service Control Manager [7000]  - The Automatic Updates service failed to start due to the following error:  The system cannot find the file specified.

==== End Of File ===========================

 

 

Begin copying here:
Files to delete:
c:\documents and settings\fadi\start menu\programs\startup\ihaupd32.exe
c:\documents and settings\fadi\start menu\programs\startup\uecupd32.exe
c:\windows\system32\drivers\jgi05d7.sys
c:\windows\system32\drivers\fse6ea6.sys
c:\windows\system32\drivers\nkla0fd.sys
C:\qseoqy.exe
C:\ybdvlwme.exe
C:\otcw.exe
C:\lqjbmsj.exe
C:\uputc.exe
C:\hmgol.exe
c:\windows\system32\drivers\smss.exe_
C:\rqhldhc.exe
C:\gxqd.exe
c:\windows\system32\drivers\a058083c.sys
C:\udjnn.exe
C:\uudoam.exe
C:\errigh.exe
c:\windows\system32\drivers\jgi05d7.sys
C:\luqkal.exe
c:\windows\system32\drivers\fse6ea6.sys
c:\windows\system32\drivers\nkla0fd.sys
C:\cnhtlnsc.exe
c:\windows\system32\sysstsdw.exe
c:\windows\system32\bdeaffdbe.dll
Drivers to delete:
fse6ea6
jgi05d7
nkla0fd

 

Copy/Paste all the text  in the above codebox into the main window

Click Execute

 

The Avenger will automatically do the following:

It will Restart your computer.

( In cases where the code to execute contains "Drivers to Delete", The Avenger will actually restart your system twice.)

 

On reboot, it will briefly open a black command window on your desktop, this is normal.

After the restart, it creates a log file that should open with the results of Avenger’s actions.

 

This log file will be located at  C:\avenger.txt

 

Click http://www.gmer.net/download.php and download the installer for Gmer to your desktop, then click that file to run Gmer.


If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things.

If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please, along with C:\avenger.txt

 

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

 

---

Do NOT post your problem in someone elses thread.

Member of - Alliance of Security Analysis Professionals

A non-profit, volunteer network.

 

 

 

 

---

 

• Double-click on OTM.exe to launch the program. (If using Windows Vista, be sure to Run As Administrator)
• Copy the file(s)/folder(s) paths listed below - highlight everything in the code box and press CTRL+C or right-click and choose Copy.

:Processes
explorer.exe
:Files
c:\documents and settings\fadi\start menu\programs\startup\ihaupd32.exe
c:\documents and settings\fadi\start menu\programs\startup\uecupd32.exe
c:\windows\system32\drivers\jgi05d7.sys
c:\windows\system32\drivers\fse6ea6.sys
c:\windows\system32\drivers\nkla0fd.sys
C:\qseoqy.exe
C:\ybdvlwme.exe
C:\otcw.exe
C:\lqjbmsj.exe
C:\uputc.exe
C:\hmgol.exe
c:\windows\system32\drivers\smss.exe_
C:\rqhldhc.exe
C:\gxqd.exe
c:\windows\system32\drivers\a058083c.sys
C:\udjnn.exe
C:\uudoam.exe
C:\errigh.exe
c:\windows\system32\drivers\jgi05d7.sys
C:\luqkal.exe
c:\windows\system32\drivers\fse6ea6.sys
c:\windows\system32\drivers\nkla0fd.sys
C:\cnhtlnsc.exe
c:\windows\system32\sysstsdw.exe
c:\windows\system32\bdeaffdbe.dll
C:\WINDOWS\System32\drivers\c724ffa8.sys
C:\WINDOWS\system32\104285d206768488f5210915c300db5b.sys
:driver
fse6ea6
jgi05d7
nkla0fd
:Commands
[emptytemp]
[start explorer]
[Reboot]

Return to OTM, right-click in the open text box labeled "Paste Instructions for Items to be Moved" (under the yellow bar) and choose Paste.

• Click the red MoveIt! button.
• The list will be processed and the results will be displayed in the right-hand pane.
• Highlight everything in the Results window (under the green bar), press CTRL+C or right-click, choose Copy, right-click again and Paste it in your next reply.
• Click Exit when done.
• A log of the results is automatically created and saved to C:\_OTM\MovedFiles \mmddyyyy_hhmmss.log <- the date/time the tool was run.

-- Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. After the reboot, open Notepad, click File > Open, in the File Name box type *.log and press the Enter key. Navigate to the C:\_OTM\MovedFiles folder, open the newest .log file and copy/paste the contents in your next reply. If not asked, reboot anyway.

---

Do NOT post your problem in someone elses thread.

Member of - Alliance of Security Analysis Professionals

A non-profit, volunteer network.

Files moved on Reboot...
LoadLibrary failed for c:\windows\system32\bdeaffdbe.dll
c:\windows\system32\bdeaffdbe.dll NOT unregistered.
File move failed. c:\windows\system32\bdeaffdbe.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

 

Disable the DNS cache permanently in Windows, use the Service Controller tool or the Services tool to set the DNS Client service startup type to Disabled. Note that the name of the Windows DNS Client service may also appear as "Dnscache."

 

---

 

 

Next step ->

 

Please download http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE (SAS)

Install it and double-click the icon on your desktop to run it.
It will ask if you want to update the program definitions, click Yes, Let it through your firewall!
Under Configuration and Preferences, click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked:

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining.
Ignore System Restore/Volume Information on ME and XP
Please leave the others unchecked.

On the main screen, under Scan for Harmful Software click Scan your computer.
On the left check C:\Fixed Drive.
On the right, under Complete Scan, choose Perform Complete Scan.
Click Next to start the scan. Please be patient while it scans your computer.
After the scan is complete a summary box will appear. Click OK.
Make sure everything in the white box has a check next to it, then click Next.
It will quarantine what it found and if it asks if you want to reboot, click
Yes.

Reboot normally.

• After reboot, double-click the SUPERAntispyware icon on your desktop.
• Click Preferences . Click the Statistics/Logs tab .
• Under Scanner Logs , double-click SUPERAntiSpyware Scan Log .
• It will open in your default text editor (such as Notepad/Wordpad).
• Please highlight everything , then right-click and choose copy.
• Click close and close again to exit the program.

 

Post Superantispyware log, along with new hijackthis log and tell how things are running ?

 

---

Do NOT post your problem in someone elses thread.

Member of - Alliance of Security Analysis Professionals

A non-profit, volunteer network.

 

Download the Norton Removal Tool (SymNRT) to your Desktop.

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039"]Norton
Once downloaded please close ALL open browsers, also save any work because this may require a restart.

Go to your desktop and double click on the removal tool and then click Setup.
Once open Click Next
Accept the license agreement and click Next
Type in the letters/numbers that you see into the text box then click Next.
Then click Next and the tool will start running.
Once finished restart the PC and run the tool again to ensure everything has been removed.
Delete Nortonremoval tool from your Desktop.

Delete the following:
ComboFix and its associated files and folders.
VundoFix backups, if present.
The C:\Deckard folder, if present.
The C:_OtMoveIt folder, if present.
Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.

I suggest you keep Ccleaner and malwarebyte. Then delete the other tools.

---

 

 

---