Highlighted
CosbyNurse
1 Copper

Advertising popups suddenly appearing

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:56:04 AM, on 6/17/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\WDC\SetIcon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Gamevance\gamevance32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Uniblue\DriverScanner\DriverScanner.exe
C:\Documents and Settings\Bob\Desktop\HiJackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nws.noaa.gov/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
O2 - BHO: Gamevance - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - C:\Program Files\Gamevance\gamevancelib32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Gamevance Text - {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files\Gamevance\gvtl.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Gamevance] C:\Program Files\Gamevance\gamevance32.exe a
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - Startup: Event Reminder.lnk = H:\pmw\PMREMIND.EXE
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Philips SA3020 Device Manager.lnk = C:\Program Files\Philips\SA3020 Device Manager\SA3020_DeviceManager.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {3BA3B159-7533-4F96-A2CE-EE5894BBD3D5} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SYSSCANNER.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?11869637150...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?118696405...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15106/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{75F1612A-B8E3-46E4-A499-F1284ED8A159}: NameServer = 208.67.222.222,208.67.220.220
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe
O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 14439 bytes

I only started getting numerous ad popups about 5 days ago.  I have run Adaware and set Zonealarm to block ads, but they still come through.  If you can help, Thanks.  If you can't, Thanks for trying.

0 Kudos
7 Replies
8 Krypton

Re: Advertising popups suddenly appearing


CosbyNurse

1. Go HERE and download File Lister.
  • Save it to your Desktop
  • Rt Click ->> Extract all ->> And extract it to your Desktop
  • Additional help on extracting zip files can be found HERE
  • Open the File Lister Folder.
  • Note: Leave the FileLister.vbe file in the folder and run it from there.
  • Rt Click FileLister.vbe ->>Select Open Then Open to confirm.
  • As the program runs, it will appear that nothing is happening.
  • When the program is fnished it will produce a log for you C:\Files.txt

Copy and paste the contents of that log in your reply.

Consumer Security 2008- 2010

 

0 Kudos
CosbyNurse
1 Copper

Re: Advertising popups suddenly appearing


CosbyNurse

1. Go HERE and download File Lister.
  • Save it to your Desktop
  • Rt Click ->> Extract all ->> And extract it to your Desktop
  • Additional help on extracting zip files can be found HERE
  • Open the File Lister Folder.
  • Note: Leave the FileLister.vbe file in the folder and run it from there.
  • Rt Click FileLister.vbe ->>Select Open Then Open to confirm.
  • As the program runs, it will appear that nothing is happening.
  • When the program is fnished it will produce a log for you C:\Files.txt

Copy and paste the contents of that log in your reply.

+++++++++++++++++++++++++++++++++
+ File Lister  Version 1.1.1                                 +
+                                                                    +
+  By bamajim / SpywareHammer.com                 +
+++++++++++++++++++++++++++++++++
Report ran on --->>>  6/22/2009 9:13:28 AM

====== Running Processes ======
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dantz\Retrospect\retrorun.exe
C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\WDC\SetIcon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Gamevance\gamevance32.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Philips\SA3020 Device Manager\SA3020_DeviceManager.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
====== BHO's ======
BHO: Gamevance - {0ED403E8-470A-4a8a-85A4-D7688CFE39A3} - C:\Program Files\Gamevance\gamevancelib32.dll
BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}\ - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
BHO: (NO NAME) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
BHO: (NO NAME) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
BHO: Gamevance Text - {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files\Gamevance\gvtl.dll
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
BHO: (NO NAME) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
====== HKLM\~\Run Keys ======
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
[ATIPTA] = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[CanonMyPrinter] = C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
[IAAnotif] = "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
[CTHelper] = CTHELPER.EXE
[AsioReg] = REGSVR32.EXE /S CTASIO.DLL
[UpdReg] = C:\WINDOWS\UpdReg.EXE
[DiscWizardMonitor.exe] = C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
[AcronisTimounterMonitor] = C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
[Acronis Scheduler2 Service] = "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
[WD Button Manager] = WDBtnMgr.exe
[Adobe Photo Downloader] = "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
[PCMService] = "C:\Program Files\Dell\Media Experience\PCMService.exe"
[GhostStartTrayApp] = C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
[dla] = C:\WINDOWS\system32\dla\tfswctrl.exe
[UpdateManager] = "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
[CTSysVol] = C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
[CTDVDDet] = C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
[CTCheck] = C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
[SetIcon] = \Program Files\WDC\SetIcon.exe
[ZoneAlarm Client] = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
[Adobe Reader Speed Launcher] = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[SunJavaUpdateSched] = "C:\Program Files\Java\jre6\bin\jusched.exe"
[Gamevance] = C:\Program Files\Gamevance\gamevance32.exe a
[Ad-Watch] = C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
====== HKCU\~\Run Keys ======
[ctfmon.exe] = C:\WINDOWS\system32\ctfmon.exe
[swg] = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[Sonic RecordNow!] = HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Sonic RecordNow!
[EasyLinkAdvisor] = "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
[CTSyncU.exe] = "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
[Nokia.PCSync] = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
[Sony Ericsson PC Suite] = "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
====== DNS Info (List may be empty) ======
HKEY_LOCAL_MACHINE\CCS\~\{0F81B80E-EE11-479E-BAB1-08ED1DFBD88C}\  NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{3424C29C-1DE1-4A06-8BE2-F7C6CFB65046}\  NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{506BCD92-EDC5-41AA-9F0A-3D4EE1EF896F}\  NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{63B172EE-5F61-459A-9D1E-DADFE0FB988F}\  NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{75F1612A-B8E3-46E4-A499-F1284ED8A159}\  NameServer= 208.67.222.222,208.67.220.220
HKEY_LOCAL_MACHINE\CS001\~\{3424C29C-1DE1-4A06-8BE2-F7C6CFB65046}\  NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{75F1612A-B8E3-46E4-A499-F1284ED8A159}\  NameServer=
HKEY_LOCAL_MACHINE\CS002\~\{0F81B80E-EE11-479E-BAB1-08ED1DFBD88C}\  NameServer=
HKEY_LOCAL_MACHINE\CS002\~\{3424C29C-1DE1-4A06-8BE2-F7C6CFB65046}\  NameServer=
HKEY_LOCAL_MACHINE\CS002\~\{506BCD92-EDC5-41AA-9F0A-3D4EE1EF896F}\  NameServer=
HKEY_LOCAL_MACHINE\CS002\~\{63B172EE-5F61-459A-9D1E-DADFE0FB988F}\  NameServer=
HKEY_LOCAL_MACHINE\CS002\~\{75F1612A-B8E3-46E4-A499-F1284ED8A159}\  NameServer= 208.67.222.222,208.67.220.220

====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ======
5/2/2009 8:22:07 PM    165888    C:\New Folder
5/2/2009 8:26:42 PM    165888    C:\New Folder\VIDEO_TS
6/17/2009 9:06:02 AM    1116    32    C:\aaw7boot.log
6/22/2009 9:13:28 AM    0    32    C:\Files.txt
6/17/2009 9:33:47 AM    27262976    32    C:\VIRTPART.DAT
6/10/2009 8:09:34 PM    968973    C:\WINDOWS\$NtUninstallKB961501$
6/10/2009 8:09:34 PM    625933    C:\WINDOWS\$NtUninstallKB961501$\spuninst
6/10/2009 8:01:34 PM    2472573    C:\WINDOWS\$NtUninstallKB968537$
6/10/2009 8:01:34 PM    625789    C:\WINDOWS\$NtUninstallKB968537$\spuninst
6/10/2009 8:09:14 PM    915726    C:\WINDOWS\$NtUninstallKB969898$
6/10/2009 8:09:14 PM    624910    C:\WINDOWS\$NtUninstallKB969898$\spuninst
6/10/2009 8:03:25 PM    1259756    C:\WINDOWS\$NtUninstallKB970238$
6/10/2009 8:03:25 PM    625900    C:\WINDOWS\$NtUninstallKB970238$\spuninst
6/10/2009 8:11:26 PM    894352    C:\WINDOWS\$NtUninstallKB970483$
6/10/2009 8:11:26 PM    626064    C:\WINDOWS\$NtUninstallKB970483$\spuninst
6/14/2009 8:36:46 PM    0    C:\WINDOWS\ftpcache
6/16/2009 11:32:40 AM    0    32    C:\WINDOWS\0.log
4/30/2009 4:52:07 PM    1071    32    C:\WINDOWS\AWMODEM.INF
4/30/2009 5:28:43 PM    4388    32    C:\WINDOWS\ModemLog_Sony Ericsson Device 0017 USB WMC Data Modem #2.txt
4/30/2009 5:28:43 PM    4378    32    C:\WINDOWS\ModemLog_Sony Ericsson Device 0017 USB WMC Modem #2.txt
6/17/2009 5:57:10 PM    28    32    C:\WINDOWS\OutLog.txt
6/16/2009 11:46:59 AM    423951    32    C:\WINDOWS\setupapi.log
5/2/2009 8:21:41 PM    7168    38    C:\WINDOWS\Thumbs.db
6/19/2009 6:06:54 PM    403    32    C:\WINDOWS\wmsetup.log
6/17/2009 5:48:41 PM    1663488    32    C:\WINDOWS\system32\BootMan.exe
6/17/2009 5:48:41 PM    8704    32    C:\WINDOWS\system32\epmntdrv.sys
6/17/2009 5:48:41 PM    14848    32    C:\WINDOWS\system32\EuEpmGdi.dll
6/17/2009 5:48:41 PM    3072    32    C:\WINDOWS\system32\EuGdiDrv.sys
5/1/2009 2:30:36 PM    3366912    32    C:\WINDOWS\system32\GPhotos.scr
6/9/2009 3:29:58 PM    144792    32    C:\WINDOWS\system32\java.exe
6/9/2009 3:29:58 PM    144792    32    C:\WINDOWS\system32\javaw.exe
6/9/2009 3:29:58 PM    148888    32    C:\WINDOWS\system32\javaws.exe
6/9/2009 3:29:37 PM    4099    32    C:\WINDOWS\system32\jupdate-1.6.0_14-b08.log
6/16/2009 12:18:29 PM    15688    32    C:\WINDOWS\system32\lsdelete.exe
6/17/2009 5:48:41 PM    86408    32    C:\WINDOWS\system32\setupempdrv03.exe
====== Files under "\Administrator\Startup" Last 60 Days======
====== Files under "\All Users\Startup" Last 60 Days======

====== Files and Folders under "\Program Files" Last 60 Days======
6/17/2009 5:42:11 PM    32735828    C:\Program Files\EASEUS
6/14/2009 8:23:37 PM    585274    C:\Program Files\Gamevance
6/14/2009 8:36:11 PM    3065062    C:\Program Files\Selectsoft
6/17/2009 8:38:04 AM    21930512    C:\Program Files\Uniblue
====== Files under "\System32\Drivers" Last 60 Days======
6/16/2009 11:46:54 AM    64160    32    C:\WINDOWS\system32\drivers\Lbd.sys
====== Files Deleted under "%Temp%" ======

34 Files deleted
====== Files and Folders under "All Users\Application Data" Last 60 Days======
6/17/2009 8:38:05 AM    32416420    C:\Documents and Settings\All Users\Application Data\DriverScanner
6/17/2009 8:37:08 AM    45483710    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
6/17/2009 8:37:52 AM    26300939    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner
6/17/2009 8:37:56 AM    577536    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\1B226F95
6/17/2009 8:37:56 AM    577536    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\1B226F95\1A9B0B16
6/17/2009 8:37:56 AM    110592    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\1BB9B162
6/17/2009 8:37:56 AM    110592    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\1BB9B162\8F9F9DCD
6/17/2009 8:37:56 AM    6418432    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\224783AD
6/17/2009 8:37:56 AM    6418432    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\224783AD\E8DE91C8
6/17/2009 8:37:56 AM    337320    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\22B3D1EB
6/17/2009 8:37:56 AM    337320    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\22B3D1EB\8F9F9DCD
6/17/2009 8:37:56 AM    40960    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2439B37E
6/17/2009 8:37:56 AM    40960    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2439B37E\8F9F9DCD
6/17/2009 8:37:56 AM    356352    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\296E106F
6/17/2009 8:37:56 AM    356352    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\296E106F\E8DE91C8
6/17/2009 8:37:56 AM    168448    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2AC187FE
6/17/2009 8:37:56 AM    168448    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2AC187FE\8F9F9DCD
6/17/2009 8:37:56 AM    1130496    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2C7BD434
6/17/2009 8:37:56 AM    1130496    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2C7BD434\E8DE91C8
6/17/2009 8:37:56 AM    8192    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2C9F73B6
6/17/2009 8:37:56 AM    8192    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\2C9F73B6\8F9F9DCD
6/17/2009 8:37:56 AM    57344    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\3E39C89
6/17/2009 8:37:56 AM    57344    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\3E39C89\2FB6E586
6/17/2009 8:37:56 AM    774144    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\3FBA627D
6/17/2009 8:37:56 AM    774144    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\3FBA627D\1A9B0B16
6/17/2009 8:37:56 AM    344064    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\4B257860
6/17/2009 8:37:56 AM    344064    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\4B257860\8F9F9DCD
6/17/2009 8:37:56 AM    1581056    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\4D290516
6/17/2009 8:37:56 AM    1581056    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\4D290516\E8DE91C8
6/17/2009 8:37:56 AM    212992    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\5C40AA7E
6/17/2009 8:37:56 AM    212992    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\5C40AA7E\8F9F9DCD
6/17/2009 8:37:56 AM    569344    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\65B78854
6/17/2009 8:37:56 AM    569344    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\65B78854\1A9B0B16
6/17/2009 8:37:56 AM    15872    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\6FDDF195
6/17/2009 8:37:56 AM    15872    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\6FDDF195\8F9F9DCD
6/17/2009 8:37:56 AM    23040    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\7306E53D
6/17/2009 8:37:56 AM    23040    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\7306E53D\8F9F9DCD
6/17/2009 8:37:56 AM    589824    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\73656A05
6/17/2009 8:37:56 AM    589824    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\73656A05\1A9B0B16
6/17/2009 8:37:56 AM    204800    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\83AD0D7
6/17/2009 8:37:56 AM    204800    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\83AD0D7\8F9F9DCD
6/17/2009 8:37:56 AM    638976    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\88873419
6/17/2009 8:37:56 AM    638976    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\88873419\1A9B0B16
6/17/2009 8:37:56 AM    450560    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\8B955EE1
6/17/2009 8:37:56 AM    450560    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\8B955EE1\1A9B0B16
6/17/2009 8:37:56 AM    118784    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\908170D7
6/17/2009 8:37:56 AM    118784    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\908170D7\8F9F9DCD
6/17/2009 8:37:56 AM    1622016    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\90E3D279
6/17/2009 8:37:56 AM    1622016    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\90E3D279\E8DE91C8
6/17/2009 8:37:56 AM    131072    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\A909892F
6/17/2009 8:37:56 AM    131072    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\A909892F\BC3FE200
6/17/2009 8:37:56 AM    21504    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\B5B3987C
6/17/2009 8:37:56 AM    21504    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\B5B3987C\BC3FE200
6/17/2009 8:37:56 AM    606208    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\BED01DD8
6/17/2009 8:37:56 AM    606208    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\BED01DD8\1A9B0B16
6/17/2009 8:37:56 AM    638976    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\C1D95179
6/17/2009 8:37:56 AM    638976    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\C1D95179\1A9B0B16
6/17/2009 8:37:56 AM    24064    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\C9C361F7
6/17/2009 8:37:56 AM    24064    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\C9C361F7\8F9F9DCD
6/17/2009 8:37:56 AM    14336    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\CD104459
6/17/2009 8:37:56 AM    14336    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\CD104459\8F9F9DCD
6/17/2009 8:37:56 AM    77312    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\CD77AC88
6/17/2009 8:37:56 AM    77312    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\CD77AC88\3DFD6AB6
6/17/2009 8:37:56 AM    4268539    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\D5895295
6/17/2009 8:37:56 AM    4268539    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\D5895295\8F9F9DCD
6/17/2009 8:37:56 AM    581632    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\DEE1DFE0
6/17/2009 8:37:56 AM    581632    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\DEE1DFE0\8F9F9DCD
6/17/2009 8:37:56 AM    647168    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\E2AC25AF
6/17/2009 8:37:56 AM    647168    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\E2AC25AF\1A9B0B16
6/17/2009 8:37:56 AM    496384    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\E6866DFD
6/17/2009 8:37:56 AM    496384    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\E6866DFD\8F9F9DCD
6/17/2009 8:37:56 AM    647168    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\EA2504B
6/17/2009 8:37:56 AM    647168    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\EA2504B\1A9B0B16
6/17/2009 8:37:56 AM    348160    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\F05C1C0F
6/17/2009 8:37:56 AM    348160    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\F05C1C0F\E8DE91C8
6/17/2009 8:37:56 AM    557056    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\F2C19C1F
6/17/2009 8:37:56 AM    557056    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\F2C19C1F\1A9B0B16
6/17/2009 8:37:56 AM    262144    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\F47E0415
6/17/2009 8:37:56 AM    262144    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\F47E0415\E8DE91C8
6/17/2009 8:37:56 AM    526184    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\FA57B377
6/17/2009 8:37:56 AM    526184    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\FA57B377\8F9F9DCD
6/17/2009 8:37:56 AM    101888    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\mIDEFunc.dll
6/17/2009 8:37:56 AM    0    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\OFFLINE
6/17/2009 8:37:56 AM    12449454    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows
6/17/2009 8:37:56 AM    4188160    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\system32
6/17/2009 8:37:56 AM    114688    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\system32\Ansi
6/17/2009 8:37:57 AM    8261294    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs
6/17/2009 8:37:57 AM    96256    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\53t3z6j5.7ag
6/17/2009 8:37:57 AM    2322432    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\5z1v718o.6n8
6/17/2009 8:37:57 AM    105056    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\73t3z6j5.7ag
6/17/2009 8:37:57 AM    2333138    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\7z1v718o.6n8
6/17/2009 8:37:57 AM    1654784    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\92rg91xw.1p4
6/17/2009 8:37:57 AM    1664988    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\b2rg91xw.1p4
6/17/2009 8:37:58 AM    9155    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\j4auwzcy.rsh
6/17/2009 8:37:58 AM    29710    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\Manifests
6/17/2009 8:37:58 AM    27465    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\Policies
6/17/2009 8:37:58 AM    9155    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\Policies\i4auwzcy.rsh
6/17/2009 8:37:58 AM    9155    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\Policies\u1sw1o0k.9hi
6/17/2009 8:37:58 AM    9155    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\Policies\uxgs54we.kj4
6/17/2009 8:37:58 AM    9155    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\v1sw1o0k.9hi
6/17/2009 8:37:58 AM    9155    C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}\Windows\winsxs\vxgs54we.kj4
6/16/2009 11:42:43 AM    10408590    C:\Documents and Settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ======
HKLM\Software\microsoft\shared tools\msconfig\startupreg\
====== Services ( Services that are Whitelisted are not shown) ======
BTWDNDIS (Bluetooth LAN Access Server)- C:\WINDOWS\system32\DRIVERS\btwdndis.sys - Manual/Stopped
btwhid (btwhid)- C:\WINDOWS\system32\DRIVERS\btwhid.sys - Manual/Stopped
btwmodem (Bluetooth Modem)- C:\WINDOWS\system32\DRIVERS\btwmodem.sys - Manual/Stopped
ctac32k (Creative AC3 Software Decoder)- C:\WINDOWS\system32\drivers\ctac32k.sys - Manual/Running
ctaud2k (Creative Audio Driver (WDM))- C:\WINDOWS\system32\drivers\ctaud2k.sys - Manual/Running
ctdvda2k (Creative DVD-Audio Device Driver)- C:\WINDOWS\system32\drivers\ctdvda2k.sys - Manual/Stopped
ctprxy2k (Creative Proxy Driver)- C:\WINDOWS\system32\drivers\ctprxy2k.sys - Manual/Running
ctsfm2k (Creative SoundFont Management Device Driver)- C:\WINDOWS\system32\drivers\ctsfm2k.sys - Manual/Running
drvmcdb (drvmcdb)- C:\WINDOWS\system32\drivers\drvmcdb.sys - Boot/Running
drvnddm (drvnddm)- C:\WINDOWS\system32\drivers\drvnddm.sys - Auto/Running
elagopro (GoProto Protocol Driver for LELA)- C:\WINDOWS\system32\DRIVERS\elagopro.sys - Auto/Running
elaunidr (UniDriver for LELA)- C:\WINDOWS\system32\DRIVERS\elaunidr.sys - Auto/Running
emupia (E-mu Plug-in Architecture Driver)- C:\WINDOWS\system32\drivers\emupia2k.sys - Manual/Running
epmntdrv (epmntdrv)- \??\C:\WINDOWS\system32\epmntdrv.sys - Manual/Stopped
EuGdiDrv (EuGdiDrv)- \??\C:\WINDOWS\system32\EuGdiDrv.sys - Manual/Stopped
ggflt (SEMC USB Flash Driver Filter)- C:\WINDOWS\system32\DRIVERS\ggflt.sys - Manual/Stopped
ggsemc (SEMC USB Flash Driver)- C:\WINDOWS\system32\DRIVERS\ggsemc.sys - Manual/Stopped
GhPciScan (GhostPciScanner)- \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys - System/Running
iastor (Intel AHCI Controller)- C:\WINDOWS\system32\DRIVERS\iaStor.sys - Boot/Running
inibtmgr (WD Bridge Controller Driver)- C:\WINDOWS\system32\DRIVERS\inibtmgr.sys - Manual/Running
IntelC51 (IntelC51)- C:\WINDOWS\system32\DRIVERS\IntelC51.sys - Manual/Running
IntelC52 (IntelC52)- C:\WINDOWS\system32\DRIVERS\IntelC52.sys - Manual/Running
IntelC53 (IntelC53)- C:\WINDOWS\system32\DRIVERS\IntelC53.sys - Manual/Running
Lbd (Lbd)- C:\WINDOWS\system32\DRIVERS\Lbd.sys - Boot/Running
mohfilt (mohfilt)- C:\WINDOWS\system32\DRIVERS\mohfilt.sys - Manual/Running
OMCI (OMCI)- C:\WINDOWS\system32\DRIVERS\OMCI.SYS - System/Running
ossrv (Creative OS Services Driver)- C:\WINDOWS\system32\drivers\ctoss2k.sys - Manual/Running
pccsmcfd (PCCS Mode Change Filter Driver)- C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys - Manual/Stopped
PfModNT (PfModNT)- \??\C:\WINDOWS\system32\drivers\PfModNT.sys - Auto/Running
s0017bus (Sony Ericsson Device 0017 driver (WDM))- C:\WINDOWS\system32\DRIVERS\s0017bus.sys - Manual/Stopped
s0017mdfl (Sony Ericsson Device 0017 USB WMC Modem Filter)- C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys - Manual/Stopped
s0017mdm (Sony Ericsson Device 0017 USB WMC Modem Driver)- C:\WINDOWS\system32\DRIVERS\s0017mdm.sys - Manual/Stopped
s0017mgmt (Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM))- C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys - Manual/Stopped
s0017nd5 (Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS))- C:\WINDOWS\system32\DRIVERS\s0017nd5.sys - Manual/Stopped
s0017obex (Sony Ericsson Device 0017 USB WMC OBEX Interface)- C:\WINDOWS\system32\DRIVERS\s0017obex.sys - Manual/Stopped
s0017unic (Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM))- C:\WINDOWS\system32\DRIVERS\s0017unic.sys - Manual/Stopped
sbp2port (SBP-2 Transport/Protocol Bus Driver)- C:\WINDOWS\system32\DRIVERS\sbp2port.sys - Boot/Running
snapman (Acronis Snapshots Manager)- C:\WINDOWS\system32\DRIVERS\snapman.sys - Boot/Running
srescan (srescan)- C:\WINDOWS\system32\ZoneLabs\srescan.sys - Boot/Running
sscdbhk5 (sscdbhk5)- C:\WINDOWS\system32\drivers\sscdbhk5.sys - System/Running
ssrtln (ssrtln)- C:\WINDOWS\system32\drivers\ssrtln.sys - System/Running
Tcpip6 (Microsoft IPv6 Protocol Driver)- C:\WINDOWS\system32\DRIVERS\tcpip6.sys - System/Running
tfsnboio (tfsnboio)- C:\WINDOWS\system32\dla\tfsnboio.sys - Auto/Running
tfsncofs (tfsncofs)- C:\WINDOWS\system32\dla\tfsncofs.sys - Auto/Running
tfsndrct (tfsndrct)- C:\WINDOWS\system32\dla\tfsndrct.sys - Auto/Running
tfsndres (tfsndres)- C:\WINDOWS\system32\dla\tfsndres.sys - Auto/Running
tfsnifs (tfsnifs)- C:\WINDOWS\system32\dla\tfsnifs.sys - Auto/Running
tfsnopio (tfsnopio)- C:\WINDOWS\system32\dla\tfsnopio.sys - Auto/Running
tfsnpool (tfsnpool)- C:\WINDOWS\system32\dla\tfsnpool.sys - Auto/Running
tfsnudf (tfsnudf)- C:\WINDOWS\system32\dla\tfsnudf.sys - Auto/Running
tfsnudfa (tfsnudfa)- C:\WINDOWS\system32\dla\tfsnudfa.sys - Auto/Running
tifsfilter (Acronis True Image FS Filter)- C:\WINDOWS\system32\DRIVERS\tifsfilt.sys - Auto/Running
timounter (Acronis True Image Backup Archive Explorer)- C:\WINDOWS\system32\DRIVERS\timntr.sys - Boot/Running
tunmp (Microsoft Tun Miniport Adapter Driver)- C:\WINDOWS\system32\DRIVERS\tunmp.sys - Manual/Running
Wdf01000 (Wdf01000)- C:\WINDOWS\system32\DRIVERS\Wdf01000.sys - Manual/Stopped
WpdUsb (WpdUsb)- C:\WINDOWS\system32\DRIVERS\wpdusb.sys - Manual/Stopped
====== Uninstall List ======
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
EA SPORTS online 2006
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Elements 5.0
Adobe® Photoshop® Album Starter Edition 3.2
ATI - Software Uninstall Utility
ATI Display Driver
Audacity 1.2.6
AudibleManager
Bejeweled 2 Deluxe 1.1
Best Games Hits 2
Windows Driver Package - Nokia Modem  (05/22/2008 3.8)
Canon Camera Access Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon iP4300 User Registration
Canon Setup Utility 2.3
Canon My Printer
CCleaner (remove only)
Acrobat.com
Canon Camera Support Core Library
Microsoft Windows XP Video Decoder Checkup Utility
DVD Shrink 3.2
DVDFab HD Decrypter 3.1.8.0
EASEUS Partition Master 4.0 Home Edition
Canon Utilities Easy-PhotoPrint
Linksys EasyLink Advisor 1.6 (0032)
Canon Utilities EOS Utility
EPSON Photo Print
FeedDemon
FeedStation
FOX News Live Stream
FoxyTunes for Firefox
Gamevance
Google Updater
HD Tach version 3
HijackThis 2.0.2
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
ImgBurn
Broadcom Gigabit Integrated Controller
Avery Wizard 3.1
Intel(R) 537EP V9x DF PCI Modem
Windows Genuine Advantage Validation Tool (KB892130)
Security Update for Windows Media Player (KB911564)
Hotfix for Windows XP (KB915865)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows Media Player 6.4 (KB925398)
Hotfix for Windows Media Format 11 SDK (KB929399)
Security Update for Windows Internet Explorer 7 (KB929969)
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows Internet Explorer 7 (KB939653)
Hotfix for Windows Media Player 11 (KB939683)
Security Update for Windows XP (KB941569)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows XP (KB946648)
Hotfix for Windows Internet Explorer 7 (KB947864)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Update for Windows XP (KB951072-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Update for Windows XP (KB951978)
Security Update for Windows XP (KB952004)
Security Update for Windows Media Player (KB952069)
Hotfix for Windows XP (KB952287)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Hotfix for Windows XP (KB954550-v5)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Update for Windows XP (KB955839)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Critical Update for Windows Media Player 11 (KB959772)
Security Update for Windows XP (KB960225)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Hotfix for Windows XP (KB961118)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows Internet Explorer 7 (KB963027)
Update for Windows XP (KB967715)
Security Update for Windows XP (KB968537)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970483)
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Math Odyssey Basic Statistics
Microsoft .NET Framework 3.5 SP1
Canon MovieEdit Task for ZoomBrowser EX
Mozilla Firefox (3.0.6)
Mozilla Thunderbird (2.0.0.21)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft National Language Support Downlevel APIs
Nokia PC Suite
OpenDNS Updater 1.3.0.186
Canon Utilities PhotoStitch
Picasa 3
PrintMaster Premier 4.00
Canon RAW Image Task for ZoomBrowser EX
Real Alternative 1.52
Canon RemoteCapture Task for ZoomBrowser EX
Revo Uninstaller 1.80
SoundFont Bank Manager
EPSON Scanner Reference Guide
Creative System Information
TurboTax Basic 2007
Typing Instructor Deluxe
Uniblue DriverScanner 2009
Update Service
VideoLAN VLC media player 0.8.6c
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
XML Paper Specification Shared Components Pack 1.0
ZENcast Organizer
ZoneAlarm Security Suite
Canon Utilities ZoomBrowser EX
Zuma Deluxe 1.0
VC 9.0 Runtime
Sonic Update Manager
MSXML 6.0 Parser (KB933579)
ATI Control Panel
OpenOffice.org Installer 1.0
Canon iP4300
Sonic DLA
Google Toolbar for Internet Explorer
Adobe AIR
PC Connectivity Solution
Creative ZEN
Google Earth
SA30xx Media Converter
MSVC80_x86
Sonic MyDVD
QuickTime
Google Toolbar for Internet Explorer
Adobe Help Center 2.1
Dell Media Experience
Java(TM) 6 Update 14
Sony Ericsson PC Suite 4.010.00
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
WebFldrs XP
Garmin WebUpdater
WD Media Center Driver
SA3020 Device Manager
Creative MediaSource
APC PowerChute Personal Edition
Apple Software Update
Norton Ghost
EPSON Smart Panel
ArcSoft PhotoImpression
Microsoft Visual C++ 2005 Redistributable
FOX News Live
Retrospect 6.5
Avanquest update
Acrobat.com
AnswerWorks 4.0 Runtime - English
Seagate DiscWizard
WIDCOMM Bluetooth Software
Microsoft Silverlight
Intel(R) Matrix Storage Manager
Microsoft Office Small Business Edition 2003
Sonic RecordNow!
SeaTools for Windows
EPSON TWAIN 5
Safari
Sony Ericsson Media Manager 1.2
VC 9.0 Runtime
Drivers Install For Linksys Easylink Advisor
Microsoft .NET Framework 3.0 Service Pack 2
NBA LIVE 06
Adobe® Photoshop® Album Starter Edition 3.2
Adobe Photoshop Elements 5.0
Nokia PC Suite
Adobe Reader 9.1.2
Smartparts Desktop
EPSON Copy Utility
Windows Presentation Foundation
Canon PhotoRecord
Broadcom Gigabit Integrated Controller
Microsoft .NET Framework 2.0 Service Pack 2
Nokia Connectivity Cable Driver
Uniblue DriverScanner 2009
Microsoft .NET Framework 3.5 SP1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
getPlus(R) for Adobe
Opera 9.60
Avery Wizard 3.1
Dell ResourceCD
Ad-Aware
ISO Recorder
Sound Blaster Audigy 2
ScanToWeb
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
SA30xx Media Converter
Garmin Communicator Plugin
======== Other Info ========
TOTAL PHYSICAL RAM: 1072 MB
Boot Info
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

OS Type:  Microsoft Windows XP Professional
Build:  5.1.2600
Service Pack:  3.0

====== Files with Hidden Attributes======
C:\hiberfil.sys
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\NTDETECT.COM
C:\DELL\drivers\R76513\ZbThumbnail.info
C:\Documents and Settings\Administrator\NTUSER.DAT
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008011320080114\index.dat
C:\Documents and Settings\Administrator.8400HOME\NTUSER.DAT
C:\Documents and Settings\Administrator.8400HOME\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
==End of Report==
Thanks bamajim.  I work nights and this is the first chance I have had to run and post the log.  CosbyNurse

0 Kudos
8 Krypton

Re: Advertising popups suddenly appearing

You can try the following steps :

Boot System in Safe mode with Networking

Download Super Anti Spyware Free Version (http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE)

 Update and Run Super anti spyware .

Reboot system in normal mode.

 

 

 

0 Kudos
8 Krypton

Re: Advertising popups suddenly appearing

fishandchips, we appreciate your trying to help but bamajim will be providing specific fixes based on the entries in diagnostic logs that are posted. The list of trained volunteers for the Malware Removal forum is in the announcement Please Read This Before Posting For Malware Removal Help


Windows Insider MVP 2016 -

Microsoft MVP - Consumer Security 2006-2016

Social Media and Community Professional

0 Kudos
8 Krypton

Re: Advertising popups suddenly appearing


CosbyNurse

Please download Combofix and save to your desktop:
    Note: It is important that it is saved directly to your desktop
    Close any open browsers.
    Double click on combofix.exe and follow the prompts.
    When it's finished it will produce a log.
    Post the contents of the C:\ComboFix.txt into your next reply.
    Note: Do not mouseclick combofix's window whilst it's running.
    That may cause the program to freeze/hang.

Consumer Security 2008- 2010

 

0 Kudos
CosbyNurse
1 Copper

Re: Advertising popups suddenly appearing

bamajim,

I downloaded and ran Combofix as you requested.  It completely shut down my Creative Audigy 2 card.  I did start getting a warning that gamevance32.exe could not load due to a missing file.  After a short google, I ran Malwarebytes Anti-malware and it completely fixed the problem.  I will probably not run Combofix again, but, it did apparently remove a file that gamevance32 required.  This program was loaded with game software that my wife bought commercially.

Thanks for your time and help!  My work schedule prevents me from being here regularly.

Go Vols!

0 Kudos
8 Krypton

Re: Advertising popups suddenly appearing

 

CosbyNurse

I'm glad to hear MBAM resolved your issue.
As far as the file that Combofix removed. It can be retreived. You will find it in the C:\Qoobox\Combofix folder.
Copy the file gamevance32.exe file and paste it in the C:\Program Files\Gamevance folder.

Let me know if you have a problems.



 

Consumer Security 2008- 2010

 

0 Kudos