Author Topic: HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right (Read 3065 times)

Gerry D · « **on:** June 11, 2009, 10:28:18 PM »

Well Everything was working fine the other day, now my drive is like skipping before it finally reads the cd or dvd. So I decided to update the driver, but no luck. Under device manager it says cannot load driver HL-DT-ST DVD-RW GCA 4080N i tried downloading drivers from many sites including HP, but could not find one. I ran a hp driver update scan with supplied drivers cd and it ciould not locate one. Laptop model is HP Pavillion zv6000. DVD works ok, but won't read some software cd (originals) when it read them before. Any Help or suggestions are greatly appreciated..

PS: I ran a hijack this scan and uninstall list to save time. Here they are.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:19 PM, on 6/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: NormalRunning processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
E:\hp files 2009\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Gerry Diaz\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\hp files 2009\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe--
End of file - 6617 bytes

UNINSTALL LIST:

Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Stock Photos 1.0
AnyDVD
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Bonjour
Broadcom 802.11 Wireless LAN Adapter
Conexant AC-Link Audio
Corel Painter IX
Data Fax SoftModem with SmartCP
DAZ Studio
Debut Video Capture Software
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
DVD Shrink 3.2
Free Sound Recorder
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
HP Help and Support
HP Pavillion zv6000 User Guides
HP Update
HP Wireless Assistant 1.01 A3
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 2
LimeWire 4.14.12
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Office XP Professional
Microsoft Visual C++ 2005 Redistributable
muvee autoProducer 4.0 - SE
Norton Internet Security
PowerDVD
Quick Launch Buttons 5.10 B3
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
RecordNow
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB963027)
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
Spybot - Search & Destroy
Spybot - Search & Destroy 1.3
Synaptics Pointing Device Driver
Tablet
Texas Instruments PCIxx21/x515 drivers.
Update for Windows XP (KB898461)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
UserGuides
VC80CRTRedist - 8.0.50727.762
Victoria 4.2 Base
Victoria 4.2 Base DAZ Studio Content
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB884575
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885464
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559

guestolo · « **Reply #1 on:** June 13, 2009, 05:50:24 PM »

Sorry for the delay, do you still need a hand?
I moved your topic to the Tech Clinic section of the forums since you have added a Hijackthis log

Gerry D · « **Reply #2 on:** June 14, 2009, 10:57:49 PM »

Yes, please I am still stuck with the DVD drive acting erratic. Did you have a chance to see my reports?
Thanks for your help.

guestolo · « **Reply #3 on:** June 14, 2009, 11:16:08 PM »

Download [color=\"blue\"]random's system information tool (RSIT)[/color] by [color=\"#6600cc\"]random/random[/color] from >>[color=\"red\"]here[/color]<< and save it to your desktop.

Double click on RSIT.exe and choose to Run it
Click Continue at the disclaimer screen.
Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
Once it has finished, two logs will open: log.txt[color=\"red\"]<-- this will be maximized[/color] and info.txt[color=\"red\"]<-- this will be minimized[/color].

Post both those logs please

NOTE: If you get an error message trying to post the logs back here to the forum
Just post info.txt back here in a reply
And upload log.txt<<In a reply back here, choose the Browse... / UPLOAD buttons on the bottom right
Only upload the log that opens if you get an error message trying to reply with the info

In addition:
Create a .bat file for me
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as export.bat

Save this file on the desktop

Code: [Select]

regedit /e Export.txt "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}"Double click on export.bat, a text file by the name of Export.txt will be placed on desktop
Open it and copy>>paste back here the whole contents

Edit>>In addition, can you do the following
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Gerry D · « **Reply #4 on:** June 15, 2009, 07:05:41 PM »

[font=\"Times New Roman\"]info.txt logfile of random's system information tool 1.06 2009-06-15 19:34:53[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]======Uninstall list======[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER[/font]

[font=\"Times New Roman\"]-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}[/font]

[font=\"Times New Roman\"]-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}[/font]

[font=\"Times New Roman\"]-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}[/font]

[font=\"Times New Roman\"]-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}[/font]

[font=\"Times New Roman\"]-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf[/font]

[font=\"Times New Roman\"]Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}[/font]

[font=\"Times New Roman\"]Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}[/font]

[font=\"Times New Roman\"]Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe[/font]

[font=\"Times New Roman\"]Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}[/font]

[font=\"Times New Roman\"]Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}[/font]

[font=\"Times New Roman\"]Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}[/font]

[font=\"Times New Roman\"]Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}[/font]

[font=\"Times New Roman\"]AnyDVD-->"C:\Program Files\SLYDVD\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SLYDVD\AnyDVD"[/font]

[font=\"Times New Roman\"]Apple Mobile Device Support-->MsiExec.exe /I{8355F970-601D-442D-A79B-1D7DB4F24CAD}[/font]

[font=\"Times New Roman\"]Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}[/font]

[font=\"Times New Roman\"]Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9 [/font]

[font=\"Times New Roman\"]ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe[/font]

[font=\"Times New Roman\"]ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" [/font]

[font=\"Times New Roman\"]ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean[/font]

[font=\"Times New Roman\"]Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}[/font]

[font=\"Times New Roman\"]Broadcom 802.11 Wireless LAN Adapter-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo[/font]

[font=\"Times New Roman\"]Conexant AC-Link Audio-->CIAunwdm.exe[/font]

[font=\"Times New Roman\"]Corel Painter IX-->MsiExec.exe /I{A0383B7D-81A2-49D3-BE06-C0FD9EFB9DFC}[/font]

[font=\"Times New Roman\"]Data Fax SoftModem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C\HXFSETUP.EXE -U -Icpl30855.inf[/font]

[font=\"Times New Roman\"]DAZ Studio-->C:\Program Files\DAZ\Studio\Remove-Studio.exe[/font]

[font=\"Times New Roman\"]Debut Video Capture Software-->C:\Program Files\NCH Software\Debut\uninst.exe[/font]

[font=\"Times New Roman\"]DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC[/font]

[font=\"Times New Roman\"]DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER[/font]

[font=\"Times New Roman\"]DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER[/font]

[font=\"Times New Roman\"]DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS[/font]

[font=\"Times New Roman\"]DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN[/font]

[font=\"Times New Roman\"]DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"[/font]

[font=\"Times New Roman\"]Free Sound Recorder-->C:\PROGRA~1\FREESO~1\UNWISE.EXE C:\PROGRA~1\FREESO~1\INSTALL.LOG[/font]

[font=\"Times New Roman\"]HijackThis 2.0.2-->"C:\Documents and Settings\Gerry Diaz\Desktop\HijackThis.exe" /uninstall[/font]

[font=\"Times New Roman\"]Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly[/font]

[font=\"Times New Roman\"]HP Pavillion zv6000 User Guides-->C:\PROGRA~1\HPQ\UNWISE.EXE C:\PROGRA~1\HPQ\INSTALL.LOG[/font]

[font=\"Times New Roman\"]HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}[/font]

[font=\"Times New Roman\"]HP Wireless Assistant 1.01 A3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst[/font]

[font=\"Times New Roman\"]InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL[/font]

[font=\"Times New Roman\"]iTunes-->MsiExec.exe /I{5D601655-6D54-4384-B52C-17EC5385FBBD}[/font]

[font=\"Times New Roman\"]J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}[/font]

[font=\"Times New Roman\"]LimeWire 4.14.12-->"C:\Program Files\LimeWire\uninstall.exe"[/font]

[font=\"Times New Roman\"]Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"[/font]

[font=\"Times New Roman\"]Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}[/font]

[font=\"Times New Roman\"]Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}[/font]

[font=\"Times New Roman\"]Microsoft Office XP Professional-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0050048383C9}[/font]

[font=\"Times New Roman\"]Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}[/font]

[font=\"Times New Roman\"]muvee autoProducer 4.0 - SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{534AA552-E1F1-4965-B2AA-FBDEB0730D60}\setup.exe" -l0x9 [/font]

[font=\"Times New Roman\"]Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.5.0.135\InstStub.exe /X[/font]

[font=\"Times New Roman\"]PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall[/font]

[font=\"Times New Roman\"]Quick Launch Buttons 5.10 B3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninst[/font]

[font=\"Times New Roman\"]QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}[/font]

[font=\"Times New Roman\"]REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x9 REMOVE[/font]

[font=\"Times New Roman\"]RecordNow-->MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}[/font]

[font=\"Times New Roman\"]Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Sonic Audio Module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}[/font]

[font=\"Times New Roman\"]Sonic Copy Module-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}[/font]

[font=\"Times New Roman\"]Sonic Data Module-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}[/font]

[font=\"Times New Roman\"]Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}[/font]

[font=\"Times New Roman\"]Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}[/font]

[font=\"Times New Roman\"]Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}[/font]

[font=\"Times New Roman\"]Spybot - Search & Destroy 1.3-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"[/font]

[font=\"Times New Roman\"]Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"[/font]

[font=\"Times New Roman\"]Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall[/font]

[font=\"Times New Roman\"]Tablet-->C:\Program Files\Tablet\Remove.exe /u[/font]

[font=\"Times New Roman\"]Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1} /l1033 [/font]

[font=\"Times New Roman\"]Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]UserGuides-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{02E22217-0E96-4C3F-B831-83AA942B7715}\setup.exe" -l0x9 [/font]

[font=\"Times New Roman\"]VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}[/font]

[font=\"Times New Roman\"]Victoria 4.2 Base DAZ Studio Content-->C:\Program Files\Common Files\DAZ\Victoria4BaseDS_Uninstall.exe[/font]

[font=\"Times New Roman\"]Victoria 4.2 Base-->C:\Program Files\Common Files\DAZ\V4Base_Uninstall.exe[/font]

[font=\"Times New Roman\"]Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"[/font]

[font=\"Times New Roman\"]Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll[/font]

[font=\"Times New Roman\"]Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB884575-->C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB885464-->C:\WINDOWS\$NtUninstallKB885464$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB885855-->C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB888239-->C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB890047-->C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB890175-->C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"]Windows XP Hotfix - KB892559-->C:\WINDOWS\$NtUninstallKB892559$\spuninst\spuninst.exe[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]======Security center information======[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]AV: Norton Internet Security[/font]

[font=\"Times New Roman\"]FW: Norton Internet Security[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]======System event log======[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 57[/font]

[font=\"Times New Roman\"]Message: The system failed to flush data to the transaction log. Corruption may occur.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 2294[/font]

[font=\"Times New Roman\"]Source Name: Ftdisk[/font]

[font=\"Times New Roman\"]Time Written: 20090601182811.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 57[/font]

[font=\"Times New Roman\"]Message: The system failed to flush data to the transaction log. Corruption may occur.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 2292[/font]

[font=\"Times New Roman\"]Source Name: Ftdisk[/font]

[font=\"Times New Roman\"]Time Written: 20090601182810.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 57[/font]

[font=\"Times New Roman\"]Message: The system failed to flush data to the transaction log. Corruption may occur.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 2291[/font]

[font=\"Times New Roman\"]Source Name: Ftdisk[/font]

[font=\"Times New Roman\"]Time Written: 20090601182809.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 4226[/font]

[font=\"Times New Roman\"]Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 1718[/font]

[font=\"Times New Roman\"]Source Name: Tcpip[/font]

[font=\"Times New Roman\"]Time Written: 20090531192253.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 4226[/font]

[font=\"Times New Roman\"]Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 1705[/font]

[font=\"Times New Roman\"]Source Name: Tcpip[/font]

[font=\"Times New Roman\"]Time Written: 20090531181538.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]=====Application event log=====[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 5603[/font]

[font=\"Times New Roman\"]Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 18[/font]

[font=\"Times New Roman\"]Source Name: WinMgmt[/font]

[font=\"Times New Roman\"]Time Written: 20090516172705.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: NT AUTHORITY\SYSTEM[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 5603[/font]

[font=\"Times New Roman\"]Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 17[/font]

[font=\"Times New Roman\"]Source Name: WinMgmt[/font]

[font=\"Times New Roman\"]Time Written: 20090516172705.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: NT AUTHORITY\SYSTEM[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 63[/font]

[font=\"Times New Roman\"]Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 13[/font]

[font=\"Times New Roman\"]Source Name: WinMgmt[/font]

[font=\"Times New Roman\"]Time Written: 20090516172412.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: NT AUTHORITY\SYSTEM[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 63[/font]

[font=\"Times New Roman\"]Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 12[/font]

[font=\"Times New Roman\"]Source Name: WinMgmt[/font]

[font=\"Times New Roman\"]Time Written: 20090516172412.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: NT AUTHORITY\SYSTEM[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Computer Name: GERRYSTUDIO[/font]

[font=\"Times New Roman\"]Event Code: 63[/font]

[font=\"Times New Roman\"]Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Record Number: 11[/font]

[font=\"Times New Roman\"]Source Name: WinMgmt[/font]

[font=\"Times New Roman\"]Time Written: 20090516172410.000000-240[/font]

[font=\"Times New Roman\"]Event Type: warning[/font]

[font=\"Times New Roman\"]User: NT AUTHORITY\SYSTEM[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]======Environment variables======[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]"ComSpec"=%SystemRoot%\system32\cmd.exe[/font]

[font=\"Times New Roman\"]"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\[/font]

[font=\"Times New Roman\"]"windir"=%SystemRoot%[/font]

[font=\"Times New Roman\"]"FP_NO_HOST_CHECK"=NO[/font]

[font=\"Times New Roman\"]"OS"=Windows_NT[/font]

[font=\"Times New Roman\"]"PROCESSOR_ARCHITECTURE"=x86[/font]

[font=\"Times New Roman\"]"PROCESSOR_LEVEL"=15[/font]

[font=\"Times New Roman\"]"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 15 Stepping 0, AuthenticAMD[/font]

[font=\"Times New Roman\"]"PROCESSOR_REVISION"=0f00[/font]

[font=\"Times New Roman\"]"NUMBER_OF_PROCESSORS"=1[/font]

[font=\"Times New Roman\"]"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH[/font]

[font=\"Times New Roman\"]"TEMP"=%SystemRoot%\TEMP[/font]

[font=\"Times New Roman\"]"TMP"=%SystemRoot%\TEMP[/font]

[font=\"Times New Roman\"]"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\[/font]

[font=\"Times New Roman\"]"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip[/font]

[font=\"Times New Roman\"]"QTJAVA"=C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]-----------------EOF-----------------[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Windows Registry Editor Version 5.00[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}][/font]

[font=\"Times New Roman\"]"Class"="CDROM"[/font]

[font=\"Times New Roman\"]@="DVD/CD-ROM drives"[/font]

[font=\"Times New Roman\"]"EnumPropPages32"="MmSys.Cpl,MediaPropPageProvider"[/font]

[font=\"Times New Roman\"]"Installer32"="storprop.dll,DvdClassInstaller"[/font]

[font=\"Times New Roman\"]"SilentInstall"="1"[/font]

[font=\"Times New Roman\"]"NoInstallClass"="1"[/font]

[font=\"Times New Roman\"]"TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm"[/font]

[font=\"Times New Roman\"]"Icon"="-51"[/font]

[font=\"Times New Roman\"]"LowerFilters"=hex(7):50,00,78,00,48,00,65,00,6c,00,70,00,32,00,30,00,00,00,41,\[/font]

[font=\"Times New Roman\"] 00,6e,00,79,00,44,00,56,00,44,00,00,00,00,00[/font]

[font=\"Times New Roman\"]"UpperFilters"=hex(7):47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,44,\[/font]

[font=\"Times New Roman\"] 00,4d,00,00,00,00,00[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000][/font]

[font=\"Times New Roman\"]"EnumPropPages32"="storprop.dll,DvdPropPageProvider"[/font]

[font=\"Times New Roman\"]"InfPath"="cdrom.inf"[/font]

[font=\"Times New Roman\"]"InfSection"="cdrom_install"[/font]

[font=\"Times New Roman\"]"ProviderName"="Microsoft"[/font]

[font=\"Times New Roman\"]"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01[/font]

[font=\"Times New Roman\"]"DriverDate"="7-1-2001"[/font]

[font=\"Times New Roman\"]"DriverVersion"="5.1.2535.0"[/font]

[font=\"Times New Roman\"]"MatchingDeviceId"="gencdrom"[/font]

[font=\"Times New Roman\"]"DriverDesc"="CD-ROM Drive"[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000\DigitalAudio][/font]

[font=\"Times New Roman\"]"RegistryVersion"=dword:00000001[/font]

[font=\"Times New Roman\"]"NumberOfBuffers"=dword:00000008[/font]

[font=\"Times New Roman\"]"SectorsPerRead"=dword:00000010[/font]

[font=\"Times New Roman\"]"SectorsPerReadMask"=dword:ffffffff[/font]

[font=\"Times New Roman\"]"CDDASupported"=dword:00000001[/font]

[font=\"Times New Roman\"]"CDDAAccurate"=dword:00000001[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0001][/font]

[font=\"Times New Roman\"]"EnumPropPages32"="storprop.dll,DvdPropPageProvider"[/font]

[font=\"Times New Roman\"]"InfPath"="cdrom.inf"[/font]

[font=\"Times New Roman\"]"InfSection"="cdrom_install"[/font]

[font=\"Times New Roman\"]"ProviderName"="Microsoft"[/font]

[font=\"Times New Roman\"]"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01[/font]

[font=\"Times New Roman\"]"DriverDate"="7-1-2001"[/font]

[font=\"Times New Roman\"]"DriverVersion"="5.1.2535.0"[/font]

[font=\"Times New Roman\"]"MatchingDeviceId"="gencdrom"[/font]

[font=\"Times New Roman\"]"DriverDesc"="CD-ROM Drive"[/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Results of screen317's Security Check version 0.98.4 [/font]

[font=\"Times New Roman\"] Windows XP Service Pack 2 [/font]

[font=\"Times New Roman\"] [color=\"red\"]Out of date service pack!![/color] [/font]

[font=\"Times New Roman\"]`````````````````````````````` [/font]

[font=\"Times New Roman\"]Antivirus/Firewall Check: [/font]

[font=\"Times New Roman\"]``````````````````````````````[/b] [/font]

[font=\"Times New Roman\"] Windows Firewall Disabled! [/font]

[font=\"Times New Roman\"] NortonInternetSecurity [/font]

[font=\"Times New Roman\"] Antivirus up to date! [/font]

[font=\"Times New Roman\"]`````````````````````````````` [/font]

[font=\"Times New Roman\"]Anti-malware/Other Utilities Check: [/font]

[font=\"Times New Roman\"]``````````````````````````````[/b] [/font]

[font=\"Times New Roman\"] [color=\"red\"]Out of date Spybot installed![/color] [/font]

[font=\"Times New Roman\"] Spybot - Search & Destroy 1.3 [/font]

[font=\"Times New Roman\"] Spybot - Search & Destroy [/font]

[font=\"Times New Roman\"] HijackThis 2.0.2 [/font]

[font=\"Times New Roman\"] Adobe Flash Player 10 [/font]

[font=\"Times New Roman\"]`````````````````````````````` [/font]

[font=\"Times New Roman\"]Process Check: [/font]

[font=\"Times New Roman\"]objlist.exe by Laurent [/font]

[font=\"Times New Roman\"]``````````````````````````````[/b] [/font]

[font=\"Times New Roman\"] Norton ccSvcHst.exe [/font]

[font=\"Times New Roman\"] [color=\"red\"]Spybot SDHelper is disabled![/color] [/font]

[font=\"Times New Roman\"] Spybot - Search & Destroy TeaTimer.exe [/font]

[font=\"Times New Roman\"]``````````````````````````````[/font]

[font=\"Times New Roman\"]DNS Vulnerability Check: [/font]

[font=\"Times New Roman\"]``````````````````````````````[/b][/font]

[font=\"Times New Roman\"] [color=\"red\"]Request Timed Out (Check Internet connection?)[/color][/font][/size]

[font=\"Times New Roman\"] [/font]

[font=\"Times New Roman\"]Scan took 31 seconds.[/font]

[font=\"Times New Roman\"]`````````End of Log```````````[/font]

Gerry D · « **Reply #5 on:** June 15, 2009, 07:13:37 PM »

Here is the log text file. Thanks.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Gerry Diaz at 2009-06-15 19:34:39
Microsoft Windows XP Professional Service Pack 2
System drive C: has 81 GB (85%) free of 95 GB
Total RAM: 1022 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:34:50 PM, on 6/15/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
E:\hp files 2009\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Gerry Diaz\Desktop\RSIT.exe
C:\Documents and Settings\Gerry Diaz\Desktop\Gerry Diaz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\hp files 2009\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 6715 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Driver Robot.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-05-16 372592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL [2009-05-16 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll [2009-05-16 372592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-23 339968]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2005-02-17 233534]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-02 102492]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-02 692316]
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-04-11 794624]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-12 39792]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-06-05 292136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"AnyDVD"=C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe [2009-05-17 1665984]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
WinZip Quick Pick.lnk - E:\hp files 2009\WinZip\WZQKPICK.EXE

C:\Documents and Settings\Gerry Diaz\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-04-01 46080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79a024b2-4254-11de-953e-00904bf612bf}]
shell\AutoRun\command - G:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2009-06-15 19:34:38 ----D---- C:\rsit
2009-06-09 20:46:55 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-06-09 20:45:55 ----D---- C:\Program Files\iPod
2009-06-09 20:45:48 ----D---- C:\Program Files\iTunes
2009-06-09 20:45:48 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-09 20:45:46 ----SHD---- C:\Config.Msi
2009-06-09 20:45:27 ----D---- C:\Program Files\Bonjour
2009-06-09 20:44:17 ----D---- C:\Program Files\QuickTime
2009-06-09 20:44:11 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-06-09 20:43:30 ----D---- C:\Program Files\Apple Software Update
2009-06-09 20:43:19 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-06-09 20:42:23 ----D---- C:\Program Files\Common Files\Apple
2009-06-09 20:42:23 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-06-06 17:07:22 ----D---- C:\Program Files\GCC4243N_fw
2009-06-06 16:07:37 ----A---- C:\WINDOWS\muveeapp.INI
2009-06-06 16:06:41 ----D---- C:\temp
2009-06-06 14:28:13 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\muvee Technologies
2009-06-06 13:53:14 ----D---- C:\WINDOWS\Minidump
2009-06-02 20:36:07 ----RSD---- C:\WINDOWS\Fontsa
2009-05-31 19:40:48 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-05-31 19:40:44 ----D---- C:\Program Files\DVD Shrink
2009-05-30 17:55:33 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2009-05-30 17:55:32 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2009-05-30 17:55:31 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2009-05-30 17:52:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-30 17:52:38 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-05-29 15:03:07 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-05-29 15:03:04 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-05-25 12:25:43 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\WTablet
2009-05-25 12:24:32 ----D---- C:\WINDOWS\system32\WTablet
2009-05-25 12:24:30 ----N---- C:\WINDOWS\system32\Wintab32.dll
2009-05-25 12:24:29 ----N---- C:\WINDOWS\system32\Tablet.exe
2009-05-25 12:24:25 ----D---- C:\Program Files\Tablet
2009-05-24 11:08:42 ----A---- C:\WINDOWS\system32\dzwrapper.dll
2009-05-24 11:08:40 ----A---- C:\WINDOWS\system32\dzcore.dll
2009-05-24 11:08:39 ----A---- C:\WINDOWS\system32\dzcarrara.dll
2009-05-24 11:08:39 ----A---- C:\WINDOWS\system32\dzbryce6.dll
2009-05-24 11:08:39 ----A---- C:\WINDOWS\system32\dz3delight.dll
2009-05-24 11:08:38 ----A---- C:\WINDOWS\system32\daz-qt-mt.dll
2009-05-24 11:08:38 ----A---- C:\WINDOWS\system32\daz-qsa.dll
2009-05-24 08:28:52 ----A---- C:\WINDOWS\IsUninst.exe
2009-05-24 08:04:59 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\Corel
2009-05-24 08:01:19 ----D---- C:\Program Files\Corel
2009-05-23 09:51:38 ----D---- C:\Program Files\3D Universe
2009-05-22 19:32:58 ----A---- C:\WINDOWS\unvise32.exe
2009-05-22 19:05:33 ----D---- C:\Documents and Settings\All Users\Application Data\OptiTex
2009-05-22 18:28:36 ----D---- C:\Program Files\Common Files\DAZ
2009-05-22 18:28:35 ----D---- C:\Program Files\DAZ
2009-05-22 17:22:52 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software
2009-05-22 17:21:13 ----D---- C:\Program Files\NCH Software
2009-05-22 17:21:13 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\NCH Software
2009-05-22 17:20:44 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\Cool Record Edit Pro
2009-05-22 17:18:09 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\Free Sound Recorder
2009-05-22 17:17:56 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2009-05-22 17:17:56 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2009-05-22 17:17:56 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2009-05-22 17:17:56 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2009-05-22 17:17:56 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2009-05-22 17:17:55 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2009-05-22 17:17:55 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2009-05-22 17:17:55 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2009-05-22 17:17:55 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2009-05-22 17:17:55 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2009-05-22 17:17:55 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-05-22 17:17:54 ----D---- C:\Program Files\Free Sound Recorder
2009-05-20 18:29:26 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-05-19 18:22:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-05-19 18:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-05-19 18:21:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-05-19 18:21:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-05-19 18:21:46 ----D---- C:\WINDOWS\system32\KB905474
2009-05-19 18:21:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-05-19 18:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-05-19 18:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-05-19 18:20:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-05-19 18:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-05-19 18:18:41 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-05-19 18:18:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-05-19 18:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-05-19 18:18:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-05-19 18:18:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-05-19 18:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-05-19 18:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-05-19 18:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-05-19 18:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-05-19 18:16:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-05-19 18:16:50 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2009-05-19 18:16:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-05-19 18:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-05-19 07:24:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-05-19 07:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-05-19 07:24:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-05-19 07:24:17 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-05-19 07:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2009-05-18 18:15:20 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-05-18 18:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-05-18 18:11:43 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-05-18 18:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-05-18 18:11:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-05-18 18:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-05-18 18:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-05-18 18:11:00 ----D---- C:\WINDOWS\system32\PreInstall
2009-05-18 18:10:58 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-05-18 18:10:57 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-05-18 18:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB963027$
2009-05-18 18:09:59 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-05-17 19:33:15 ----A---- C:\WINDOWS\system32\8xwOl3C.vbs
2009-05-17 19:31:46 ----A---- C:\WINDOWS\system32\kjcNuyu14B2ZoJe.vbs
2009-05-17 18:50:22 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\LimeWire
2009-05-17 18:49:56 ----D---- C:\Program Files\LimeWire
2009-05-17 13:51:06 ----D---- C:\CloneDVDTemp
2009-05-17 03:17:15 ----D---- C:\Program Files\SLYDVD
2009-05-17 02:59:59 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2009-05-17 02:09:40 ----D---- C:\Program Files\WinRAR
2009-05-17 01:21:24 ----D---- C:\Documents and Settings\All Users\Application Data\SlySoft
2009-05-17 01:17:28 ----SH---- C:\WINDOWS\S9A945B91.tmp
2009-05-17 01:17:19 ----D---- C:\Program Files\SlySoft
2009-05-16 23:44:58 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2009-05-16 23:44:35 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-05-16 23:33:53 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\VERITAS
2009-05-16 23:32:59 ----D---- C:\Program Files\RecordNow
2009-05-16 23:02:03 ----D---- C:\Program Files\Symantec
2009-05-16 23:02:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-05-16 23:02:03 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-05-16 23:01:28 ----D---- C:\Program Files\Windows Sidebar
2009-05-16 23:01:28 ----D---- C:\Program Files\Norton Internet Security
2009-05-16 23:01:28 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-05-16 23:01:27 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2009-05-16 23:01:08 ----D---- C:\Program Files\NortonInstaller
2009-05-16 23:01:08 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2009-05-16 22:52:44 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\U3
2009-05-16 22:30:46 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\CyberLink
2009-05-16 22:24:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-05-16 22:24:07 ----D---- C:\Program Files\CyberLink
2009-05-16 22:11:46 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-05-16 22:08:15 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\AdobeUM
2009-05-16 22:08:06 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\Adobe
2009-05-16 22:08:05 ----D---- C:\Program Files\Common Files\Adobe
2009-05-16 21:56:18 ----RA---- C:\WINDOWS\system32\HPZIDS01.dll
2009-05-16 21:56:15 ----A---- C:\WINDOWS\system32\hpzll054.dll
2009-05-16 21:34:11 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\DivX
2009-05-16 21:30:03 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-05-16 21:29:39 ----D---- C:\Program Files\DivX
2009-05-16 21:29:39 ----D---- C:\Program Files\Common Files\DivX Shared
2009-05-16 20:27:51 ----A---- C:\WINDOWS\ODBC.INI
2009-05-16 20:27:28 ----D---- C:\Program Files\Microsoft ActiveSync
2009-05-16 20:27:11 ----D---- C:\Program Files\Common Files\Designer
2009-05-16 20:26:44 ----D---- C:\WINDOWS\ShellNew
2009-05-16 20:26:35 ----D---- C:\Program Files\Microsoft Office
2009-05-16 18:52:17 ----D---- C:\Documents and Settings\All Users\Application Data\hpqwmi
2009-05-16 18:12:03 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-05-16 18:11:19 ----D---- C:\WINDOWS\RegisteredPackages
2009-05-16 18:10:08 ----A---- C:\WINDOWS\system32\javaws.exe
2009-05-16 18:10:08 ----A---- C:\WINDOWS\system32\javaw.exe
2009-05-16 18:10:08 ----A---- C:\WINDOWS\system32\java.exe
2009-05-16 18:09:45 ----D---- C:\Program Files\Java
2009-05-16 18:09:44 ----D---- C:\Program Files\Common Files\Java
2009-05-16 18:09:18 ----D---- C:\Program Files\Common Files\SureThing Shared
2009-05-16 18:09:12 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-05-16 18:07:53 ----D---- C:\Program Files\Common Files\TiVo Shared
2009-05-16 18:07:51 ----D---- C:\Program Files\Sonic
2009-05-16 18:06:27 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-05-16 18:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
2009-05-16 18:05:30 ----D---- C:\swsetup
2009-05-16 18:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB892559$
2009-05-16 18:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2009-05-16 18:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2009-05-16 18:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB884575$
2009-05-16 18:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
2009-05-16 18:03:39 ----A---- C:\WINDOWS\system32\hpqPres.dll
2009-05-16 18:03:39 ----A---- C:\WINDOWS\system32\hpqactn.dll
2009-05-16 18:03:39 ----A---- C:\WINDOWS\system32\eabhbrn8.dll
2009-05-16 18:03:39 ----A---- C:\WINDOWS\system32\cpqinfo.dll
2009-05-16 18:02:36 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-05-16 18:02:36 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-05-16 18:02:36 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-05-16 18:02:36 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-05-16 18:02:36 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-05-16 18:02:22 ----D---- C:\Program Files\muvee Technologies
2009-05-16 18:02:22 ----D---- C:\Program Files\Common Files\muvee Technologies
2009-05-16 18:02:05 ----D---- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2009-05-16 18:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-05-16 18:00:10 ----HDC---- C:\WINDOWS\$NtUninstallKB890175$
2009-05-16 17:59:56 ----HDC---- C:\WINDOWS\$NtUninstallKB890047$
2009-05-16 17:59:45 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-05-16 17:59:37 ----HDC---- C:\WINDOWS\$NtUninstallKB888113$
2009-05-16 17:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-05-16 17:59:20 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2009-05-16 17:59:13 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2009-05-16 17:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-05-16 17:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-05-16 17:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB885250$
2009-05-16 17:58:38 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-05-16 17:58:24 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-05-16 17:58:21 ----HDC---- C:\WINDOWS\$NtUninstallKB873333$
2009-05-16 17:58:21 ----HD---- C:\WINDOWS\$hf_mig$
2009-05-16 17:57:18 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2009-05-16 17:57:17 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2009-05-16 17:57:16 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-05-16 17:57:16 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-05-16 17:57:16 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-05-16 17:57:15 ----D---- C:\Program Files\Synaptics
2009-05-16 17:56:50 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\Apple Computer
2009-05-16 17:56:47 ----A---- C:\WINDOWS\system32\oeminfo.ini
2009-05-16 17:56:15 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2009-05-16 17:55:17 ----D---- C:\WINDOWS\Downloaded Installations
2009-05-16 17:54:29 ----D---- C:\Program Files\Hp
2009-05-16 17:54:21 ----D---- C:\WINDOWS\Hewlett-Packard
2009-05-16 17:53:33 ----D---- C:\Program Files\CPQ
2009-05-16 17:52:28 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2009-05-16 17:52:28 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2009-05-16 17:52:28 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2009-05-16 17:52:28 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2009-05-16 17:52:28 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2009-05-16 17:52:28 ----A---- C:\WINDOWS\system32\IVIresize.dll
2009-05-16 17:52:18 ----D---- C:\Program Files\InterVideo
2009-05-16 17:49:45 ----D---- C:\Program Files\HPQ
2009-05-16 17:49:39 ----D---- C:\Program Files\Adobe
2009-05-16 17:48:17 ----RSD---- C:\WINDOWS\assembly
2009-05-16 17:48:17 ----D---- C:\WINDOWS\Microsoft.NET
2009-05-16 17:48:15 ----D---- C:\WINDOWS\system32\URTTemp
2009-05-16 17:47:55 ----A---- C:\WINDOWS\system32\bcmwlu00.EXE
2009-05-16 17:47:55 ----A---- C:\WINDOWS\system32\bcmwlD2K.EXE
2009-05-16 17:46:30 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-05-16 17:46:02 ----D---- C:\Program Files\ATI Technologies
2009-05-16 17:45:28 ----D---- C:\Program Files\CONEXANT
2009-05-16 17:45:23 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2009-05-16 17:45:23 ----A---- C:\WINDOWS\system32\hsfci012.dll
2009-05-16 17:44:40 ----D---- C:\WINDOWS\OPTIONS
2009-05-16 17:44:04 ----D---- C:\WINDOWS\tiinst
2009-05-16 17:43:09 ----RA---- C:\WINDOWS\system32\CAUDINST.dll
2009-05-16 17:43:09 ----RA---- C:\WINDOWS\ciaunwdm.exe
2009-05-16 17:43:08 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-05-16 17:42:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-05-16 17:42:35 ----D---- C:\Program Files\AMD
2009-05-16 17:42:34 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-16 17:42:29 ----D---- C:\Program Files\Common Files\InstallShield
2009-05-16 17:41:25 ----D---- C:\SYSTEM.SAV
2009-05-16 17:34:04 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\Identities
2009-05-16 17:34:03 ----HD---- C:\Program Files\Uninstall Information
2009-05-16 17:33:58 ----SD---- C:\Documents and Settings\Gerry Diaz\Application Data\Microsoft
2009-05-16 17:33:58 ----ASH---- C:\Documents and Settings\Gerry Diaz\Application Data\desktop.ini
2009-05-16 17:31:18 ----D---- C:\WINDOWS\SoftwareDistribution
2009-05-16 17:31:16 ----SD---- C:\WINDOWS\system32\Microsoft
2009-05-16 17:31:16 ----D---- C:\WINDOWS\Prefetch
2009-05-16 17:31:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-16 17:27:52 ----D---- C:\WINDOWS\system32\xircom
2009-05-16 17:27:52 ----D---- C:\Program Files\xerox
2009-05-16 17:27:52 ----D---- C:\Program Files\microsoft frontpage
2009-05-16 17:27:36 ----A---- C:\WINDOWS\control.ini
2009-05-16 17:27:36 ----A---- C:\AUTOEXEC.BAT
2009-05-16 17:27:21 ----A---- C:\WINDOWS\OEWABLog.txt
2009-05-16 17:27:15 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-05-16 17:26:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-16 17:26:26 ----RD---- C:\WINDOWS\Offline Web Pages
2009-05-16 17:26:26 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-05-16 17:26:20 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-05-16 17:26:15 ----HD---- C:\Program Files\WindowsUpdate
2009-05-16 17:25:52 ----D---- C:\WINDOWS\system32\DirectX
2009-05-16 17:25:27 ----A---- C:\WINDOWS\system32\atrace.dll
2009-05-16 17:25:23 ----A---- C:\WINDOWS\system32\desktop.ini
2009-05-16 17:25:23 ----A---- C:\WINDOWS\desktop.ini
2009-05-16 17:25:15 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-05-16 17:25:14 ----A---- C:\WINDOWS\system32\acctres.dll
2009-05-16 17:25:13 ----D---- C:\Program Files\Common Files\Services
2009-05-16 17:25:10 ----SD---- C:\WINDOWS\Tasks
2009-05-16 17:25:10 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-05-16 17:25:09 ----D---- C:\Program Files\Common Files\MSSoap
2009-05-16 17:25:04 ----D---- C:\WINDOWS\srchasst
2009-05-16 17:25:02 ----D---- C:\WINDOWS\system32\Macromed
2009-05-16 17:24:59 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-05-16 17:24:59 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-05-16 17:24:59 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-05-16 17:24:59 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-05-16 17:24:58 ----A---- C:\WINDOWS\system32\wups.dll
2009-05-16 17:24:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-05-16 17:24:58 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-05-16 17:24:58 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-05-16 17:24:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-05-16 17:24:57 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-05-16 17:24:57 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-05-16 17:24:57 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-05-16 17:24:57 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-05-16 17:24:51 ----D---- C:\Program Files\Movie Maker
2009-05-16 17:24:47 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-05-16 17:24:47 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-05-16 17:24:47 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-05-16 17:24:47 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-05-16 17:24:41 ----D---- C:\WINDOWS\system32\Restore
2009-05-16 17:24:41 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-05-16 17:24:41 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-05-16 17:24:41 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-05-16 17:24:41 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-05-16 17:24:40 ----A---- C:\WINDOWS\system32\srclient.dll
2009-05-16 17:24:40 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-05-16 17:24:40 ----A---- C:\WINDOWS\system32\ils.dll
2009-05-16 17:24:39 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-05-16 17:24:39 ----A---- C:\WINDOWS\system32\msconf.dll
2009-05-16 17:24:39 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-05-16 17:24:39 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-05-16 17:24:36 ----D---- C:\Program Files\NetMeeting
2009-05-16 17:24:36 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-05-16 17:24:35 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-05-16 17:24:34 ----A---- C:\WINDOWS\system32\inetres.dll
2009-05-16 17:24:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-05-16 17:24:31 ----D---- C:\Program Files\Outlook Express
2009-05-16 17:24:31 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-05-16 17:24:31 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-05-16 17:24:31 ----A---- C:\WINDOWS\system32\mstask.dll
2009-05-16 17:24:30 ----A---- C:\WINDOWS\system32\isign32.dll
2009-05-16 17:24:30 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-05-16 17:24:30 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-05-16 17:24:30 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-05-16 17:24:23 ----D---- C:\Program Files\Common Files\System
2009-05-16 17:24:18 ----D---- C:\Program Files\Internet Explorer
2009-05-16 17:23:48 ----D---- C:\Program Files\ComPlus Applications
2009-05-16 17:23:46 ----A---- C:\WINDOWS\vbaddin.ini
2009-05-16 17:23:46 ----A---- C:\WINDOWS\vb.ini
2009-05-16 17:23:40 ----D---- C:\WINDOWS\Registration
2009-05-16 17:23:32 ----D---- C:\Program Files\Windows Media Player
2009-05-16 17:23:32 ----D---- C:\Program Files\Online Services
2009-05-16 17:23:25 ----D---- C:\Program Files\Messenger
2009-05-16 17:23:20 ----D---- C:\Program Files\MSN Gaming Zone
2009-05-16 17:23:20 ----A---- C:\WINDOWS\system32\write.exe
2009-05-16 17:23:09 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-05-16 17:23:09 ----A---- C:\WINDOWS\system32\hticons.dll
2009-05-16 17:23:08 ----A---- C:\WINDOWS\system32\winchat.exe
2009-05-16 17:23:08 ----A---- C:\WINDOWS\system32\avwav.dll
2009-05-16 17:23:08 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-05-16 17:23:08 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-05-16 17:23:00 ----A---- C:\WINDOWS\system32\getuname.dll
2009-05-16 17:23:00 ----A---- C:\WINDOWS\system32\charmap.exe
2009-05-16 17:22:59 ----A---- C:\WINDOWS\system32\winmine.exe
2009-05-16 17:22:59 ----A---- C:\WINDOWS\system32\sol.exe
2009-05-16 17:22:59 ----A---- C:\WINDOWS\system32\calc.exe
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\tskill.exe
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\reset.exe
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-05-16 17:22:58 ----A---- C:\WINDOWS\system32\freecell.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\tscon.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\shadow.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\regini.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\msg.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\logoff.exe
2009-05-16 17:22:57 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-05-16 17:22:56 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-05-16 17:22:56 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-05-16 17:22:55 ----A---- C:\WINDOWS\system32\stclient.dll
2009-05-16 17:22:55 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-05-16 17:22:55 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-05-16 17:22:55 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-05-16 17:22:55 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-05-16 17:22:55 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-05-16 17:22:55 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-05-16 17:22:49 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-05-16 17:22:30 ----D---- C:\Program Files\MSN
2009-05-16 17:22:28 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-05-16 17:22:28 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-05-16 17:22:28 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-05-16 17:22:28 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-05-16 17:22:27 ----D---- C:\Program Files\Windows NT
2009-05-16 17:22:27 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-05-16 17:22:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-05-16 17:22:26 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-05-16 17:22:26 ----A---- C:\WINDOWS\system32\spider.exe
2009-05-16 17:22:25 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-05-16 17:22:25 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-05-16 17:22:25 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-05-16 17:22:25 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-05-16 17:22:25 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-05-16 17:22:25 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-05-16 17:22:25 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-05-16 17:22:24 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-05-16 17:22:23 ----D---- C:\WINDOWS\system32\MsDtc
2009-05-16 17:22:23 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-05-16 17:22:23 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-05-16 17:22:23 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-05-16 17:22:22 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-05-16 17:22:22 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-05-16 17:22:22 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-05-16 17:22:22 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-05-16 17:22:21 ----D---- C:\WINDOWS\system32\Com
2009-05-16 17:22:21 ----A---- C:\WINDOWS\system32\colbact.dll
2009-05-16 17:22:21 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-05-16 17:22:21 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-05-16 17:22:20 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-05-16 17:22:20 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-05-16 17:22:20 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-05-16 17:22:19 ----A---- C:\WINDOWS\system32\comuid.dll
2009-05-16 17:22:19 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-05-16 17:22:11 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-05-16 17:22:11 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-05-16 17:22:11 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-05-16 17:22:11 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-05-16 16:14:09 ----SHD---- C:\RECYCLER
2009-05-16 16:08:17 ----D---- C:\WINDOWS\system32\appmgmt
2009-05-16 16:02:12 ----D---- C:\Documents and Settings\Gerry Diaz\Application Data\Macromedia
2009-05-16 16:01:01 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-05-16 10:19:28 ----A---- C:\WINDOWS\system32\h323log.txt
2009-05-16 10:12:14 ----A---- C:\WINDOWS\system32\usbui.dll
2009-05-16 10:11:11 ----A---- C:\WINDOWS\imsins.BAK
2009-05-16 10:11:08 ----SHD---- C:\WINDOWS\Installer
2009-05-16 10:11:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-16 10:11:07 ----D---- C:\Program Files\Common Files\ODBC
2009-05-16 10:11:07 ----A---- C:\WINDOWS\ODBCINST.INI
2009-05-16 10:11:03 ----RD---- C:\Program Files
2009-05-16 10:11:03 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-05-16 10:11:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-05-16 10:11:03 ----D---- C:\Program Files\Common Files
2009-05-16 10:11:00 ----A---- C:\WINDOWS\system32\uniime.dll
2009-05-16 10:10:47 ----A---- C:\WINDOWS\system32\imjp81k.dll
2009-05-16 10:10:45 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2009-05-16 10:10:44 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2009-05-16 10:10:44 ----A---- C:\WINDOWS\system32\c_iscii.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbda3.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbda2.dll
2009-05-16 10:10:41 ----RA---- C:\WINDOWS\system32\kbda1.dll
2009-05-16 10:10:41 ----A---- C:\WINDOWS\system32\kbdusa.dll
2009-05-16 10:10:38 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2009-05-16 10:10:32 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2009-05-16 10:10:32 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2009-05-16 10:10:32 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2009-05-16 10:10:32 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2009-05-16 10:10:32 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2009-05-16 10:10:31 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2009-05-16 10:10:31 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2009-05-16 10:10:30 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2009-05-16 10:10:29 ----A---- C:\WINDOWS\system32\msir3jp.dll
2009-05-16 10:09:58 ----A---- C:\WINDOWS\system32\c_g18030.dll
2009-05-16 10:09:57 ----A---- C:\WINDOWS\system32\kbd101a.dll
2009-05-16 10:09:39 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2009-05-16 10:09:39 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\kbdax2.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\kbd106n.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\kbd101.dll
2009-05-16 10:09:38 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2009-05-16 10:08:54 ----A---- C:\WINDOWS\system32\c_is2022.dll
2009-05-16 10:08:53 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-05-16 10:08:53 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-05-16 10:08:53 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-05-16 10:08:53 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-05-16 10:08:53 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-05-16 10:08:50 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-05-16 10:08:48 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-05-16 10:08:48 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-05-16 10:08:48 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-05-16 10:08:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-05-16 10:08:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-05-16 10:08:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-05-16 10:08:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-05-16 10:08:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-05-16 10:08:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-05-16 10:08:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-05-16 10:08:42 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-05-16 10:08:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-05-16 10:08:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-05-16 10:08:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-05-16 10:08:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-05-16 10:08:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-05-16 10:08:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-05-16 10:08:36 ----A---- C:\WINDOWS\system32\irclass.dll
2009-05-16 10:08:35 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-05-16 10:08:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-05-16 10:08:35 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-05-16 10:08:35 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-05-16 10:08:33 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-05-16 10:08:32 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-05-16 10:08:32 ----A---- C:\WINDOWS\system32\batt.dll
2009-05-16 10:08:31 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-05-16 10:08:28 ----A---- C:\WINDOWS\system32\storprop.dll
2009-05-16 10:08:19 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-05-16 10:08:16 ----RA---- C:\WINDOWS\SET8.tmp
2009-05-16 10:08:12 ----RA---- C:\WINDOWS\SET4.tmp
2009-05-16 10:08:10 ----RA---- C:\WINDOWS\SET3.tmp
2009-05-16 10:08:04 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-16 10:08:04 ----D---- C:\WINDOWS\system32\CatRoot
2009-05-16 10:07:58 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-05-16 10:07:31 ----A---- C:\WINDOWS\setuplog.txt
2009-05-16 10:07:27 ----D---- C:\Documents and Settings
2009-05-16 10:07:26 ----SHD---- C:\System Volume Information
2009-05-16 10:06:34 ----SH---- C:\boot. ini
2009-05-16 09:58:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-05-16 09:58:36 ----RSD---- C:\WINDOWS\Fonts
2009-05-16 09:58:36 ----RD---- C:\WINDOWS\Web
2009-05-16 09:58:36 ----HD---- C:\WINDOWS\inf
2009-05-16 09:58:36 ----D---- C:\WINDOWS\WinSxS
2009-05-16 09:58:36 ----D---- C:\WINDOWS\twain_32
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Temp
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\wins
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\wbem
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\usmt
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\spool
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\ShellExt
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\Setup
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\ras
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\oobe
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\npp
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\mui
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\inetsrv
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\IME
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\icsxml
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\ias
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\export
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\drivers
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\dhcp
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\config
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\3com_dmi
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\3076
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\2052
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1054
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1042
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1041
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1037
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1033
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1031
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1028
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32\1025
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system32
2009-05-16 09:58:36 ----D---- C:\WINDOWS\system
2009-05-16 09:58:36 ----D---- C:\WINDOWS\security
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Resources
2009-05-16 09:58:36 ----D---- C:\WINDOWS\repair
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Provisioning
2009-05-16 09:58:36 ----D---- C:\WINDOWS\PeerNet
2009-05-16 09:58:36 ----D---- C:\WINDOWS\pchealth
2009-05-16 09:58:36 ----D---- C:\WINDOWS\mui
2009-05-16 09:58:36 ----D---- C:\WINDOWS\msapps
2009-05-16 09:58:36 ----D---- C:\WINDOWS\msagent
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Media
2009-05-16 09:58:36 ----D---- C:\WINDOWS\java
2009-05-16 09:58:36 ----D---- C:\WINDOWS\ime
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Help
2009-05-16 09:58:36 ----D---- C:\WINDOWS\ehome
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Driver Cache
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Debug
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Cursors
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Connection Wizard
2009-05-16 09:58:36 ----D---- C:\WINDOWS\Config
2009-05-16 09:58:36 ----D---- C:\WINDOWS\AppPatch
2009-05-16 09:58:36 ----D---- C:\WINDOWS\addins
2009-05-16 09:58:36 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2009-05-20 22:52:08 ----A---- C:\WINDOWS\win.ini
2009-05-16 10:08:37 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\ccHPx86.sys []
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090610.006\IDSxpx86.sys []
R1 SRTSP;Symantec Real Time Storage Protection; \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSP.SYS []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SRTSPX.SYS []
R1 SYMTDI;Symantec Network Dispatch Driver; \??\C:\WINDOWS\system32\drivers\NIS\1005000.087\SYMTDI.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-03-22 13059]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2008-01-13 97216]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-01 1034752]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-03-10 371712]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camc6aud.sys [2005-03-15 37760]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camc6hal.sys [2005-03-15 346496]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2005-03-22 1038208]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-03-22 200192]

guestolo · « **Reply #6 on:** June 15, 2009, 08:56:24 PM »

Hi again Gerry, we just got company, let us deal with dinner then I'll look over your logs
Didn't want to keep ya hanging, I'll be back in a couple hours

Gerry D · « **Reply #7 on:** June 15, 2009, 09:45:52 PM »

Thank you Sir, take your time.

guestolo · « **Reply #8 on:** June 15, 2009, 10:35:47 PM »

Your logs are looking good, but you have to update some of the programs you have installed
Can you do the following please

Open your version of Spybot, it's very outdated
Click on the Immunize button
After it loads, disable the Immunization by clicking the UNDO button at the top menu bar
Let this finish, it may take some time
When it's done
Access your Add and remove Programs and remove any version of SPYBOT 1.3 or other versions you find
Reboot after all have been removed

Back in Windows
Download ComboFix from one of these locations:

[color=\"#0000FF\"]Link 1[/color]
[color=\"#0000FF\"]Link 2[/color]
[color=\"#FF0000\"]Save it ONLY to your Desktop[/color]

--------------------------------------------------------------------
[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

[color=\"#2e8b57\"]**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
[/color]

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

Also post a fresh Hijackthis log afterwards

Gerry D · « **Reply #9 on:** June 15, 2009, 11:18:04 PM »

Here you go.

ComboFix 09-06-15.05 - Gerry Diaz 06/16/2009 0:06.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.651 [GMT -4:00]
Running from: c:\documents and settings\Gerry Diaz\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\8xwOl3C.vbs
c:\windows\system32\kjcNuyu14B2ZoJe.vbs

.
((((((((((((((((((((((((( Files Created from 2009-05-16 to 2009-06-16 )))))))))))))))))))))))))))))))
.

2009-06-15 23:34 . 2009-06-15 23:34   --------   d-----w-   C:\rsit
2009-06-15 23:01 . 2009-05-17 03:01   89104   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\NAVENG.SYS
2009-06-15 23:01 . 2009-05-17 03:01   876144   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\NAVEX15.SYS
2009-06-15 23:01 . 2009-05-17 03:01   177520   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\NAVENG32.DLL
2009-06-15 23:01 . 2009-05-17 03:01   1181040   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\NAVEX32A.DLL
2009-06-15 23:01 . 2009-05-17 03:01   371248   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\EECTRL.SYS
2009-06-15 23:01 . 2009-05-17 03:01   101936   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\ERASER.SYS
2009-06-15 23:01 . 2009-05-17 03:01   259368   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\ECMSVR32.DLL
2009-06-15 23:01 . 2009-05-17 03:01   2414128   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090615.003\CCERASER.DLL
2009-06-13 04:30 . 2009-05-17 03:01   396848   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSviA64.sys
2009-06-13 04:30 . 2009-05-17 03:01   292912   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSvix86.sys
2009-06-13 04:30 . 2009-05-17 03:01   276344   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSXpx86.sys
2009-06-13 04:30 . 2009-05-17 03:01   447864   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSxpx86.dll
2009-06-13 04:30 . 2009-03-16 20:03   533880   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\Scxpx86.dll
2009-06-12 02:03 . 2009-06-12 02:03   --------   d-----w-   c:\documents and settings\LocalService\Application Data\WTablet
2009-06-10 00:46 . 2009-03-19 20:32   23400   ----a-w-   c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-10 00:46 . 2008-04-17 16:12   107368   ----a-w-   c:\windows\system32\GEARAspi.dll
2009-06-10 00:45 . 2009-06-10 00:45   --------   d-----w-   c:\program files\iPod
2009-06-10 00:45 . 2009-06-10 01:10   --------   d-----w-   c:\program files\iTunes
2009-06-10 00:45 . 2009-06-10 00:46   --------   d-----w-   c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-10 00:45 . 2009-06-10 00:45   --------   d-----w-   c:\program files\Bonjour
2009-06-10 00:44 . 2009-06-10 00:45   --------   d-----w-   c:\program files\QuickTime
2009-06-10 00:44 . 2009-06-10 00:45   --------   d-----w-   c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-10 00:43 . 2009-06-10 00:43   --------   d-----w-   c:\documents and settings\Gerry Diaz\Local Settings\Application Data\Apple
2009-06-10 00:43 . 2009-06-10 00:43   --------   d-----w-   c:\program files\Apple Software Update
2009-06-10 00:43 . 2009-06-10 00:46   --------   dc----w-   c:\windows\system32\DRVSTORE
2009-06-10 00:42 . 2009-06-10 00:45   --------   d-----w-   c:\program files\Common Files\Apple
2009-06-10 00:42 . 2009-06-10 00:42   --------   d-----w-   c:\documents and settings\All Users\Application Data\Apple
2009-06-09 01:02 . 2009-05-17 03:01   276344   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSXpx86.sys
2009-06-09 01:02 . 2009-05-17 03:01   447864   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSxpx86.dll
2009-06-09 01:02 . 2009-03-16 20:03   533880   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\Scxpx86.dll
2009-06-09 01:02 . 2009-05-17 03:01   396848   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSviA64.sys
2009-06-09 01:02 . 2009-05-17 03:01   292912   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSvix86.sys
2009-06-06 21:07 . 2009-06-06 21:07   --------   d-----w-   c:\program files\GCC4243N_fw
2009-06-06 20:06 . 2009-06-06 20:06   --------   d-----w-   C:\temp
2009-06-06 18:28 . 2009-06-06 18:28   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\muvee Technologies
2009-06-05 17:57 . 2009-06-05 17:57   75048   ----a-w-   c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-03 00:36 . 2009-06-03 00:36   --------   d-s---r-   c:\windows\Fontsa
2009-05-31 23:40 . 2009-05-31 23:47   --------   d-----w-   c:\documents and settings\All Users\Application Data\DVD Shrink
2009-05-31 23:40 . 2009-05-31 23:40   --------   d-----w-   c:\program files\DVD Shrink
2009-05-30 21:55 . 2009-05-30 21:55   --------   d-----w-   c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-05-30 21:55 . 2009-05-30 21:55   --------   d-----w-   c:\program files\SDHelper (Spybot - Search & Destroy)
2009-05-30 21:55 . 2009-05-30 21:55   --------   d-----w-   c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-05-30 21:52 . 2009-06-16 03:56   --------   d-----w-   c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-30 21:52 . 2009-06-16 03:52   --------   d-----w-   c:\program files\Spybot - Search & Destroy
2009-05-29 19:03 . 2001-08-18 02:36   5632   ----a-w-   c:\windows\system32\ptpusb.dll
2009-05-29 19:03 . 2004-08-04 04:56   159232   ----a-w-   c:\windows\system32\ptpusd.dll
2009-05-29 19:03 . 2004-08-04 02:58   15104   -c--a-w-   c:\windows\system32\dllcache\usbscan.sys
2009-05-29 19:03 . 2004-08-04 02:58   15104   ----a-w-   c:\windows\system32\drivers\usbscan.sys
2009-05-25 16:25 . 2009-06-16 03:57   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\WTablet
2009-05-25 16:24 . 2007-02-16 19:12   11312   ----a-w-   c:\windows\system32\drivers\wacommousefilter.sys
2009-05-25 16:24 . 2007-02-16 18:30   12848   ----a-w-   c:\windows\system32\drivers\wacomvhid.sys
2009-05-25 16:24 . 2009-05-25 16:24   --------   d-----w-   c:\windows\system32\WTablet
2009-05-25 16:24 . 2007-03-31 00:38   124464   ------w-   c:\windows\system32\Wintab32.dll
2009-05-25 16:24 . 2007-03-31 01:06   1189424   ------w-   c:\windows\system32\Tablet.exe
2009-05-25 16:24 . 2009-05-25 16:25   --------   d-----w-   c:\program files\Tablet
2009-05-24 15:08 . 2008-12-11 08:24   26624   ----a-w-   c:\windows\system32\dzwrapper.dll
2009-05-24 15:08 . 2008-12-11 08:21   10182656   ----a-w-   c:\windows\system32\dzcore.dll
2009-05-24 15:08 . 2008-12-11 08:25   110592   ----a-w-   c:\windows\system32\dzcarrara.dll
2009-05-24 15:08 . 2008-12-11 08:24   33280   ----a-w-   c:\windows\system32\dzbryce6.dll
2009-05-24 15:08 . 2008-12-11 07:27   2076672   ----a-w-   c:\windows\system32\dz3delight.dll
2009-05-24 15:08 . 2008-12-11 07:38   6131712   ----a-w-   c:\windows\system32\daz-qt-mt.dll
2009-05-24 15:08 . 2008-12-11 07:38   1785856   ----a-w-   c:\windows\system32\daz-qsa.dll
2009-05-24 12:28 . 1998-10-29 20:45   306688   ----a-w-   c:\windows\IsUninst.exe
2009-05-24 12:04 . 2009-05-24 12:04   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Corel
2009-05-24 12:01 . 2009-05-24 12:01   --------   d-----w-   c:\program files\Corel
2009-05-23 13:51 . 2009-05-23 13:51   --------   d-----w-   c:\program files\3D Universe
2009-05-22 23:32 . 2004-03-29 20:23   90112   ----a-w-   c:\windows\unvise32.exe
2009-05-22 23:05 . 2009-05-22 23:05   --------   d-----w-   c:\documents and settings\All Users\Application Data\OptiTex
2009-05-22 22:28 . 2009-05-23 13:58   --------   d-----w-   c:\program files\Common Files\DAZ
2009-05-22 22:28 . 2009-05-25 16:51   --------   d-----w-   c:\program files\DAZ
2009-05-22 21:22 . 2009-05-22 21:22   --------   d-----w-   c:\documents and settings\All Users\Application Data\NCH Software
2009-05-22 21:21 . 2009-05-22 21:21   --------   d-----w-   c:\program files\NCH Software
2009-05-22 21:21 . 2009-05-22 21:21   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\NCH Software
2009-05-22 21:20 . 2009-05-22 21:20   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Cool Record Edit Pro
2009-05-22 21:18 . 2009-05-22 21:18   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Free Sound Recorder
2009-05-22 21:17 . 2005-04-25 17:01   458752   ----a-w-   c:\windows\system32\NCTAudioRecord2.dll
2009-05-22 21:17 . 2005-04-04 21:21   602112   ----a-w-   c:\windows\system32\NCTAudioTransform2.dll
2009-05-22 21:17 . 2005-03-28 19:54   479232   ----a-w-   c:\windows\system32\NCTAudioVisualization2.dll
2009-05-22 21:17 . 2005-03-28 19:52   417792   ----a-w-   c:\windows\system32\NCTTextToAudio2.dll
2009-05-22 21:17 . 2005-02-24 15:51   348160   ----a-w-   c:\windows\system32\NCTWMAFile2.dll
2009-05-22 21:17 . 2005-05-18 15:52   1212416   ----a-w-   c:\windows\system32\NCTAudioInformation2.dll
2009-05-22 21:17 . 2005-05-17 16:37   1986560   ----a-w-   c:\windows\system32\NCTAudioFile2.dll
2009-05-22 21:17 . 2005-04-25 17:01   458752   ----a-w-   c:\windows\system32\NCTAudioPlayer2.dll
2009-05-22 21:17 . 2005-04-15 16:08   880640   ----a-w-   c:\windows\system32\NCTAudioEditor2.dll
2009-05-22 21:17 . 2004-11-04 17:31   835584   ----a-w-   c:\windows\system32\NCTAudioCDGrabber2.dll
2009-05-22 21:17 . 2002-01-05 20:37   344064   ----a-w-   c:\windows\system32\msvcr70.dll
2009-05-22 21:17 . 2009-05-23 21:07   --------   d-----w-   c:\program files\Free Sound Recorder
2009-05-22 12:45 . 2009-05-22 12:45   --------   d-----w-   c:\documents and settings\Gerry Diaz\Local Settings\Application Data\Help
2009-05-19 22:21 . 2009-05-19 22:21   --------   d-----w-   c:\windows\system32\KB905474
2009-05-19 22:21 . 2009-03-11 02:26   1403264   ----a-w-   c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-05-19 22:21 . 2009-03-11 02:18   453512   ----a-w-   c:\windows\system32\KB905474\wgasetup.exe
2009-05-18 22:15 . 2009-05-19 22:39   --------   d-----w-   c:\windows\system32\CatRoot_bak
2009-05-18 22:14 . 2009-02-06 17:22   2136064   -c----w-   c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-18 22:14 . 2009-02-06 17:24   2180480   -c----w-   c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-18 22:14 . 2009-02-06 16:49   2057728   -c----w-   c:\windows\system32\dllcache\ntkrnlpa.exe
2009-05-18 22:14 . 2009-02-06 16:49   2015744   -c----w-   c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-18 22:10 . 2008-07-09 07:38   26488   ----a-w-   c:\windows\system32\spupdsvc.exe
2009-05-17 22:50 . 2009-06-14 03:40   --------   d-----w-   c:\documents and settings\Gerry Diaz\Shared
2009-05-17 22:50 . 2009-06-15 03:43   --------   d-----w-   c:\documents and settings\Gerry Diaz\Incomplete
2009-05-17 22:50 . 2009-05-19 01:50   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\LimeWire
2009-05-17 22:49 . 2009-05-17 22:50   --------   d-----w-   c:\program files\LimeWire
2009-05-17 17:51 . 2009-05-17 17:51   --------   d-----w-   C:\CloneDVDTemp
2009-05-17 07:35 . 2008-06-13 13:10   272128   -c----w-   c:\windows\system32\dllcache\bthport.sys
2009-05-17 07:35 . 2008-06-13 13:10   272128   ------w-   c:\windows\system32\drivers\bthport.sys
2009-05-17 07:17 . 2009-05-17 07:27   --------   d-----w-   c:\program files\SLYDVD
2009-05-17 05:22 . 2008-10-24 11:10   453632   -c----w-   c:\windows\system32\dllcache\mrxsmb.sys
2009-05-17 05:21 . 2009-05-17 05:21   --------   d-----w-   c:\documents and settings\All Users\Application Data\SlySoft
2009-05-17 05:17 . 2009-05-17 06:19   --------   d-----w-   c:\program files\SlySoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-10 01:22 . 2009-05-16 21:56   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Apple Computer
2009-06-06 18:28 . 2009-05-17 00:20   139032   ----a-w-   c:\documents and settings\Gerry Diaz\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-03 03:56 . 2009-05-17 01:29   --------   d-----w-   c:\program files\DivX
2009-06-03 03:55 . 2009-05-17 01:29   --------   d-----w-   c:\program files\Common Files\DivX Shared
2009-05-29 03:00 . 2009-05-16 21:56   --------   d-----w-   c:\documents and settings\All Users\Application Data\QuickTime
2009-05-24 12:32 . 2009-05-17 02:08   --------   d-----w-   c:\program files\Common Files\Adobe
2009-05-22 20:08 . 2009-05-17 02:52   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\U3
2009-05-17 22:26 . 2009-05-16 21:54   --------   d-----w-   c:\program files\Hp
2009-05-17 18:02 . 2009-05-17 03:01   --------   d-----w-   c:\documents and settings\All Users\Application Data\Symantec
2009-05-17 05:21 . 2009-05-17 05:17   24   --sh--w-   c:\windows\S9A945B91.tmp
2009-05-17 04:33 . 2009-05-17 03:02   --------   d-----w-   c:\program files\Common Files\Symantec Shared
2009-05-17 03:55 . 2009-05-16 21:42   --------   d--h--w-   c:\program files\InstallShield Installation Information
2009-05-17 03:44 . 2009-05-17 03:44   --------   d-----w-   c:\documents and settings\All Users\Application Data\Adobe Systems
2009-05-17 03:44 . 2009-05-17 03:44   --------   d-----w-   c:\program files\Common Files\Adobe Systems Shared
2009-05-17 03:33 . 2009-05-17 03:33   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\VERITAS
2009-05-17 03:32 . 2009-05-17 03:32   --------   d-----w-   c:\program files\RecordNow
2009-05-17 03:02 . 2009-05-17 03:01   --------   d-----w-   c:\documents and settings\All Users\Application Data\Norton
2009-05-17 03:02 . 2009-05-17 03:02   805   ----a-w-   c:\windows\system32\drivers\SYMEVENT.INF
2009-05-17 03:02 . 2009-05-17 03:02   7386   ----a-w-   c:\windows\system32\drivers\SYMEVENT.CAT
2009-05-17 03:02 . 2009-05-17 03:02   60808   ----a-w-   c:\windows\system32\S32EVNT1.DLL
2009-05-17 03:02 . 2009-05-17 03:02   124464   ----a-w-   c:\windows\system32\drivers\SYMEVENT.SYS
2009-05-17 03:02 . 2009-05-17 03:02   --------   d-----w-   c:\program files\Symantec
2009-05-17 03:01 . 2009-05-17 03:02   36400   ----a-r-   c:\windows\system32\drivers\SymIM.sys
2009-05-17 03:01 . 2009-05-17 03:01   396848   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvia64.sys
2009-05-17 03:01 . 2009-05-17 03:01   292912   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-05-17 03:01 . 2009-05-17 03:01   276344   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.sys
2009-05-17 03:01 . 2009-05-17 03:01   1290592   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-05-17 03:01 . 2009-05-17 03:01   136840   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-05-17 03:01 . 2009-05-17 03:01   447864   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\idsxpx86.dll
2009-05-17 03:01 . 2009-05-17 03:01   796016   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\program files\Norton Internet Security
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\program files\Windows Sidebar
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\documents and settings\All Users\Application Data\NortonInstaller
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\program files\NortonInstaller
2009-05-17 02:30 . 2009-05-17 02:30   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\CyberLink
2009-05-17 02:25 . 2009-05-17 01:34   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\DivX
2009-05-17 02:24 . 2009-05-17 02:24   --------   d-----w-   c:\documents and settings\All Users\Application Data\CyberLink
2009-05-17 02:24 . 2009-05-17 02:24   --------   d-----w-   c:\program files\CyberLink
2009-05-17 02:08 . 2009-05-17 02:08   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\AdobeUM
2009-05-17 00:27 . 2009-05-17 00:27   --------   d-----w-   c:\program files\Microsoft ActiveSync
2009-05-16 22:52 . 2009-05-16 22:52   --------   d-----w-   c:\documents and settings\All Users\Application Data\hpqwmi
2009-05-16 22:11 . 2009-05-16 21:49   --------   d-----w-   c:\program files\HPQ
2009-05-16 22:10 . 2009-05-16 22:09   --------   d-----w-   c:\program files\Java
2009-05-16 22:09 . 2009-05-16 22:09   --------   d-----w-   c:\program files\Common Files\Java
2009-05-16 22:09 . 2009-05-16 22:09   --------   d-----w-   c:\program files\Common Files\SureThing Shared
2009-05-16 22:09 . 2009-05-16 22:07   --------   d-----w-   c:\program files\Sonic
2009-05-16 22:09 . 2009-05-16 22:09   --------   d-----w-   c:\documents and settings\All Users\Application Data\InstallShield
2009-05-16 22:09 . 2009-05-16 21:42   --------   d-----w-   c:\program files\Common Files\InstallShield
2009-05-16 22:07 . 2009-05-16 22:07   --------   d-----w-   c:\program files\Common Files\TiVo Shared
2009-05-16 22:07 . 2009-05-16 22:06   --------   d-----w-   c:\program files\Common Files\Sonic Shared
2009-05-16 22:05 . 2009-05-16 22:05   1573   --sha-r-   c:\windows\system32\drivers\103C_HP_NTBK_Pavilion ZV6100 (EC358UA#ABA)_YN_0Pavi_QCND5270RLW_EU_46_I3085_SHP_V42.37_BF.15_T050531_WXP2_L40
9_M1023_J100_7AMD_8Athlon 64_91.99_#090516_N10EC8139_(EC358UA#ABA)_XMOBILE_CN10_Z10024378_2F.15_G10025955.
MRK
2009-05-16 22:02 . 2009-05-16 22:02   --------   d-----w-   c:\program files\Common Files\muvee Technologies
2009-05-16 22:02 . 2009-05-16 22:02   --------   d-----w-   c:\program files\muvee Technologies
2009-05-16 22:02 . 2009-05-16 22:02   --------   d-----w-   c:\documents and settings\All Users\Application Data\muvee Technologies
2009-05-16 21:57 . 2009-05-16 21:57   --------   d-----w-   c:\program files\Synaptics
2009-05-16 21:52 . 2009-05-16 21:52   --------   d-----w-   c:\program files\InterVideo
2009-05-16 21:46 . 2009-05-16 21:46   --------   d-----w-   c:\program files\ATI Technologies
2009-05-16 21:45 . 2009-05-16 21:45   --------   d-----w-   c:\program files\CONEXANT
2009-05-16 21:42 . 2009-05-16 21:42   --------   d-----w-   c:\program files\AMD
2009-05-16 21:27 . 2009-05-16 21:27   --------   d-----w-   c:\program files\microsoft frontpage
2009-05-16 21:23 . 2009-05-16 21:23   21640   ----a-w-   c:\windows\system32\emptyregdb.dat
2009-05-16 20:11 . 2009-05-16 21:53   --------   d-----w-   c:\program files\CPQ
2009-05-16 20:10 . 2009-05-16 21:26   89007   ----a-w-   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-01 21:02 . 2009-05-01 21:02   823296   ----a-w-   c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02   823296   ----a-w-   c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02   815104   ----a-w-   c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02   811008   ----a-w-   c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02   802816   ----a-w-   c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02   685056   ----a-w-   c:\windows\system32\DivX.dll
2009-03-19 20:32 . 2009-03-19 20:32   23400   ----a-w-   c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"AnyDVD"="c:\program files\SLYDVD\AnyDVD\AnyDVD.exe" [2009-05-17 1665984]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-23 339968]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-02-17 233534]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-11 794624]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]

c:\documents and settings\Gerry Diaz\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
WinZip Quick Pick.lnk - e:\hp files 2009\WinZip\WZQKPICK.EXE [2009-5-15 106560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1005000.087\SymEFA.sys [5/16/2009 11:01 PM 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1005000.087\BHDrvx86.sys [5/16/2009 11:01 PM 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1005000.087\cchpx86.sys [5/16/2009 11:01 PM 482352]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSXpx86.sys [6/13/2009 12:30 AM 276344]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [5/16/2009 11:01 PM 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/16/2009 11:07 PM 101936]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [5/16/2009 5:45 PM 200192]
.
Contents of the 'Scheduled Tasks' folder

2009-06-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-06-16 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-19 02:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-16 00:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?

`?n??|?

?? ???B?

???hLC?

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.5.0.135\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1160)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-06-16 0:10
ComboFix-quarantined-files.txt 2009-06-16 04:10

Pre-Run: 84,757,135,360 bytes free
Post-Run: 85,358,321,664 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

287 --- E O F --- 2009-05-20 22:29

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:19 AM, on 6/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
E:\hp files 2009\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Gerry Diaz\Desktop\Gerry Diaz.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\hp files 2009\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 6831 bytes

guestolo · « **Reply #10 on:** June 15, 2009, 11:27:40 PM »

Any improvement?
Why is Spybot's TeaTimer still running, do you still have it installed?
Is there an entry for Spybot in Add/Remove Programs?

Gerry D · « **Reply #11 on:** June 16, 2009, 06:14:54 PM »

Ooops, another spyware I did not see was running. Here you go.

ComboFix 09-06-15.05 - Gerry Diaz 06/16/2009 19:05.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.651 [GMT -4:00]
Running from: c:\documents and settings\Gerry Diaz\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2009-05-16 to 2009-06-16 )))))))))))))))))))))))))))))))
.

2009-06-16 22:53 . 2009-05-17 03:01   89104   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\NAVENG.SYS
2009-06-16 22:53 . 2009-05-17 03:01   876144   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\NAVEX15.SYS
2009-06-16 22:53 . 2009-05-17 03:01   371248   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\EECTRL.SYS
2009-06-16 22:53 . 2009-05-17 03:01   101936   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\ERASER.SYS
2009-06-16 22:53 . 2009-05-17 03:01   177520   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\NAVENG32.DLL
2009-06-16 22:53 . 2009-05-17 03:01   1181040   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\NAVEX32A.DLL
2009-06-16 22:53 . 2009-05-17 03:01   259368   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\ECMSVR32.DLL
2009-06-16 22:53 . 2009-05-17 03:01   2414128   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090616.004\CCERASER.DLL
2009-06-15 23:34 . 2009-06-15 23:34   --------   d-----w-   C:\rsit
2009-06-13 04:30 . 2009-05-17 03:01   396848   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSviA64.sys
2009-06-13 04:30 . 2009-05-17 03:01   292912   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSvix86.sys
2009-06-13 04:30 . 2009-05-17 03:01   276344   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSXpx86.sys
2009-06-13 04:30 . 2009-05-17 03:01   447864   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSxpx86.dll
2009-06-13 04:30 . 2009-03-16 20:03   533880   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\Scxpx86.dll
2009-06-12 02:03 . 2009-06-12 02:03   --------   d-----w-   c:\documents and settings\LocalService\Application Data\WTablet
2009-06-10 00:46 . 2009-03-19 20:32   23400   ----a-w-   c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-10 00:46 . 2008-04-17 16:12   107368   ----a-w-   c:\windows\system32\GEARAspi.dll
2009-06-10 00:45 . 2009-06-10 00:45   --------   d-----w-   c:\program files\iPod
2009-06-10 00:45 . 2009-06-10 01:10   --------   d-----w-   c:\program files\iTunes
2009-06-10 00:45 . 2009-06-10 00:46   --------   d-----w-   c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-10 00:45 . 2009-06-10 00:45   --------   d-----w-   c:\program files\Bonjour
2009-06-10 00:44 . 2009-06-10 00:45   --------   d-----w-   c:\program files\QuickTime
2009-06-10 00:44 . 2009-06-10 00:45   --------   d-----w-   c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-10 00:43 . 2009-06-10 00:43   --------   d-----w-   c:\documents and settings\Gerry Diaz\Local Settings\Application Data\Apple
2009-06-10 00:43 . 2009-06-10 00:43   --------   d-----w-   c:\program files\Apple Software Update
2009-06-10 00:43 . 2009-06-10 00:46   --------   dc----w-   c:\windows\system32\DRVSTORE
2009-06-10 00:42 . 2009-06-10 00:45   --------   d-----w-   c:\program files\Common Files\Apple
2009-06-10 00:42 . 2009-06-10 00:42   --------   d-----w-   c:\documents and settings\All Users\Application Data\Apple
2009-06-09 01:02 . 2009-05-17 03:01   276344   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSXpx86.sys
2009-06-09 01:02 . 2009-05-17 03:01   447864   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSxpx86.dll
2009-06-09 01:02 . 2009-03-16 20:03   533880   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\Scxpx86.dll
2009-06-09 01:02 . 2009-05-17 03:01   396848   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSviA64.sys
2009-06-09 01:02 . 2009-05-17 03:01   292912   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090604.001\IDSvix86.sys
2009-06-06 21:07 . 2009-06-06 21:07   --------   d-----w-   c:\program files\GCC4243N_fw
2009-06-06 20:06 . 2009-06-06 20:06   --------   d-----w-   C:\temp
2009-06-06 18:28 . 2009-06-06 18:28   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\muvee Technologies
2009-06-05 17:57 . 2009-06-05 17:57   75048   ----a-w-   c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-03 00:36 . 2009-06-03 00:36   --------   d-s---r-   c:\windows\Fontsa
2009-05-31 23:40 . 2009-05-31 23:47   --------   d-----w-   c:\documents and settings\All Users\Application Data\DVD Shrink
2009-05-31 23:40 . 2009-05-31 23:40   --------   d-----w-   c:\program files\DVD Shrink
2009-05-30 21:55 . 2009-05-30 21:55   --------   d-----w-   c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-05-30 21:55 . 2009-05-30 21:55   --------   d-----w-   c:\program files\SDHelper (Spybot - Search & Destroy)
2009-05-30 21:55 . 2009-05-30 21:55   --------   d-----w-   c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-05-30 21:52 . 2009-06-16 22:56   --------   d-----w-   c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-30 21:52 . 2009-06-16 22:56   --------   d-----w-   c:\program files\Spybot - Search & Destroy
2009-05-29 19:03 . 2001-08-18 02:36   5632   ----a-w-   c:\windows\system32\ptpusb.dll
2009-05-29 19:03 . 2004-08-04 04:56   159232   ----a-w-   c:\windows\system32\ptpusd.dll
2009-05-29 19:03 . 2004-08-04 02:58   15104   -c--a-w-   c:\windows\system32\dllcache\usbscan.sys
2009-05-29 19:03 . 2004-08-04 02:58   15104   ----a-w-   c:\windows\system32\drivers\usbscan.sys
2009-05-25 16:25 . 2009-06-16 23:00   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\WTablet
2009-05-25 16:24 . 2007-02-16 19:12   11312   ----a-w-   c:\windows\system32\drivers\wacommousefilter.sys
2009-05-25 16:24 . 2007-02-16 18:30   12848   ----a-w-   c:\windows\system32\drivers\wacomvhid.sys
2009-05-25 16:24 . 2009-05-25 16:24   --------   d-----w-   c:\windows\system32\WTablet
2009-05-25 16:24 . 2007-03-31 00:38   124464   ------w-   c:\windows\system32\Wintab32.dll
2009-05-25 16:24 . 2007-03-31 01:06   1189424   ------w-   c:\windows\system32\Tablet.exe
2009-05-25 16:24 . 2009-05-25 16:25   --------   d-----w-   c:\program files\Tablet
2009-05-24 15:08 . 2008-12-11 08:24   26624   ----a-w-   c:\windows\system32\dzwrapper.dll
2009-05-24 15:08 . 2008-12-11 08:21   10182656   ----a-w-   c:\windows\system32\dzcore.dll
2009-05-24 15:08 . 2008-12-11 08:25   110592   ----a-w-   c:\windows\system32\dzcarrara.dll
2009-05-24 15:08 . 2008-12-11 08:24   33280   ----a-w-   c:\windows\system32\dzbryce6.dll
2009-05-24 15:08 . 2008-12-11 07:27   2076672   ----a-w-   c:\windows\system32\dz3delight.dll
2009-05-24 15:08 . 2008-12-11 07:38   6131712   ----a-w-   c:\windows\system32\daz-qt-mt.dll
2009-05-24 15:08 . 2008-12-11 07:38   1785856   ----a-w-   c:\windows\system32\daz-qsa.dll
2009-05-24 12:28 . 1998-10-29 20:45   306688   ----a-w-   c:\windows\IsUninst.exe
2009-05-24 12:04 . 2009-05-24 12:04   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Corel
2009-05-24 12:01 . 2009-05-24 12:01   --------   d-----w-   c:\program files\Corel
2009-05-23 13:51 . 2009-05-23 13:51   --------   d-----w-   c:\program files\3D Universe
2009-05-22 23:32 . 2004-03-29 20:23   90112   ----a-w-   c:\windows\unvise32.exe
2009-05-22 23:05 . 2009-05-22 23:05   --------   d-----w-   c:\documents and settings\All Users\Application Data\OptiTex
2009-05-22 22:28 . 2009-05-23 13:58   --------   d-----w-   c:\program files\Common Files\DAZ
2009-05-22 22:28 . 2009-05-25 16:51   --------   d-----w-   c:\program files\DAZ
2009-05-22 21:22 . 2009-05-22 21:22   --------   d-----w-   c:\documents and settings\All Users\Application Data\NCH Software
2009-05-22 21:21 . 2009-05-22 21:21   --------   d-----w-   c:\program files\NCH Software
2009-05-22 21:21 . 2009-05-22 21:21   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\NCH Software
2009-05-22 21:20 . 2009-05-22 21:20   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Cool Record Edit Pro
2009-05-22 21:18 . 2009-05-22 21:18   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Free Sound Recorder
2009-05-22 21:17 . 2005-04-25 17:01   458752   ----a-w-   c:\windows\system32\NCTAudioRecord2.dll
2009-05-22 21:17 . 2005-04-04 21:21   602112   ----a-w-   c:\windows\system32\NCTAudioTransform2.dll
2009-05-22 21:17 . 2005-03-28 19:54   479232   ----a-w-   c:\windows\system32\NCTAudioVisualization2.dll
2009-05-22 21:17 . 2005-03-28 19:52   417792   ----a-w-   c:\windows\system32\NCTTextToAudio2.dll
2009-05-22 21:17 . 2005-02-24 15:51   348160   ----a-w-   c:\windows\system32\NCTWMAFile2.dll
2009-05-22 21:17 . 2005-05-18 15:52   1212416   ----a-w-   c:\windows\system32\NCTAudioInformation2.dll
2009-05-22 21:17 . 2005-05-17 16:37   1986560   ----a-w-   c:\windows\system32\NCTAudioFile2.dll
2009-05-22 21:17 . 2005-04-25 17:01   458752   ----a-w-   c:\windows\system32\NCTAudioPlayer2.dll
2009-05-22 21:17 . 2005-04-15 16:08   880640   ----a-w-   c:\windows\system32\NCTAudioEditor2.dll
2009-05-22 21:17 . 2004-11-04 17:31   835584   ----a-w-   c:\windows\system32\NCTAudioCDGrabber2.dll
2009-05-22 21:17 . 2002-01-05 20:37   344064   ----a-w-   c:\windows\system32\msvcr70.dll
2009-05-22 21:17 . 2009-05-23 21:07   --------   d-----w-   c:\program files\Free Sound Recorder
2009-05-22 12:45 . 2009-05-22 12:45   --------   d-----w-   c:\documents and settings\Gerry Diaz\Local Settings\Application Data\Help
2009-05-19 22:21 . 2009-05-19 22:21   --------   d-----w-   c:\windows\system32\KB905474
2009-05-19 22:21 . 2009-03-11 02:26   1403264   ----a-w-   c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-05-19 22:21 . 2009-03-11 02:18   453512   ----a-w-   c:\windows\system32\KB905474\wgasetup.exe
2009-05-18 22:15 . 2009-05-19 22:39   --------   d-----w-   c:\windows\system32\CatRoot_bak
2009-05-18 22:14 . 2009-02-06 17:22   2136064   -c----w-   c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-18 22:14 . 2009-02-06 17:24   2180480   -c----w-   c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-18 22:14 . 2009-02-06 16:49   2057728   -c----w-   c:\windows\system32\dllcache\ntkrnlpa.exe
2009-05-18 22:14 . 2009-02-06 16:49   2015744   -c----w-   c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-18 22:10 . 2008-07-09 07:38   26488   ----a-w-   c:\windows\system32\spupdsvc.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-10 01:22 . 2009-05-16 21:56   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\Apple Computer
2009-06-06 18:28 . 2009-05-17 00:20   139032   ----a-w-   c:\documents and settings\Gerry Diaz\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-03 03:56 . 2009-05-17 01:29   --------   d-----w-   c:\program files\DivX
2009-06-03 03:55 . 2009-05-17 01:29   --------   d-----w-   c:\program files\Common Files\DivX Shared
2009-05-29 03:00 . 2009-05-16 21:56   --------   d-----w-   c:\documents and settings\All Users\Application Data\QuickTime
2009-05-24 12:32 . 2009-05-17 02:08   --------   d-----w-   c:\program files\Common Files\Adobe
2009-05-22 20:08 . 2009-05-17 02:52   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\U3
2009-05-19 01:50 . 2009-05-17 22:50   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\LimeWire
2009-05-17 22:50 . 2009-05-17 22:49   --------   d-----w-   c:\program files\LimeWire
2009-05-17 22:26 . 2009-05-16 21:54   --------   d-----w-   c:\program files\Hp
2009-05-17 18:02 . 2009-05-17 03:01   --------   d-----w-   c:\documents and settings\All Users\Application Data\Symantec
2009-05-17 07:27 . 2009-05-17 07:17   --------   d-----w-   c:\program files\SLYDVD
2009-05-17 06:19 . 2009-05-17 05:17   --------   d-----w-   c:\program files\SlySoft
2009-05-17 05:21 . 2009-05-17 05:21   --------   d-----w-   c:\documents and settings\All Users\Application Data\SlySoft
2009-05-17 05:21 . 2009-05-17 05:17   24   --sh--w-   c:\windows\S9A945B91.tmp
2009-05-17 04:33 . 2009-05-17 03:02   --------   d-----w-   c:\program files\Common Files\Symantec Shared
2009-05-17 03:55 . 2009-05-16 21:42   --------   d--h--w-   c:\program files\InstallShield Installation Information
2009-05-17 03:44 . 2009-05-17 03:44   --------   d-----w-   c:\documents and settings\All Users\Application Data\Adobe Systems
2009-05-17 03:44 . 2009-05-17 03:44   --------   d-----w-   c:\program files\Common Files\Adobe Systems Shared
2009-05-17 03:33 . 2009-05-17 03:33   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\VERITAS
2009-05-17 03:32 . 2009-05-17 03:32   --------   d-----w-   c:\program files\RecordNow
2009-05-17 03:02 . 2009-05-17 03:01   --------   d-----w-   c:\documents and settings\All Users\Application Data\Norton
2009-05-17 03:02 . 2009-05-17 03:02   805   ----a-w-   c:\windows\system32\drivers\SYMEVENT.INF
2009-05-17 03:02 . 2009-05-17 03:02   7386   ----a-w-   c:\windows\system32\drivers\SYMEVENT.CAT
2009-05-17 03:02 . 2009-05-17 03:02   60808   ----a-w-   c:\windows\system32\S32EVNT1.DLL
2009-05-17 03:02 . 2009-05-17 03:02   124464   ----a-w-   c:\windows\system32\drivers\SYMEVENT.SYS
2009-05-17 03:02 . 2009-05-17 03:02   --------   d-----w-   c:\program files\Symantec
2009-05-17 03:01 . 2009-05-17 03:02   36400   ----a-r-   c:\windows\system32\drivers\SymIM.sys
2009-05-17 03:01 . 2009-05-17 03:01   396848   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvia64.sys
2009-05-17 03:01 . 2009-05-17 03:01   292912   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-05-17 03:01 . 2009-05-17 03:01   276344   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.sys
2009-05-17 03:01 . 2009-05-17 03:01   1290592   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2009-05-17 03:01 . 2009-05-17 03:01   136840   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-05-17 03:01 . 2009-05-17 03:01   447864   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\idsxpx86.dll
2009-05-17 03:01 . 2009-05-17 03:01   796016   ----a-w-   c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\program files\Norton Internet Security
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\program files\Windows Sidebar
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\documents and settings\All Users\Application Data\NortonInstaller
2009-05-17 03:01 . 2009-05-17 03:01   --------   d-----w-   c:\program files\NortonInstaller
2009-05-17 02:30 . 2009-05-17 02:30   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\CyberLink
2009-05-17 02:25 . 2009-05-17 01:34   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\DivX
2009-05-17 02:24 . 2009-05-17 02:24   --------   d-----w-   c:\documents and settings\All Users\Application Data\CyberLink
2009-05-17 02:24 . 2009-05-17 02:24   --------   d-----w-   c:\program files\CyberLink
2009-05-17 02:08 . 2009-05-17 02:08   --------   d-----w-   c:\documents and settings\Gerry Diaz\Application Data\AdobeUM
2009-05-17 00:27 . 2009-05-17 00:27   --------   d-----w-   c:\program files\Microsoft ActiveSync
2009-05-16 22:52 . 2009-05-16 22:52   --------   d-----w-   c:\documents and settings\All Users\Application Data\hpqwmi
2009-05-16 22:11 . 2009-05-16 21:49   --------   d-----w-   c:\program files\HPQ
2009-05-16 22:10 . 2009-05-16 22:09   --------   d-----w-   c:\program files\Java
2009-05-16 22:09 . 2009-05-16 22:09   --------   d-----w-   c:\program files\Common Files\Java
2009-05-16 22:09 . 2009-05-16 22:09   --------   d-----w-   c:\program files\Common Files\SureThing Shared
2009-05-16 22:09 . 2009-05-16 22:07   --------   d-----w-   c:\program files\Sonic
2009-05-16 22:09 . 2009-05-16 22:09   --------   d-----w-   c:\documents and settings\All Users\Application Data\InstallShield
2009-05-16 22:09 . 2009-05-16 21:42   --------   d-----w-   c:\program files\Common Files\InstallShield
2009-05-16 22:07 . 2009-05-16 22:07   --------   d-----w-   c:\program files\Common Files\TiVo Shared
2009-05-16 22:07 . 2009-05-16 22:06   --------   d-----w-   c:\program files\Common Files\Sonic Shared
2009-05-16 22:05 . 2009-05-16 22:05   1573   --sha-r-   c:\windows\system32\drivers\103C_HP_NTBK_Pavilion ZV6100 (EC358UA#ABA)_YN_0Pavi_QCND5270RLW_EU_46_I3085_SHP_V42.37_BF.15_T050531_WXP2_L40
9_M1023_J100_7AMD_8Athlon 64_91.99_#090516_N10EC8139_(EC358UA#ABA)_XMOBILE_CN10_Z10024378_2F.15_G10025955.
MRK
2009-05-16 22:02 . 2009-05-16 22:02   --------   d-----w-   c:\program files\Common Files\muvee Technologies
2009-05-16 22:02 . 2009-05-16 22:02   --------   d-----w-   c:\program files\muvee Technologies
2009-05-16 22:02 . 2009-05-16 22:02   --------   d-----w-   c:\documents and settings\All Users\Application Data\muvee Technologies
2009-05-16 21:57 . 2009-05-16 21:57   --------   d-----w-   c:\program files\Synaptics
2009-05-16 21:52 . 2009-05-16 21:52   --------   d-----w-   c:\program files\InterVideo
2009-05-16 21:46 . 2009-05-16 21:46   --------   d-----w-   c:\program files\ATI Technologies
2009-05-16 21:45 . 2009-05-16 21:45   --------   d-----w-   c:\program files\CONEXANT
2009-05-16 21:42 . 2009-05-16 21:42   --------   d-----w-   c:\program files\AMD
2009-05-16 21:27 . 2009-05-16 21:27   --------   d-----w-   c:\program files\microsoft frontpage
2009-05-16 21:23 . 2009-05-16 21:23   21640   ----a-w-   c:\windows\system32\emptyregdb.dat
2009-05-16 20:11 . 2009-05-16 21:53   --------   d-----w-   c:\program files\CPQ
2009-05-16 20:10 . 2009-05-16 21:26   89007   ----a-w-   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-01 21:02 . 2009-05-01 21:02   823296   ----a-w-   c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02   823296   ----a-w-   c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02   815104   ----a-w-   c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02   811008   ----a-w-   c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02   802816   ----a-w-   c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02   685056   ----a-w-   c:\windows\system32\DivX.dll
2009-03-19 20:32 . 2009-03-19 20:32   23400   ----a-w-   c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-06-16_04.09.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-16 23:00 . 2009-06-16 23:00   16384 c:\windows\Temp\Perflib_Perfdata_28c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"AnyDVD"="c:\program files\SLYDVD\AnyDVD\AnyDVD.exe" [2009-05-17 1665984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-23 339968]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-02-17 233534]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-11 794624]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]

c:\documents and settings\Gerry Diaz\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
WinZip Quick Pick.lnk - e:\hp files 2009\WinZip\WZQKPICK.EXE [2009-5-15 106560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1005000.087\SymEFA.sys [5/16/2009 11:01 PM 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1005000.087\BHDrvx86.sys [5/16/2009 11:01 PM 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1005000.087\cchpx86.sys [5/16/2009 11:01 PM 482352]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090610.006\IDSXpx86.sys [6/13/2009 12:30 AM 276344]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [5/16/2009 11:01 PM 115560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/16/2009 11:07 PM 101936]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [5/16/2009 5:45 PM 200192]
.
Contents of the 'Scheduled Tasks' folder

2009-06-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-06-16 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-19 02:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-16 19:08
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?

?3?6?3?4?

???B?

???hLC?

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.5.0.135\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1148)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-06-16 19:10
ComboFix-quarantined-files.txt 2009-06-16 23:09
ComboFix2.txt 2009-06-16 04:10

Pre-Run: 85,385,072,640 bytes free
Post-Run: 85,363,044,352 bytes free

273 --- E O F --- 2009-05-20 22:29

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:12:45 PM, on 6/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\hp files 2009\WinZip\WZQKPICK.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Gerry Diaz\Desktop\Gerry Diaz.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\hp files 2009\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 6678 bytes

guestolo · « **Reply #12 on:** June 16, 2009, 09:49:58 PM »

Still a bit of software to update
And let's run one more scanner

Open your copy of Adobe Reader, under the HELP menu, click on CHECK FOR UPDATES to bring your copy up to date and secure

Afterwards:

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
[color=\"blue\"]Updating Java:[/color]

Download the latest version of Java Runtime Environment (JRE) .
Scroll down to where it says "JRE 6 Update 14".
Click the "Download" button to the right.
In the Window that opens, select Windows, beside Platform:>>Check the "agree" box and click Continue.
Click on the link to download Windows Offline Installation and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.

- Examples of older versions in Add or Remove Programs:

Java 2 Runtime Environment, SE v1.4.2
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 2

Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u14-windows-i586-p.exe that you downloaded to install the newest version.

Download [color=\"#FF0000\"]> ATF Cleaner <[/color] by Atribune and save it to your Desktop.

Double Click on ATF-Cleaner.exe to Run it
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
*Prefetch (Windows XP) only.
Java Cache

The rest are optional - if you want to remove the lot, check "Select All".
Finally click Empty Selected. When you get the "Done Cleaning" message, click OK.
Click Exit from the Main menu

download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to [color=\"#006400\"]Update Malwarebytes' Anti-Malware[/color] and [color=\"#006400\"]Launch Malwarebytes' Anti-Malware[/color], then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

With that log from MBAM

Come back here, post a fresh Hijackthis log
Let me know how things are running
Are you still having problems with your DVD drive?

Gerry D · « **Reply #13 on:** June 16, 2009, 11:06:37 PM »

Here is the latest. As for the DVD drive, I tried to install Pinnacle Studio (I installed it once before on this laptop), but the drive spun on and off then just gave up. It plays music cd's, dvd movies, it burns cd and DVD-R. I had a DVD+R with old music on it I had burned on this drive originally and it did not want to read it. That's why I thought it was the driver.
I noticed on 317 security check it mentioned my service pack was out of date, do you think we need to fix this?
Well, here are the reports. Thanks again.

Malwarebytes' Anti-Malware 1.37
Database version: 2291
Windows 5.1.2600 Service Pack 2

6/16/2009 11:54:02 PM
mbam-log-2009-06-16 (23-54-02).txt

Scan type: Quick Scan
Objects scanned: 80609
Time elapsed: 5 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:05 AM, on 6/17/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
E:\hp files 2009\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Gerry Diaz\Desktop\Gerry Diaz.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SLYDVD\AnyDVD\AnyDVD.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\hp files 2009\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 6967 bytes

guestolo · « **Reply #14 on:** June 16, 2009, 11:27:12 PM »

Under Device Manager, is the DVD drive still reading
that it can't load driver?

Also, can you double click on export.bat again I had you make earlier
Open the Export.txt
Copy/paste that info back here again
Before you copy that info, can you ensure that click FORMAT>>and UNCHECK Word Wrap if it's selected

Gerry D · « **Reply #15 on:** June 16, 2009, 11:56:10 PM »

Yes, it is reading correctly.

See photo attachment.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"Class"="CDROM"
@="DVD/CD-ROM drives"
"EnumPropPages32"="MmSys.Cpl,MediaPropPageProvider"
"Installer32"="storprop.dll,DvdClassInstaller"
"SilentInstall"="1"
"NoInstallClass"="1"
"TroubleShooter-0"="hcp://help/tshoot/tsdrive.htm"
"Icon"="-51"
"LowerFilters"=hex(7):50,00,78,00,48,00,65,00,6c,00,70,00,32,00,30,00,00,00,41,\
00,6e,00,79,00,44,00,56,00,44,00,00,00,00,00
"UpperFilters"=hex(7):47,00,45,00,41,00,52,00,41,00,73,00,70,00,69,00,57,00,44,\
00,4d,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000\DigitalAudio]
"RegistryVersion"=dword:00000001
"NumberOfBuffers"=dword:00000008
"SectorsPerRead"=dword:00000010
"SectorsPerReadMask"=dword:ffffffff
"CDDASupported"=dword:00000001
"CDDAAccurate"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0001]
"EnumPropPages32"="storprop.dll,DvdPropPageProvider"
"InfPath"="cdrom.inf"
"InfSection"="cdrom_install"
"ProviderName"="Microsoft"
"DriverDateData"=hex:00,80,62,c5,c0,01,c1,01
"DriverDate"="7-1-2001"
"DriverVersion"="5.1.2535.0"
"MatchingDeviceId"="gencdrom"
"DriverDesc"="CD-ROM Drive"

guestolo · « **Reply #16 on:** June 17, 2009, 12:09:41 AM »

Can you try the following
Sometime a couple values in the registry cause problems

Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg

Save this file on the desktop
Ensure to copy from REGEDIT4 and down in the code box

Code: [Select]

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}]
"LowerFilters"=-
"UpperFilters"=-

Next: Access your Device manager
Right click on your DVD drive and choose to Uninstall it, once removed
Close device manager

Double click on fix.reg and allow to add/merge to the registry at the prompt
Reboot the computer
Back in Windows, let Windows autodetect and install your DVD drive again
After it has detected and installed it
Reboot the computer one more time
Any help?

TheTechGuide Forum

News:

Author Topic: HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right (Read 3065 times)

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

Gerry D

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right

guestolo

HL-DT-ST DVD-RW GCA-4080N, CD/DVD drive not working right