Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: can't get rid of dnschanger no matter what I do

  1. #1
    Junior Member
    Join Date
    Nov 2008
    Posts
    16

    Default can't get rid of dnschanger no matter what I do

    because of dnschanger I can't update windows using windows updater and I am at a loss as how to remove it.....

    here is my HJT log...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:33:30 PM, on 11/25/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\WINDOWS\system32\nvraidservice.exe
    C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Dell Photo AIO Printer 966\memcard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\system32\dlcqcoms.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    C:\Program Files\Microsoft Location Finder\LocationFinder.exe
    C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
    C:\Program Files\SiteAdvisor\6172\SAService.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
    C:\Program Files\Click-N-Type\Click-N-Type.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=3061022
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
    O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
    O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~2\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
    O4 - HKLM\..\Run: [dlcqmon.exe] "C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
    O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
    O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [ante wait camp memo] C:\Documents and Settings\All Users\Application Data\wma five ante wait\view gram.exe
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [ShaPlus Bandwidth Meter] "C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter" /s
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
    O4 - HKCU\..\Run: [birdfree] C:\DOCUME~1\HABITA~1\APPLIC~1\EXITPO~1\about peak.exe
    O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
    O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
    O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [bandmon] C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user')
    O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Habitat Productions\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {1CE47888-DD62-482C-9723-4814BB04D45D} (musicshake) - http://pump.musicshake.com/NewDownload/musicshake.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
    O16 - DPF: {8FB571B0-DC11-487C-8B1C-BD60A32366FF} (MusicShakePlayer Control) - http://pump.musicshake.com/NewDownlo...eplayercab.CAB
    O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.gamehouse.com/realarcade-...amesPlayer.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: McAfee Application Installer Cleanup (0044291227655211) (0044291227655211mcinstcleanup) - Unknown owner - C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\004429~1.EXE (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: dlcq_device - - C:\WINDOWS\system32\dlcqcoms.exe
    O23 - Service: DNADownloader - Unknown owner - C:\Program Files\GameSpot\DownloadManager_Win32.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
    O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
    O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
    O23 - Service: CounterSpy Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
    O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

    --
    End of file - 19483 bytes

    please help

  2. #2
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi

    • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Click Continue at the disclaimer screen.
    • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized, if not you'll find it in c:\rsit folder)
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #3
    Junior Member
    Join Date
    Nov 2008
    Posts
    16

    Default RSIT Logs part 1

    I'll have to put each log in a separate reply, here is the first log...

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Habitat Productions at 2008-11-27 15:28:40
    Microsoft Windows XP Professional Service Pack 2
    System drive C: has 453 GB (48%) free of 949 GB
    Total RAM: 2045 MB (16% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:28:48 PM, on 11/27/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\system32\dlcqcoms.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\SiteAdvisor\6172\SAService.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\WINDOWS\system32\nvraidservice.exe
    C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
    C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
    C:\Program Files\Dell Photo AIO Printer 966\memcard.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    C:\Program Files\Microsoft Location Finder\LocationFinder.exe
    C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
    C:\Program Files\Click-N-Type\Click-N-Type.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Habitat Productions\My Documents\Comics\New Folder\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Habitat Productions.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=3061022
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
    O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
    O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~2\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
    O4 - HKLM\..\Run: [dlcqmon.exe] "C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
    O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
    O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [ante wait camp memo] C:\Documents and Settings\All Users\Application Data\wma five ante wait\view gram.exe
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [ShaPlus Bandwidth Meter] "C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter" /s
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
    O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
    O4 - HKCU\..\Run: [birdfree] C:\DOCUME~1\HABITA~1\APPLIC~1\EXITPO~1\about peak.exe
    O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
    O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
    O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [bandmon] C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user')
    O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Habitat Productions\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {1CE47888-DD62-482C-9723-4814BB04D45D} (musicshake) - http://pump.musicshake.com/NewDownload/musicshake.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
    O16 - DPF: {8FB571B0-DC11-487C-8B1C-BD60A32366FF} (MusicShakePlayer Control) - http://pump.musicshake.com/NewDownlo...eplayercab.CAB
    O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.gamehouse.com/realarcade-...amesPlayer.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: McAfee Application Installer Cleanup (0044291227655211) (0044291227655211mcinstcleanup) - Unknown owner - C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\004429~1.EXE (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: dlcq_device - - C:\WINDOWS\system32\dlcqcoms.exe
    O23 - Service: DNADownloader - Unknown owner - C:\Program Files\GameSpot\DownloadManager_Win32.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
    O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
    O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
    O23 - Service: CounterSpy Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
    O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

    --
    End of file - 19569 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\82E372E29D5CE662.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\McDefragTask.job
    C:\WINDOWS\tasks\McQcTask.job
    C:\WINDOWS\tasks\SpyHunter Scanner.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-07-18 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
    McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9}]
    MorpheusToolbar BHO - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL [2007-05-10 237568]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22}]
    AOLSearchHook Class - C:\Program Files\AIM Search\AOLSearch.dll [2008-08-06 111912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
    Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
    C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-11-01 5759816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-25 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
    AOL Toolbar Launcher - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-08-30 94208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-25 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - Morpheus Toolbar - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL [2007-05-10 237568]
    {724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2008-11-01 5759816]
    {DE9C389F-3316-41A7-809B-AA305ED9D922} - AIM Toolbar - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
    "CTHelper"=C:\WINDOWS\CTHELPER.EXE [2005-11-08 16384]
    "CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-03-02 18944]
    "NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2006-08-03 137216]
    "DMXLauncher"=C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe [2007-08-14 113136]
    "CTDVDDET"=C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE [2003-06-18 45056]
    "VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe [2005-10-14 122880]
    "AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152]
    "UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
    "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~2\UPDATE~1\ISUSPM.exe [2006-03-20 213936]
    "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-09-11 86960]
    "DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-09-14 157592]
    "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
    "PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-01-26 57393]
    "IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-01-26 40960]
    "FaxCenterServer"=C:\Program Files\Dell PC Fax\fm3032.exe [2006-06-15 307200]
    "dlcqmon.exe"=C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe [2006-06-20 286720]
    "MemoryCardManager"=C:\Program Files\Dell Photo AIO Printer 966\memcard.exe [2006-06-27 299008]
    "DLCQCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll []
    "ante wait camp memo"=C:\Documents and Settings\All Users\Application Data\wma five ante wait\view gram.exe []
    "ddoctorv2"=C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe [2008-04-24 202560]
    "Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
    "WinampAgent"=C:\Program Files\Winamp\winampa.exe []
    "UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-07-23 341232]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
    "RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2007-08-24 240112]
    "ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
    "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-07-18 185896]
    "googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
    "ShaPlus Bandwidth Meter"=C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter /s []
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "SBAMTray"=C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe [2008-10-28 681256]
    "mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
    "McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2007-11-30 1164576]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-25 136600]
    "Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-08-28 531272]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Microsoft Location Finder"=C:\Program Files\Microsoft Location Finder\LocationFinder.exe [2006-11-14 121640]
    "birdfree"=C:\DOCUME~1\HABITA~1\APPLIC~1\EXITPO~1\about peak.exe []
    "SkinClock"=C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [2007-02-16 1724416]
    "LaunchList"=C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
    "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-09-11 86960]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
    "bandmon"=C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe [2008-06-01 1529856]
    "Aim6"= []

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe
    HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

    C:\Documents and Settings\Habitat Productions\Start Menu\Programs\Accessories\Startup
    Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe
    MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
    "C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
    "C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
    "C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
    "C:\WINDOWS\system32\dlcqcoms.exe"="C:\WINDOWS\system32\dlcqcoms.exe:*:Enabled:Lexmark Communications System"
    "C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
    "C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
    "C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Program Files\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
    "C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\utorrent.exe"="C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\utorrent.exe:*:Enabled:µTorrent"
    "C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\emulev0.47a-MorphXTv8.9-bin\emule\emule.exe"="C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\emulev0.47a-MorphXTv8.9-bin\emule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp"="C:\Program Files\Kazaa Lite Resurrection\kazaalite.kpp:*:Enabled:kazaalite"
    "C:\Program Files\K-Lite\kazaa.core"="C:\Program Files\K-Lite\kazaa.core:*:Enabled:Kazaa"
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat"="C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars"
    "C:\Documents and Settings\Habitat Productions\Local Settings\Temp\ElectronicArts_Patcher_000.exe"="C:\Documents and Settings\Habitat Productions\Local Settings\Temp\ElectronicArts_Patcher_000.exe:*:Enabled:ElectronicArts_Patcher_000"
    "C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.4\cnc3game.dat"="C:\Program Files\Electronic Arts\Command & Conquer 3\RetailExe\1.4\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars"
    "C:\Program Files\Morpheus Ultra\Morpheus.exe"="C:\Program Files\Morpheus Ultra\Morpheus.exe:*:Enabled:M5Shell"
    "C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:Morpheus"
    "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
    "C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
    "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
    "C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
    "C:\Program Files\BearFlix\bearflix.exe"="C:\Program Files\BearFlix\bearflix.exe:*:Enabled:BearFlix"
    "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
    "C:\Documents and Settings\Habitat Productions\My Documents\Comics\wowclient-downloader.exe"="C:\Documents and Settings\Habitat Productions\My Documents\Comics\wowclient-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Documents and Settings\Habitat Productions\My Documents\Comics\WoW-BurningCrusade-enUS-Installer-downloader.exe"="C:\Documents and Settings\Habitat Productions\My Documents\Comics\WoW-BurningCrusade-enUS-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
    "C:\Program Files\Sega\Universe At War Earth Assault (DEMO)\UAWEA.exe"="C:\Program Files\Sega\Universe At War Earth Assault (DEMO)\UAWEA.exe:*:Enabled:Universe at War: Earth Assault Application"
    "C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DCPlusPlus"
    "C:\Program Files\MusicBrainz Picard\picard.exe"="C:\Program Files\MusicBrainz Picard\picard.exe:*:Enabled:picard"
    "C:\Program Files\World of Warcraft\Repair.exe"="C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
    "C:\Program Files\Orb Networks\Orb\bin\Orb.exe"="C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb"
    "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray"
    "C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
    "C:\Program Files\ONWIND\ZU-ONLINE\BT_Update.exe"="C:\Program Files\ONWIND\ZU-ONLINE\BT_Update.exe:*:Enabled:BT_Update"
    "C:\Program Files\Joost\xulrunner\tvprunner.exe"="C:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"
    "C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
    "C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
    "C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe"="C:\Program Files\Turbine\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient"
    "C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application"
    "C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\Chocolate Ball 2007\New 2008\CabalTemp\ESTSetupLoader.exe"="C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\Chocolate Ball 2007\New 2008\CabalTemp\ESTSetupLoader.exe:*:Enabled:EST! download engine"
    "C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager"
    "C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio"
    "C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
    "C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:*:Enabled:PMSManager"
    "C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi"
    "C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD"
    "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
    "C:\Program Files\Dreamlords\dreamlords.exe"="C:\Program Files\Dreamlords\dreamlords.exe:*:Enabled:Dreamlords Game Client"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
    "C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
    "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\OpenCase\OpenCASE Media Agent\PandoBinaries\NBCPandoREST.exe"="C:\Program Files\OpenCase\OpenCASE Media Agent\PandoBinaries\NBCPandoREST.exe:*:Enabled:PandoRest Application Name"
    "C:\Program Files\Curse\CurseClient.exe"="C:\Program Files\Curse\CurseClient.exe:*:Enabled:CurseClient"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\World of Warcraft\WoW-3.0.1-to-3.0.2-enUS-Win-Update-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.0.1-to-3.0.2-enUS-Win-Update-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    ======File associations======

    .reg - open - regedit.exe "%1" %*
    .scr - open - "%1" %*

    ======List of files/folders created in the last 1 months======

    2008-11-27 15:26:15 ----D---- C:\rsit
    2008-11-26 14:38:11 ----D---- C:\WINDOWS\system32\zh_temp
    2008-11-26 11:57:18 ----HD---- C:\WINDOWS\system32\GroupPolicy
    2008-11-25 22:21:21 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-11-25 22:21:21 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-11-25 22:21:21 ----A---- C:\WINDOWS\system32\java.exe
    2008-11-25 22:21:21 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-11-25 22:13:23 ----D---- C:\Program Files\AskBarDis
    2008-11-25 22:13:14 ----D---- C:\Documents and Settings\Habitat Productions\Application Data\Foxit
    2008-11-25 22:13:13 ----D---- C:\Program Files\Foxit Software
    2008-11-25 21:56:09 ----D---- C:\Program Files\Trend Micro
    2008-11-25 19:20:28 ----A---- C:\WINDOWS\system32\o4Patch.exe
    2008-11-25 19:20:28 ----A---- C:\WINDOWS\system32\IEDFix.exe
    2008-11-25 19:20:28 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
    2008-11-25 19:20:28 ----A---- C:\WINDOWS\system32\404Fix.exe
    2008-11-25 18:21:27 ----A---- C:\WINDOWS\system32\dunzip32.dll
    2008-11-25 18:19:43 ----D---- C:\Program Files\McAfee.com
    2008-11-25 18:19:39 ----D---- C:\Program Files\Common Files\McAfee
    2008-11-25 18:19:33 ----D---- C:\Program Files\McAfee
    2008-11-25 17:38:27 ----D---- C:\Documents and Settings\Habitat Productions\Application Data\Sunbelt
    2008-11-25 17:38:23 ----D---- C:\Documents and Settings\All Users\Application Data\Sunbelt
    2008-11-25 17:38:11 ----D---- C:\Program Files\Sunbelt Software
    2008-11-24 17:07:18 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-11-24 17:07:17 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-11-24 17:07:17 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
    2008-11-24 17:07:17 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
    2008-11-24 11:28:55 ----D---- C:\Program Files\SiteAdvisor
    2008-11-24 11:28:54 ----D---- C:\Documents and Settings\Habitat Productions\Application Data\SiteAdvisor
    2008-11-23 13:01:08 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
    2008-11-23 12:59:46 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
    2008-11-23 12:59:42 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    2008-11-23 12:09:09 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
    2008-11-11 18:29:25 ----D---- C:\Program Files\World of Warcraft
    2008-11-08 12:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-11-08 12:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-11-08 12:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-11-08 12:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-11-08 12:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-11-08 12:47:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-11-08 12:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-11-08 12:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-11-08 12:46:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$
    2008-11-08 12:44:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
    2008-11-08 12:44:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-11-08 12:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-11-08 12:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-11-08 12:38:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2008-11-08 12:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2008-11-08 10:13:44 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2008-10-28 16:28:12 ----A---- C:\WINDOWS\system32\sbbd.exe

    ======List of files/folders modified in the last 1 months======

    2008-11-27 15:25:26 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-27 15:00:00 ----A---- C:\Documents and Settings\Habitat Productions\Application Data\alarms.ini
    2008-11-27 14:43:42 ----A---- C:\Documents and Settings\Habitat Productions\Application Data\AtomicAlarmClock.ini
    2008-11-27 12:29:07 ----D---- C:\WINDOWS\Temp
    2008-11-27 12:02:01 ----D---- C:\Program Files\DC++
    2008-11-27 10:53:35 ----D---- C:\WINDOWS\Prefetch
    2008-11-27 10:40:00 ----D---- C:\WINDOWS
    2008-11-27 10:39:50 ----D---- C:\Program Files\dl_cats
    2008-11-26 19:16:21 ----D---- C:\WINDOWS\system32
    2008-11-26 19:16:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-11-26 19:06:04 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-26 19:06:03 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-26 14:24:44 ----SHD---- C:\System Volume Information
    2008-11-26 14:24:44 ----D---- C:\WINDOWS\system32\Restore
    2008-11-26 12:24:59 ----RD---- C:\Program Files
    2008-11-26 12:11:03 ----RSH---- C:\boot.ini
    2008-11-26 12:11:03 ----A---- C:\WINDOWS\win.ini
    2008-11-26 12:11:02 ----A---- C:\WINDOWS\system.ini
    2008-11-25 22:21:27 ----SHD---- C:\WINDOWS\Installer
    2008-11-25 22:21:26 ----HD---- C:\Config.Msi
    2008-11-25 22:21:03 ----D---- C:\Program Files\Java
    2008-11-25 22:12:24 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-11-25 22:12:22 ----D---- C:\Program Files\Common Files\Adobe
    2008-11-25 19:28:16 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-11-25 19:23:12 ----A---- C:\rapport.txt
    2008-11-25 19:21:09 ----D---- C:\Program Files\Google
    2008-11-25 19:21:06 ----A---- C:\WINDOWS\system32\tmp.txt
    2008-11-25 19:01:16 ----D---- C:\WINDOWS\system32\CatRoot
    2008-11-25 19:01:06 ----HD---- C:\WINDOWS\inf
    2008-11-25 18:27:21 ----D---- C:\Program Files\Common Files
    2008-11-25 18:22:36 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
    2008-11-25 18:21:04 ----D---- C:\WINDOWS\system32\drivers
    2008-11-25 18:20:02 ----SD---- C:\WINDOWS\Tasks
    2008-11-25 17:34:56 ----D---- C:\Program Files\LimeWire
    2008-11-24 12:42:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-11-23 19:44:39 ----D---- C:\Documents and Settings\Habitat Productions\Application Data\uTorrent
    2008-11-23 17:32:06 ----D---- C:\Program Files\Trillian
    2008-11-23 12:28:38 ----D---- C:\WINDOWS\system32\dllcache
    2008-11-22 20:29:02 ----D---- C:\Documents and Settings\Habitat Productions\Application Data\LimeWire
    2008-11-22 20:25:43 ----D---- C:\Program Files\Folder Lock
    2008-11-16 18:07:03 ----D---- C:\WINDOWS\Help
    2008-11-11 21:05:03 ----D---- C:\Documents and Settings\Habitat Productions\Application Data\GetRightToGo
    2008-11-11 18:30:54 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
    2008-11-08 12:59:15 ----D---- C:\Program Files\Microsoft Silverlight
    2008-11-08 12:48:12 ----A---- C:\WINDOWS\imsins.BAK
    2008-11-08 12:48:11 ----D---- C:\Program Files\Messenger
    2008-11-08 12:48:08 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-08 12:42:34 ----RSD---- C:\WINDOWS\assembly
    2008-11-08 12:41:41 ----RSD---- C:\WINDOWS\Fonts
    2008-11-08 12:41:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2008-11-08 12:38:42 ----D---- C:\WINDOWS\WinSxS
    2008-11-08 10:13:44 ----D---- C:\WINDOWS\Debug

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
    R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
    R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
    R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
    R1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys [2008-09-12 13360]
    R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-04 88448]
    R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-04 63232]
    R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-04 55936]
    R2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys [2008-09-12 69168]
    R2 windrvNT;windrvNT; \??\C:\WINDOWS\system32\windrvNT.sys []
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
    R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2005-02-23 11264]
    R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-04 143872]
    R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-11-08 502272]
    R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-11-08 439680]
    R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-11-08 7168]
    R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2005-11-08 143360]
    R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2005-11-08 77824]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-02-15 1096192]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
    R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-02-18 96256]
    R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
    R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2005-11-08 114688]
    R3 pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-02-12 47360]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-10-02 10368]
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-10-25 27264]
    R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
    R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
    R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
    S3 ai0gksy8;ai0gksy8; C:\WINDOWS\system32\drivers\ai0gksy8.sys []
    S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
    S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-07-13 340704]
    S3 CW100;CW100 Device; C:\WINDOWS\system32\DRIVERS\CW100.sys [2002-05-24 24092]
    S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
    S3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
    S3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
    S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
    S3 WideUSB;WideUSB Generic USB Bulk driver; C:\WINDOWS\System32\Drivers\WideUSB.sys [2005-11-18 18720]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
    S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
    S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
    S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
    S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2004-08-03 5504]
    S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2007-08-18 57328]
    S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
    S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-04 73472]
    S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-09-25 574808]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
    R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
    R2 dlcq_device;dlcq_device; C:\WINDOWS\system32\dlcqcoms.exe [2006-07-13 528384]
    R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-25 152984]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
    R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
    R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
    R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-12-11 358224]
    R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
    R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
    R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
    R2 OpenCASE Media Agent;OpenCASE Media Agent; C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe [2008-08-29 835208]
    R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
    R2 SiteAdvisor Service;SiteAdvisor Service; C:\Program Files\SiteAdvisor\6172\SAService.exe [2008-11-24 341280]
    R2 sprtsvc_ddoctorv2;SupportSoft Sprocket Service (ddoctorv2); C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe [2008-04-24 202560]
    R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
    R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
    S2 0044291227655211mcinstcleanup;McAfee Application Installer Cleanup (0044291227655211); C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\004429~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
    S2 DNADownloader;DNADownloader; C:\Program Files\GameSpot\DownloadManager_Win32.exe []
    S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776]
    S2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2005-05-04 9150464]
    S2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe [2006-01-19 49152]
    S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-08-24 362992]
    S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-08-24 309744]
    S2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-08-24 166384]
    S2 SBAMSvc;CounterSpy Antispyware; C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe [2008-10-28 886056]
    S2 SessionLauncher;SessionLauncher; C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\DX9\SessionLauncher.exe []
    S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-08-27 654848]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 Imapi Helper;Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [2006-01-04 163840]
    S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
    S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-08-24 72176]
    S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-08-24 1083888]
    S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
    S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

    -----------------EOF-----------------

  4. #4
    Junior Member
    Join Date
    Nov 2008
    Posts
    16

    Default RSIT Logs Part 2

    Here is the other log...

    info.txt logfile of random's system information tool 1.04 2008-11-27 15:27:36

    ======Uninstall list======

    -->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W
    -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {4F3FCD41-AD1C-4EE8-9D5C-35DBA58BA060}
    -->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15E9BB4B-D88B-47DD-BB38-2DB5B8CD2CEB}\Setup.EXE" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34449598-3F4B-43B5-A996-84A7345FD15F}\setup.exe" -l0x9
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    AbsoluteShield File Shredder-->"C:\WINDOWS\AbsoluteShield File Shredder\uninstall.exe" "/U:C:\Program Files\AbsoluteShield File Shredder\Uninstall\uninstall.xml"
    Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\4dcfd9b7e901b57f81f667144603236\Setup.exe
    Add/Remove Pro-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ADRMPRO2.INF, DefaultUninstall.ntx86
    Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
    Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
    Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
    Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
    Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
    Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
    Adobe Setup-->MsiExec.exe /I{4458C442-7376-4CF9-AF58-E8CEA6722363}
    Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
    Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Version Cue CS3 Server {ko_KR} -->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
    Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
    AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
    AI RoboForm (All Users)-->"C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
    AIM 6-->C:\Program Files\AIM6\uninst.exe
    AIM Search-->C:\Program Files\AIM Search\uninstaller.exe AIM Search
    AIM Toolbar 5.0-->"C:\Program Files\AOL\AIM Toolbar 5.0\uninstall.exe"
    Allok Video Joiner 3.5.0423-->"C:\Program Files\Allok Video Joiner\unins000.exe"
    Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    Atomic Alarm Clock 4.35-->"C:\Program Files\Atomic Alarm Clock\unins000.exe"
    Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
    Bandwidth Monitor-->"C:\Program Files\Rokario\Bandwidth Monitor\unins000.exe"
    BIAS SoundSoap PE 2.1-->MsiExec.exe /I{42442CA9-90E6-4011-BB55-7C263F6D5EC1}
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    Broadcom Advanced Control Suite-->MsiExec.exe /X{26E1BFB0-E87E-4696-9F89-B467F01F81E5}
    Business Complete Care Services Agreement-->MsiExec.exe /X{64658686-0CD4-4CF6-983D-0A6BE32007DB}
    CDisplay 1.8-->"C:\Program Files\CDisplay\unins000.exe"
    Click-N-Type-->MsiExec.exe /X{7BA0B036-5AA6-43FF-A7EF-B0BC16411A90}
    Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
    Company of Heroes Single Player Demo-->MsiExec.exe /X{6EA45FAC-6F5F-43EE-87D7-4688AF9E2F07}
    Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}
    Corel Photo Album 6-->MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
    Creative MediaSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\setup.exe" -l0x9 /remove
    Curse Client-->C:\Program Files\Curse\uninstall.exe
    CWPv3-->C:\Program Files\Activision\Bridge Commander\Uninstal.exe
    DC++ 0.707-->"C:\Program Files\DC++\uninstall.exe"
    Dell CinePlayer-->MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
    Dell Digital Jukebox Driver-->C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
    Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
    Dell PC Fax-->C:\Program Files\Dell PC Fax\Install\x86\Uninst.exe /R:faxunst
    Dell Photo AIO Printer 966-->C:\Program Files\Dell Photo AIO Printer 966\Install\x86\Uninst.exe
    DirectXInstallService-->MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75}
    DISC TITLE PRINTER for CW-100-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79C8CC21-6384-47E4-BEAB-2550066ED65B}\Setup.exe" -uninst anything
    DiscAPI (Studio 10)-->MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
    DVD Flick-->"C:\Program Files\DVD Flick\unins000.exe"
    DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
    DVD X Copy Platinum 5.0.0-->"C:\Program Files\DVDXCopyInternational\Platinum\uninstall.exe"
    DVDFab Platinum 3.0.3.3 Beta Ghosthunter Release-->"C:\Program Files\DVDFab Platinum 3\unins000.exe"
    EA Download Manager-->C:\PROGRA~1\COMMON~1\INSTAL~2\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1033
    Element WoW Launcher v1.2-->MsiExec.exe /X{0D218D32-B021-49F0-A743-288F84963EA2}
    Express Burn-->C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
    FLV to AVI MPEG WMV 3GP MP4 iPod Converter 4.2.0622-->"C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter\unins000.exe"
    Folder Lock-->C:\Program Files\Folder Lock\Uninstall.exe
    Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
    Foxit Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
    GameSpot Download Manager-->"C:\Program Files\GameSpot\uninstall.exe"
    Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"
    High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    HP Document Viewer 7.0-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Premier Software 6.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    InterVideo DeviceService-->MsiExec.exe /I{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}
    InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0409
    iPod Reset Utility-->MsiExec.exe /X{20ED157B-1A84-4DF7-945E-4951A38A9CBA}
    J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
    Jasc Paint Shop Pro 9.01 - (9.0.1.1)-->C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
    Jasc Paint Shop Pro 9.01 Patch-->C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
    Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    K-Lite Codec Pack 4.1.7 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    L&H TTS3000 British English-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSENG.inf, Uninstall
    Magelo Sync (uninstall only)-->"C:\Program Files\Magelo\Magelo Sync\UnInstall.exe"
    MagicDisc 2.6.93-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
    MediaMonkey 2.5-->"C:\Program Files\MediaMonkey\unins000.exe"
    Memorex exPressit Label Design Studio-->C:\WINDOWS\mvuninst\App1\mvuninst.exe "Memorex exPressit Label Design Studio"
    MemoriesOnTV 4.0.4-->"C:\Program Files\MemoriesOnTV4\unins000.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office Small Business Edition 2003-->MsiExec.exe /I{91CA0409-6000-11D3-8CFE-0150048383C9}
    Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
    Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    Microsoft Windows XP Video Decoder Checkup Utility-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\DECCHECK.inf,Uninstall
    MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
    Morpheus Toolbar-->rundll32 C:\PROGRA~1\MORPHE~2\bar\1.bin\MorphBar.dll,O
    MotionArtist 4-->C:\WINDOWS\unvise32.exe C:\Program Files\e frontier\MotionArtist 4\uninstal.log
    Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    musicshake-->MsiExec.exe /I{1329C4EB-88EC-4D76-82A2-945EAF281D81}
    NBC Direct Beta-->MsiExec.exe /I{7A647B7A-9FE7-44A2-9041-C04528D44EB9}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
    OpenCASE Media Agent-->MsiExec.exe /I{1771FDC8-D846-4B77-996A-C80DAD42C03F}
    OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
    PenScanner Twain Driver-->C:\PROGRA~1\PenTwain\UNWISE.EXE C:\PROGRA~1\PenTwain\INSTALL.LOG
    Photodex Presenter-->C:\Program Files\Photodex Presenter\uninst.exe
    Pinnacle MediaServer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x9 UNINSTALL
    PlayNC Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
    Print to Fax-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BF2B19D-9C79-492A-8969-F059F06A627F}\setup.exe" -l0x9 ControlPanel
    proDAD Vitascene 1.0-->"C:\Program Files\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    QuickVerse 2007-->C:\PROGRA~1\QUICKV~1\QVUninst.exe
    Real Alternative 1.51-->"C:\Program Files\Real Alternative\unins000.exe"
    RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Red Eye Remover 2.0-->"C:\Program Files\Red Eye Remover\unins000.exe"
    Red Eye Remover Pro 1.2-->"C:\Program Files\Red Eye Remover Pro\unins000.exe"
    Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
    Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
    Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
    Roxio Central Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
    Roxio Central Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
    Roxio CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
    Roxio CinePlayer-->MsiExec.exe /I{1B683082-8791-4D00-8ADE-6C8986FCCC68}
    Roxio Disc Gallery-->MsiExec.exe /I{3E67A8DA-FE7B-4160-8465-F5571EA18753}
    Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}
    Roxio MediaShare-->MsiExec.exe /I{9A9A1828-31D1-4590-A99F-022B7237AFAE}
    Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    Sam and Max - Season Two - Sam and Max Episode 201 - Ice Station Santa-->C:\Program Files\Telltale Games\Sam and Max - Season Two\Uninstall Episode 201 - Ice Station Santa.exe
    Sam and Max - Season Two - Sam and Max Episode 202 - Moai Better Blues-->C:\Program Files\Telltale Games\Sam and Max - Season Two\Uninstall Episode 202 - Moai Better Blues.exe
    SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
    Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Security Update for Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
    SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~2\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
    Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
    Sonic Advanced Decoder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46C73DE4-E96D-4F7C-8371-F28052183B12}\setup.exe" -l0x9
    Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Sound Blaster X-Fi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\setup.exe" -l0x9 /remove
    Sounds Best On Sound Blaster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15E9BB4B-D88B-47DD-BB38-2DB5B8CD2CEB}\Setup.EXE" -l0x9 /remove
    SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\SPOREsetup.exe" -runfromtemp -l0x0009 -removeonly
    Studio 11-->C:\Program Files\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe -runfromtemp -l0x0009 UNINSTALL -removeonly
    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
    TiVoToGo Playback Filter-->MsiExec.exe /I{2B7A795D-3250-4331-A33D-9F6DD6A3F659}
    Trillian-->C:\Program Files\Trillian\trillian.exe /uninstall
    Ulead DVD MovieFactory 6-->C:\Program Files\InstallShield Installation Information\{CCC4E428-411E-4605-B515-317D50ABD477}\setup.exe -runfromtemp -l0x0409
    Ulead MediaStudio Pro 8.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6E71574-2126-4E95-816E-32B2411C94BA}\setup.exe" -l0x9
    Ulead VideoStudio 11-->C:\Program Files\InstallShield Installation Information\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\setup.exe -runfromtemp -l0x0409
    ULTRA 2 Program Files-->MsiExec.exe /I{6CC9B4FB-161D-4330-97C3-9D48CA5FD106}
    Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Update for Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
    Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Update for Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
    Update for Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
    Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
    Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Update for Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
    Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
    UseNeXT-->"C:\Program Files\UseNeXT\unins001.exe"
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
    VideoCharge-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{613EA65C-E570-4BE0-B26F-1EDF2536B3EA}\Setup.exe" -u
    VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    VideoReDo TVSuite Version 3.1.5.565-->"C:\Program Files\VideoReDoTVSuite\unins000.exe"
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
    WavePad Uninstall-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
    Web Photo Album 1.1-->"C:\Program Files\Web Photo Album\unins000.exe"
    WinAVI Video Converter 9.0-->"C:\WINDOWS\WinAVI Video Converter 9.0\uninstall.exe" "/U:C:\Program Files\WinAVI Video Converter 9.0\Uninstall\uninstall.xml"
    Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\amdk8.inf
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
    Windows Live Local Add-in for Microsoft Office Outlook-->MsiExec.exe /I{671CB656-DCED-4C30-90AD-CA75CB5C7BAA}
    Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
    Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
    Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe
    Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
    Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
    Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll

    Hosts File Missing

  5. #5
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi again,

    IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    Azureus Vuze
    Morpheus Toolbar
    UseNeXT


    I'd like you to read the this thread.

    Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

    Delete these folders afterwards:

    C:\Program Files\Azureus
    C:\Program Files\MorpheusBar
    C:\Program Files\UseNeXT
    C:\Program Files\LimeWire
    C:\Program Files\iMesh Applications
    C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\emulev0.47a-MorphXTv8.9-bin
    C:\Program Files\Kazaa Lite Resurrection
    C:\Program Files\K-Lite
    C:\Program Files\eMule
    C:\Program Files\Morpheus Ultra
    C:\Program Files\Morpheus
    C:\Program Files\BearShare Applications
    C:\Program Files\Azureus
    C:\Program Files\DC++
    C:\Program Files\uTorrent
    C:\Documents and Settings\Habitat Productions\Application Data\uTorrent
    C:\Documents and Settings\Habitat Productions\Application Data\LimeWire

    and files:
    C:\Documents and Settings\Habitat Productions\My Documents\Habitat Productions\utorrent.exe

    Empty Recycle Bin.

    Uninstall also following old Java versions:
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 2
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7




    After that:

    Download Lop S&D by Eric_71 and save it to your desktop.
    Lop S&D will only run on Windows XP and Windows Vista

    Disable your antivirus and antimalware programs so they do not interfere with the running of Lop S&D.
    To see how to disable security programs visit this tutorial:
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
    You will need to disable following programs:
    (list here)
    • Double-click Lop S&D.exe
    • Choose the language by typing of the corresponding letter and press Enter
    • Click OK at the informative window
    • Type 1, to choose Option 1 (Search) then press Enter
    • Wait until the end of the scan
    • A report will be generated, post the contents of it in your next reply.

    (Copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt)
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  6. #6
    Junior Member
    Join Date
    Nov 2008
    Posts
    16

    Default here is the LopS&D log

    here it is...

    and my Java is up to date...

    and yes, I am a bit of a pirate but this virus/malware is reason enough to curb that...


    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 1.1.3
    USER : Habitat Productions ( Administrator )
    BOOT : Normal boot
    Antivirus : McAfee VirusScan (Not Activated)
    Firewall : McAfee Personal Firewall (Not Activated)
    C:\ (Local Disk) - NTFS - Total:926 Go (Free:450 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB) - FAT - Total:1917 Mo (Free:1 Go)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD)
    K:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    L:\ (USB)
    M:\ (USB)
    P:\ (USB) - FAT32 - Total:28507 Mo (Free:18 Go)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( Thu 11/27/2008|17:18 )

    --------------------\\ Listing folders in APPLIC~1

    [10/22/2006|04:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Creative
    [08/11/2004|05:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
    [11/25/2008|05:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft

    [10/07/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [08/08/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> acccore
    [11/25/2008|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
    [10/06/2007|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Age of Empires 3 YPack Trial
    [08/08/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
    [12/21/2006|02:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
    [12/21/2006|02:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
    [07/08/2007|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
    [12/09/2006|05:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
    [08/07/2007|04:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Azureus
    [10/14/2008|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Blizzard
    [01/26/2007|05:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BVRP Software
    [06/21/2008|03:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Comcast
    [08/10/2008|07:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Corel
    [10/22/2006|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Creative
    [01/26/2007|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DellFaxCtr
    [12/27/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
    [10/01/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ExtendMedia
    [08/11/2007|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
    [06/14/2008|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GoBit Games
    [12/09/2006|04:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
    [05/16/2008|03:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
    [10/22/2006|04:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
    [10/04/2008|05:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InterVideo
    [10/06/2007|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
    [08/22/2008|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
    [11/25/2008|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
    [02/09/2007|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
    [09/06/2007|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Media Center Programs
    [01/26/2008|03:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
    [12/05/2007|05:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NCH Swift Sound
    [11/25/2008|05:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Norton
    [11/23/2008|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NortonInstaller
    [05/12/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> nView_Profiles
    [01/01/2007|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
    [10/09/2007|03:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> part dead amok eggs
    [10/12/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Tools
    [11/23/2008|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PCSettings
    [04/17/2008|03:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pinnacle
    [12/12/2006|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pinnacle Studio
    [06/25/2008|01:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PopCap
    [01/29/2007|05:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QubeSoft
    [02/17/2007|05:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Real
    [10/09/2007|04:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> River Past G4
    [09/22/2007|08:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> River Past G5
    [08/05/2007|03:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> RoboForm
    [05/31/2008|09:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Roxio
    [08/11/2004|05:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
    [01/20/2007|04:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ScanSoft
    [11/24/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SiteAdvisor
    [04/02/2008|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
    [05/31/2008|04:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SmartSound Software Inc
    [05/29/2008|06:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
    [10/12/2008|03:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
    [11/25/2008|05:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sunbelt
    [07/29/2007|07:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SupportSoft
    [10/12/2008|04:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
    [05/31/2008|07:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ulead Systems
    [08/16/2008|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
    [12/10/2006|07:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
    [08/09/2008|09:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
    [08/10/2007|03:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> wma five ante wait
    [08/16/2008|05:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!
    [08/09/2007|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> YoGen

    [10/22/2006|04:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Creative
    [08/11/2004|05:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
    [08/11/2004|05:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
    [11/25/2008|10:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

    [09/19/2007|02:50] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> .gaim
    [08/08/2008|10:06] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> acccore
    [01/05/2008|10:36] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Adobe
    [12/13/2006|11:36] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> AdobeUM
    [03/25/2008|05:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Apple Computer
    [01/26/2008|03:55] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> ArcSoft
    [10/12/2008|09:18] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Azureus
    [09/11/2008|06:43] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> BearShare
    [12/13/2007|02:01] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> BNI Software
    [08/29/2008|05:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> BWMeterPro
    [04/23/2007|10:37] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Command & Conquer 3 Tiberium Wars
    [02/27/2007|02:49] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Command & Conquer 3 Tiberium Wars Demo
    [08/23/2008|12:55] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Corel
    [12/10/2006|01:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Corel Photo Album
    [12/30/2006|05:34] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Creative
    [01/27/2007|09:43] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> DellFaxCtr
    [06/21/2008|04:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Dreamlords
    [07/16/2008|01:44] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> DVD Flick
    [11/01/2007|03:34] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> dvdcss
    [05/28/2008|08:36] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> e frontier
    [10/06/2007|09:20] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Exit Poke
    [09/26/2007|07:22] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Folder Guard
    [11/25/2008|10:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Foxit
    [03/12/2008|08:23] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> GarageGames
    [11/11/2008|09:05] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> GetRightToGo
    [02/13/2007|12:40] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Help
    [08/11/2004|05:20] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Identities
    [02/13/2007|02:34] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> ImgBurn
    [12/10/2006|05:21] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> IMVU
    [12/12/2006|06:22] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> InstallShield
    [06/01/2008|10:51] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> InterVideo
    [04/03/2007|06:11] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Kazaa Lite
    [12/09/2006|05:55] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Lavasoft
    [12/12/2006|01:12] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Leadertech
    [11/22/2008|08:29] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> LimeWire
    [09/24/2007|07:04] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Lionhead Studios
    [05/28/2008|08:03] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Lost Marble
    [12/22/2006|02:47] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> LucasArts
    [01/29/2007|06:29] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Macromedia
    [08/22/2008|11:32] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Malwarebytes
    [02/19/2007|12:17] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Media Player Classic
    [10/14/2008|10:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Microsoft
    [10/04/2008|07:48] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Move Networks
    [06/17/2008|05:18] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Mozilla
    [01/13/2007|07:58] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> NCH Swift Sound
    [05/01/2007|04:14] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Netscape
    [08/20/2007|01:41] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> NewsLeecher
    [05/01/2007|04:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Photodex
    [04/20/2008|09:41] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> proDAD
    [11/04/2007|08:45] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Publish Providers
    [09/03/2007|03:11] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> QuickVerse11
    [08/24/2007|11:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Real
    [12/14/2006|07:58] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> River Past G4
    [09/22/2007|07:56] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> River Past G5
    [08/30/2008|10:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Rokario
    [05/31/2008|06:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Roxio
    [08/07/2007|05:43] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> ScanSoft
    [04/16/2007|04:00] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SecuROM
    [11/24/2008|06:21] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SiteAdvisor
    [07/01/2008|03:30] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Skype
    [07/01/2008|03:29] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> skypePM
    [04/19/2008|02:56] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Snapfish
    [02/13/2007|06:26] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sonic
    [11/04/2007|08:50] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sony
    [09/12/2008|02:33] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SPORE
    [12/20/2006|11:11] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sun
    [11/25/2008|05:38] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sunbelt
    [02/23/2008|03:45] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SystemRequirementsLab
    [12/09/2006|05:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Talkback
    [02/23/2008|02:41] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Turbine
    [07/29/2008|05:15] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> U3
    [08/14/2007|10:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Ulead Systems
    [12/29/2007|04:26] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> UseNeXT
    [11/23/2008|07:44] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> uTorrent
    [01/27/2008|03:57] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Ventrilo
    [09/17/2008|12:23] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> VideoReDo-TVSuite
    [09/18/2007|12:11] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Viewpoint
    [12/10/2006|08:59] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> vlc
    [05/31/2008|06:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Vso
    [09/19/2008|11:23] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> yahoo!

    [06/01/2008|05:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> DivX
    [07/30/2007|08:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Identities
    [11/25/2008|05:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
    [05/31/2008|09:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Roxio
    [11/25/2008|01:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> SACore
    [11/24/2008|11:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> SiteAdvisor

    [11/25/2008|05:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

    --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

    [11/25/2008 06:20 PM][--a------] C:\WINDOWS\tasks\McDefragTask.job
    [11/25/2008 06:20 PM][--a------] C:\WINDOWS\tasks\McQcTask.job
    [11/24/2008 12:00 PM][--a------] C:\WINDOWS\tasks\SpyHunter Scanner.job
    [11/27/2008 05:00 PM][--ah-----] C:\WINDOWS\tasks\82E372E29D5CE662.job
    [11/25/2008 12:07 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [11/26/2008 07:11 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [08/04/2004 05:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ( 82E372E29D5CE662.job )=( c:\docume~1\habita~1\applic~1\exitpo~1\softrealspam.exe )

    --------------------\\ Listing Folders in C:\Program Files

    [03/21/2008|01:42] C:\Program Files\<DIR> Abbyy FineReader 6.0 Sprint
    [12/14/2007|03:41] C:\Program Files\<DIR> ABInvoice
    [11/21/2007|10:25] C:\Program Files\<DIR> Absolute Video Converter
    [12/01/2007|08:39] C:\Program Files\<DIR> Absolute Video Splitter Joiner
    [10/13/2007|10:02] C:\Program Files\<DIR> AbsoluteShield File Shredder
    [01/05/2008|11:43] C:\Program Files\<DIR> Acclaim
    [09/01/2007|04:32] C:\Program Files\<DIR> Activision
    [01/31/2007|09:03] C:\Program Files\<DIR> Add Remove Pro
    [02/24/2008|05:19] C:\Program Files\<DIR> Adobe
    [08/08/2008|10:04] C:\Program Files\<DIR> AIM Search
    [08/16/2008|11:44] C:\Program Files\<DIR> AIM6
    [08/14/2008|11:54] C:\Program Files\<DIR> Alex Feinman
    [06/18/2008|06:58] C:\Program Files\<DIR> Allok Video Joiner
    [06/04/2008|04:20] C:\Program Files\<DIR> Anim-FX
    [08/08/2008|10:04] C:\Program Files\<DIR> AOL
    [08/06/2008|10:32] C:\Program Files\<DIR> Apple Software Update
    [09/22/2007|07:48] C:\Program Files\<DIR> Arial CD Ripper
    [11/25/2008|10:13] C:\Program Files\<DIR> AskBarDis
    [10/12/2008|12:10] C:\Program Files\<DIR> Atomic Alarm Clock
    [05/21/2007|04:32] C:\Program Files\<DIR> AV Vcs 4.0 DIAMOND
    [09/04/2007|04:14] C:\Program Files\<DIR> BAE
    [10/04/2007|06:12] C:\Program Files\<DIR> BC-Mod Installer .NET
    [04/22/2008|12:47] C:\Program Files\<DIR> BIAS
    [10/04/2007|06:12] C:\Program Files\<DIR> BitComet
    [06/15/2008|05:33] C:\Program Files\<DIR> BlackIsle
    [09/10/2008|07:15] C:\Program Files\<DIR> Bonjour
    [10/22/2006|04:26] C:\Program Files\<DIR> Broadcom
    [03/04/2007|04:17] C:\Program Files\<DIR> CASIO
    [08/17/2007|10:45] C:\Program Files\<DIR> CDisplay
    [03/23/2008|04:26] C:\Program Files\<DIR> City of Heroes
    [01/16/2008|10:01] C:\Program Files\<DIR> Click-N-Type
    [02/03/2008|06:34] C:\Program Files\<DIR> Codebox
    [09/13/2008|02:19] C:\Program Files\<DIR> Codec Pack - All In 1
    [01/20/2008|03:50] C:\Program Files\<DIR> Codemasters
    [07/29/2007|07:11] C:\Program Files\<DIR> Comcast
    [11/25/2008|06:27] C:\Program Files\<DIR> Common Files
    [08/11/2004|05:12] C:\Program Files\<DIR> ComPlus Applications
    [12/05/2007|05:54] C:\Program Files\<DIR> Cool CD Ripper
    [08/23/2008|12:52] C:\Program Files\<DIR> Corel
    [10/22/2006|04:30] C:\Program Files\<DIR> Corel Corporation
    [04/28/2007|05:52] C:\Program Files\<DIR> Creative
    [10/03/2008|12:29] C:\Program Files\<DIR> Curse
    [12/12/2006|01:17] C:\Program Files\<DIR> DAEMON Tools
    [01/26/2007|05:06] C:\Program Files\<DIR> Dell
    [01/26/2007|05:05] C:\Program Files\<DIR> Dell PC Fax
    [01/26/2007|05:11] C:\Program Files\<DIR> Dell Photo AIO Printer 966
    [11/16/2007|01:42] C:\Program Files\<DIR> DIFX
    [09/13/2008|01:25] C:\Program Files\<DIR> DirectVobSub
    [03/13/2008|02:42] C:\Program Files\<DIR> Disney
    [09/13/2008|01:24] C:\Program Files\<DIR> DivX
    [11/27/2008|10:39] C:\Program Files\<DIR> dl_cats
    [06/15/2008|05:30] C:\Program Files\<DIR> DOSBox-0.72
    [12/28/2006|05:56] C:\Program Files\<DIR> DVD Decrypter
    [02/13/2007|01:31] C:\Program Files\<DIR> DVD Flick
    [01/14/2007|07:27] C:\Program Files\<DIR> DVD Shrink
    [03/13/2007|02:41] C:\Program Files\<DIR> DVDFab Platinum 3
    [02/12/2007|08:58] C:\Program Files\<DIR> DVDlabPro2
    [12/24/2006|02:50] C:\Program Files\<DIR> DVDXCopyInternational
    [05/28/2008|08:35] C:\Program Files\<DIR> e frontier
    [06/17/2008|05:55] C:\Program Files\<DIR> Electronic Arts
    [10/12/2008|02:54] C:\Program Files\<DIR> Enigma Software Group
    [10/04/2007|09:44] C:\Program Files\<DIR> Exit Poke
    [08/28/2007|09:32] C:\Program Files\<DIR> File And MP3 Tag Renamer
    [11/24/2008|05:07] C:\Program Files\<DIR> File Scanner Library (Spybot - Search & Destroy)
    [07/18/2008|06:03] C:\Program Files\<DIR> FLV to AVI MPEG WMV 3GP MP4 iPod Converter
    [07/29/2007|03:56] C:\Program Files\<DIR> FocusSoft
    [11/22/2008|08:25] C:\Program Files\<DIR> Folder Lock
    [11/25/2008|10:13] C:\Program Files\<DIR> Foxit Software
    [09/22/2007|04:06] C:\Program Files\<DIR> FreeRIP3
    [02/18/2008|11:27] C:\Program Files\<DIR> Funcom
    [09/06/2007|04:09] C:\Program Files\<DIR> Games
    [09/24/2007|11:57] C:\Program Files\<DIR> GameSpot
    [09/16/2007|05:18] C:\Program Files\<DIR> GameSpy Arcade
    [07/19/2008|05:40] C:\Program Files\<DIR> GetFLV
    [11/25/2008|07:21] C:\Program Files\<DIR> Google
    [05/16/2008|03:07] C:\Program Files\<DIR> Hewlett-Packard
    [06/23/2008|10:52] C:\Program Files\<DIR> HP
    [05/27/2008|06:18] C:\Program Files\<DIR> ImTOO
    [09/10/2008|09:02] C:\Program Files\<DIR> InstallShield Installation Information
    [05/30/2008|09:23] C:\Program Files\<DIR> InterActual
    [08/22/2008|09:48] C:\Program Files\<DIR> Internet Explorer
    [05/31/2008|08:37] C:\Program Files\<DIR> InterVideo
    [05/31/2008|08:39] C:\Program Files\<DIR> InterVideo Information Service
    [10/07/2008|11:13] C:\Program Files\<DIR> iPod
    [06/04/2007|06:23] C:\Program Files\<DIR> Irrational Games
    [10/07/2008|11:13] C:\Program Files\<DIR> iTunes
    [12/27/2006|11:23] C:\Program Files\<DIR> Jasc Software Inc
    [11/25/2008|10:21] C:\Program Files\<DIR> Java
    [08/23/2008|05:39] C:\Program Files\<DIR> JRTwine Software
    [10/06/2007|09:15] C:\Program Files\<DIR> Lavasoft
    [12/09/2006|08:31] C:\Program Files\<DIR> Lionhead Studios Ltd
    [12/22/2006|02:43] C:\Program Files\<DIR> LucasArts
    [02/03/2008|10:20] C:\Program Files\<DIR> LucasFan Games
    [06/20/2008|04:59] C:\Program Files\<DIR> Magelo
    [05/28/2008|04:31] C:\Program Files\<DIR> MagicDisc
    [11/24/2008|12:42] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
    [11/25/2008|06:36] C:\Program Files\<DIR> McAfee
    [11/25/2008|06:19] C:\Program Files\<DIR> McAfee.com
    [02/17/2007|05:28] C:\Program Files\<DIR> Media Player Classic
    [09/23/2007|06:30] C:\Program Files\<DIR> MediaMonkey
    [05/25/2008|09:12] C:\Program Files\<DIR> Memorex exPressit Label Design Studio
    [06/04/2008|03:06] C:\Program Files\<DIR> MemoriesOnTV4
    [11/08/2008|12:48] C:\Program Files\<DIR> Messenger
    [12/12/2006|06:06] C:\Program Files\<DIR> Microsoft ActiveSync
    [08/11/2004|05:15] C:\Program Files\<DIR> microsoft frontpage
    [10/06/2007|07:40] C:\Program Files\<DIR> Microsoft Games
    [01/01/2007|04:54] C:\Program Files\<DIR> Microsoft Location Finder
    [12/12/2006|06:06] C:\Program Files\<DIR> Microsoft Office
    [10/22/2006|04:28] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
    [10/22/2006|04:28] C:\Program Files\<DIR> Microsoft Plus! Photo Story 2 LE
    [11/08/2008|12:59] C:\Program Files\<DIR> Microsoft Silverlight
    [12/12/2006|05:50] C:\Program Files\<DIR> Microsoft SQL Server
    [12/12/2006|06:05] C:\Program Files\<DIR> Microsoft.NET
    [11/24/2008|05:07] C:\Program Files\<DIR> Misc. Support Library (Spybot - Search & Destroy)
    [10/12/2008|12:10] C:\Program Files\<DIR> MorpheusBar
    [08/11/2004|05:12] C:\Program Files\<DIR> Movie Maker
    [11/27/2008|03:25] C:\Program Files\<DIR> Mozilla Firefox
    [08/09/2008|09:45] C:\Program Files\<DIR> MSN
    [08/11/2004|05:11] C:\Program Files\<DIR> MSN Gaming Zone
    [12/09/2006|05:14] C:\Program Files\<DIR> MSXML 4.0
    [11/03/2007|08:38] C:\Program Files\<DIR> MSXML 6.0
    [12/25/2006|08:00] C:\Program Files\<DIR> MUSICMATCH
    [08/19/2007|08:50] C:\Program Files\<DIR> MyVideoConverter
    [10/01/2008|12:15] C:\Program Files\<DIR> NBC Direct Beta
    [12/05/2007|05:50] C:\Program Files\<DIR> NCH Software
    [12/05/2007|06:00] C:\Program Files\<DIR> NCH Swift Sound
    [10/13/2007|04:39] C:\Program Files\<DIR> NCSOFT
    [08/11/2004|05:12] C:\Program Files\<DIR> NetMeeting
    [08/11/2004|05:11] C:\Program Files\<DIR> Online Services
    [01/05/2008|05:43] C:\Program Files\<DIR> ONWIND
    [02/23/2008|08:36] C:\Program Files\<DIR> OpenAL
    [10/01/2008|12:13] C:\Program Files\<DIR> OpenCase
    [12/11/2007|11:40] C:\Program Files\<DIR> Orb Networks
    [06/15/2007|09:42] C:\Program Files\<DIR> Outlook Express
    [01/20/2007|04:05] C:\Program Files\<DIR> PenTwain
    [03/13/2008|03:45] C:\Program Files\<DIR> Photodex
    [05/01/2007|04:14] C:\Program Files\<DIR> Photodex Presenter
    [04/20/2008|09:40] C:\Program Files\<DIR> Pinnacle
    [04/20/2008|09:41] C:\Program Files\<DIR> proDAD
    [09/10/2008|07:14] C:\Program Files\<DIR> QuickTime
    [09/03/2007|03:11] C:\Program Files\<DIR> QuickVerse 2007
    [07/30/2007|11:07] C:\Program Files\<DIR> Real
    [02/17/2007|05:28] C:\Program Files\<DIR> Real Alternative
    [05/04/2008|03:33] C:\Program Files\<DIR> Red Eye Remover
    [08/23/2008|02:43] C:\Program Files\<DIR> Red Eye Remover Pro
    [07/19/2008|03:58] C:\Program Files\<DIR> Replay Converter
    [07/19/2008|04:04] C:\Program Files\<DIR> Replay Media Catcher
    [10/09/2007|04:27] C:\Program Files\<DIR> River Past
    [08/30/2008|10:08] C:\Program Files\<DIR> Rokario
    [05/29/2008|06:29] C:\Program Files\<DIR> Roxio
    [07/09/2008|10:34] C:\Program Files\<DIR> Safari
    [01/20/2007|04:08] C:\Program Files\<DIR> ScanSoft
    [11/24/2008|05:07] C:\Program Files\<DIR> SDHelper (Spybot - Search & Destroy)
    [10/11/2007|11:01] C:\Program Files\<DIR> Serious Magic
    [04/03/2007|06:20] C:\Program Files\<DIR> Shareaza
    [08/05/2007|03:04] C:\Program Files\<DIR> Siber Systems
    [11/01/2007|06:22] C:\Program Files\<DIR> SilentMusicBand
    [11/24/2008|11:29] C:\Program Files\<DIR> SiteAdvisor
    [04/02/2008|02:43] C:\Program Files\<DIR> Skype
    [12/12/2006|05:47] C:\Program Files\<DIR> SmartSound Software
    [02/13/2007|06:25] C:\Program Files\<DIR> Sonic
    [09/30/2008|06:34] C:\Program Files\<DIR> Sony
    [10/11/2008|01:23] C:\Program Files\<DIR> Spybot - Search & Destroy
    [10/12/2008|12:20] C:\Program Files\<DIR> SpyNoMore
    [06/04/2007|03:11] C:\Program Files\<DIR> Summitsoft
    [07/09/2008|09:54] C:\Program Files\<DIR> Sun
    [11/25/2008|05:38] C:\Program Files\<DIR> Sunbelt Software
    [02/13/2007|12:15] C:\Program Files\<DIR> Super DVD Creator 9.25.0
    [02/24/2008|05:31] C:\Program Files\<DIR> Sword of The New World
    [02/23/2008|03:45] C:\Program Files\<DIR> SystemRequirementsLab
    [11/24/2008|05:07] C:\Program Files\<DIR> TeaTimer (Spybot - Search & Destroy)
    [12/16/2007|04:29] C:\Program Files\<DIR> Telltale Games
    [11/18/2007|12:38] C:\Program Files\<DIR> THQ
    [09/13/2008|03:20] C:\Program Files\<DIR> Tivo Decoder
    [09/13/2008|03:22] C:\Program Files\<DIR> TiVoToGo Filter
    [11/19/2007|02:48] C:\Program Files\<DIR> Total Video Converter
    [11/25/2008|09:56] C:\Program Files\<DIR> Trend Micro
    [11/23/2008|05:32] C:\Program Files\<DIR> Trillian
    [02/23/2008|02:24] C:\Program Files\<DIR> Turbine
    [06/04/2008|03:56] C:\Program Files\<DIR> Ulead Systems
    [11/22/2007|10:45] C:\Program Files\<DIR> Ultimate Nullifier
    [08/11/2004|05:20] C:\Program Files\<DIR> Uninstall Information
    [01/27/2008|03:51] C:\Program Files\<DIR> Ventrilo
    [01/05/2008|03:59] C:\Program Files\<DIR> VestGame
    [06/18/2008|08:09] C:\Program Files\<DIR> VideoCharge Software
    [12/10/2006|08:48] C:\Program Files\<DIR> VideoLAN
    [09/13/2008|04:51] C:\Program Files\<DIR> VideoReDoTVSuite
    [08/08/2008|10:04] C:\Program Files\<DIR> Viewpoint
    [02/10/2007|03:52] C:\Program Files\<DIR> Virtools
    [03/15/2008|08:37] C:\Program Files\<DIR> Warcraft III
    [08/23/2008|02:43] C:\Program Files\<DIR> Web Photo Album
    [04/23/2008|07:54] C:\Program Files\<DIR> Winamp
    [12/13/2007|11:54] C:\Program Files\<DIR> WinAVI Video Converter 9.0
    [08/09/2008|09:36] C:\Program Files\<DIR> Windows Live
    [01/01/2007|04:51] C:\Program Files\<DIR> Windows Live Local for Outlook
    [12/16/2006|08:26] C:\Program Files\<DIR> Windows Media Components
    [12/10/2006|07:22] C:\Program Files\<DIR> Windows Media Connect 2
    [03/05/2008|04:22] C:\Program Files\<DIR> Windows Media Player
    [08/11/2004|05:11] C:\Program Files\<DIR> Windows NT
    [08/11/2004|05:13] C:\Program Files\<DIR> WindowsUpdate
    [12/10/2006|12:40] C:\Program Files\<DIR> WinRAR
    [11/13/2008|04:42] C:\Program Files\<DIR> World of Warcraft
    [08/11/2004|05:15] C:\Program Files\<DIR> xerox
    [08/17/2008|12:58] C:\Program Files\<DIR> Yahoo!
    [12/16/2007|01:57] C:\Program Files\<DIR> Zlurp!
    [09/13/2008|04:21] C:\Program Files\<DIR> Zoom Player
    [09/22/2007|07:06] C:\Program Files\<DIR> Zortam Mp3 Media Studio

    --------------------\\ Listing Folders in C:\Program Files\Common Files

    [11/25/2008|10:12] C:\Program Files\Common Files\<DIR> Adobe
    [08/16/2008|11:43] C:\Program Files\Common Files\<DIR> AOL
    [09/10/2008|07:14] C:\Program Files\Common Files\<DIR> Apple
    [11/11/2008|06:30] C:\Program Files\Common Files\<DIR> Blizzard Entertainment
    [08/23/2008|12:53] C:\Program Files\Common Files\<DIR> Corel
    [12/12/2006|06:06] C:\Program Files\Common Files\<DIR> DESIGNER
    [10/11/2008|03:04] C:\Program Files\Common Files\<DIR> Download Manager
    [10/04/2007|06:12] C:\Program Files\Common Files\<DIR> GTK
    [05/16/2008|03:06] C:\Program Files\Common Files\<DIR> Hewlett-Packard
    [05/16/2008|03:08] C:\Program Files\Common Files\<DIR> HP
    [03/23/2008|12:12] C:\Program Files\Common Files\<DIR> INCA Shared
    [01/20/2007|03:42] C:\Program Files\Common Files\<DIR> InstallShield
    [10/22/2006|04:36] C:\Program Files\Common Files\<DIR> InstallShieldx
    [05/31/2008|08:38] C:\Program Files\Common Files\<DIR> InterVideo
    [08/10/2008|06:13] C:\Program Files\Common Files\<DIR> Jasc Software Inc
    [10/22/2006|04:21] C:\Program Files\Common Files\<DIR> Java
    [05/31/2008|07:51] C:\Program Files\Common Files\<DIR> LightScribe
    [08/27/2007|04:26] C:\Program Files\Common Files\<DIR> Macrovision Shared
    [02/13/2007|12:38] C:\Program Files\Common Files\<DIR> MAGIX Shared
    [11/25/2008|06:20] C:\Program Files\Common Files\<DIR> McAfee
    [11/08/2008|12:41] C:\Program Files\Common Files\<DIR> Microsoft Shared
    [08/11/2004|05:12] C:\Program Files\Common Files\<DIR> MSSoap
    [08/11/2004|05:07] C:\Program Files\Common Files\<DIR> ODBC
    [07/18/2008|06:17] C:\Program Files\Common Files\<DIR> Real
    [09/22/2007|07:56] C:\Program Files\Common Files\<DIR> River Past
    [05/29/2008|06:27] C:\Program Files\Common Files\<DIR> Roxio Shared
    [01/20/2007|04:08] C:\Program Files\Common Files\<DIR> ScanSoft Shared
    [08/11/2004|05:12] C:\Program Files\Common Files\<DIR> Services
    [04/02/2008|02:43] C:\Program Files\Common Files\<DIR> Skype
    [05/29/2008|06:29] C:\Program Files\Common Files\<DIR> Sonic Shared
    [08/14/2007|10:07] C:\Program Files\Common Files\<DIR> SONY Digital Images
    [08/11/2004|05:07] C:\Program Files\Common Files\<DIR> SpeechEngines
    [07/29/2007|07:11] C:\Program Files\Common Files\<DIR> supportsoft
    [05/25/2008|09:10] C:\Program Files\Common Files\<DIR> SureThing Shared
    [06/15/2007|09:42] C:\Program Files\Common Files\<DIR> System
    [10/14/2008|09:59] C:\Program Files\Common Files\<DIR> TiVo Shared
    [02/09/2007|05:04] C:\Program Files\Common Files\<DIR> Totem Shared
    [05/31/2008|08:39] C:\Program Files\Common Files\<DIR> Ulead
    [04/09/2008|07:40] C:\Program Files\Common Files\<DIR> Ulead Systems
    [08/09/2008|09:34] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
    [09/13/2008|11:22] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
    [07/18/2008|06:17] C:\Program Files\Common Files\<DIR> xing shared

    --------------------\\ Process

    ( 77 Processes )

    ... OK !

    --------------------\\ Searching with S_Lop

    C:\DOCUME~1\HABITA~1\APPLIC~1\EXITPO~1

    --------------------\\ Searching for Lop Files - Folders

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\part dead amok eggs
    C:\DOCUME~1\HABITA~1\APPLIC~1\exitpo~1
    C:\Program Files\exitpo~1
    C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\nsc320.tmp
    C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\nsl1512.tmp
    C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\nsl1BE.tmp
    C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\nsu3776.tmp
    C:\WINDOWS\Tasks\82E372E29D5CE662.job

    --------------------\\ Searching within the Registry

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gplwarnford]
    "DisplayName"="CiD Help"
    "UninstallString"="C:\\DOCUME~1\\HABITA~1\\APPLIC~1\\EXITPO~1\\about peak.exe -uninstall"

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "birdfree"="C:\\DOCUME~1\\HABITA~1\\APPLIC~1\\EXITPO~1\\about peak.exe"
    "birdfree"="C:\\DOCUME~1\\HABITA~1\\APPLIC~1\\EXITPO~1\\about peak.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Checking the Hosts file

    Hosts file CLEAN


    --------------------\\ Searching for hidden files with Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-27 17:19:10
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    disk error: C:\WINDOWS\System32\
    please note that you need administrator rights to perform deep scan

    --------------------\\ Searching for other infections

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    ==> WAREOUT <==

    --------------------\\ Cracks & Keygens ..

    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for AltoMP3 Gold 5.06+Crack.zip
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for Crack.zip
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 2 for crack.zip
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\AutoRunPro1\Crack
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for AltoMP3 Gold 5.06+Crack.zip\AltoMP3 Gold.exe
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for Crack.zip\war3.exe
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for Crack.zip\worldedit.exe
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 2 for crack.zip\SamMax201.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Corel Paint Shop Pro Photo X2\Crack
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Corel Paint Shop Pro Photo X2\Crack\Corel Paint Shop Pro Photo.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Adobe Photoshop CS3 Extended v10.0.0 with Volume License Keygen
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\ImTOO CD Ripper v1.0.33.922 keygen.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\keygen.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Ulead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Adobe Photoshop CS3 Extended v10.0.0 with Volume License Keygen\ADBEPHSPCS3.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Adobe Photoshop CS3 Extended v10.0.0 with Volume License Keygen\ssg.nfo
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][www.DivxTotaL.com]\Extras\MemoriesOnTV Clipshow Package Vol.1\MemoriesOnTV Clipshow Package Vol.1\keygen.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][www.DivxTotaL.com]\Extras\MemoriesOnTV Clipshow Package Vol.1.1\keygen.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][http://www.DivxTotaL.com]\Memories_O..._v4.0.3\keygen
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][http://www.DivxTotaL.com]\Memories_O...gen\keygen.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][http://www.DivxTotaL.com]\Memories_O...eygen\Leer.txt
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Ulead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack\Readme.txt
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Ulead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack\Ulead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack


    [F:868][D:1284]-> C:\DOCUME~1\HABITA~1\LOCALS~1\Temp
    [F:128][D:0]-> C:\DOCUME~1\HABITA~1\Cookies
    [F:1587][D:8]-> C:\DOCUME~1\HABITA~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - Thu 11/27/2008|17:09 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - Thu 11/27/2008|17:19 - Option : [1]

    --------------------\\ Scan completed at 17:19:34

  7. #7
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi

    and yes, I am a bit of a pirate but this virus/malware is reason enough to curb that...
    I really hope you stop pirating cos if you don't it won't take long to get infected again and that time you may not be helped.


    Delete following folders:
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    C:\DOCUME~1\HABITA~1\APPLIC~1\Azureus
    C:\DOCUME~1\HABITA~1\APPLIC~1\BearShare
    C:\DOCUME~1\HABITA~1\APPLIC~1\Kazaa Lite
    C:\DOCUME~1\HABITA~1\APPLIC~1\LimeWire
    C:\DOCUME~1\HABITA~1\APPLIC~1\UseNeXT
    C:\DOCUME~1\HABITA~1\APPLIC~1\uTorrent
    C:\Program Files\MorpheusBar
    C:\Program Files\Shareaza
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\AutoRunPro1
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Corel Paint Shop Pro Photo X2
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Adobe Photoshop CS3 Extended v10.0.0 with Volume License Keygen
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\Ulead VideoStudio Plus 11.5 + Keygen & Dolby Digital PowerPack
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][www.DivxTotaL.com]\Extras\MemoriesOnTV Clipshow Package Vol.1
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][www.DivxTotaL.com]\Extras\MemoriesOnTV Clipshow Package Vol.1.1
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][http://www.DivxTotaL.com]\Memories_O..._v4.0.3
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][http://www.DivxTotaL.com]\Memories_O...gen
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\MemoriesOnTV_v4[hamlet][http://www.DivxTotaL.com]\Memories_O...eygen

    and files:
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for AltoMP3 Gold 5.06+Crack.zip
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for Crack.zip
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 2 for crack.zip
    C:\DOCUME~1\HABITA~1\Local Settings\Temp\Temporary Directory 1 for AltoMP3 Gold 5.06+Crack.zip\AltoMP3 Gold.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\ImTOO CD Ripper v1.0.33.922 keygen.exe
    C:\DOCUME~1\HABITA~1\My Documents\Comics\Programs\keygen.exe

    ~ in folder name means that folder name is longer than 6 characters. For example DOCUME~1 is Documents And Settings.


    Uninstall CiD Help thru add/remove programs.


    Option 3: (Fix without Hosts file restore)

    Double click LopSD.exe to start the program.

    • Choose the language by typing of the corresponding letter and press Enter
    • Click OK at the informative window
    • Type 3 to choose Option 3 (Fix - Hosts), then press Enter
    • Don't close the window during suppression!
    • Wait until the end of the scan
    • A report will be generated, post the contents of it in your next reply.

    (Copy of the report can be found at this location: %systemdrive%\lopR.txt, in most cases C:\lopR.txt)


    You seem to have Malwarebytes' Anti-Malware installed. Make sure it's up-to-date and then run full scan with it. Post back its report & a fresh hjt log. If you're using a router login to it and check DNS IP addresses there.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  8. #8
    Junior Member
    Join Date
    Nov 2008
    Posts
    16

    Default OK, here are the things u need

    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 1.1.3
    USER : Habitat Productions ( Administrator )
    BOOT : Normal boot
    Antivirus : McAfee VirusScan (Activated)
    Firewall : McAfee Personal Firewall (Activated)
    C:\ (Local Disk) - NTFS - Total:926 Go (Free:450 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    F:\ (USB) - FAT - Total:1917 Mo (Free:1 Go)
    G:\ (USB)
    H:\ (USB)
    I:\ (USB)
    J:\ (CD or DVD)
    K:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
    L:\ (USB)
    M:\ (USB)
    P:\ (USB) - FAT32 - Total:28507 Mo (Free:18 Go)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [3] ( Fri 11/28/2008|11:59 )


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing folders in APPLIC~1

    [10/22/2006|04:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Creative
    [08/11/2004|05:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
    [11/25/2008|05:07] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft

    [10/07/2008|11:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    [08/08/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> acccore
    [11/25/2008|10:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
    [10/06/2007|07:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Age of Empires 3 YPack Trial
    [08/08/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
    [12/21/2006|02:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
    [12/21/2006|02:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
    [07/08/2007|12:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
    [12/09/2006|05:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
    [10/14/2008|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Blizzard
    [01/26/2007|05:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BVRP Software
    [06/21/2008|03:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Comcast
    [08/10/2008|07:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Corel
    [10/22/2006|04:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Creative
    [01/26/2007|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DellFaxCtr
    [12/27/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
    [10/01/2008|12:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ExtendMedia
    [08/11/2007|06:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
    [06/14/2008|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GoBit Games
    [12/09/2006|04:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
    [05/16/2008|03:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> HP
    [10/22/2006|04:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
    [10/04/2008|05:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InterVideo
    [10/06/2007|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
    [08/22/2008|11:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
    [11/25/2008|06:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
    [02/09/2007|11:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
    [09/06/2007|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Media Center Programs
    [01/26/2008|03:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
    [12/05/2007|05:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NCH Swift Sound
    [11/25/2008|05:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Norton
    [11/23/2008|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> NortonInstaller
    [05/12/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> nView_Profiles
    [01/01/2007|04:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
    [10/12/2008|12:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Tools
    [11/23/2008|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PCSettings
    [04/17/2008|03:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pinnacle
    [12/12/2006|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pinnacle Studio
    [06/25/2008|01:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PopCap
    [01/29/2007|05:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QubeSoft
    [02/17/2007|05:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Real
    [10/09/2007|04:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> River Past G4
    [09/22/2007|08:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> River Past G5
    [08/05/2007|03:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> RoboForm
    [05/31/2008|09:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Roxio
    [08/11/2004|05:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
    [01/20/2007|04:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ScanSoft
    [11/24/2008|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SiteAdvisor
    [04/02/2008|02:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Skype
    [05/31/2008|04:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SmartSound Software Inc
    [05/29/2008|06:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
    [10/12/2008|03:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
    [11/25/2008|05:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sunbelt
    [07/29/2007|07:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SupportSoft
    [10/12/2008|04:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
    [05/31/2008|07:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ulead Systems
    [12/10/2006|07:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
    [08/09/2008|09:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
    [08/10/2007|03:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> wma five ante wait
    [08/16/2008|05:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!
    [08/09/2007|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> YoGen

    [10/22/2006|04:35] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Creative
    [08/11/2004|05:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
    [08/11/2004|05:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
    [11/25/2008|10:21] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

    [09/19/2007|02:50] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> .gaim
    [08/08/2008|10:06] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> acccore
    [01/05/2008|10:36] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Adobe
    [12/13/2006|11:36] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> AdobeUM
    [03/25/2008|05:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Apple Computer
    [01/26/2008|03:55] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> ArcSoft
    [12/13/2007|02:01] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> BNI Software
    [08/29/2008|05:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> BWMeterPro
    [04/23/2007|10:37] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Command & Conquer 3 Tiberium Wars
    [02/27/2007|02:49] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Command & Conquer 3 Tiberium Wars Demo
    [08/23/2008|12:55] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Corel
    [12/10/2006|01:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Corel Photo Album
    [12/30/2006|05:34] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Creative
    [01/27/2007|09:43] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> DellFaxCtr
    [06/21/2008|04:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Dreamlords
    [07/16/2008|01:44] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> DVD Flick
    [11/01/2007|03:34] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> dvdcss
    [05/28/2008|08:36] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> e frontier
    [09/26/2007|07:22] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Folder Guard
    [11/25/2008|10:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Foxit
    [03/12/2008|08:23] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> GarageGames
    [11/11/2008|09:05] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> GetRightToGo
    [02/13/2007|12:40] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Help
    [08/11/2004|05:20] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Identities
    [02/13/2007|02:34] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> ImgBurn
    [12/10/2006|05:21] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> IMVU
    [12/12/2006|06:22] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> InstallShield
    [06/01/2008|10:51] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> InterVideo
    [12/09/2006|05:55] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Lavasoft
    [12/12/2006|01:12] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Leadertech
    [09/24/2007|07:04] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Lionhead Studios
    [05/28/2008|08:03] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Lost Marble
    [12/22/2006|02:47] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> LucasArts
    [01/29/2007|06:29] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Macromedia
    [08/22/2008|11:32] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Malwarebytes
    [02/19/2007|12:17] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Media Player Classic
    [10/14/2008|10:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Microsoft
    [10/04/2008|07:48] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Move Networks
    [06/17/2008|05:18] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Mozilla
    [01/13/2007|07:58] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> NCH Swift Sound
    [05/01/2007|04:14] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Netscape
    [08/20/2007|01:41] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> NewsLeecher
    [05/01/2007|04:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Photodex
    [04/20/2008|09:41] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> proDAD
    [11/04/2007|08:45] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Publish Providers
    [09/03/2007|03:11] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> QuickVerse11
    [08/24/2007|11:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Real
    [12/14/2006|07:58] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> River Past G4
    [09/22/2007|07:56] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> River Past G5
    [08/30/2008|10:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Rokario
    [05/31/2008|06:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Roxio
    [08/07/2007|05:43] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> ScanSoft
    [04/16/2007|04:00] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SecuROM
    [11/24/2008|06:21] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SiteAdvisor
    [07/01/2008|03:30] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Skype
    [07/01/2008|03:29] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> skypePM
    [04/19/2008|02:56] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Snapfish
    [02/13/2007|06:26] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sonic
    [11/04/2007|08:50] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sony
    [09/12/2008|02:33] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SPORE
    [12/20/2006|11:11] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sun
    [11/25/2008|05:38] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Sunbelt
    [02/23/2008|03:45] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> SystemRequirementsLab
    [12/09/2006|05:08] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Talkback
    [02/23/2008|02:41] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Turbine
    [07/29/2008|05:15] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> U3
    [08/14/2007|10:13] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Ulead Systems
    [01/27/2008|03:57] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Ventrilo
    [09/17/2008|12:23] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> VideoReDo-TVSuite
    [12/10/2006|08:59] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> vlc
    [05/31/2008|06:02] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> Vso
    [09/19/2008|11:23] C:\DOCUME~1\HABITA~1\APPLIC~1\<DIR> yahoo!

    [06/01/2008|05:15] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> DivX
    [07/30/2007|08:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Identities
    [11/25/2008|05:07] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
    [05/31/2008|09:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Roxio
    [11/25/2008|01:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> SACore
    [11/24/2008|11:28] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> SiteAdvisor

    [11/25/2008|05:07] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

    --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

    [11/25/2008 06:20 PM][--a------] C:\WINDOWS\tasks\McDefragTask.job
    [11/25/2008 06:20 PM][--a------] C:\WINDOWS\tasks\McQcTask.job
    [11/24/2008 12:00 PM][--a------] C:\WINDOWS\tasks\SpyHunter Scanner.job
    [11/25/2008 12:07 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [11/26/2008 07:11 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [08/04/2004 05:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing Folders in C:\Program Files

    [03/21/2008|01:42] C:\Program Files\<DIR> Abbyy FineReader 6.0 Sprint
    [12/14/2007|03:41] C:\Program Files\<DIR> ABInvoice
    [11/21/2007|10:25] C:\Program Files\<DIR> Absolute Video Converter
    [12/01/2007|08:39] C:\Program Files\<DIR> Absolute Video Splitter Joiner
    [10/13/2007|10:02] C:\Program Files\<DIR> AbsoluteShield File Shredder
    [01/05/2008|11:43] C:\Program Files\<DIR> Acclaim
    [09/01/2007|04:32] C:\Program Files\<DIR> Activision
    [01/31/2007|09:03] C:\Program Files\<DIR> Add Remove Pro
    [02/24/2008|05:19] C:\Program Files\<DIR> Adobe
    [08/08/2008|10:04] C:\Program Files\<DIR> AIM Search
    [08/16/2008|11:44] C:\Program Files\<DIR> AIM6
    [08/14/2008|11:54] C:\Program Files\<DIR> Alex Feinman
    [06/18/2008|06:58] C:\Program Files\<DIR> Allok Video Joiner
    [06/04/2008|04:20] C:\Program Files\<DIR> Anim-FX
    [08/08/2008|10:04] C:\Program Files\<DIR> AOL
    [08/06/2008|10:32] C:\Program Files\<DIR> Apple Software Update
    [09/22/2007|07:48] C:\Program Files\<DIR> Arial CD Ripper
    [11/25/2008|10:13] C:\Program Files\<DIR> AskBarDis
    [10/12/2008|12:10] C:\Program Files\<DIR> Atomic Alarm Clock
    [05/21/2007|04:32] C:\Program Files\<DIR> AV Vcs 4.0 DIAMOND
    [09/04/2007|04:14] C:\Program Files\<DIR> BAE
    [10/04/2007|06:12] C:\Program Files\<DIR> BC-Mod Installer .NET
    [04/22/2008|12:47] C:\Program Files\<DIR> BIAS
    [10/04/2007|06:12] C:\Program Files\<DIR> BitComet
    [06/15/2008|05:33] C:\Program Files\<DIR> BlackIsle
    [09/10/2008|07:15] C:\Program Files\<DIR> Bonjour
    [10/22/2006|04:26] C:\Program Files\<DIR> Broadcom
    [03/04/2007|04:17] C:\Program Files\<DIR> CASIO
    [08/17/2007|10:45] C:\Program Files\<DIR> CDisplay
    [03/23/2008|04:26] C:\Program Files\<DIR> City of Heroes
    [01/16/2008|10:01] C:\Program Files\<DIR> Click-N-Type
    [02/03/2008|06:34] C:\Program Files\<DIR> Codebox
    [09/13/2008|02:19] C:\Program Files\<DIR> Codec Pack - All In 1
    [01/20/2008|03:50] C:\Program Files\<DIR> Codemasters
    [07/29/2007|07:11] C:\Program Files\<DIR> Comcast
    [11/25/2008|06:27] C:\Program Files\<DIR> Common Files
    [08/11/2004|05:12] C:\Program Files\<DIR> ComPlus Applications
    [12/05/2007|05:54] C:\Program Files\<DIR> Cool CD Ripper
    [08/23/2008|12:52] C:\Program Files\<DIR> Corel
    [10/22/2006|04:30] C:\Program Files\<DIR> Corel Corporation
    [04/28/2007|05:52] C:\Program Files\<DIR> Creative
    [10/03/2008|12:29] C:\Program Files\<DIR> Curse
    [12/12/2006|01:17] C:\Program Files\<DIR> DAEMON Tools
    [01/26/2007|05:06] C:\Program Files\<DIR> Dell
    [01/26/2007|05:05] C:\Program Files\<DIR> Dell PC Fax
    [01/26/2007|05:11] C:\Program Files\<DIR> Dell Photo AIO Printer 966
    [11/16/2007|01:42] C:\Program Files\<DIR> DIFX
    [09/13/2008|01:25] C:\Program Files\<DIR> DirectVobSub
    [03/13/2008|02:42] C:\Program Files\<DIR> Disney
    [09/13/2008|01:24] C:\Program Files\<DIR> DivX
    [11/28/2008|11:02] C:\Program Files\<DIR> dl_cats
    [06/15/2008|05:30] C:\Program Files\<DIR> DOSBox-0.72
    [12/28/2006|05:56] C:\Program Files\<DIR> DVD Decrypter
    [02/13/2007|01:31] C:\Program Files\<DIR> DVD Flick
    [01/14/2007|07:27] C:\Program Files\<DIR> DVD Shrink
    [03/13/2007|02:41] C:\Program Files\<DIR> DVDFab Platinum 3
    [02/12/2007|08:58] C:\Program Files\<DIR> DVDlabPro2
    [12/24/2006|02:50] C:\Program Files\<DIR> DVDXCopyInternational
    [05/28/2008|08:35] C:\Program Files\<DIR> e frontier
    [06/17/2008|05:55] C:\Program Files\<DIR> Electronic Arts
    [10/12/2008|02:54] C:\Program Files\<DIR> Enigma Software Group
    [08/28/2007|09:32] C:\Program Files\<DIR> File And MP3 Tag Renamer
    [11/24/2008|05:07] C:\Program Files\<DIR> File Scanner Library (Spybot - Search & Destroy)
    [07/18/2008|06:03] C:\Program Files\<DIR> FLV to AVI MPEG WMV 3GP MP4 iPod Converter
    [07/29/2007|03:56] C:\Program Files\<DIR> FocusSoft
    [11/22/2008|08:25] C:\Program Files\<DIR> Folder Lock
    [11/25/2008|10:13] C:\Program Files\<DIR> Foxit Software
    [09/22/2007|04:06] C:\Program Files\<DIR> FreeRIP3
    [02/18/2008|11:27] C:\Program Files\<DIR> Funcom
    [09/06/2007|04:09] C:\Program Files\<DIR> Games
    [09/24/2007|11:57] C:\Program Files\<DIR> GameSpot
    [09/16/2007|05:18] C:\Program Files\<DIR> GameSpy Arcade
    [07/19/2008|05:40] C:\Program Files\<DIR> GetFLV
    [11/25/2008|07:21] C:\Program Files\<DIR> Google
    [05/16/2008|03:07] C:\Program Files\<DIR> Hewlett-Packard
    [06/23/2008|10:52] C:\Program Files\<DIR> HP
    [05/27/2008|06:18] C:\Program Files\<DIR> ImTOO
    [09/10/2008|09:02] C:\Program Files\<DIR> InstallShield Installation Information
    [05/30/2008|09:23] C:\Program Files\<DIR> InterActual
    [08/22/2008|09:48] C:\Program Files\<DIR> Internet Explorer
    [05/31/2008|08:37] C:\Program Files\<DIR> InterVideo
    [05/31/2008|08:39] C:\Program Files\<DIR> InterVideo Information Service
    [10/07/2008|11:13] C:\Program Files\<DIR> iPod
    [06/04/2007|06:23] C:\Program Files\<DIR> Irrational Games
    [10/07/2008|11:13] C:\Program Files\<DIR> iTunes
    [12/27/2006|11:23] C:\Program Files\<DIR> Jasc Software Inc
    [11/25/2008|10:21] C:\Program Files\<DIR> Java
    [08/23/2008|05:39] C:\Program Files\<DIR> JRTwine Software
    [10/06/2007|09:15] C:\Program Files\<DIR> Lavasoft
    [12/09/2006|08:31] C:\Program Files\<DIR> Lionhead Studios Ltd
    [12/22/2006|02:43] C:\Program Files\<DIR> LucasArts
    [02/03/2008|10:20] C:\Program Files\<DIR> LucasFan Games
    [06/20/2008|04:59] C:\Program Files\<DIR> Magelo
    [05/28/2008|04:31] C:\Program Files\<DIR> MagicDisc
    [11/24/2008|12:42] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
    [11/25/2008|06:36] C:\Program Files\<DIR> McAfee
    [11/25/2008|06:19] C:\Program Files\<DIR> McAfee.com
    [02/17/2007|05:28] C:\Program Files\<DIR> Media Player Classic
    [09/23/2007|06:30] C:\Program Files\<DIR> MediaMonkey
    [05/25/2008|09:12] C:\Program Files\<DIR> Memorex exPressit Label Design Studio
    [06/04/2008|03:06] C:\Program Files\<DIR> MemoriesOnTV4
    [11/08/2008|12:48] C:\Program Files\<DIR> Messenger
    [12/12/2006|06:06] C:\Program Files\<DIR> Microsoft ActiveSync
    [08/11/2004|05:15] C:\Program Files\<DIR> microsoft frontpage
    [10/06/2007|07:40] C:\Program Files\<DIR> Microsoft Games
    [01/01/2007|04:54] C:\Program Files\<DIR> Microsoft Location Finder
    [12/12/2006|06:06] C:\Program Files\<DIR> Microsoft Office
    [10/22/2006|04:28] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
    [10/22/2006|04:28] C:\Program Files\<DIR> Microsoft Plus! Photo Story 2 LE
    [11/08/2008|12:59] C:\Program Files\<DIR> Microsoft Silverlight
    [12/12/2006|05:50] C:\Program Files\<DIR> Microsoft SQL Server
    [12/12/2006|06:05] C:\Program Files\<DIR> Microsoft.NET
    [11/24/2008|05:07] C:\Program Files\<DIR> Misc. Support Library (Spybot - Search & Destroy)
    [08/11/2004|05:12] C:\Program Files\<DIR> Movie Maker
    [11/28/2008|11:35] C:\Program Files\<DIR> Mozilla Firefox
    [08/09/2008|09:45] C:\Program Files\<DIR> MSN
    [08/11/2004|05:11] C:\Program Files\<DIR> MSN Gaming Zone
    [12/09/2006|05:14] C:\Program Files\<DIR> MSXML 4.0
    [11/03/2007|08:38] C:\Program Files\<DIR> MSXML 6.0
    [12/25/2006|08:00] C:\Program Files\<DIR> MUSICMATCH
    [08/19/2007|08:50] C:\Program Files\<DIR> MyVideoConverter
    [10/01/2008|12:15] C:\Program Files\<DIR> NBC Direct Beta
    [12/05/2007|05:50] C:\Program Files\<DIR> NCH Software
    [12/05/2007|06:00] C:\Program Files\<DIR> NCH Swift Sound
    [10/13/2007|04:39] C:\Program Files\<DIR> NCSOFT
    [08/11/2004|05:12] C:\Program Files\<DIR> NetMeeting
    [08/11/2004|05:11] C:\Program Files\<DIR> Online Services
    [01/05/2008|05:43] C:\Program Files\<DIR> ONWIND
    [02/23/2008|08:36] C:\Program Files\<DIR> OpenAL
    [10/01/2008|12:13] C:\Program Files\<DIR> OpenCase
    [12/11/2007|11:40] C:\Program Files\<DIR> Orb Networks
    [06/15/2007|09:42] C:\Program Files\<DIR> Outlook Express
    [01/20/2007|04:05] C:\Program Files\<DIR> PenTwain
    [03/13/2008|03:45] C:\Program Files\<DIR> Photodex
    [05/01/2007|04:14] C:\Program Files\<DIR> Photodex Presenter
    [04/20/2008|09:40] C:\Program Files\<DIR> Pinnacle
    [04/20/2008|09:41] C:\Program Files\<DIR> proDAD
    [09/10/2008|07:14] C:\Program Files\<DIR> QuickTime
    [09/03/2007|03:11] C:\Program Files\<DIR> QuickVerse 2007
    [07/30/2007|11:07] C:\Program Files\<DIR> Real
    [02/17/2007|05:28] C:\Program Files\<DIR> Real Alternative
    [05/04/2008|03:33] C:\Program Files\<DIR> Red Eye Remover
    [08/23/2008|02:43] C:\Program Files\<DIR> Red Eye Remover Pro
    [07/19/2008|03:58] C:\Program Files\<DIR> Replay Converter
    [07/19/2008|04:04] C:\Program Files\<DIR> Replay Media Catcher
    [10/09/2007|04:27] C:\Program Files\<DIR> River Past
    [08/30/2008|10:08] C:\Program Files\<DIR> Rokario
    [05/29/2008|06:29] C:\Program Files\<DIR> Roxio
    [07/09/2008|10:34] C:\Program Files\<DIR> Safari
    [01/20/2007|04:08] C:\Program Files\<DIR> ScanSoft
    [11/24/2008|05:07] C:\Program Files\<DIR> SDHelper (Spybot - Search & Destroy)
    [10/11/2007|11:01] C:\Program Files\<DIR> Serious Magic
    [08/05/2007|03:04] C:\Program Files\<DIR> Siber Systems
    [11/01/2007|06:22] C:\Program Files\<DIR> SilentMusicBand
    [11/24/2008|11:29] C:\Program Files\<DIR> SiteAdvisor
    [04/02/2008|02:43] C:\Program Files\<DIR> Skype
    [12/12/2006|05:47] C:\Program Files\<DIR> SmartSound Software
    [02/13/2007|06:25] C:\Program Files\<DIR> Sonic
    [09/30/2008|06:34] C:\Program Files\<DIR> Sony
    [10/11/2008|01:23] C:\Program Files\<DIR> Spybot - Search & Destroy
    [10/12/2008|12:20] C:\Program Files\<DIR> SpyNoMore
    [06/04/2007|03:11] C:\Program Files\<DIR> Summitsoft
    [07/09/2008|09:54] C:\Program Files\<DIR> Sun
    [11/25/2008|05:38] C:\Program Files\<DIR> Sunbelt Software
    [02/13/2007|12:15] C:\Program Files\<DIR> Super DVD Creator 9.25.0
    [02/24/2008|05:31] C:\Program Files\<DIR> Sword of The New World
    [02/23/2008|03:45] C:\Program Files\<DIR> SystemRequirementsLab
    [11/24/2008|05:07] C:\Program Files\<DIR> TeaTimer (Spybot - Search & Destroy)
    [12/16/2007|04:29] C:\Program Files\<DIR> Telltale Games
    [11/18/2007|12:38] C:\Program Files\<DIR> THQ
    [09/13/2008|03:20] C:\Program Files\<DIR> Tivo Decoder
    [09/13/2008|03:22] C:\Program Files\<DIR> TiVoToGo Filter
    [11/19/2007|02:48] C:\Program Files\<DIR> Total Video Converter
    [11/25/2008|09:56] C:\Program Files\<DIR> Trend Micro
    [11/23/2008|05:32] C:\Program Files\<DIR> Trillian
    [02/23/2008|02:24] C:\Program Files\<DIR> Turbine
    [06/04/2008|03:56] C:\Program Files\<DIR> Ulead Systems
    [11/22/2007|10:45] C:\Program Files\<DIR> Ultimate Nullifier
    [08/11/2004|05:20] C:\Program Files\<DIR> Uninstall Information
    [01/27/2008|03:51] C:\Program Files\<DIR> Ventrilo
    [01/05/2008|03:59] C:\Program Files\<DIR> VestGame
    [06/18/2008|08:09] C:\Program Files\<DIR> VideoCharge Software
    [12/10/2006|08:48] C:\Program Files\<DIR> VideoLAN
    [09/13/2008|04:51] C:\Program Files\<DIR> VideoReDoTVSuite
    [11/28/2008|11:47] C:\Program Files\<DIR> Viewpoint
    [02/10/2007|03:52] C:\Program Files\<DIR> Virtools
    [03/15/2008|08:37] C:\Program Files\<DIR> Warcraft III
    [08/23/2008|02:43] C:\Program Files\<DIR> Web Photo Album
    [04/23/2008|07:54] C:\Program Files\<DIR> Winamp
    [12/13/2007|11:54] C:\Program Files\<DIR> WinAVI Video Converter 9.0
    [08/09/2008|09:36] C:\Program Files\<DIR> Windows Live
    [01/01/2007|04:51] C:\Program Files\<DIR> Windows Live Local for Outlook
    [12/16/2006|08:26] C:\Program Files\<DIR> Windows Media Components
    [12/10/2006|07:22] C:\Program Files\<DIR> Windows Media Connect 2
    [03/05/2008|04:22] C:\Program Files\<DIR> Windows Media Player
    [08/11/2004|05:11] C:\Program Files\<DIR> Windows NT
    [08/11/2004|05:13] C:\Program Files\<DIR> WindowsUpdate
    [12/10/2006|12:40] C:\Program Files\<DIR> WinRAR
    [11/13/2008|04:42] C:\Program Files\<DIR> World of Warcraft
    [08/11/2004|05:15] C:\Program Files\<DIR> xerox
    [08/17/2008|12:58] C:\Program Files\<DIR> Yahoo!
    [12/16/2007|01:57] C:\Program Files\<DIR> Zlurp!
    [09/13/2008|04:21] C:\Program Files\<DIR> Zoom Player
    [09/22/2007|07:06] C:\Program Files\<DIR> Zortam Mp3 Media Studio

    --------------------\\ Listing Folders in C:\Program Files\Common Files

    [11/25/2008|10:12] C:\Program Files\Common Files\<DIR> Adobe
    [08/16/2008|11:43] C:\Program Files\Common Files\<DIR> AOL
    [09/10/2008|07:14] C:\Program Files\Common Files\<DIR> Apple
    [11/11/2008|06:30] C:\Program Files\Common Files\<DIR> Blizzard Entertainment
    [08/23/2008|12:53] C:\Program Files\Common Files\<DIR> Corel
    [12/12/2006|06:06] C:\Program Files\Common Files\<DIR> DESIGNER
    [10/11/2008|03:04] C:\Program Files\Common Files\<DIR> Download Manager
    [10/04/2007|06:12] C:\Program Files\Common Files\<DIR> GTK
    [05/16/2008|03:06] C:\Program Files\Common Files\<DIR> Hewlett-Packard
    [05/16/2008|03:08] C:\Program Files\Common Files\<DIR> HP
    [03/23/2008|12:12] C:\Program Files\Common Files\<DIR> INCA Shared
    [01/20/2007|03:42] C:\Program Files\Common Files\<DIR> InstallShield
    [10/22/2006|04:36] C:\Program Files\Common Files\<DIR> InstallShieldx
    [05/31/2008|08:38] C:\Program Files\Common Files\<DIR> InterVideo
    [08/10/2008|06:13] C:\Program Files\Common Files\<DIR> Jasc Software Inc
    [10/22/2006|04:21] C:\Program Files\Common Files\<DIR> Java
    [05/31/2008|07:51] C:\Program Files\Common Files\<DIR> LightScribe
    [08/27/2007|04:26] C:\Program Files\Common Files\<DIR> Macrovision Shared
    [02/13/2007|12:38] C:\Program Files\Common Files\<DIR> MAGIX Shared
    [11/25/2008|06:20] C:\Program Files\Common Files\<DIR> McAfee
    [11/08/2008|12:41] C:\Program Files\Common Files\<DIR> Microsoft Shared
    [08/11/2004|05:12] C:\Program Files\Common Files\<DIR> MSSoap
    [08/11/2004|05:07] C:\Program Files\Common Files\<DIR> ODBC
    [07/18/2008|06:17] C:\Program Files\Common Files\<DIR> Real
    [09/22/2007|07:56] C:\Program Files\Common Files\<DIR> River Past
    [05/29/2008|06:27] C:\Program Files\Common Files\<DIR> Roxio Shared
    [01/20/2007|04:08] C:\Program Files\Common Files\<DIR> ScanSoft Shared
    [08/11/2004|05:12] C:\Program Files\Common Files\<DIR> Services
    [04/02/2008|02:43] C:\Program Files\Common Files\<DIR> Skype
    [05/29/2008|06:29] C:\Program Files\Common Files\<DIR> Sonic Shared
    [08/14/2007|10:07] C:\Program Files\Common Files\<DIR> SONY Digital Images
    [08/11/2004|05:07] C:\Program Files\Common Files\<DIR> SpeechEngines
    [07/29/2007|07:11] C:\Program Files\Common Files\<DIR> supportsoft
    [05/25/2008|09:10] C:\Program Files\Common Files\<DIR> SureThing Shared
    [06/15/2007|09:42] C:\Program Files\Common Files\<DIR> System
    [10/14/2008|09:59] C:\Program Files\Common Files\<DIR> TiVo Shared
    [02/09/2007|05:04] C:\Program Files\Common Files\<DIR> Totem Shared
    [05/31/2008|08:39] C:\Program Files\Common Files\<DIR> Ulead
    [04/09/2008|07:40] C:\Program Files\Common Files\<DIR> Ulead Systems
    [08/09/2008|09:34] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
    [09/13/2008|11:22] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
    [07/18/2008|06:17] C:\Program Files\Common Files\<DIR> xing shared

    --------------------\\ Process

    ( 76 Processes )

    ... OK !

    --------------------\\ Searching with S_Lop

    No Lop folder found !

    --------------------\\ Searching for Lop Files - Folders

    No Lop folder found !

    --------------------\\ Searching within the Registry

    ..... OK !

    --------------------\\ Checking the Hosts file

    Hosts file CLEAN


    --------------------\\ Searching for hidden files with Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-28 12:01:04
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    disk error: C:\WINDOWS\System32\
    please note that you need administrator rights to perform deep scan

    --------------------\\ Searching for other infections

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{939CE971-0651-4909-80CD-6425C39A8210}]
    DhcpNameServer REG_SZ 85.255.112.21 85.255.112.150
    ==> WAREOUT <==



    [F:865][D:1274]-> C:\DOCUME~1\HABITA~1\LOCALS~1\Temp
    [F:129][D:0]-> C:\DOCUME~1\HABITA~1\Cookies
    [F:1601][D:8]-> C:\DOCUME~1\HABITA~1\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - Thu 11/27/2008|17:09 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - Thu 11/27/2008|17:19 - Option : [1]
    3 - "C:\Lop SD\LopR_3.txt" - Fri 11/28/2008|11:49 - Option : [3]
    4 - "C:\Lop SD\LopR_4.txt" - Fri 11/28/2008|12:01 - Option : [3]

    --------------------\\ Scan completed at 12:01:32

  9. #9
    Junior Member
    Join Date
    Nov 2008
    Posts
    16

    Default mbam-log

    Malwarebytes' Anti-Malware 1.30
    Database version: 1432
    Windows 5.1.2600 Service Pack 2

    11/28/2008 12:12:02 PM
    mbam-log-2008-11-28 (12-11-51).txt

    Scan type: Quick Scan
    Objects scanned: 65144
    Time elapsed: 8 minute(s), 43 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 2
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.21 85.255.112.150 -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{939ce971-0651-4909-80cd-6425c39a8210}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.21 85.255.112.150 -> No action taken.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

  10. #10
    Junior Member
    Join Date
    Nov 2008
    Posts
    16

    Default Hjt log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:05:01 PM, on 11/28/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\WINDOWS\system32\dlcqcoms.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\SiteAdvisor\6172\SAService.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\WINDOWS\system32\nvraidservice.exe
    C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
    C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
    C:\Program Files\Dell Photo AIO Printer 966\memcard.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    C:\Program Files\Microsoft Location Finder\LocationFinder.exe
    C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
    C:\Program Files\Click-N-Type\Click-N-Type.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=3061022
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
    O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
    O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~2\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
    O4 - HKLM\..\Run: [dlcqmon.exe] "C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
    O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
    O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [ante wait camp memo] C:\Documents and Settings\All Users\Application Data\wma five ante wait\view gram.exe
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
    O4 - HKLM\..\Run: [ShaPlus Bandwidth Meter] "C:\Program Files\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter" /s
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
    O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
    O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
    O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
    O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [bandmon] C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user')
    O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Habitat Productions\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {1CE47888-DD62-482C-9723-4814BB04D45D} (musicshake) - http://pump.musicshake.com/NewDownload/musicshake.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
    O16 - DPF: {8FB571B0-DC11-487C-8B1C-BD60A32366FF} (MusicShakePlayer Control) - http://pump.musicshake.com/NewDownlo...eplayercab.CAB
    O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.gamehouse.com/realarcade-...amesPlayer.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: McAfee Application Installer Cleanup (0044291227655211) (0044291227655211mcinstcleanup) - Unknown owner - C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\004429~1.EXE (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: dlcq_device - - C:\WINDOWS\system32\dlcqcoms.exe
    O23 - Service: DNADownloader - Unknown owner - C:\Program Files\GameSpot\DownloadManager_Win32.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: OpenCASE Media Agent - ExtendMedia Inc. - C:\Program Files\OpenCase\OpenCASE Media Agent\MediaAgent.exe
    O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
    O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
    O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
    O23 - Service: CounterSpy Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe
    O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\HABITA~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

    --
    End of file - 19191 bytes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •