Cant get rid of these viruses/trojans

[Ivona]

Hey there, I cant seem to get rid of these viruses and trojans that are on my comp...tried a variety of things, including spybot, kaspersky, and eset online scanner, nothing gets rid of it...

here's the hijack log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:36:06 PM, on 12/13/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.7.109.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1228532727828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1228532679343
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: vwfarr.dll,C:\KASPER~1\mzvkbd.dll,C:\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mabidwe - Unknown owner - C:\WINDOWS\system32\mabidwe.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Simply Accounting Database Connection Manager - Sage Software - C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe

--
End of file - 10091 bytes



Any help would be GREATLY appreciated..these things are making me so sad :(

[Shaba]

Hi Ivona

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

[Ivona]

thanks alot for getting back to me shaba. Here are those logs.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Scott at 2008-12-16 10:42:07
Microsoft Windows XP Professional Service Pack 3
System drive C: has 19 GB (13%) free of 153 GB
Total RAM: 2047 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:21 AM, on 12/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Scott\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Scott.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.7.109.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1228532727828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1228532679343
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: vwfarr.dll,C:\KASPER~1\mzvkbd.dll,C:\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mabidwe - Unknown owner - C:\WINDOWS\system32\mabidwe.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Simply Accounting Database Connection Manager - Sage Software - C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe

--
End of file - 10170 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Kaspersky Anti-Virus 2009\ievkbd.dll [2008-07-29 62728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2006-03-31 191096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"SetDefPrt"=C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe [2005-01-26 49152]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-09-26 267064]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2006-04-10 61440]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2006-03-28 622592]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2006-11-17 77824]
"LifeChat"=c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21 267296]
"ConnectionManager"=C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe [2007-12-12 38184]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-12-20 131072]
"AVP"=C:\Kaspersky Anti-Virus 2009\avp.exe [2008-07-29 206088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"igndlm.exe"=C:\Program Files\Download Manager\DLM.exe [2008-08-01 1103216]
"WeatherEye"=C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe [2008-02-01 4487064]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\Scott\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="vwfarr.dll,C:\KASPER~1\mzvkbd.dll,C:\KASPER~1\mzvkbd3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2008-07-29 218376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Battlefield 2\BF2.exe"="C:\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Warcraft III\Frozen Throne.exe"="C:\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne"
"C:\Far Cry 2\bin\FarCry2.exe"="C:\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Far Cry 2\bin\FC2Launcher.exe"="C:\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Far Cry 2\bin\FC2Editor.exe"="C:\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\Scott\Desktop\WC3 List Checker\pickup.listchecker.exe"="C:\Documents and Settings\Scott\Desktop\WC3 List Checker\pickup.listchecker.exe:*:Enabled:pickup.listchecker"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0dfe9e7-5d51-11dc-86d7-0015f2d2224c}]
shell\AutoRun\command - G:\LaunchU3.exe -a


======List of files/folders created in the last 2 months======

2008-12-16 10:42:07 ----D---- C:\rsit
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\java.exe
2008-12-11 11:54:10 ----D---- C:\Documents and Settings\Scott\Application Data\Kaspersky_Key_Finder_(KKF
2008-12-11 11:45:29 ----D---- C:\Kaspersky Anti-Virus 2009
2008-12-11 11:45:29 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-12-11 11:40:14 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-12-07 14:52:30 ----SHD---- C:\RECYCLER
2008-12-07 14:37:32 ----D---- C:\WINDOWS\ie7updates
2008-12-07 14:37:01 ----D---- C:\WINDOWS\WBEM
2008-12-07 14:35:42 ----HDC---- C:\WINDOWS\ie7
2008-12-07 14:35:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-07 14:35:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-07 14:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-07 13:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-07 13:57:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-07 13:57:32 ----D---- C:\Program Files\MSXML 4.0
2008-12-07 13:57:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-07 13:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-07 13:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-12-07 13:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-07 13:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-07 13:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-07 13:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-07 13:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-07 13:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-07 13:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-07 13:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-07 13:52:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-07 13:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-07 13:52:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-07 13:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-07 13:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-07 13:51:35 ----D---- C:\WINDOWS\SQLTools9_KB948109_ENU
2008-12-07 13:49:29 ----D---- C:\WINDOWS\SQL9_KB948109_ENU
2008-12-07 13:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-12-07 13:48:53 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-07 13:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-07 13:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-07 13:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-07 11:50:13 ----A---- C:\ComboFix.txt
2008-12-06 01:43:03 ----A---- C:\WINDOWS\system32\6b7aa3be-.txt
2008-12-05 23:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-05 22:51:54 ----D---- C:\Program Files\MSXML 6.0
2008-12-05 22:27:09 ----D---- C:\Program Files\D-Link
2008-12-05 22:20:11 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-12-05 22:19:59 ----RA---- C:\WINDOWS\system32\fdco1.dll
2008-12-05 22:19:57 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2008-12-05 22:19:57 ----RA---- C:\WINDOWS\system32\bdco1.dll
2008-12-05 22:19:57 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-05 22:06:50 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-02 09:11:08 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-02 09:09:42 ----D---- C:\WINDOWS\Prefetch
2008-12-02 08:59:50 ----A---- C:\WINDOWS\setuplog.txt
2008-12-02 08:58:46 ----D---- C:\WINDOWS\system32\en-us
2008-12-02 08:58:45 ----D---- C:\WINDOWS\system32\scripting
2008-12-02 08:58:45 ----D---- C:\WINDOWS\system32\en
2008-12-02 08:58:45 ----D---- C:\WINDOWS\l2schemas
2008-12-02 08:58:44 ----D---- C:\WINDOWS\system32\bits
2008-12-02 08:57:05 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-02 08:55:03 ----D---- C:\WINDOWS\network diagnostic
2008-12-02 08:53:53 ----A---- C:\WINDOWS\imsins.BAK
2008-12-02 08:52:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-02 00:11:25 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-12-02 00:11:25 ----A---- C:\WINDOWS\system32\wmphoto.dll
2008-12-02 00:11:24 ----A---- C:\WINDOWS\system32\wlanapi.dll
2008-12-02 00:11:23 ----A---- C:\WINDOWS\system32\windowscodecsext.dll
2008-12-02 00:11:23 ----A---- C:\WINDOWS\system32\windowscodecs.dll
2008-12-02 00:11:21 ----A---- C:\WINDOWS\system32\tspkg.dll
2008-12-02 00:11:21 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-12-02 00:11:19 ----A---- C:\WINDOWS\system32\spupdwxp.exe
2008-12-02 00:11:19 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-12-02 00:11:18 ----N---- C:\WINDOWS\slrundll.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slserv.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slgen.dll
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\setupn.exe
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\rasqec.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qutil.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qcliprov.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qagentrt.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qagent.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\photometadatahandler.dll
2008-12-02 00:11:14 ----A---- C:\WINDOWS\system32\onex.dll
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napstat.exe
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napmontr.dll
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napipsec.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\mssha.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcperf.exe
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcex.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-02 00:11:05 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kmsvc.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdpash.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-02 00:10:58 ----A---- C:\WINDOWS\system32\smtpapi.dll
2008-12-02 00:10:58 ----A---- C:\WINDOWS\system32\rwnh.dll
2008-12-02 00:10:57 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-12-02 00:10:56 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-02 00:10:54 ----A---- C:\WINDOWS\system32\faxpatch.exe
2008-12-02 00:10:54 ----A---- C:\WINDOWS\003061_.tmp
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapsvc.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapqec.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappprxy.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapphost.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappgnui.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappcfg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapolqec.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3ui.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3svc.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3msm.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3api.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dimsroam.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-02 00:10:51 ----A---- C:\WINDOWS\system32\credssp.dll
2008-12-02 00:10:49 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\azroles.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-02 00:10:45 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-12-01 17:23:35 ----A---- C:\Boot.bak
2008-12-01 17:23:31 ----RASHD---- C:\cmdcons
2008-12-01 17:21:17 ----A---- C:\WINDOWS\zip.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\VFIND.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWSC.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWREG.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\sed.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\grep.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\fdsv.exe
2008-12-01 17:17:51 ----D---- C:\WINDOWS\ERDNT
2008-12-01 17:17:51 ----D---- C:\Qoobox
2008-12-01 16:56:45 ----D---- C:\Program Files\Trend Micro
2008-11-29 14:37:53 ----D---- C:\Program Files\Common Files\NVIDIA Shared
2008-11-29 14:37:23 ----A---- C:\WINDOWS\system32\nvuaudio.exe
2008-11-21 17:00:42 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2008-11-21 16:59:12 ----D---- C:\WINDOWS\system32\xlive
2008-11-21 16:58:44 ----D---- C:\Fallout 3
2008-11-11 16:24:04 ----D---- C:\Program Files\MSECache
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-01 20:44:11 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-01 20:44:10 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-01 20:44:10 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-01 20:44:09 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-01 20:43:35 ----D---- C:\WINDOWS\Logs
2008-11-01 20:42:30 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-11-01 20:38:35 ----D---- C:\Far Cry 2

======List of files/folders modified in the last 2 months======

2008-12-16 10:41:20 ----D---- C:\WINDOWS\Temp
2008-12-16 10:38:21 ----D---- C:\Warcraft III
2008-12-16 10:36:19 ----D---- C:\Documents and Settings\Scott\Application Data\Skype
2008-12-15 19:15:06 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-15 19:02:39 ----D---- C:\Program Files\Mozilla Firefox
2008-12-15 16:02:02 ----D---- C:\Documents and Settings\Scott\Application Data\skypePM
2008-12-13 22:23:00 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-13 13:11:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-13 10:18:09 ----D---- C:\WINDOWS\system32
2008-12-12 13:11:41 ----D---- C:\Documents and Settings\Scott\Application Data\Azureus
2008-12-12 11:50:18 ----D---- C:\WINDOWS\system32\drivers
2008-12-12 09:22:35 ----SHD---- C:\WINDOWS\Installer
2008-12-12 09:21:58 ----D---- C:\Program Files\Java
2008-12-11 13:56:30 ----D---- C:\WINDOWS
2008-12-11 11:45:50 ----HD---- C:\WINDOWS\inf
2008-12-11 11:43:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-11 11:41:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-11 09:14:08 ----D---- C:\Program Files\EsetOnlineScanner
2008-12-11 09:13:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-07 16:09:11 ----D---- C:\Program Files\mIRC
2008-12-07 14:39:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-07 14:39:39 ----D---- C:\WINDOWS\Help
2008-12-07 14:39:39 ----D---- C:\Program Files\Internet Explorer
2008-12-07 14:37:20 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-07 14:36:54 ----D---- C:\WINDOWS\Media
2008-12-07 14:12:13 ----RSD---- C:\WINDOWS\assembly
2008-12-07 14:11:45 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-07 13:57:32 ----RD---- C:\Program Files
2008-12-07 13:57:32 ----D---- C:\WINDOWS\WinSxS
2008-12-07 13:55:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-07 13:52:09 ----D---- C:\Program Files\Messenger
2008-12-07 13:51:44 ----D---- C:\Program Files\Microsoft SQL Server
2008-12-07 13:51:40 ----D---- C:\WINDOWS\Registration
2008-12-07 13:46:31 ----A---- C:\WINDOWS\win.ini
2008-12-07 13:45:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-07 13:34:39 ----SHD---- C:\WINDOWS\CSC
2008-12-07 13:34:38 ----D---- C:\WINDOWS\Minidump
2008-12-07 11:47:19 ----A---- C:\WINDOWS\system.ini
2008-12-07 11:45:01 ----D---- C:\WINDOWS\system32\config
2008-12-07 11:43:29 ----D---- C:\WINDOWS\AppPatch
2008-12-07 11:43:29 ----D---- C:\Program Files\Common Files
2008-12-06 14:11:38 ----SD---- C:\WINDOWS\Tasks
2008-12-06 06:47:37 ----A---- C:\WINDOWS\WININIT.INI
2008-12-05 22:37:58 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-05 22:20:59 ----D---- C:\WINDOWS\Downloaded Installations
2008-12-05 22:19:56 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-05 22:18:46 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-05 15:26:06 ----D---- C:\Program Files\Steam
2008-12-02 09:10:58 ----D---- C:\WINDOWS\Debug
2008-12-02 09:09:16 ----D---- C:\WINDOWS\system32\Setup
2008-12-02 09:09:15 ----D---- C:\WINDOWS\system32\wbem
2008-12-02 09:09:14 ----RSD---- C:\WINDOWS\Fonts
2008-12-02 09:01:43 ----D---- C:\WINDOWS\security
2008-12-02 08:58:55 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-02 08:58:55 ----D---- C:\WINDOWS\ime
2008-12-02 08:58:46 ----D---- C:\WINDOWS\system32\usmt
2008-12-02 08:58:44 ----D---- C:\WINDOWS\PeerNet
2008-12-02 08:58:44 ----D---- C:\Program Files\Movie Maker
2008-12-02 08:56:56 ----D---- C:\WINDOWS\system32\Restore
2008-12-02 08:56:56 ----D---- C:\WINDOWS\system32\npp
2008-12-02 08:56:56 ----D---- C:\WINDOWS\mui
2008-12-02 08:56:55 ----D---- C:\WINDOWS\msagent
2008-12-02 08:56:53 ----D---- C:\WINDOWS\srchasst
2008-12-02 08:56:53 ----D---- C:\Program Files\NetMeeting
2008-12-02 08:56:51 ----D---- C:\WINDOWS\system32\Com
2008-12-02 08:56:49 ----D---- C:\Program Files\Windows NT
2008-12-02 08:56:49 ----D---- C:\Program Files\Windows Media Player
2008-12-02 08:56:49 ----D---- C:\Program Files\Outlook Express
2008-12-02 08:56:46 ----D---- C:\Program Files\Common Files\System
2008-12-02 08:56:29 ----D---- C:\WINDOWS\system32\oobe
2008-12-02 08:56:28 ----D---- C:\WINDOWS\system
2008-12-02 08:51:59 ----D---- C:\WINDOWS\ehome
2008-12-01 17:23:35 ----RASH---- C:\boot.ini
2008-11-30 01:38:47 ----A---- C:\WINDOWS\ODBC.INI
2008-11-29 14:37:52 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-29 14:37:52 ----D---- C:\Program Files\NVIDIA Corporation
2008-11-29 14:36:58 ----D---- C:\NVIDIA
2008-11-21 17:00:41 ----D---- C:\WINDOWS\system32\DirectX
2008-11-11 17:13:52 ----D---- C:\Music
2008-11-11 16:24:15 ----D---- C:\Program Files\Microsoft Office
2008-11-03 16:10:26 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-01 20:45:51 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-11-01 20:42:39 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-11-01 20:42:30 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-10-29 18:56:45 ----D---- C:\shared
2008-10-29 14:28:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-20 20:42:52 ----D---- C:\Scott

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2008-12-11 213008]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-10-27 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2006-10-30 18048]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-09-02 15781]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AmdTools;AMD Special Tools Driver; C:\WINDOWS\system32\DRIVERS\AmdTools.sys [2006-06-07 29696]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys [2007-02-15 250752]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
S3 a0vs4ugf;a0vs4ugf; C:\WINDOWS\system32\drivers\a0vs4ugf.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 AMDPCI;AMDPCI; \??\C:\DOCUME~1\Scott\LOCALS~1\Temp\AMDPCI.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2001-10-30 280782]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-09-23 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-01-13 25280]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 42000]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.10\RivaTuner32.sys []
S3 SkLaggProtocol;Marvell Link Aggregation Protocol (LAGG) Support; C:\WINDOWS\system32\DRIVERS\yk51lagg.sys []
S3 SkVlanProtocol;Marvell Virtual LAN (VLAN) Support; C:\WINDOWS\system32\DRIVERS\skvlan.sys [2006-05-17 19328]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20070124.002\symidsco.sys []
S3 TAPBIND;TAPBIND; \??\C:\DOCUME~1\Scott\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\TAPBIND1.SYS []
S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2006-09-18 16640]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-09-06 30336]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-08-19 189568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 AVP;Kaspersky Anti-Virus; C:\Kaspersky Anti-Virus 2009\avp.exe [2008-07-29 206088]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-01 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-11-01 107832]
R2 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager; C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe [2007-12-12 16168]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-09-26 503608]
S2 mabidwe;mabidwe; C:\WINDOWS\system32\mabidwe.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-10-05 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.04 2008-12-16 10:42:24

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0.8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AGEIA PhysX v7.07.09-->MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6}
AMD CPUInfo-->MsiExec.exe /X{6B619ED4-492F-4AD2-BCA7-563AFC938B0F}
AMD Power Monitor-->MsiExec.exe /X{5EE721AA-5619-4016-908D-84DCAAFA336F}
Apple Mobile Device Support-->MsiExec.exe /I{3EBD3749-304E-4A4C-9575-C00E5F015217}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AsusUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9
Audiosurf Beta-->"C:\Program Files\Audiosurf\unins000.exe"
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x9 Brunin03.dll -removeonly
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F}
Company of Heroes-->"C:\Company of Heroes\Uninstall_English.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10
DH Driver Cleaner Professional Edition-->C:\Program Files\Driver Cleaner Pro\Uninstall.exe
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
D-Link CPA-->MsiExec.exe /X{8C70EEE7-2E47-4B12-A35E-508DF9259DC1}
D-Link DGE-530T-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8215DC5E-FDF8-4C8D-A2AC-1A0B1D6F3D3D}
Download Manager 2.3.7-->C:\Program Files\Download Manager\uninst.exe
Dual-Core Optimizer-->MsiExec.exe /X{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Easy Video to iPod/MP4/PSP/3GP Converter 1.3.7-->"C:\Program Files\Easy iPod MP4 PSP 3GP\unins000.exe"
ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fiddler2 (remove only)-->"C:\Program Files\Fiddler2\uninst.exe"
FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)-->C:\WINDOWS\SQL9_KB948109_ENU\Hotfix.exe /Uninstall
GDR 3068 for SQL Server Tools and Workstation Components 2005 ENU (KB948109)-->C:\WINDOWS\SQLTools9_KB948109_ENU\Hotfix.exe /Uninstall
GrabIt 1.6.2 Beta (build 940)-->"C:\Program Files\GrabIt\unins000.exe"
GSC-->C:\Program Files\InstallShield Installation Information\{298FC7A4-44AF-411D-BB17-C8516C20849B}\setup.exe -runfromtemp -l0x0409
Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{B045B608-4A47-4C77-9EAD-06C394503306}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A}
LimeWire PRO 4.14.3-->"C:\Program Files\LimeWire\uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Device Emulator version 1.0 - ENU-->MsiExec.exe /X{78B75C6D-E53C-424C-BF83-4B63BD4A6682}
Microsoft Document Explorer 2005-->C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft LifeChat-->MsiExec.exe /X{66039B36-96AE-40D1-8A32-071F7A61B738}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools-->MsiExec.exe /X{1389C6A4-4965-4AEC-9175-08B54A10FA48}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIRC-->"C:\Program Files\mIRC\mirc.exe" -uninstall
Motherboard Monitor 5-->"C:\Program Files\AMD\Motherboard Monitor 5\unins000.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
MySQL Connector/ODBC 3.51-->MsiExec.exe /I{F929096B-54A0-4C5C-B125-1E7EB1917412}
Nero 7 Demo-->MsiExec.exe /I{692854CC-97EF-4307-B787-8C6787B91033}
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
NVIDIA nTune-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1033
NvMixer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC}
PartyPoker-->"C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe" "C:\Program Files\PartyGaming\PartyPoker\install.log"
PC Probe II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\Setup.exe" -l0x9
PFConfig 1.0.160-->C:\Program Files\PFConfig\uninst.exe
Prime95-->"C:\Program Files\Prime95\Uninstall.exe" "C:\Program Files\Prime95\install.log"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RivaTuner v2.10-->"C:\Program Files\RivaTuner v2.10\uninstall.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Simply Accounting by Sage 2008-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5567F737-98A5-4CF3-8B4A-2F4E515966F7}\setup.exe" -l0x9 -removeonly
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Steam-->C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
The Sims 2-->C:\The Sims 2\EAUninstall.exe
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
WC3Banlist-->"C:\Warcraft III\WC3 Files\WC3Banlist\unins000.exe"
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\amdk8.inf
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 4.0-->C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
XTreme-G 92.91-->"C:\XTreme-G 92.91\unins000.exe"
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"

======Security center information======

AV: Kaspersky Anti-Virus

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;c:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\QuickTime\QTSystem;c:\Program Files\Microsoft SQL Server\90\Tools\binn\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

-----------------EOF-----------------

let me know what's next!

[Shaba]

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Azureus Vuze
LimeWire PRO 4.14.3

I'd like you to read the this thread.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

After that, you will need to uninstall Kaspersky Anti-Virus 2009 as it appears not to be legit.

Please install one of the free antiviruses from below after uninstallation:

Please download a free anti-virus software from one these excellent vendors NOW:

1) Antivir PersonalEdition Classic - Free anti-virus software for Windows. Free support.
2) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.
3) AVG Anti-Virus Free Edition - Free edition of the AVG anti-virus program for Windows.

You should run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and results in program conflicts and false virus alerts.

Delete info.txt from c:\rsit folder.

Re-run rsit.

Post fresh rsit logs, please.

[Ivona]

Hey, got rid of those progys and ran avast. Here's the new logs. Thanks again for your guidance and help thus far.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Scott at 2008-12-16 20:12:15
Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (14%) free of 153 GB
Total RAM: 2047 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:12:25 PM, on 12/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Scott\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Scott.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.7.109.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1228532727828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1228532679343
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: vwfarr.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mabidwe - Unknown owner - C:\WINDOWS\system32\mabidwe.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Simply Accounting Database Connection Manager - Sage Software - C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe

--
End of file - 10015 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2006-03-31 191096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"SetDefPrt"=C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe [2005-01-26 49152]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-09-26 267064]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2006-04-10 61440]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2006-03-28 622592]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2006-11-17 77824]
"LifeChat"=c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21 267296]
"ConnectionManager"=C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe [2007-12-12 38184]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-12-20 131072]
"avast!"=C:\PROGRA~1\Avast4\ashDisp.exe [2008-11-26 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"igndlm.exe"=C:\Program Files\Download Manager\DLM.exe [2008-08-01 1103216]
"WeatherEye"=C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe [2008-02-01 4487064]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\Scott\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="vwfarr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Battlefield 2\BF2.exe"="C:\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Warcraft III\Frozen Throne.exe"="C:\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne"
"C:\Far Cry 2\bin\FarCry2.exe"="C:\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Far Cry 2\bin\FC2Launcher.exe"="C:\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Far Cry 2\bin\FC2Editor.exe"="C:\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\Scott\Desktop\WC3 List Checker\pickup.listchecker.exe"="C:\Documents and Settings\Scott\Desktop\WC3 List Checker\pickup.listchecker.exe:*:Enabled:pickup.listchecker"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0dfe9e7-5d51-11dc-86d7-0015f2d2224c}]
shell\AutoRun\command - G:\LaunchU3.exe -a


======List of files/folders created in the last 2 months======

2008-12-16 12:30:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-16 12:30:52 ----D---- C:\Program Files\Avast4
2008-12-16 12:19:09 ----SHD---- C:\Config.Msi
2008-12-16 10:42:07 ----D---- C:\rsit
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\java.exe
2008-12-11 11:54:10 ----D---- C:\Documents and Settings\Scott\Application Data\Kaspersky_Key_Finder_(KKF
2008-12-11 11:45:29 ----D---- C:\Kaspersky Anti-Virus 2009
2008-12-11 11:40:14 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-12-07 14:52:30 ----SHD---- C:\RECYCLER
2008-12-07 14:37:32 ----D---- C:\WINDOWS\ie7updates
2008-12-07 14:37:01 ----D---- C:\WINDOWS\WBEM
2008-12-07 14:35:42 ----HDC---- C:\WINDOWS\ie7
2008-12-07 14:35:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-07 14:35:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-07 14:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-07 13:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-07 13:57:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-07 13:57:32 ----D---- C:\Program Files\MSXML 4.0
2008-12-07 13:57:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-07 13:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-07 13:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-12-07 13:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-07 13:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-07 13:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-07 13:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-07 13:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-07 13:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-07 13:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-07 13:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-07 13:52:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-07 13:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-07 13:52:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-07 13:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-07 13:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-07 13:51:35 ----D---- C:\WINDOWS\SQLTools9_KB948109_ENU
2008-12-07 13:49:29 ----D---- C:\WINDOWS\SQL9_KB948109_ENU
2008-12-07 13:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-12-07 13:48:53 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-07 13:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-07 13:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-07 13:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-07 11:50:13 ----A---- C:\ComboFix.txt
2008-12-06 01:43:03 ----A---- C:\WINDOWS\system32\6b7aa3be-.txt
2008-12-05 23:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-05 22:51:54 ----D---- C:\Program Files\MSXML 6.0
2008-12-05 22:20:11 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-12-05 22:19:59 ----RA---- C:\WINDOWS\system32\fdco1.dll
2008-12-05 22:19:57 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2008-12-05 22:19:57 ----RA---- C:\WINDOWS\system32\bdco1.dll
2008-12-05 22:19:57 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-05 22:06:50 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-02 09:11:08 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-02 09:09:42 ----D---- C:\WINDOWS\Prefetch
2008-12-02 08:59:50 ----A---- C:\WINDOWS\setuplog.txt
2008-12-02 08:58:46 ----D---- C:\WINDOWS\system32\en-us
2008-12-02 08:58:45 ----D---- C:\WINDOWS\system32\scripting
2008-12-02 08:58:45 ----D---- C:\WINDOWS\system32\en
2008-12-02 08:58:45 ----D---- C:\WINDOWS\l2schemas
2008-12-02 08:58:44 ----D---- C:\WINDOWS\system32\bits
2008-12-02 08:57:05 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-02 08:55:03 ----D---- C:\WINDOWS\network diagnostic
2008-12-02 08:53:53 ----A---- C:\WINDOWS\imsins.BAK
2008-12-02 08:52:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-02 00:11:25 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-12-02 00:11:25 ----A---- C:\WINDOWS\system32\wmphoto.dll
2008-12-02 00:11:24 ----A---- C:\WINDOWS\system32\wlanapi.dll
2008-12-02 00:11:23 ----A---- C:\WINDOWS\system32\windowscodecsext.dll
2008-12-02 00:11:23 ----A---- C:\WINDOWS\system32\windowscodecs.dll
2008-12-02 00:11:21 ----A---- C:\WINDOWS\system32\tspkg.dll
2008-12-02 00:11:21 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-12-02 00:11:19 ----A---- C:\WINDOWS\system32\spupdwxp.exe
2008-12-02 00:11:19 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-12-02 00:11:18 ----N---- C:\WINDOWS\slrundll.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slserv.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slgen.dll
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\setupn.exe
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\rasqec.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qutil.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qcliprov.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qagentrt.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qagent.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\photometadatahandler.dll
2008-12-02 00:11:14 ----A---- C:\WINDOWS\system32\onex.dll
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napstat.exe
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napmontr.dll
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napipsec.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\mssha.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcperf.exe
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcex.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-02 00:11:05 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kmsvc.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdpash.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-02 00:10:58 ----A---- C:\WINDOWS\system32\smtpapi.dll
2008-12-02 00:10:58 ----A---- C:\WINDOWS\system32\rwnh.dll
2008-12-02 00:10:57 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-12-02 00:10:56 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-02 00:10:54 ----A---- C:\WINDOWS\system32\faxpatch.exe
2008-12-02 00:10:54 ----A---- C:\WINDOWS\003061_.tmp
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapsvc.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapqec.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappprxy.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapphost.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappgnui.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappcfg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapolqec.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3ui.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3svc.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3msm.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3api.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dimsroam.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-02 00:10:51 ----A---- C:\WINDOWS\system32\credssp.dll
2008-12-02 00:10:49 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\azroles.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-02 00:10:45 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-12-01 17:23:35 ----A---- C:\Boot.bak
2008-12-01 17:23:31 ----RASHD---- C:\cmdcons
2008-12-01 17:21:17 ----A---- C:\WINDOWS\zip.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\VFIND.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWSC.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWREG.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\sed.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\grep.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\fdsv.exe
2008-12-01 17:17:51 ----D---- C:\WINDOWS\ERDNT
2008-12-01 17:17:51 ----D---- C:\Qoobox
2008-12-01 16:56:45 ----D---- C:\Program Files\Trend Micro
2008-11-29 14:37:53 ----D---- C:\Program Files\Common Files\NVIDIA Shared
2008-11-29 14:37:23 ----A---- C:\WINDOWS\system32\nvuaudio.exe
2008-11-21 17:00:42 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2008-11-21 16:59:12 ----D---- C:\WINDOWS\system32\xlive
2008-11-21 16:58:44 ----D---- C:\Fallout 3
2008-11-11 16:24:04 ----D---- C:\Program Files\MSECache
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-01 20:44:11 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-01 20:44:10 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-01 20:44:10 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-01 20:44:09 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-01 20:43:35 ----D---- C:\WINDOWS\Logs
2008-11-01 20:42:30 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-11-01 20:38:35 ----D---- C:\Far Cry 2

======List of files/folders modified in the last 2 months======

2008-12-16 19:44:37 ----D---- C:\WINDOWS\system32
2008-12-16 19:44:34 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-16 17:39:45 ----D---- C:\Downloaded Programs
2008-12-16 17:39:29 ----D---- C:\WINDOWS\Temp
2008-12-16 12:39:44 ----D---- C:\Program Files\Mozilla Firefox
2008-12-16 12:35:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-16 12:34:06 ----RD---- C:\Program Files
2008-12-16 12:33:21 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-16 12:31:12 ----D---- C:\WINDOWS\system32\drivers
2008-12-16 12:31:10 ----D---- C:\WINDOWS\system32\config
2008-12-16 12:26:49 ----D---- C:\WINDOWS
2008-12-16 12:20:29 ----D---- C:\Documents and Settings\Scott\Application Data\Skype
2008-12-16 12:20:06 ----SHD---- C:\WINDOWS\Installer
2008-12-16 12:19:28 ----HD---- C:\WINDOWS\inf
2008-12-16 10:38:21 ----D---- C:\Warcraft III
2008-12-16 08:02:03 ----D---- C:\Documents and Settings\Scott\Application Data\skypePM
2008-12-12 13:11:41 ----D---- C:\Documents and Settings\Scott\Application Data\Azureus
2008-12-12 09:21:58 ----D---- C:\Program Files\Java
2008-12-11 11:43:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-11 11:41:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-11 09:14:08 ----D---- C:\Program Files\EsetOnlineScanner
2008-12-11 09:13:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-07 16:09:11 ----D---- C:\Program Files\mIRC
2008-12-07 14:39:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-07 14:39:39 ----D---- C:\WINDOWS\Help
2008-12-07 14:39:39 ----D---- C:\Program Files\Internet Explorer
2008-12-07 14:37:20 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-07 14:36:54 ----D---- C:\WINDOWS\Media
2008-12-07 14:12:13 ----RSD---- C:\WINDOWS\assembly
2008-12-07 14:11:45 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-07 13:57:32 ----D---- C:\WINDOWS\WinSxS
2008-12-07 13:55:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-07 13:52:09 ----D---- C:\Program Files\Messenger
2008-12-07 13:51:44 ----D---- C:\Program Files\Microsoft SQL Server
2008-12-07 13:51:40 ----D---- C:\WINDOWS\Registration
2008-12-07 13:46:31 ----A---- C:\WINDOWS\win.ini
2008-12-07 13:45:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-07 13:34:39 ----SHD---- C:\WINDOWS\CSC
2008-12-07 13:34:38 ----D---- C:\WINDOWS\Minidump
2008-12-07 11:47:19 ----A---- C:\WINDOWS\system.ini
2008-12-07 11:43:29 ----D---- C:\WINDOWS\AppPatch
2008-12-07 11:43:29 ----D---- C:\Program Files\Common Files
2008-12-06 14:11:38 ----SD---- C:\WINDOWS\Tasks
2008-12-06 06:47:37 ----A---- C:\WINDOWS\WININIT.INI
2008-12-05 22:37:58 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-05 22:20:59 ----D---- C:\WINDOWS\Downloaded Installations
2008-12-05 22:19:56 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-05 22:18:46 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-05 15:26:06 ----D---- C:\Program Files\Steam
2008-12-02 09:10:58 ----D---- C:\WINDOWS\Debug
2008-12-02 09:09:16 ----D---- C:\WINDOWS\system32\Setup
2008-12-02 09:09:15 ----D---- C:\WINDOWS\system32\wbem
2008-12-02 09:09:14 ----RSD---- C:\WINDOWS\Fonts
2008-12-02 09:01:43 ----D---- C:\WINDOWS\security
2008-12-02 08:58:55 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-02 08:58:55 ----D---- C:\WINDOWS\ime
2008-12-02 08:58:46 ----D---- C:\WINDOWS\system32\usmt
2008-12-02 08:58:44 ----D---- C:\WINDOWS\PeerNet
2008-12-02 08:58:44 ----D---- C:\Program Files\Movie Maker
2008-12-02 08:56:56 ----D---- C:\WINDOWS\system32\Restore
2008-12-02 08:56:56 ----D---- C:\WINDOWS\system32\npp
2008-12-02 08:56:56 ----D---- C:\WINDOWS\mui
2008-12-02 08:56:55 ----D---- C:\WINDOWS\msagent
2008-12-02 08:56:53 ----D---- C:\WINDOWS\srchasst
2008-12-02 08:56:53 ----D---- C:\Program Files\NetMeeting
2008-12-02 08:56:51 ----D---- C:\WINDOWS\system32\Com
2008-12-02 08:56:49 ----D---- C:\Program Files\Windows NT
2008-12-02 08:56:49 ----D---- C:\Program Files\Windows Media Player
2008-12-02 08:56:49 ----D---- C:\Program Files\Outlook Express
2008-12-02 08:56:46 ----D---- C:\Program Files\Common Files\System
2008-12-02 08:56:29 ----D---- C:\WINDOWS\system32\oobe
2008-12-02 08:56:28 ----D---- C:\WINDOWS\system
2008-12-02 08:51:59 ----D---- C:\WINDOWS\ehome
2008-12-01 17:23:35 ----RASH---- C:\boot.ini
2008-11-30 01:38:47 ----A---- C:\WINDOWS\ODBC.INI
2008-11-29 14:37:52 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-29 14:37:52 ----D---- C:\Program Files\NVIDIA Corporation
2008-11-29 14:36:58 ----D---- C:\NVIDIA
2008-11-21 17:00:41 ----D---- C:\WINDOWS\system32\DirectX
2008-11-11 17:13:52 ----D---- C:\Music
2008-11-11 16:24:15 ----D---- C:\Program Files\Microsoft Office
2008-11-03 16:10:26 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-01 20:45:51 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-11-01 20:42:39 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-11-01 20:42:30 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-10-29 18:56:45 ----D---- C:\shared
2008-10-29 14:28:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-20 20:42:52 ----D---- C:\Scott

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-10-27 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2006-10-30 18048]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-09-02 15781]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AmdTools;AMD Special Tools Driver; C:\WINDOWS\system32\DRIVERS\AmdTools.sys [2006-06-07 29696]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
S3 a5e5uk1k;a5e5uk1k; C:\WINDOWS\system32\drivers\a5e5uk1k.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 AMDPCI;AMDPCI; \??\C:\DOCUME~1\Scott\LOCALS~1\Temp\AMDPCI.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2001-10-30 280782]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-09-23 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-01-13 25280]
S3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys [2007-02-15 250752]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 42000]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.10\RivaTuner32.sys []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20070124.002\symidsco.sys []
S3 TAPBIND;TAPBIND; \??\C:\DOCUME~1\Scott\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\TAPBIND1.SYS []
S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2006-09-18 16640]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-09-06 30336]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-08-19 189568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast4\ashServ.exe [2008-11-26 155160]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-01 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-11-01 107832]
R2 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager; C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe [2007-12-12 16168]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-09-26 503608]
S2 mabidwe;mabidwe; C:\WINDOWS\system32\mabidwe.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-10-05 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.04 2008-12-16 20:12:28

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0.8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AGEIA PhysX v7.07.09-->MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6}
AMD CPUInfo-->MsiExec.exe /X{6B619ED4-492F-4AD2-BCA7-563AFC938B0F}
AMD Power Monitor-->MsiExec.exe /X{5EE721AA-5619-4016-908D-84DCAAFA336F}
Apple Mobile Device Support-->MsiExec.exe /I{3EBD3749-304E-4A4C-9575-C00E5F015217}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AsusUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9
Audiosurf Beta-->"C:\Program Files\Audiosurf\unins000.exe"
avast! Antivirus-->C:\Program Files\Avast4\aswRunDll.exe "C:\Program Files\Avast4\Setup\setiface.dll",RunSetup
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x9 Brunin03.dll -removeonly
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Company of Heroes - FAKEMSI-->MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671}
Company of Heroes - FAKEMSI-->MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F}
Company of Heroes-->"C:\Company of Heroes\Uninstall_English.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10
DH Driver Cleaner Professional Edition-->C:\Program Files\Driver Cleaner Pro\Uninstall.exe
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Download Manager 2.3.7-->C:\Program Files\Download Manager\uninst.exe
Dual-Core Optimizer-->MsiExec.exe /X{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Easy Video to iPod/MP4/PSP/3GP Converter 1.3.7-->"C:\Program Files\Easy iPod MP4 PSP 3GP\unins000.exe"
ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fiddler2 (remove only)-->"C:\Program Files\Fiddler2\uninst.exe"
FlashFXP v3-->"C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)-->C:\WINDOWS\SQL9_KB948109_ENU\Hotfix.exe /Uninstall
GDR 3068 for SQL Server Tools and Workstation Components 2005 ENU (KB948109)-->C:\WINDOWS\SQLTools9_KB948109_ENU\Hotfix.exe /Uninstall
GrabIt 1.6.2 Beta (build 940)-->"C:\Program Files\GrabIt\unins000.exe"
GSC-->C:\Program Files\InstallShield Installation Information\{298FC7A4-44AF-411D-BB17-C8516C20849B}\setup.exe -runfromtemp -l0x0409
Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{B045B608-4A47-4C77-9EAD-06C394503306}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Device Emulator version 1.0 - ENU-->MsiExec.exe /X{78B75C6D-E53C-424C-BF83-4B63BD4A6682}
Microsoft Document Explorer 2005-->C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft LifeChat-->MsiExec.exe /X{66039B36-96AE-40D1-8A32-071F7A61B738}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools-->MsiExec.exe /X{1389C6A4-4965-4AEC-9175-08B54A10FA48}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005-->"c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIRC-->"C:\Program Files\mIRC\mirc.exe" -uninstall
Motherboard Monitor 5-->"C:\Program Files\AMD\Motherboard Monitor 5\unins000.exe"
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}
MySQL Connector/ODBC 3.51-->MsiExec.exe /I{F929096B-54A0-4C5C-B125-1E7EB1917412}
Nero 7 Demo-->MsiExec.exe /I{692854CC-97EF-4307-B787-8C6787B91033}
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
NVIDIA nTune-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1033
NvMixer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC}
PartyPoker-->"C:\Program Files\PartyGaming\PartyPoker\Uninstall.exe" "C:\Program Files\PartyGaming\PartyPoker\install.log"
PC Probe II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\Setup.exe" -l0x9
PFConfig 1.0.160-->C:\Program Files\PFConfig\uninst.exe
Prime95-->"C:\Program Files\Prime95\Uninstall.exe" "C:\Program Files\Prime95\install.log"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RivaTuner v2.10-->"C:\Program Files\RivaTuner v2.10\uninstall.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Simply Accounting by Sage 2008-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5567F737-98A5-4CF3-8B4A-2F4E515966F7}\setup.exe" -l0x9 -removeonly
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Steam-->C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
The Sims 2-->C:\The Sims 2\EAUninstall.exe
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
ViewSonic Monitor Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9
WC3Banlist-->"C:\Warcraft III\WC3 Files\WC3Banlist\unins000.exe"
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\amdk8.inf
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPcap 4.0-->C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
XTreme-G 92.91-->"C:\XTreme-G 92.91\unins000.exe"
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 081216-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Adobe\AGL;c:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\QuickTime\QTSystem;c:\Program Files\Microsoft SQL Server\90\Tools\binn\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 43 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=2b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

-----------------EOF-----------------

[Shaba]

Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  Code:

  :files
  C:\Documents and Settings\Scott\Application Data\Kaspersky_Key_Finder_(KKF
  C:\Kaspersky Anti-Virus 2009
  C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup 
  C:\WINDOWS\system32\6b7aa3be-.txt
  C:\WINDOWS\003061_.tmp
  
  Files
  :reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLS"=-
  
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
  "C:\Program Files\Azureus\Azureus.exe"=-
  
  :commands
  [EmptyTemp]
  [reboot]

• Return to OTMoveIt3, right click in the "Paste List of Files/Folders to Move" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Re-run rsit.

Post:

- a fresh rsit log (only log.txt will appear)
- otmoveit3 log

[Ivona]

heres the log from otmoveit and a new rsit log

========== FILES ==========
C:\Documents and Settings\Scott\Application Data\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_5wketafbcf1pqo1jl2tljtzd4ij0z3z0\1.5.2.0 moved successfully.
C:\Documents and Settings\Scott\Application Data\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_5wketafbcf1pqo1jl2tljtzd4ij0z3z0 moved successfully.
C:\Documents and Settings\Scott\Application Data\Kaspersky_Key_Finder_(KKF moved successfully.
C:\Kaspersky Anti-Virus 2009 moved successfully.
File/Folder C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup not found.
C:\WINDOWS\system32\6b7aa3be-.txt moved successfully.
C:\WINDOWS\003061_.tmp moved successfully.
File/Folder Files not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLS deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\Azureus\Azureus.exe deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Scott\LOCALS~1\Temp\~DF4663.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Scott\LOCALS~1\Temp\~DF4675.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Scott\LOCALS~1\Temp\~DFE96A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Scott\LOCALS~1\Temp\~DFE9DA.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Scott\LOCALS~1\Temp\~ROMFN_000002C4 scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5dc.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7f8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12172008_123918

Files moved on Reboot...
File C:\DOCUME~1\Scott\LOCALS~1\Temp\~DF4663.tmp not found!
File C:\DOCUME~1\Scott\LOCALS~1\Temp\~DF4675.tmp not found!
File C:\DOCUME~1\Scott\LOCALS~1\Temp\~DFE96A.tmp not found!
File C:\DOCUME~1\Scott\LOCALS~1\Temp\~DFE9DA.tmp not found!
File C:\DOCUME~1\Scott\LOCALS~1\Temp\~ROMFN_000002C4 not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_5dc.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_7f8.dat not found!


Logfile of random's system information tool 1.04 (written by random/random)
Run by Scott at 2008-12-17 12:47:02
Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (14%) free of 153 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:12 PM, on 12/17/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Scott\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Scott.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.7.109.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1228532727828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1228532679343
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mabidwe - Unknown owner - C:\WINDOWS\system32\mabidwe.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Simply Accounting Database Connection Manager - Sage Software - C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe

--
End of file - 10240 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5A1691B-D188-4419-AD02-90002030B8EE}]
FlashFXP Helper for Internet Explorer - C:\PROGRA~1\FlashFXP\IEFlash.dll [2006-03-31 191096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"SetDefPrt"=C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe [2005-01-26 49152]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-09-26 267064]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2006-04-10 61440]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2006-03-28 622592]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2006-11-17 77824]
"LifeChat"=c:\Program Files\Microsoft LifeChat\LifeChat.exe [2008-08-21 267296]
"ConnectionManager"=C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe [2007-12-12 38184]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-12-20 131072]
"avast!"=C:\PROGRA~1\Avast4\ashDisp.exe [2008-11-26 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"igndlm.exe"=C:\Program Files\Download Manager\DLM.exe [2008-08-01 1103216]
"WeatherEye"=C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe [2008-02-01 4487064]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\Scott\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Battlefield 2\BF2.exe"="C:\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Warcraft III\Frozen Throne.exe"="C:\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne"
"C:\Far Cry 2\bin\FarCry2.exe"="C:\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"C:\Far Cry 2\bin\FC2Launcher.exe"="C:\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"C:\Far Cry 2\bin\FC2Editor.exe"="C:\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\Scott\Desktop\WC3 List Checker\pickup.listchecker.exe"="C:\Documents and Settings\Scott\Desktop\WC3 List Checker\pickup.listchecker.exe:*:Enabled:pickup.listchecker"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0dfe9e7-5d51-11dc-86d7-0015f2d2224c}]
shell\AutoRun\command - G:\LaunchU3.exe -a


======List of files/folders created in the last 2 months======

2008-12-17 12:39:18 ----D---- C:\_OTMoveIt
2008-12-16 12:30:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-16 12:30:52 ----D---- C:\Program Files\Avast4
2008-12-16 12:19:09 ----SHD---- C:\Config.Msi
2008-12-16 10:42:07 ----D---- C:\rsit
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-12 09:21:59 ----A---- C:\WINDOWS\system32\java.exe
2008-12-11 11:40:14 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-12-07 14:52:30 ----SHD---- C:\RECYCLER
2008-12-07 14:37:32 ----D---- C:\WINDOWS\ie7updates
2008-12-07 14:37:01 ----D---- C:\WINDOWS\WBEM
2008-12-07 14:35:42 ----HDC---- C:\WINDOWS\ie7
2008-12-07 14:35:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-07 14:35:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-07 14:03:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-07 13:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-07 13:57:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-07 13:57:32 ----D---- C:\Program Files\MSXML 4.0
2008-12-07 13:57:24 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-07 13:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-07 13:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-12-07 13:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-07 13:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-07 13:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-07 13:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-07 13:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-07 13:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-07 13:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-07 13:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-07 13:52:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-07 13:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-07 13:52:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-07 13:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-07 13:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-07 13:51:35 ----D---- C:\WINDOWS\SQLTools9_KB948109_ENU
2008-12-07 13:49:29 ----D---- C:\WINDOWS\SQL9_KB948109_ENU
2008-12-07 13:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-12-07 13:48:53 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-12-07 13:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-07 13:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-07 13:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-07 11:50:13 ----A---- C:\ComboFix.txt
2008-12-05 23:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-05 22:51:54 ----D---- C:\Program Files\MSXML 6.0
2008-12-05 22:20:11 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-12-05 22:19:59 ----RA---- C:\WINDOWS\system32\fdco1.dll
2008-12-05 22:19:57 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2008-12-05 22:19:57 ----RA---- C:\WINDOWS\system32\bdco1.dll
2008-12-05 22:19:57 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-05 22:06:50 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-02 09:11:08 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-02 09:09:42 ----D---- C:\WINDOWS\Prefetch
2008-12-02 08:59:50 ----A---- C:\WINDOWS\setuplog.txt
2008-12-02 08:58:46 ----D---- C:\WINDOWS\system32\en-us
2008-12-02 08:58:45 ----D---- C:\WINDOWS\system32\scripting
2008-12-02 08:58:45 ----D---- C:\WINDOWS\system32\en
2008-12-02 08:58:45 ----D---- C:\WINDOWS\l2schemas
2008-12-02 08:58:44 ----D---- C:\WINDOWS\system32\bits
2008-12-02 08:57:05 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-02 08:55:03 ----D---- C:\WINDOWS\network diagnostic
2008-12-02 08:53:53 ----A---- C:\WINDOWS\imsins.BAK
2008-12-02 08:52:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-02 00:11:25 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-12-02 00:11:25 ----A---- C:\WINDOWS\system32\wmphoto.dll
2008-12-02 00:11:24 ----A---- C:\WINDOWS\system32\wlanapi.dll
2008-12-02 00:11:23 ----A---- C:\WINDOWS\system32\windowscodecsext.dll
2008-12-02 00:11:23 ----A---- C:\WINDOWS\system32\windowscodecs.dll
2008-12-02 00:11:21 ----A---- C:\WINDOWS\system32\tspkg.dll
2008-12-02 00:11:21 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-12-02 00:11:19 ----A---- C:\WINDOWS\system32\spupdwxp.exe
2008-12-02 00:11:19 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-12-02 00:11:18 ----N---- C:\WINDOWS\slrundll.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slserv.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slgen.dll
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-12-02 00:11:18 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\setupn.exe
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-02 00:11:16 ----A---- C:\WINDOWS\system32\rasqec.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qutil.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qcliprov.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qagentrt.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\qagent.dll
2008-12-02 00:11:15 ----A---- C:\WINDOWS\system32\photometadatahandler.dll
2008-12-02 00:11:14 ----A---- C:\WINDOWS\system32\onex.dll
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napstat.exe
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napmontr.dll
2008-12-02 00:11:12 ----A---- C:\WINDOWS\system32\napipsec.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-02 00:11:11 ----A---- C:\WINDOWS\system32\mssha.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcperf.exe
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\mmcex.dll
2008-12-02 00:11:06 ----A---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-02 00:11:05 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kmsvc.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdpash.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-02 00:11:01 ----A---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-02 00:10:58 ----A---- C:\WINDOWS\system32\smtpapi.dll
2008-12-02 00:10:58 ----A---- C:\WINDOWS\system32\rwnh.dll
2008-12-02 00:10:57 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-12-02 00:10:56 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-02 00:10:54 ----A---- C:\WINDOWS\system32\faxpatch.exe
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapsvc.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapqec.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappprxy.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapphost.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappgnui.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eappcfg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\eapolqec.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3ui.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3svc.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3msm.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-02 00:10:53 ----A---- C:\WINDOWS\system32\dot3api.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dimsroam.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-02 00:10:52 ----A---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-02 00:10:51 ----A---- C:\WINDOWS\system32\credssp.dll
2008-12-02 00:10:49 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\azroles.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-02 00:10:48 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-02 00:10:45 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-12-01 17:23:35 ----A---- C:\Boot.bak
2008-12-01 17:23:31 ----RASHD---- C:\cmdcons
2008-12-01 17:21:17 ----A---- C:\WINDOWS\zip.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\VFIND.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWSC.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\SWREG.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\sed.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\grep.exe
2008-12-01 17:21:17 ----A---- C:\WINDOWS\fdsv.exe
2008-12-01 17:17:51 ----D---- C:\WINDOWS\ERDNT
2008-12-01 17:17:51 ----D---- C:\Qoobox
2008-12-01 16:56:45 ----D---- C:\Program Files\Trend Micro
2008-11-29 14:37:53 ----D---- C:\Program Files\Common Files\NVIDIA Shared
2008-11-29 14:37:23 ----A---- C:\WINDOWS\system32\nvuaudio.exe
2008-11-21 17:00:42 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2008-11-21 16:59:12 ----D---- C:\WINDOWS\system32\xlive
2008-11-21 16:58:44 ----D---- C:\Fallout 3
2008-11-11 16:24:04 ----D---- C:\Program Files\MSECache
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-11-01 20:44:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-11-01 20:44:11 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-11-01 20:44:10 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-11-01 20:44:10 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-11-01 20:44:09 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-11-01 20:43:35 ----D---- C:\WINDOWS\Logs
2008-11-01 20:42:30 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-11-01 20:38:35 ----D---- C:\Far Cry 2

======List of files/folders modified in the last 2 months======

2008-12-17 12:44:25 ----D---- C:\WINDOWS\Temp
2008-12-17 12:42:52 ----D---- C:\WINDOWS\system32\config
2008-12-17 12:41:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-17 12:41:23 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-17 12:41:12 ----D---- C:\Documents and Settings\Scott\Application Data\Skype
2008-12-17 12:39:18 ----D---- C:\WINDOWS\system32
2008-12-17 12:39:18 ----D---- C:\WINDOWS
2008-12-17 12:36:04 ----D---- C:\Warcraft III
2008-12-17 08:02:50 ----D---- C:\Documents and Settings\Scott\Application Data\skypePM
2008-12-16 17:39:45 ----D---- C:\Downloaded Programs
2008-12-16 12:39:44 ----D---- C:\Program Files\Mozilla Firefox
2008-12-16 12:34:06 ----RD---- C:\Program Files
2008-12-16 12:33:21 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-16 12:31:12 ----D---- C:\WINDOWS\system32\drivers
2008-12-16 12:20:06 ----SHD---- C:\WINDOWS\Installer
2008-12-16 12:19:28 ----HD---- C:\WINDOWS\inf
2008-12-12 13:11:41 ----D---- C:\Documents and Settings\Scott\Application Data\Azureus
2008-12-12 09:21:58 ----D---- C:\Program Files\Java
2008-12-11 11:43:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-11 11:41:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-11 09:14:08 ----D---- C:\Program Files\EsetOnlineScanner
2008-12-11 09:13:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-07 16:09:11 ----D---- C:\Program Files\mIRC
2008-12-07 14:39:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-07 14:39:39 ----D---- C:\WINDOWS\Help
2008-12-07 14:39:39 ----D---- C:\Program Files\Internet Explorer
2008-12-07 14:37:20 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-07 14:36:54 ----D---- C:\WINDOWS\Media
2008-12-07 14:12:13 ----RSD---- C:\WINDOWS\assembly
2008-12-07 14:11:45 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-07 13:57:32 ----D---- C:\WINDOWS\WinSxS
2008-12-07 13:55:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-07 13:52:09 ----D---- C:\Program Files\Messenger
2008-12-07 13:51:44 ----D---- C:\Program Files\Microsoft SQL Server
2008-12-07 13:51:40 ----D---- C:\WINDOWS\Registration
2008-12-07 13:46:31 ----A---- C:\WINDOWS\win.ini
2008-12-07 13:45:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-07 13:34:39 ----SHD---- C:\WINDOWS\CSC
2008-12-07 13:34:38 ----D---- C:\WINDOWS\Minidump
2008-12-07 11:47:19 ----A---- C:\WINDOWS\system.ini
2008-12-07 11:43:29 ----D---- C:\WINDOWS\AppPatch
2008-12-07 11:43:29 ----D---- C:\Program Files\Common Files
2008-12-06 14:11:38 ----SD---- C:\WINDOWS\Tasks
2008-12-06 06:47:37 ----A---- C:\WINDOWS\WININIT.INI
2008-12-05 22:37:58 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-05 22:20:59 ----D---- C:\WINDOWS\Downloaded Installations
2008-12-05 22:19:56 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-05 22:18:46 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-05 15:26:06 ----D---- C:\Program Files\Steam
2008-12-02 09:10:58 ----D---- C:\WINDOWS\Debug
2008-12-02 09:09:16 ----D---- C:\WINDOWS\system32\Setup
2008-12-02 09:09:15 ----D---- C:\WINDOWS\system32\wbem
2008-12-02 09:09:14 ----RSD---- C:\WINDOWS\Fonts
2008-12-02 09:01:43 ----D---- C:\WINDOWS\security
2008-12-02 08:58:55 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-02 08:58:55 ----D---- C:\WINDOWS\ime
2008-12-02 08:58:46 ----D---- C:\WINDOWS\system32\usmt
2008-12-02 08:58:44 ----D---- C:\WINDOWS\PeerNet
2008-12-02 08:58:44 ----D---- C:\Program Files\Movie Maker
2008-12-02 08:56:56 ----D---- C:\WINDOWS\system32\Restore
2008-12-02 08:56:56 ----D---- C:\WINDOWS\system32\npp
2008-12-02 08:56:56 ----D---- C:\WINDOWS\mui
2008-12-02 08:56:55 ----D---- C:\WINDOWS\msagent
2008-12-02 08:56:53 ----D---- C:\WINDOWS\srchasst
2008-12-02 08:56:53 ----D---- C:\Program Files\NetMeeting
2008-12-02 08:56:51 ----D---- C:\WINDOWS\system32\Com
2008-12-02 08:56:49 ----D---- C:\Program Files\Windows NT
2008-12-02 08:56:49 ----D---- C:\Program Files\Windows Media Player
2008-12-02 08:56:49 ----D---- C:\Program Files\Outlook Express
2008-12-02 08:56:46 ----D---- C:\Program Files\Common Files\System
2008-12-02 08:56:29 ----D---- C:\WINDOWS\system32\oobe
2008-12-02 08:56:28 ----D---- C:\WINDOWS\system
2008-12-02 08:51:59 ----D---- C:\WINDOWS\ehome
2008-12-01 17:23:35 ----RASH---- C:\boot.ini
2008-11-30 01:38:47 ----A---- C:\WINDOWS\ODBC.INI
2008-11-29 14:37:52 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-29 14:37:52 ----D---- C:\Program Files\NVIDIA Corporation
2008-11-29 14:36:58 ----D---- C:\NVIDIA
2008-11-21 17:00:41 ----D---- C:\WINDOWS\system32\DirectX
2008-11-11 17:13:52 ----D---- C:\Music
2008-11-11 16:24:15 ----D---- C:\Program Files\Microsoft Office
2008-11-03 16:10:26 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-01 20:45:51 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-11-01 20:42:39 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-11-01 20:42:30 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-10-29 18:56:45 ----D---- C:\shared
2008-10-29 14:28:37 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-20 20:42:52 ----D---- C:\Scott

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-10-27 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2006-10-30 18048]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-09-02 15781]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AmdTools;AMD Special Tools Driver; C:\WINDOWS\system32\DRIVERS\AmdTools.sys [2006-06-07 29696]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
S3 a9n632g4;a9n632g4; C:\WINDOWS\system32\drivers\a9n632g4.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 AMDPCI;AMDPCI; \??\C:\DOCUME~1\Scott\LOCALS~1\Temp\AMDPCI.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2001-10-30 280782]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-09-23 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-01-13 25280]
S3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link PCI Express Ethernet Controller; C:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys [2007-02-15 250752]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 42000]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.10\RivaTuner32.sys []
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20070124.002\symidsco.sys []
S3 TAPBIND;TAPBIND; \??\C:\DOCUME~1\Scott\LOCALS~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\TAPBIND1.SYS []
S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2006-09-18 16640]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-09-06 30336]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-08-19 189568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast4\ashServ.exe [2008-11-26 155160]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-11-01 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-11-01 107832]
R2 Simply Accounting Database Connection Manager;Simply Accounting Database Connection Manager; C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe [2007-12-12 16168]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-09-26 503608]
S2 mabidwe;mabidwe; C:\WINDOWS\system32\mabidwe.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-10-05 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

-----------------EOF-----------------

[Shaba]

Please go to Kaspersky website and perform an online antivirus scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   • Spyware, Adware, Dialers, and other potentially dangerous programs
     Archives
     
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply along with a fresh HijackThis log.

If you need a tutorial, see here

[Ivona]

heres those logs you requested,


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, December 18, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, December 18, 2008 10:16:46
Records in database: 1475745
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
E:\
F:\
G:\

Scan statistics:
Files scanned: 83536
Threat name: 2
Infected objects: 4
Suspicious objects: 0
Duration of the scan: 03:15:49


File name / Threat name / Threats count
C:\Downloaded Programs\MIRC\mIRC 6.16 Setup.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 1
C:\Downloaded Programs\mIRC 6.17\mirc617.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.617 1
C:\Downloaded Programs\mIRC 6.17\mirc617.rar Infected: not-a-virus:Client-IRC.Win32.mIRC.617 1
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 1

The selected area was scanned.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:06:12 PM, on 12/18/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\Device Manager\msgrdvmn.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\progra~1\common~1\instal~1\update~1\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [LifeChat] "c:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [ConnectionManager] C:\Program Files\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.7.109.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1228532727828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1228532679343
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mabidwe - Unknown owner - C:\WINDOWS\system32\mabidwe.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Simply Accounting Database Connection Manager - Sage Software - C:\Program Files\Winsim\ConnectionManager\SimplyConnectionManager.exe

--
End of file - 10200 bytes

[Shaba]

That looks good.

There is one leftover though.

Go to start - run

Type sc delete mabidwe and click ok.

Reboot.

Post back a fresh HijackThis log and tell me if you still have problems?