PDA

View Full Version : MSLN Program not found, skipping autocheck



corpit
2009-08-31, 05:33
HP Media Center PC running Windows Vista SP2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:28:47 PM, on 8/30/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Program Files\USB Safely Remove\USBSRService.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\fxssvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\ehome\ehRecvr.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nero\Nero 7\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bankofamerica.com/index.jsp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\VIDEOD~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - (no file)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NERO7~1\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/servlet/ProductMessages?module=2009&error=0&language=en&product=SymNRT&version=2009.0.0.41&build=Symantec&a=00000082.00000016.00000023&b=00000082.00000045.00000119&c=00000082.000000e6.0000026f
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2A96D88B-55DD-46de-8235-455759988526} (Intel Content Update) - http://vvswupdate.intel-support.com/gtwebcheck/aus/161/install/gtdownin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E675F40-A90C-4692-A9F7-9131BB4341F9}: NameServer = 192.168.1.254
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Unknown owner - C:\Program Files\DynDNS Updater\DynDNS.exe (file missing)
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15703 bytes

I put this posting up yesterday because when I start the computer I'm getting the message MSLN program not found, skipping autocheck....

I've noticed other more recent posts have been responded to and my post has been viewed but no one has responded. Am I being too impatient or do you need additional information?
------------------------------
[I]Please see the forum FAQ: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

This topic was started less than 24 hours ago, please do not add posts to it or you remove the zero response counter that helpers look for.

Shaba
2009-09-03, 10:36
Hi corpit

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

http://img.bleepingcomputer.com/tutorials/hijackthis/uninstall-man.jpg

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.

corpit
2009-09-03, 20:57
µTorrent
32 Bit HP CIO Components Installer
Acrobat.com
Ad-Aware
Ad-Aware
Adobe AIR
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9.1.3
AnswerWorks 5.0 English Runtime
AnyDVD
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaConverter 2.5
ArcSoft ShowBiz DVD 2
ArcSoft Video Downloader
ArcSoft VideoImpression 2
AT&T Yahoo! High Speed Internet Home Networking Installer
Avery Wizard 3.1
AviSynth 2.5
Better Homes and Gardens HD Suite 7.0 Training Videos
Better Homes and Gardens Home Designer Suite 7.0
BlackBerry Desktop Software 4.3
BlackBerry Desktop Software 4.3
BlackBerry Device Software Updater
BlackBerry Device Software v4.5.0 for the BlackBerry 8830 smartphone
BlackBerry v4.2.2 for the 8830 Series Wireless Device
BUM
BurnAware Free 2.3.9
Camtasia Studio 5
CCleaner (remove only)
CCScore
CloneDVD2
Customer Experience Enhancement
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
Duplicate Music Files Finder 1.5.5
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.5.0
DVDFab 6.0.2.2 (June 26, 2009)
Enhanced Multimedia Keyboard Solution
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
ffdshow [rev 2583] [2009-01-05]
GearDrvs
Haali Media Splitter
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Boot Optimizer
HP Customer Participation Program 10.0
HP DigitalMedia Archive
HP Document Manager 1.0
HP DVD Play 2.1
HP Imaging Device Functions 10.0
HP Officejet All-In-One Series
HP Photosmart Essential
HP Photosmart Essential 2.5
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HP Web Helper
ImgBurn
Intel(R) Matrix Storage Manager
Intel(R) Network Connections Drivers
Intel(R) Quick Resume Technology Drivers
Intel® Viiv™ Software
iTunes
iTunesFolderWatch
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 15
Java(TM) 6 Update 6
Java(TM) 6 Update 7
kgcbase
Kodak EasyShare software
LimeWire 4.14.12
Live Search Maps Add-In for Microsoft Office Outlook
LogMeIn
Malwarebytes' Anti-Malware
McAfee SecurityCenter
MediaUndelete
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Streets and Trips 2004
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Mozilla Firefox (3.0.13)
Mp3 Tag Tools v1.2
MP3 to WAV Decoder
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NEC DISPLAY SOLUTIONS: Monitor Installer
Nero 7 Ultra Edition
netbrdg
Netflix Movie Viewer
NVIDIA Drivers
OCR Software by I.R.I.S. 10.0
OfotoXMI
OGA Notifier 2.0.0048.0
Otto
PC Inspector smart recovery
Popup Blocker (Windows Live Toolbar)
Quicken 2009
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Rhapsody Player Engine
Rio Music Manager
Roxio Content 9
Roxio Media Manager
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
SFR
SHASTA
Shop for HP Supplies
skin0001
SKINXSDK
Soft Data Fax Modem with SmartCP
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sothink Movie DVD Maker
Sprint SmartView
Spybot - Search & Destroy
Spyware Doctor 6.0
Startup Delayer v2.3 (build 134)
staticcr
Symantec Technical Support Web Controls
TeraCopy 2.01
tooltips
Ultimate Extras sounds from Microsoft® Tinker™
Undelete Plus 2.94
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb972691)
Updates from HP (remove only)
USB Safely Remove 4.0
VC80CRTRedist - 8.0.50727.762
Videora iPod classic Converter 3.02
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VPRINTOL
Windows Defender
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows Sound Schemes
Windows Vista Upgrade Advisor
WIRELESS
Xilisoft MP4 Converter

Shaba
2009-09-03, 21:18
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent
LimeWire 4.14.12


I'd like you to read the this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new uninstall list scan when finished and post the log back here.

corpit
2009-09-04, 05:20
32 Bit HP CIO Components Installer
Acrobat.com
Ad-Aware
Ad-Aware
Adobe AIR
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9.1.3
AnswerWorks 5.0 English Runtime
AnyDVD
Apple Mobile Device Support
Apple Software Update
ArcSoft MediaConverter 2.5
ArcSoft ShowBiz DVD 2
ArcSoft Video Downloader
ArcSoft VideoImpression 2
AT&T Yahoo! High Speed Internet Home Networking Installer
Avery Wizard 3.1
AviSynth 2.5
Better Homes and Gardens HD Suite 7.0 Training Videos
Better Homes and Gardens Home Designer Suite 7.0
BlackBerry Desktop Software 4.3
BlackBerry Desktop Software 4.3
BlackBerry Device Software Updater
BlackBerry Device Software v4.5.0 for the BlackBerry 8830 smartphone
BlackBerry v4.2.2 for the 8830 Series Wireless Device
BUM
BurnAware Free 2.3.9
Camtasia Studio 5
CCleaner (remove only)
CCScore
CloneDVD2
Customer Experience Enhancement
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
Duplicate Music Files Finder 1.5.5
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.5.0
DVDFab 6.0.2.2 (June 26, 2009)
Enhanced Multimedia Keyboard Solution
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
ffdshow [rev 2583] [2009-01-05]
GearDrvs
Haali Media Splitter
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Boot Optimizer
HP Customer Participation Program 10.0
HP DigitalMedia Archive
HP Document Manager 1.0
HP DVD Play 2.1
HP Imaging Device Functions 10.0
HP Officejet All-In-One Series
HP Photosmart Essential
HP Photosmart Essential 2.5
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HP Web Helper
ImgBurn
Intel(R) Matrix Storage Manager
Intel(R) Network Connections Drivers
Intel(R) Quick Resume Technology Drivers
Intel® Viiv™ Software
iTunes
iTunesFolderWatch
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 15
Java(TM) 6 Update 6
Java(TM) 6 Update 7
kgcbase
Kodak EasyShare software
Live Search Maps Add-In for Microsoft Office Outlook
LogMeIn
Malwarebytes' Anti-Malware
McAfee SecurityCenter
MediaUndelete
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Streets and Trips 2004
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Mozilla Firefox (3.0.13)
Mp3 Tag Tools v1.2
MP3 to WAV Decoder
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
NEC DISPLAY SOLUTIONS: Monitor Installer
Nero 7 Ultra Edition
netbrdg
Netflix Movie Viewer
NVIDIA Drivers
OCR Software by I.R.I.S. 10.0
OfotoXMI
OGA Notifier 2.0.0048.0
Otto
PC Inspector smart recovery
Popup Blocker (Windows Live Toolbar)
Quicken 2009
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Rhapsody Player Engine
Rio Music Manager
Roxio Content 9
Roxio Media Manager
Safari
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
SFR
SHASTA
Shop for HP Supplies
skin0001
SKINXSDK
Soft Data Fax Modem with SmartCP
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sothink Movie DVD Maker
Sprint SmartView
Spybot - Search & Destroy
Spyware Doctor 6.0
Startup Delayer v2.3 (build 134)
staticcr
Symantec Technical Support Web Controls
TeraCopy 2.01
tooltips
Ultimate Extras sounds from Microsoft® Tinker™
Undelete Plus 2.94
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb972691)
Updates from HP (remove only)
USB Safely Remove 4.0
VC80CRTRedist - 8.0.50727.762
Videora iPod classic Converter 3.02
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VPRINTOL
Windows Defender
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows Sound Schemes
Windows Vista Upgrade Advisor
WIRELESS
Xilisoft MP4 Converter

Shaba
2009-09-04, 07:19
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<< will be maximized) and info.txt (<< will be minimized)

corpit
2009-09-04, 20:29
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Administrator at 2009-09-04 13:09:56
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 46 GB (20%) free of 230 GB
Total RAM: 2046 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:10:34 PM, on 9/4/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\USB Safely Remove\USBSRService.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\fxssvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\ehome\ehRecvr.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Nero\Nero 7\Nero PhotoShow 4\data\Xtras\mssysmgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\HP_Administrator\Downloads\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HP_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PAVILION&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bankofamerica.com/index.jsp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\VIDEOD~1\ARCURL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - (no file)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NERO7~1\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/servlet/ProductMessages?module=2009&error=0&language=en&product=SymNRT&version=2009.0.0.41&build=Symantec&a=00000082.00000016.00000023&b=00000082.00000045.00000119&c=00000082.000000e6.0000026f
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {2A96D88B-55DD-46de-8235-455759988526} (Intel Content Update) - http://vvswupdate.intel-support.com/gtwebcheck/aus/161/install/gtdownin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E675F40-A90C-4692-A9F7-9131BB4341F9}: NameServer = 192.168.1.254
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Unknown owner - C:\Program Files\DynDNS Updater\DynDNS.exe (file missing)
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15507 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\EasyShare Registration Task.job
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\MP Scheduled Scan.job

corpit
2009-09-04, 20:31
======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]
IEPlugin Class - C:\PROGRA~1\ArcSoft\VIDEOD~1\ARCURL~1.DLL [2008-08-04 170496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2009-05-13 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAAE832A-5FFF-4661-9C8F-369692D1DCB9}]
hpWebHelper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-05-01 645328]
"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-04-09 1176808]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-08-16 236016]
"DMAScheduler"=c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe [2006-04-13 90112]
"ftutil2"=ftutil2.dll,SetWriteCacheMode []
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-08-28 86016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-08-28 81920]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-08-28 8473120]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-04-19 151552]
"HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2006-02-15 249856]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-06-02 80896]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2009-08-24 1181064]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-12-11 185896]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-25 4702208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []
"Nero PhotoShow Media Manager"=C:\PROGRA~1\Nero\NERO7~1\NEROPH~2\data\Xtras\mssysmgr.exe [2006-05-10 249856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"USB Safely Remove"=C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2008-12-15 1100048]
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2008-12-01 89024]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""=C:\Program Files\Internet Explorer\iexplore.exe [2009-07-21 638216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nitro PDF Printer Monitor]
C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sprint SmartView]
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe [2008-08-04 18968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartupDelayer]
C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2008-11-29 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-12-11 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Manager.lnk]
C:\PROGRA~1\RESEAR~1\BLACKB~1\DESKTO~1.EXE [2007-11-12 1447184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2008-07-07 282624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2008-01-19 131584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"legalnoticecaption"=
"legalnoticetext"=
"EnableUIADesktopToggle"=0
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoFolderOptions"=0
"NoFind"=0
"NoRun"=0
"DisallowRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\1159545574\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1159545574\EE\AOLServiceHost.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL"
"C:\Program Files\D-Link Media Server\MediaGUI.exe"="C:\Program Files\D-Link Media Server\MediaGUI.exe:*:Enabled:D-Link_MediaServerGUI"
"C:\Program Files\D-Link Media Server\MediaServer.exe"="C:\Program Files\D-Link Media Server\MediaServer.exe:*:Enabled:D-Link_MediaServer"
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\HP Games\JEOPARDY\JEOPARDY!.exe"="C:\Program Files\HP Games\JEOPARDY\JEOPARDY!.exe:*:Enabled:JEOPARDY!"
"C:\Program Files\HP Games\Wheel of Fortune\Wheel of Fortune.exe"="C:\Program Files\HP Games\Wheel of Fortune\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Morpheus\Morpheus.exe"="C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:M5Shell"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\Rhapsody\rhapsody.exe"="C:\Program Files\Rhapsody\rhapsody.exe:*:Enabled:Rhapsody"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\MediaServerDump\LiveUpdate\OLUpdate.exe"="C:\WINDOWS\system32\MediaServerDump\LiveUpdate\OLUpdate.exe:*:Enabled:Media Server LiveUpdate"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ff3e5b8-fe87-11dd-9bd5-001731f10482}]
shell\AutoRun\command - H:\LaunchU3.exe -a


======File associations======

.bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"
.ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

Shaba
2009-09-04, 21:21
Please post also the rest of the logs; they cut off :)

corpit
2009-09-04, 21:38
======List of files/folders created in the last 1 months======

2009-09-04 13:09:56 ----D---- C:\rsit
2009-09-02 15:46:57 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-02 15:46:56 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-08-30 21:40:28 ----D---- C:\Program Files\Trend Micro
2009-08-29 13:00:26 ----D---- C:\Windows\system32\eu-ES
2009-08-29 13:00:26 ----D---- C:\Windows\system32\ca-ES
2009-08-29 13:00:23 ----D---- C:\Windows\system32\vi-VN
2009-08-29 12:30:09 ----D---- C:\Windows\system32\EventProviders
2009-08-29 12:29:13 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-08-29 12:29:10 ----A---- C:\Windows\system32\SLsvc.exe
2009-08-29 12:29:10 ----A---- C:\Windows\system32\SLCExt.dll
2009-08-29 12:29:09 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-08-29 12:29:09 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-08-29 12:29:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-08-29 12:29:05 ----A---- C:\Windows\system32\mssrch.dll
2009-08-29 12:29:04 ----A---- C:\Windows\system32\tquery.dll
2009-08-29 12:29:03 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-08-29 12:29:02 ----A---- C:\Windows\system32\scavenge.dll
2009-08-29 12:29:02 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-08-29 12:29:02 ----A---- C:\Windows\system32\RMActivate.exe
2009-08-29 12:29:01 ----A---- C:\Windows\system32\msi.dll
2009-08-29 12:29:01 ----A---- C:\Windows\system32\imapi2fs.dll
2009-08-29 12:29:00 ----A---- C:\Windows\system32\WscEapPr.dll
2009-08-29 12:29:00 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-08-29 12:29:00 ----A---- C:\Windows\system32\sysmain.dll
2009-08-29 12:29:00 ----A---- C:\Windows\system32\secproc_isv.dll
2009-08-29 12:28:59 ----A---- C:\Windows\system32\icardagt.exe
2009-08-29 12:28:58 ----A---- C:\Windows\system32\mf.dll
2009-08-29 12:28:58 ----A---- C:\Windows\system32\EhStorShell.dll
2009-08-29 12:28:58 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-08-29 12:28:57 ----A---- C:\Windows\system32\spreview.exe
2009-08-29 12:28:57 ----A---- C:\Windows\system32\spinstall.exe
2009-08-29 12:28:57 ----A---- C:\Windows\system32\drmv2clt.dll
2009-08-29 12:28:56 ----A---- C:\Windows\system32\spwizui.dll
2009-08-29 12:28:55 ----A---- C:\Windows\system32\shell32.dll
2009-08-29 12:28:55 ----A---- C:\Windows\system32\secproc.dll
2009-08-29 12:28:55 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-08-29 12:28:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-08-29 12:28:54 ----A---- C:\Windows\system32\p2psvc.dll
2009-08-29 12:28:54 ----A---- C:\Windows\system32\mssvp.dll
2009-08-29 12:28:53 ----A---- C:\Windows\system32\mssphtb.dll
2009-08-29 12:28:53 ----A---- C:\Windows\system32\mssph.dll
2009-08-29 12:28:53 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-08-29 12:28:53 ----A---- C:\Windows\system32\mscoree.dll
2009-08-29 12:28:53 ----A---- C:\Windows\system32\imapi2.dll
2009-08-29 12:28:52 ----A---- C:\Windows\system32\sdohlp.dll
2009-08-29 12:28:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-08-29 12:28:51 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-08-29 12:28:51 ----A---- C:\Windows\system32\esent.dll
2009-08-29 12:28:51 ----A---- C:\Windows\system32\DevicePairing.dll
2009-08-29 12:28:50 ----A---- C:\Windows\system32\wevtsvc.dll
2009-08-29 12:28:50 ----A---- C:\Windows\system32\sperror.dll
2009-08-29 12:28:50 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-08-29 12:28:50 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-08-29 12:28:50 ----A---- C:\Windows\system32\korwbrkr.dll
2009-08-29 12:28:49 ----A---- C:\Windows\system32\SLC.dll
2009-08-29 12:28:49 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-08-29 12:28:49 ----A---- C:\Windows\system32\msshsq.dll
2009-08-29 12:28:49 ----A---- C:\Windows\system32\IasMigReader.exe
2009-08-29 12:28:48 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-08-29 12:28:48 ----A---- C:\Windows\system32\pmcsnap.dll
2009-08-29 12:28:48 ----A---- C:\Windows\system32\msjet40.dll
2009-08-29 12:28:48 ----A---- C:\Windows\system32\MPSSVC.dll
2009-08-29 12:28:47 ----A---- C:\Windows\system32\Query.dll
2009-08-29 12:28:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-08-29 12:28:47 ----A---- C:\Windows\system32\msxml6.dll
2009-08-29 12:28:46 ----A---- C:\Windows\system32\qmgr.dll
2009-08-29 12:28:46 ----A---- C:\Windows\system32\P2PGraph.dll
2009-08-29 12:28:46 ----A---- C:\Windows\system32\msexch40.dll
2009-08-29 12:28:46 ----A---- C:\Windows\system32\diagperf.dll
2009-08-29 12:28:45 ----A---- C:\Windows\system32\ole32.dll
2009-08-29 12:28:45 ----A---- C:\Windows\system32\ntdll.dll
2009-08-29 12:28:44 ----A---- C:\Windows\system32\winload.exe
2009-08-29 12:28:44 ----A---- C:\Windows\system32\srchadmin.dll
2009-08-29 12:28:44 ----A---- C:\Windows\system32\msxml3.dll
2009-08-29 12:28:43 ----A---- C:\Windows\system32\uDWM.dll
2009-08-29 12:28:43 ----A---- C:\Windows\system32\mmc.exe
2009-08-29 12:28:43 ----A---- C:\Windows\system32\mblctr.exe
2009-08-29 12:28:43 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-08-29 12:28:43 ----A---- C:\Windows\system32\EncDec.dll
2009-08-29 12:28:43 ----A---- C:\Windows\system32\dfsr.exe
2009-08-29 12:28:42 ----A---- C:\Windows\system32\riched20.dll
2009-08-29 12:28:42 ----A---- C:\Windows\system32\RacEngn.dll
2009-08-29 12:28:42 ----A---- C:\Windows\system32\fdBth.dll
2009-08-29 12:28:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-08-29 12:28:41 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-08-29 12:28:41 ----A---- C:\Windows\system32\milcore.dll
2009-08-29 12:28:41 ----A---- C:\Windows\system32\kernel32.dll
2009-08-29 12:28:40 ----A---- C:\Windows\system32\spoolss.dll
2009-08-29 12:28:40 ----A---- C:\Windows\system32\schedsvc.dll
2009-08-29 12:28:40 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-08-29 12:28:40 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-08-29 12:28:40 ----A---- C:\Windows\system32\CertEnroll.dll
2009-08-29 12:28:39 ----A---- C:\Windows\system32\msvcp60.dll
2009-08-29 12:28:39 ----A---- C:\Windows\system32\msjtes40.dll
2009-08-29 12:28:39 ----A---- C:\Windows\system32\infocardapi.dll
2009-08-29 12:28:39 ----A---- C:\Windows\system32\gpedit.dll
2009-08-29 12:28:39 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-08-29 12:28:38 ----A---- C:\Windows\system32\WinSAT.exe
2009-08-29 12:28:38 ----A---- C:\Windows\system32\fveapi.dll
2009-08-29 12:28:38 ----A---- C:\Windows\system32\es.dll
2009-08-29 12:28:37 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-08-29 12:28:37 ----A---- C:\Windows\system32\mstext40.dll
2009-08-29 12:28:37 ----A---- C:\Windows\system32\Magnify.exe
2009-08-29 12:28:37 ----A---- C:\Windows\system32\cscsvc.dll
2009-08-29 12:28:37 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-08-29 12:28:36 ----A---- C:\Windows\system32\advapi32.dll
2009-08-29 12:28:35 ----A---- C:\Windows\system32\WMPhoto.dll
2009-08-29 12:28:35 ----A---- C:\Windows\system32\WebClnt.dll
2009-08-29 12:28:35 ----A---- C:\Windows\system32\slwmi.dll
2009-08-29 12:28:35 ----A---- C:\Windows\system32\msxbde40.dll
2009-08-29 12:28:35 ----A---- C:\Windows\system32\msexcl40.dll
2009-08-29 12:28:35 ----A---- C:\Windows\system32\comsvcs.dll
2009-08-29 12:28:34 ----A---- C:\Windows\system32\vssapi.dll
2009-08-29 12:28:34 ----A---- C:\Windows\system32\authui.dll
2009-08-29 12:28:33 ----A---- C:\Windows\system32\PresentationHost.exe
2009-08-29 12:28:33 ----A---- C:\Windows\system32\NetProjW.dll
2009-08-29 12:28:33 ----A---- C:\Windows\system32\msrepl40.dll
2009-08-29 12:28:32 ----A---- C:\Windows\system32\propsys.dll
2009-08-29 12:28:32 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-29 12:28:32 ----A---- C:\Windows\system32\newdev.dll
2009-08-29 12:28:32 ----A---- C:\Windows\system32\iasrecst.dll
2009-08-29 12:28:32 ----A---- C:\Windows\system32\gpsvc.dll
2009-08-29 12:28:32 ----A---- C:\Windows\system32\eudcedit.exe
2009-08-29 12:28:32 ----A---- C:\Windows\system32\crypt32.dll
2009-08-29 12:28:32 ----A---- C:\Windows\explorer.exe
2009-08-29 12:28:31 ----A---- C:\Windows\system32\setupapi.dll
2009-08-29 12:28:31 ----A---- C:\Windows\system32\rpcss.dll
2009-08-29 12:28:31 ----A---- C:\Windows\system32\mspbde40.dll
2009-08-29 12:28:31 ----A---- C:\Windows\system32\d3d9.dll
2009-08-29 12:28:30 ----A---- C:\Windows\system32\shlwapi.dll
2009-08-29 12:28:30 ----A---- C:\Windows\system32\msltus40.dll
2009-08-29 12:28:30 ----A---- C:\Windows\system32\mfc42.dll
2009-08-29 12:28:30 ----A---- C:\Windows\system32\davclnt.dll
2009-08-29 12:28:29 ----A---- C:\Windows\system32\wevtapi.dll
2009-08-29 12:28:29 ----A---- C:\Windows\system32\msrd3x40.dll
2009-08-29 12:28:29 ----A---- C:\Windows\system32\msdtctm.dll
2009-08-29 12:28:29 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-08-29 12:28:29 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-08-29 12:28:29 ----A---- C:\Windows\system32\browseui.dll
2009-08-29 12:28:28 ----A---- C:\Windows\system32\user32.dll
2009-08-29 12:28:28 ----A---- C:\Windows\system32\photowiz.dll
2009-08-29 12:28:28 ----A---- C:\Windows\system32\nlhtml.dll
2009-08-29 12:28:27 ----A---- C:\Windows\system32\win32spl.dll
2009-08-29 12:28:27 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-08-29 12:28:27 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-08-29 12:28:27 ----A---- C:\Windows\system32\samsrv.dll
2009-08-29 12:28:27 ----A---- C:\Windows\system32\quartz.dll
2009-08-29 12:28:27 ----A---- C:\Windows\system32\ci.dll
2009-08-29 12:28:26 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-08-29 12:28:26 ----A---- C:\Windows\system32\oleaut32.dll
2009-08-29 12:28:26 ----A---- C:\Windows\system32\netshell.dll
2009-08-29 12:28:26 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-08-29 12:28:26 ----A---- C:\Windows\system32\compcln.exe
2009-08-29 12:28:25 ----A---- C:\Windows\system32\xmlfilter.dll
2009-08-29 12:28:25 ----A---- C:\Windows\system32\winhttp.dll
2009-08-29 12:28:25 ----A---- C:\Windows\system32\mswstr10.dll
2009-08-29 12:28:25 ----A---- C:\Windows\system32\audiosrv.dll
2009-08-29 12:28:25 ----A---- C:\Windows\system32\apds.dll
2009-08-29 12:28:24 ----A---- C:\Windows\system32\msvcrt.dll
2009-08-29 12:28:24 ----A---- C:\Windows\system32\msctf.dll
2009-08-29 12:28:24 ----A---- C:\Windows\system32\emdmgmt.dll
2009-08-29 12:28:23 ----A---- C:\Windows\system32\VSSVC.exe
2009-08-29 12:28:23 ----A---- C:\Windows\system32\SLUI.exe
2009-08-29 12:28:23 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-08-29 12:28:23 ----A---- C:\Windows\system32\mfc42u.dll
2009-08-29 12:28:23 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-08-29 12:28:23 ----A---- C:\Windows\system32\gdi32.dll
2009-08-29 12:28:22 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-08-29 12:28:22 ----A---- C:\Windows\system32\msrd2x40.dll
2009-08-29 12:28:22 ----A---- C:\Windows\system32\eapphost.dll
2009-08-29 12:28:21 ----A---- C:\Windows\system32\winresume.exe
2009-08-29 12:28:21 ----A---- C:\Windows\system32\wbengine.exe
2009-08-29 12:28:21 ----A---- C:\Windows\system32\propdefs.dll
2009-08-29 12:28:21 ----A---- C:\Windows\system32\odbc32.dll
2009-08-29 12:28:20 ----A---- C:\Windows\system32\tlntsvr.exe
2009-08-29 12:28:20 ----A---- C:\Windows\system32\shdocvw.dll
2009-08-29 12:28:19 ----A---- C:\Windows\system32\wevtutil.exe
2009-08-29 12:28:19 ----A---- C:\Windows\system32\mssitlb.dll
2009-08-29 12:28:19 ----A---- C:\Windows\system32\dbgeng.dll
2009-08-29 12:28:18 ----A---- C:\Windows\system32\WsmSvc.dll
2009-08-29 12:28:18 ----A---- C:\Windows\system32\usp10.dll
2009-08-29 12:28:18 ----A---- C:\Windows\system32\swprv.dll
2009-08-29 12:28:18 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-08-29 12:28:17 ----A---- C:\Windows\system32\vds.exe
2009-08-29 12:28:17 ----A---- C:\Windows\system32\msctfp.dll
2009-08-29 12:28:17 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-08-29 12:28:17 ----A---- C:\Windows\system32\drvinst.exe
2009-08-29 12:28:17 ----A---- C:\Windows\system32\devmgr.dll
2009-08-29 12:28:16 ----A---- C:\Windows\system32\WFS.exe
2009-08-29 12:28:16 ----A---- C:\Windows\system32\netlogon.dll
2009-08-29 12:28:16 ----A---- C:\Windows\system32\msscb.dll
2009-08-29 12:28:16 ----A---- C:\Windows\system32\evr.dll
2009-08-29 12:28:16 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-08-29 12:28:16 ----A---- C:\Windows\system32\BFE.DLL
2009-08-29 12:28:16 ----A---- C:\Windows\system32\adsldpc.dll
2009-08-29 12:28:15 ----A---- C:\Windows\system32\WSDApi.dll
2009-08-29 12:28:15 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-08-29 12:28:15 ----A---- C:\Windows\system32\Wldap32.dll
2009-08-29 12:28:15 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-08-29 12:28:15 ----A---- C:\Windows\system32\wcnwiz.dll
2009-08-29 12:28:15 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-08-29 12:28:14 ----A---- C:\Windows\system32\wercon.exe
2009-08-29 12:28:14 ----A---- C:\Windows\system32\services.exe
2009-08-29 12:28:14 ----A---- C:\Windows\system32\comdlg32.dll
2009-08-29 12:28:13 ----A---- C:\Windows\system32\wcncsvc.dll
2009-08-29 12:28:13 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-08-29 12:28:13 ----A---- C:\Windows\system32\msdrm.dll
2009-08-29 12:28:13 ----A---- C:\Windows\system32\mimefilt.dll
2009-08-29 12:28:13 ----A---- C:\Windows\system32\certcli.dll
2009-08-29 12:28:13 ----A---- C:\Windows\system32\adtschema.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\taskeng.exe
2009-08-29 12:28:12 ----A---- C:\Windows\system32\rtffilt.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\reg.exe
2009-08-29 12:28:12 ----A---- C:\Windows\system32\mswdat10.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\msjter40.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\msdtcprx.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\dnsapi.dll
2009-08-29 12:28:12 ----A---- C:\Windows\system32\certutil.exe
2009-08-29 12:28:11 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-08-29 12:28:11 ----A---- C:\Windows\system32\w32time.dll
2009-08-29 12:28:11 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-08-29 12:28:10 ----A---- C:\Windows\system32\rsaenh.dll
2009-08-29 12:28:10 ----A---- C:\Windows\system32\msshooks.dll
2009-08-29 12:28:10 ----A---- C:\Windows\system32\msscntrs.dll
2009-08-29 12:28:10 ----A---- C:\Windows\system32\msihnd.dll
2009-08-29 12:28:10 ----A---- C:\Windows\system32\bthserv.dll
2009-08-29 12:28:10 ----A---- C:\Windows\system32\bcrypt.dll
2009-08-29 12:28:09 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-08-29 12:28:09 ----A---- C:\Windows\system32\scrptadm.dll
2009-08-29 12:28:09 ----A---- C:\Windows\system32\msstrc.dll
2009-08-29 12:28:09 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-08-29 12:28:09 ----A---- C:\Windows\system32\inetcomm.dll
2009-08-29 12:28:08 ----A---- C:\Windows\system32\netapi32.dll
2009-08-29 12:28:08 ----A---- C:\Windows\system32\mtxclu.dll
2009-08-29 12:28:08 ----A---- C:\Windows\system32\mscories.dll
2009-08-29 12:28:08 ----A---- C:\Windows\system32\hidserv.dll
2009-08-29 12:28:08 ----A---- C:\Windows\system32\fundisc.dll
2009-08-29 12:28:08 ----A---- C:\Windows\system32\dfshim.dll
2009-08-29 12:28:08 ----A---- C:\Windows\system32\cryptsvc.dll
2009-08-29 12:28:07 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-08-29 12:28:07 ----A---- C:\Windows\system32\termsrv.dll
2009-08-29 12:28:07 ----A---- C:\Windows\system32\profsvc.dll
2009-08-29 12:28:07 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-08-29 12:28:06 ----A---- C:\Windows\system32\wdc.dll
2009-08-29 12:28:06 ----A---- C:\Windows\system32\shsvcs.dll
2009-08-29 12:28:06 ----A---- C:\Windows\system32\msiexec.exe
2009-08-29 12:28:06 ----A---- C:\Windows\system32\imapi.dll
2009-08-29 12:28:06 ----A---- C:\Windows\system32\chsbrkr.dll
2009-08-29 12:28:05 ----A---- C:\Windows\system32\spoolsv.exe
2009-08-29 12:28:05 ----A---- C:\Windows\system32\rasmans.dll
2009-08-29 12:28:05 ----A---- C:\Windows\system32\pnidui.dll
2009-08-29 12:28:05 ----A---- C:\Windows\system32\icardres.dll
2009-08-29 12:28:05 ----A---- C:\Windows\system32\iassdo.dll
2009-08-29 12:28:04 ----A---- C:\Windows\system32\wersvc.dll
2009-08-29 12:28:04 ----A---- C:\Windows\system32\slmgr.vbs
2009-08-29 12:28:04 ----A---- C:\Windows\system32\scrrun.dll
2009-08-29 12:28:04 ----A---- C:\Windows\system32\PSHED.DLL
2009-08-29 12:28:04 ----A---- C:\Windows\system32\autofmt.exe
2009-08-29 12:28:03 ----A---- C:\Windows\system32\pdh.dll
2009-08-29 12:28:03 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-08-29 12:28:03 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-08-29 12:28:03 ----A---- C:\Windows\system32\azroles.dll
2009-08-29 12:28:02 ----A---- C:\Windows\system32\wmpmde.dll
2009-08-29 12:28:02 ----A---- C:\Windows\system32\pidgenx.dll
2009-08-29 12:28:01 ----A---- C:\Windows\system32\winlogon.exe
2009-08-29 12:28:01 ----A---- C:\Windows\system32\SyncCenter.dll
2009-08-29 12:28:00 ----A---- C:\Windows\system32\SLUINotify.dll
2009-08-29 12:28:00 ----A---- C:\Windows\system32\ncrypt.dll
2009-08-29 12:28:00 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-08-29 12:28:00 ----A---- C:\Windows\system32\comuid.dll
2009-08-29 12:28:00 ----A---- C:\Windows\system32\certmgr.dll
2009-08-29 12:27:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-08-29 12:27:59 ----A---- C:\Windows\system32\untfs.dll
2009-08-29 12:27:59 ----A---- C:\Windows\system32\spp.dll
2009-08-29 12:27:59 ----A---- C:\Windows\system32\sethc.exe
2009-08-29 12:27:59 ----A---- C:\Windows\system32\scrobj.dll
2009-08-29 12:27:59 ----A---- C:\Windows\system32\rtutils.dll
2009-08-29 12:27:59 ----A---- C:\Windows\system32\kd1394.dll
2009-08-29 12:27:59 ----A---- C:\Windows\system32\iassam.dll
2009-08-29 12:27:58 ----A---- C:\Windows\system32\wisptis.exe
2009-08-29 12:27:58 ----A---- C:\Windows\system32\taskcomp.dll
2009-08-29 12:27:58 ----A---- C:\Windows\system32\dwm.exe
2009-08-29 12:27:58 ----A---- C:\Windows\system32\cscui.dll
2009-08-29 12:27:57 ----A---- C:\Windows\system32\printui.dll
2009-08-29 12:27:57 ----A---- C:\Windows\system32\iasnap.dll
2009-08-29 12:27:57 ----A---- C:\Windows\system32\autochk.exe
2009-08-29 12:27:56 ----A---- C:\Windows\system32\winsrv.dll
2009-08-29 12:27:56 ----A---- C:\Windows\system32\cscript.exe
2009-08-29 12:27:56 ----A---- C:\Windows\system32\autoconv.exe
2009-08-29 12:27:55 ----A---- C:\Windows\system32\wow32.dll
2009-08-29 12:27:55 ----A---- C:\Windows\system32\userenv.dll
2009-08-29 12:27:55 ----A---- C:\Windows\system32\osk.exe
2009-08-29 12:27:55 ----A---- C:\Windows\system32\onex.dll
2009-08-29 12:27:55 ----A---- C:\Windows\system32\mswsock.dll
2009-08-29 12:27:55 ----A---- C:\Windows\system32\kdcom.dll
2009-08-29 12:27:55 ----A---- C:\Windows\system32\basecsp.dll
2009-08-29 12:27:55 ----A---- C:\Windows\system32\audiodg.exe
2009-08-29 12:27:54 ----A---- C:\Windows\system32\winmm.dll
2009-08-29 12:27:54 ----A---- C:\Windows\system32\spcmsg.dll
2009-08-29 12:27:54 ----A---- C:\Windows\system32\RelMon.dll
2009-08-29 12:27:54 ----A---- C:\Windows\system32\kdusb.dll
2009-08-29 12:27:53 ----A---- C:\Windows\system32\WinSCard.dll
2009-08-29 12:27:53 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-08-29 12:27:53 ----A---- C:\Windows\system32\rdpencom.dll
2009-08-29 12:27:53 ----A---- C:\Windows\system32\offfilt.dll
2009-08-29 12:27:53 ----A---- C:\Windows\system32\msftedit.dll
2009-08-29 12:27:53 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-08-29 12:27:52 ----A---- C:\Windows\system32\WerFault.exe
2009-08-29 12:27:52 ----A---- C:\Windows\system32\Utilman.exe
2009-08-29 12:27:52 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-08-29 12:27:52 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-08-29 12:27:51 ----A---- C:\Windows\system32\wsepno.dll
2009-08-29 12:27:51 ----A---- C:\Windows\system32\stobject.dll
2009-08-29 12:27:51 ----A---- C:\Windows\system32\SndVol.exe
2009-08-29 12:27:51 ----A---- C:\Windows\system32\mscms.dll
2009-08-29 12:27:51 ----A---- C:\Windows\system32\mfplat.dll
2009-08-29 12:27:51 ----A---- C:\Windows\system32\mcmde.dll
2009-08-29 12:27:51 ----A---- C:\Windows\system32\diskraid.exe
2009-08-29 12:27:51 ----A---- C:\Windows\system32\apphelp.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\wscript.exe
2009-08-29 12:27:50 ----A---- C:\Windows\system32\wiaservc.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\ulib.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\sysclass.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\prnntfy.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\odbccp32.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\msnetobj.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\iasdatastore.dll
2009-08-29 12:27:50 ----A---- C:\Windows\system32\adsmsext.dll
2009-08-29 12:27:49 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-08-29 12:27:49 ----A---- C:\Windows\system32\dsound.dll
2009-08-29 12:27:49 ----A---- C:\Windows\system32\cryptui.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\wscntfy.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\wlansvc.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\wlangpui.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\rastapi.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\pnpsetup.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\fdProxy.dll
2009-08-29 12:27:48 ----A---- C:\Windows\system32\brcpl.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\wscsvc.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-08-29 12:27:47 ----A---- C:\Windows\system32\vdsdyn.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\rastls.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\rasapi32.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\netiohlp.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\logman.exe
2009-08-29 12:27:47 ----A---- C:\Windows\system32\iashlpr.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\gpapi.dll
2009-08-29 12:27:47 ----A---- C:\Windows\system32\diskpart.exe
2009-08-29 12:27:46 ----A---- C:\Windows\system32\wusa.exe
2009-08-29 12:27:46 ----A---- C:\Windows\system32\regsvc.dll
2009-08-29 12:27:46 ----A---- C:\Windows\system32\ntprint.dll
2009-08-29 12:27:46 ----A---- C:\Windows\system32\mscorier.dll
2009-08-29 12:27:45 ----A---- C:\Windows\system32\zipfldr.dll
2009-08-29 12:27:45 ----A---- C:\Windows\system32\wshext.dll
2009-08-29 12:27:45 ----A---- C:\Windows\system32\wpccpl.dll
2009-08-29 12:27:45 ----A---- C:\Windows\system32\netcenter.dll
2009-08-29 12:27:45 ----A---- C:\Windows\system32\iasrad.dll
2009-08-29 12:27:45 ----A---- C:\Windows\system32\findstr.exe
2009-08-29 12:27:44 ----A---- C:\Windows\system32\wer.dll
2009-08-29 12:27:44 ----A---- C:\Windows\system32\rasdlg.dll
2009-08-29 12:27:44 ----A---- C:\Windows\system32\iassvcs.dll
2009-08-29 12:27:43 ----A---- C:\Windows\system32\wsnmp32.dll
2009-08-29 12:27:43 ----A---- C:\Windows\system32\themecpl.dll
2009-08-29 12:27:42 ----A---- C:\Windows\system32\uxsms.dll
2009-08-29 12:27:42 ----A---- C:\Windows\system32\tsbyuv.dll
2009-08-29 12:27:42 ----A---- C:\Windows\system32\srvsvc.dll
2009-08-29 12:27:42 ----A---- C:\Windows\system32\mssprxy.dll
2009-08-29 12:27:41 ----A---- C:\Windows\system32\slcc.dll
2009-08-29 12:27:41 ----A---- C:\Windows\system32\scansetting.dll
2009-08-29 12:27:41 ----A---- C:\Windows\system32\powrprof.dll
2009-08-29 12:27:41 ----A---- C:\Windows\system32\ntmarta.dll
2009-08-29 12:27:41 ----A---- C:\Windows\system32\msutb.dll
2009-08-29 12:27:41 ----A---- C:\Windows\system32\mstsc.exe
2009-08-29 12:27:41 ----A---- C:\Windows\system32\mstlsapi.dll
2009-08-29 12:27:41 ----A---- C:\Windows\system32\iasads.dll
2009-08-29 12:27:40 ----A---- C:\Windows\system32\umrdp.dll
2009-08-29 12:27:40 ----A---- C:\Windows\system32\powercpl.dll
2009-08-29 12:27:40 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-08-29 12:27:40 ----A---- C:\Windows\system32\networkmap.dll
2009-08-29 12:27:40 ----A---- C:\Windows\system32\iasacct.dll
2009-08-29 12:27:40 ----A---- C:\Windows\system32\authz.dll
2009-08-29 12:27:39 ----A---- C:\Windows\system32\wlanhlp.dll
2009-08-29 12:27:39 ----A---- C:\Windows\system32\sud.dll
2009-08-29 12:27:39 ----A---- C:\Windows\system32\newdev.exe
2009-08-29 12:27:39 ----A---- C:\Windows\system32\fveui.dll
2009-08-29 12:27:39 ----A---- C:\Windows\system32\dot3svc.dll
2009-08-29 12:27:39 ----A---- C:\Windows\system32\connect.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\usercpl.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\themeui.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\systemcpl.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\samlib.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\pcaui.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\mmci.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\autoplay.dll
2009-08-29 12:27:38 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-08-29 12:27:37 ----A---- C:\Windows\system32\wlanpref.dll
2009-08-29 12:27:37 ----A---- C:\Windows\system32\rpchttp.dll
2009-08-29 12:27:37 ----A---- C:\Windows\system32\regapi.dll
2009-08-29 12:27:37 ----A---- C:\Windows\system32\qdvd.dll
2009-08-29 12:27:37 ----A---- C:\Windows\system32\fvecpl.dll
2009-08-29 12:27:37 ----A---- C:\Windows\system32\cscobj.dll
2009-08-29 12:27:37 ----A---- C:\Windows\system32\brcplsiw.dll
2009-08-29 12:27:36 ----A---- C:\Windows\system32\wpcao.dll
2009-08-29 12:27:36 ----A---- C:\Windows\system32\vdsutil.dll
2009-08-29 12:27:36 ----A---- C:\Windows\system32\tapisrv.dll
2009-08-29 12:27:36 ----A---- C:\Windows\system32\scksp.dll
2009-08-29 12:27:36 ----A---- C:\Windows\system32\msinfo32.exe
2009-08-29 12:27:36 ----A---- C:\Windows\system32\feclient.dll
2009-08-29 12:27:35 ----A---- C:\Windows\system32\scesrv.dll
2009-08-29 12:27:35 ----A---- C:\Windows\system32\rekeywiz.exe
2009-08-29 12:27:35 ----A---- C:\Windows\system32\psisdecd.dll
2009-08-29 12:27:35 ----A---- C:\Windows\system32\oleprn.dll
2009-08-29 12:27:35 ----A---- C:\Windows\system32\mpr.dll
2009-08-29 12:27:35 ----A---- C:\Windows\system32\imm32.dll
2009-08-29 12:27:35 ----A---- C:\Windows\system32\dot3msm.dll
2009-08-29 12:27:35 ----A---- C:\Windows\system32\AudioSes.dll
2009-08-29 12:27:34 ----A---- C:\Windows\system32\wscisvif.dll
2009-08-29 12:27:34 ----A---- C:\Windows\system32\WindowsUltimateExtrasCPL.dll
2009-08-29 12:27:34 ----A---- C:\Windows\system32\sdclt.exe
2009-08-29 12:27:34 ----A---- C:\Windows\system32\iaspolcy.dll
2009-08-29 12:27:34 ----A---- C:\Windows\system32\Faultrep.dll
2009-08-29 12:27:34 ----A---- C:\Windows\system32\dpapimig.exe
2009-08-29 12:27:34 ----A---- C:\Windows\system32\DeviceEject.exe
2009-08-29 12:27:33 ----A---- C:\Windows\system32\scecli.dll
2009-08-29 12:27:33 ----A---- C:\Windows\system32\rasgcw.dll
2009-08-29 12:27:33 ----A---- C:\Windows\system32\qedit.dll
2009-08-29 12:27:33 ----A---- C:\Windows\system32\pnpui.dll
2009-08-29 12:27:33 ----A---- C:\Windows\system32\perfdisk.dll
2009-08-29 12:27:33 ----A---- C:\Windows\system32\ncryptui.dll
2009-08-29 12:27:33 ----A---- C:\Windows\system32\hdwwiz.exe
2009-08-29 12:27:33 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-08-29 12:27:33 ----A---- C:\Windows\system32\certreq.exe
2009-08-29 12:27:32 ----A---- C:\Windows\system32\TSTheme.exe
2009-08-29 12:27:32 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-08-29 12:27:32 ----A---- C:\Windows\system32\spwinsat.dll
2009-08-29 12:27:32 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-08-29 12:27:32 ----A---- C:\Windows\system32\rasplap.dll
2009-08-29 12:27:32 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-08-29 12:27:32 ----A---- C:\Windows\system32\cmmon32.exe
2009-08-29 12:27:31 ----A---- C:\Windows\system32\whealogr.dll
2009-08-29 12:27:31 ----A---- C:\Windows\system32\tcpmon.dll
2009-08-29 12:27:31 ----A---- C:\Windows\system32\srcore.dll
2009-08-29 12:27:31 ----A---- C:\Windows\system32\fdWSD.dll
2009-08-29 12:27:31 ----A---- C:\Windows\system32\cmdial32.dll
2009-08-29 12:27:30 ----A---- C:\Windows\system32\wiaaut.dll
2009-08-29 12:27:30 ----A---- C:\Windows\system32\SCardSvr.dll
2009-08-29 12:27:30 ----A---- C:\Windows\system32\raschap.dll
2009-08-29 12:27:30 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-08-29 12:27:30 ----A---- C:\Windows\system32\fontext.dll
2009-08-29 12:27:30 ----A---- C:\Windows\system32\conime.exe
2009-08-29 12:27:29 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-08-29 12:27:29 ----A---- C:\Windows\system32\wlanui.dll
2009-08-29 12:27:29 ----A---- C:\Windows\system32\wlanmsm.dll
2009-08-29 12:27:29 ----A---- C:\Windows\system32\shwebsvc.dll
2009-08-29 12:27:29 ----A---- C:\Windows\system32\rasppp.dll
2009-08-29 12:27:29 ----A---- C:\Windows\system32\PnPutil.exe
2009-08-29 12:27:29 ----A---- C:\Windows\system32\dsprop.dll
2009-08-29 12:27:28 ----A---- C:\Windows\system32\shsetup.dll
2009-08-29 12:27:28 ----A---- C:\Windows\system32\rasmontr.dll
2009-08-29 12:27:28 ----A---- C:\Windows\system32\oobefldr.dll
2009-08-29 12:27:28 ----A---- C:\Windows\system32\mscandui.dll
2009-08-29 12:27:28 ----A---- C:\Windows\system32\modemui.dll
2009-08-29 12:27:28 ----A---- C:\Windows\system32\dimsroam.dll
2009-08-29 12:27:27 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-08-29 12:27:27 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-08-29 12:27:27 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-08-29 12:27:27 ----A---- C:\Windows\system32\dataclen.dll
2009-08-29 12:27:27 ----A---- C:\Windows\system32\chtbrkr.dll
2009-08-29 12:27:26 ----A---- C:\Windows\system32\WSDMon.dll
2009-08-29 12:27:26 ----A---- C:\Windows\system32\smss.exe
2009-08-29 12:27:26 ----A---- C:\Windows\system32\rdpwsx.dll
2009-08-29 12:27:26 ----A---- C:\Windows\system32\netplwiz.dll
2009-08-29 12:27:26 ----A---- C:\Windows\system32\CscMig.dll
2009-08-29 12:27:26 ----A---- C:\Windows\system32\credui.dll
2009-08-29 12:27:26 ----A---- C:\Windows\system32\blackbox.dll
2009-08-29 12:27:26 ----A---- C:\Windows\system32\appmgmts.dll
2009-08-29 12:27:25 ----A---- C:\Windows\system32\wmpeffects.dll
2009-08-29 12:27:25 ----A---- C:\Windows\system32\networkexplorer.dll
2009-08-29 12:27:25 ----A---- C:\Windows\system32\certprop.dll
2009-08-29 12:27:24 ----A---- C:\Windows\system32\wscapi.dll
2009-08-29 12:27:24 ----A---- C:\Windows\system32\wpcsvc.dll
2009-08-29 12:27:24 ----A---- C:\Windows\system32\msscp.dll
2009-08-29 12:27:24 ----A---- C:\Windows\system32\msimtf.dll
2009-08-29 12:27:24 ----A---- C:\Windows\system32\logagent.exe
2009-08-29 12:27:24 ----A---- C:\Windows\system32\InkEd.dll
2009-08-29 12:27:24 ----A---- C:\Windows\system32\ifmon.dll
2009-08-29 12:27:24 ----A---- C:\Windows\system32\gpresult.exe
2009-08-29 12:27:24 ----A---- C:\Windows\system32\cipher.exe
2009-08-29 12:27:23 ----A---- C:\Windows\system32\thawbrkr.dll
2009-08-29 12:27:23 ----A---- C:\Windows\system32\softkbd.dll
2009-08-29 12:27:23 ----A---- C:\Windows\system32\sendmail.dll
2009-08-29 12:27:23 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-08-29 12:27:22 ----A---- C:\Windows\system32\rdpclip.exe
2009-08-29 12:27:22 ----A---- C:\Windows\system32\olepro32.dll
2009-08-29 12:27:22 ----A---- C:\Windows\system32\msctfui.dll
2009-08-29 12:27:22 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-08-29 12:27:22 ----A---- C:\Windows\system32\dmsynth.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\wshbth.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\version.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\puiapi.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\mprapi.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\input.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\gpprnext.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-08-29 12:27:21 ----A---- C:\Windows\system32\cdd.dll
2009-08-29 12:27:20 ----A---- C:\Windows\system32\SLLUA.exe
2009-08-29 12:27:20 ----A---- C:\Windows\system32\msisip.dll
2009-08-29 12:27:20 ----A---- C:\Windows\system32\fc.exe
2009-08-29 12:27:19 ----A---- C:\Windows\system32\rdpendp.dll
2009-08-29 12:27:19 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-08-29 12:27:19 ----A---- C:\Windows\system32\msjint40.dll
2009-08-29 12:27:19 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-08-29 12:27:19 ----A---- C:\Windows\system32\fdSSDP.dll
2009-08-29 12:27:19 ----A---- C:\Windows\system32\eapp3hst.dll
2009-08-29 12:27:19 ----A---- C:\Windows\system32\dmusic.dll
2009-08-29 12:27:19 ----A---- C:\Windows\system32\cscapi.dll
2009-08-29 12:27:18 ----A---- C:\Windows\system32\wsdchngr.dll
2009-08-29 12:27:18 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-08-29 12:27:18 ----A---- C:\Windows\system32\rrinstaller.exe
2009-08-29 12:27:18 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-08-29 12:27:18 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-08-29 12:27:18 ----A---- C:\Windows\system32\l2nacp.dll
2009-08-29 12:27:18 ----A---- C:\Windows\system32\ftp.exe
2009-08-29 12:27:18 ----A---- C:\Windows\system32\cscdll.dll
2009-08-29 12:27:18 ----A---- C:\Windows\system32\bthci.dll
2009-08-29 12:27:17 ----A---- C:\Windows\system32\Storprop.dll
2009-08-29 12:27:17 ----A---- C:\Windows\system32\rasdial.exe
2009-08-29 12:27:17 ----A---- C:\Windows\system32\rasdiag.dll
2009-08-29 12:27:17 ----A---- C:\Windows\system32\gpscript.exe
2009-08-29 12:27:17 ----A---- C:\Windows\system32\fdWCN.dll
2009-08-29 12:27:17 ----A---- C:\Windows\system32\dot3cfg.dll
2009-08-29 12:27:17 ----A---- C:\Windows\system32\bthudtask.exe
2009-08-29 12:27:16 ----A---- C:\Windows\system32\tscupgrd.exe
2009-08-29 12:27:16 ----A---- C:\Windows\system32\slcinst.dll
2009-08-29 12:27:16 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-08-29 12:27:16 ----A---- C:\Windows\system32\mfps.dll
2009-08-29 12:27:16 ----A---- C:\Windows\system32\ipconfig.exe
2009-08-29 12:27:16 ----A---- C:\Windows\system32\eappcfg.dll
2009-08-29 12:27:16 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-08-29 12:27:15 ----A---- C:\Windows\system32\ocsetup.exe
2009-08-29 12:27:15 ----A---- C:\Windows\system32\nslookup.exe
2009-08-29 12:27:15 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-08-29 12:27:15 ----A---- C:\Windows\system32\gpscript.dll
2009-08-29 12:27:15 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-08-29 12:27:15 ----A---- C:\Windows\system32\eappgnui.dll
2009-08-29 12:27:14 ----A---- C:\Windows\system32\qprocess.exe
2009-08-29 12:27:14 ----A---- C:\Windows\system32\mmcico.dll
2009-08-29 12:27:14 ----A---- C:\Windows\system32\mfpmp.exe
2009-08-29 12:27:14 ----A---- C:\Windows\system32\hbaapi.dll
2009-08-29 12:27:14 ----A---- C:\Windows\system32\fdeploy.dll
2009-08-29 12:27:13 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-08-29 12:27:13 ----A---- C:\Windows\system32\gpupdate.exe
2009-08-29 12:27:13 ----A---- C:\Windows\system32\chgport.exe
2009-08-29 12:27:12 ----A---- C:\Windows\system32\tscon.exe
2009-08-29 12:27:12 ----A---- C:\Windows\system32\logoff.exe
2009-08-29 12:27:12 ----A---- C:\Windows\system32\csrstub.exe
2009-08-29 12:27:12 ----A---- C:\Windows\system32\chgusr.exe
2009-08-29 12:27:12 ----A---- C:\Windows\system32\cbsra.exe
2009-08-29 12:27:11 ----A---- C:\Windows\system32\shadow.exe
2009-08-29 12:27:11 ----A---- C:\Windows\system32\NcdProp.dll
2009-08-29 12:27:11 ----A---- C:\Windows\system32\iscsilog.dll
2009-08-29 12:27:11 ----A---- C:\Windows\system32\chglogon.exe
2009-08-29 12:27:11 ----A---- C:\Windows\system32\bitsigd.dll
2009-08-29 12:27:10 ----A---- C:\Windows\system32\tskill.exe
2009-08-29 12:27:10 ----A---- C:\Windows\system32\tsdiscon.exe
2009-08-29 12:27:10 ----A---- C:\Windows\system32\rwinsta.exe
2009-08-29 12:27:10 ----A---- C:\Windows\system32\qappsrv.exe
2009-08-29 12:27:09 ----A---- C:\Windows\system32\vdmdbg.dll
2009-08-29 12:27:09 ----A---- C:\Windows\system32\reset.exe
2009-08-29 12:27:09 ----A---- C:\Windows\system32\query.exe
2009-08-29 12:27:09 ----A---- C:\Windows\system32\odbcconf.dll
2009-08-29 12:27:08 ----A---- C:\Windows\system32\winrnr.dll
2009-08-29 12:27:08 ----A---- C:\Windows\system32\slwga.dll
2009-08-29 12:27:08 ----A---- C:\Windows\system32\change.exe
2009-08-29 12:27:07 ----A---- C:\Windows\system32\midimap.dll
2009-08-29 12:27:03 ----A---- C:\Windows\system32\msimsg.dll
2009-08-29 12:27:03 ----A---- C:\Windows\system32\mferror.dll
2009-08-29 12:27:03 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-08-29 12:26:41 ----A---- C:\Windows\system32\SmiEngine.dll
2009-08-29 12:26:37 ----A---- C:\Windows\system32\wdscore.dll
2009-08-29 12:26:37 ----A---- C:\Windows\system32\PkgMgr.exe
2009-08-29 12:26:25 ----A---- C:\Windows\system32\drvstore.dll
2009-08-29 11:35:18 ----A---- C:\Windows\system32\occache.dll
2009-08-29 11:35:18 ----A---- C:\Windows\system32\jsproxy.dll
2009-08-29 11:35:18 ----A---- C:\Windows\system32\iepeers.dll
2009-08-29 11:35:17 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-08-29 11:35:17 ----A---- C:\Windows\system32\msfeeds.dll
2009-08-29 11:35:17 ----A---- C:\Windows\system32\ieui.dll
2009-08-29 11:35:17 ----A---- C:\Windows\system32\iesetup.dll
2009-08-29 11:35:16 ----A---- C:\Windows\system32\wininet.dll
2009-08-29 11:35:16 ----A---- C:\Windows\system32\msfeedssync.exe
2009-08-29 11:35:16 ----A---- C:\Windows\system32\iertutil.dll
2009-08-29 11:35:16 ----A---- C:\Windows\system32\iernonce.dll
2009-08-29 11:35:16 ----A---- C:\Windows\system32\ie4uinit.exe
2009-08-29 11:35:15 ----A---- C:\Windows\system32\urlmon.dll
2009-08-29 11:35:15 ----A---- C:\Windows\system32\ieUnatt.exe
2009-08-29 11:35:15 ----A---- C:\Windows\system32\iesysprep.dll
2009-08-29 11:35:15 ----A---- C:\Windows\system32\iedkcs32.dll
2009-08-29 11:35:14 ----A---- C:\Windows\system32\ieframe.dll
2009-08-29 11:35:13 ----A---- C:\Windows\system32\mshtml.dll
2009-08-29 11:34:26 ----A---- C:\Windows\system32\mshtmler.dll
2009-08-29 11:34:26 ----A---- C:\Windows\system32\mshtmled.dll
2009-08-29 11:34:26 ----A---- C:\Windows\system32\icardie.dll
2009-08-29 11:34:26 ----A---- C:\Windows\system32\admparse.dll
2009-08-29 11:34:25 ----A---- C:\Windows\system32\msls31.dll
2009-08-29 11:34:25 ----A---- C:\Windows\system32\imgutil.dll
2009-08-29 11:34:25 ----A---- C:\Windows\system32\ieakeng.dll
2009-08-29 11:34:25 ----A---- C:\Windows\system32\dxtrans.dll
2009-08-29 11:34:25 ----A---- C:\Windows\system32\dxtmsft.dll
2009-08-29 11:34:25 ----A---- C:\Windows\system32\corpol.dll
2009-08-29 11:34:24 ----A---- C:\Windows\system32\webcheck.dll
2009-08-29 11:34:24 ----A---- C:\Windows\system32\msrating.dll
2009-08-29 11:34:24 ----A---- C:\Windows\system32\licmgr10.dll
2009-08-29 11:34:24 ----A---- C:\Windows\system32\inseng.dll
2009-08-29 11:34:24 ----A---- C:\Windows\system32\ieakui.dll
2009-08-29 11:34:24 ----A---- C:\Windows\system32\ieaksie.dll
2009-08-29 11:34:23 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-08-29 11:34:23 ----A---- C:\Windows\system32\wextract.exe
2009-08-29 11:34:23 ----A---- C:\Windows\system32\pngfilt.dll
2009-08-29 11:34:23 ----A---- C:\Windows\system32\mstime.dll
2009-08-29 11:34:23 ----A---- C:\Windows\system32\advpack.dll
2009-08-29 11:34:22 ----A---- C:\Windows\system32\vbscript.dll
2009-08-29 11:34:22 ----A---- C:\Windows\system32\url.dll
2009-08-29 11:34:22 ----A---- C:\Windows\system32\jscript.dll
2009-08-29 11:34:22 ----A---- C:\Windows\system32\ieapfltr.dll
2009-08-29 11:34:20 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-08-29 11:34:20 ----A---- C:\Windows\system32\SetDepNx.exe
2009-08-29 11:34:20 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-08-29 11:34:20 ----A---- C:\Windows\system32\mshta.exe
2009-08-29 11:34:20 ----A---- C:\Windows\system32\iexpress.exe
2009-08-29 11:34:19 ----A---- C:\Windows\system32\PDMSetup.exe
2009-08-29 11:25:53 ----A---- C:\Windows\system32\javaws.exe
2009-08-29 11:25:53 ----A---- C:\Windows\system32\javaw.exe
2009-08-29 11:25:53 ----A---- C:\Windows\system32\java.exe
2009-08-28 15:00:06 ----D---- C:\Program Files\Common Files\Adobe
2009-08-28 14:57:48 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-08-28 14:09:30 ----D---- C:\Program Files\TeraCopy
2009-08-28 12:12:14 ----A---- C:\Windows\system32\pthreadGC2.dll
2009-08-28 12:12:14 ----A---- C:\Windows\system32\ff_vfw.dll
2009-08-28 12:12:12 ----D---- C:\Program Files\ffdshow
2009-08-28 12:12:08 ----D---- C:\Program Files\Haali
2009-08-28 12:11:56 ----D---- C:\Program Files\AviSynth 2.5
2009-08-28 12:11:44 ----D---- C:\Program Files\Common Files\SourceTec
2009-08-28 12:11:44 ----A---- C:\Windows\system32\wvc1dmod.dll
2009-08-28 12:11:42 ----D---- C:\Program Files\SourceTec
2009-08-28 12:01:40 ----D---- C:\Program Files\BurnAware Free
2009-08-28 03:56:26 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-28 03:56:25 ----A---- C:\Windows\system32\kerberos.dll
2009-08-28 03:56:24 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-28 03:56:23 ----A---- C:\Windows\system32\wdigest.dll
2009-08-28 03:56:22 ----A---- C:\Windows\system32\schannel.dll
2009-08-28 03:56:20 ----A---- C:\Windows\system32\secur32.dll
2009-08-28 03:56:19 ----A---- C:\Windows\system32\lsass.exe
2009-08-26 11:14:56 ----D---- C:\Program Files\Elaborate Bytes
2009-08-26 09:33:13 ----A---- C:\Windows\system32\tzres.dll
2009-08-26 08:13:47 ----A---- C:\Windows\system32\gameux.dll
2009-08-24 14:00:00 ----A---- C:\Windows\system32\KDSInterface.txt
2009-08-21 21:16:11 ----A---- C:\Windows\system32\netfxperf.dll
2009-08-12 15:40:20 ----A---- C:\Windows\system32\atl.dll
2009-08-12 15:40:17 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-12 15:40:13 ----A---- C:\Windows\system32\tsgqec.dll
2009-08-12 15:40:13 ----A---- C:\Windows\system32\mstscax.dll
2009-08-12 15:40:13 ----A---- C:\Windows\system32\aaclient.dll
2009-08-12 15:40:09 ----A---- C:\Windows\system32\avifil32.dll
2009-08-12 15:40:05 ----A---- C:\Windows\system32\telnet.exe
2009-08-12 15:40:04 ----A---- C:\Windows\system32\tlntsess.exe
2009-08-12 15:39:59 ----A---- C:\Windows\system32\wmp.dll
2009-08-12 15:39:56 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-12 15:39:53 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-12 15:39:51 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-12 15:39:51 ----A---- C:\Windows\system32\spwmp.dll

======List of files/folders modified in the last 1 months======

2009-09-04 13:10:11 ----D---- C:\Windows\Prefetch
2009-09-04 13:10:01 ----D---- C:\Windows\Temp
2009-09-04 03:42:48 ----D---- C:\Program Files\Spyware Doctor
2009-09-04 02:41:13 ----D---- C:\Program Files\LogMeIn
2009-09-03 22:17:23 ----RD---- C:\Program Files
2009-09-03 03:27:14 ----D---- C:\Windows\winsxs
2009-09-03 03:17:27 ----D---- C:\Windows\System32
2009-09-03 03:17:27 ----D---- C:\Windows\inf
2009-09-03 03:17:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-03 03:16:48 ----D---- C:\Windows\system32\catroot
2009-09-03 03:16:30 ----D---- C:\Windows\system32\catroot2
2009-09-03 03:15:52 ----D---- C:\Windows\system32\drivers
2009-09-03 03:07:28 ----A---- C:\Windows\SchedLgU.Txt
2009-09-03 03:07:07 ----D---- C:\Windows\AppPatch
2009-08-30 22:27:19 ----D---- C:\Program Files\DNA
2009-08-30 22:22:32 ----D---- C:\Program Files\Mozilla Firefox
2009-08-30 21:48:55 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-30 15:18:22 ----A---- C:\Windows\NeroDigital.ini
2009-08-29 13:33:37 ----D---- C:\Windows\Microsoft.NET
2009-08-29 13:33:18 ----RSD---- C:\Windows\assembly
2009-08-29 13:30:31 ----D---- C:\Windows\rescache
2009-08-29 13:21:29 ----AD---- C:\Windows
2009-08-29 13:21:13 ----SHD---- C:\Boot
2009-08-29 13:16:12 ----HD---- C:\ProgramData
2009-08-29 13:05:16 ----D---- C:\Program Files\Windows Sidebar
2009-08-29 13:05:16 ----D---- C:\Program Files\Windows Media Player
2009-08-29 13:05:16 ----D---- C:\Program Files\Windows Mail
2009-08-29 13:05:16 ----D---- C:\Program Files\Windows Calendar
2009-08-29 13:05:16 ----D---- C:\Program Files\Movie Maker
2009-08-29 13:05:16 ----D---- C:\Program Files\Internet Explorer
2009-08-29 13:05:15 ----D---- C:\Program Files\Windows Photo Gallery
2009-08-29 13:05:15 ----D---- C:\Program Files\Common Files\System
2009-08-29 13:05:13 ----D---- C:\Program Files\Windows Defender
2009-08-29 13:05:12 ----D---- C:\Windows\servicing
2009-08-29 13:05:12 ----D---- C:\Windows\ehome
2009-08-29 13:05:02 ----D---- C:\Windows\system32\XPSViewer
2009-08-29 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2009-08-29 13:05:02 ----D---- C:\Windows\IME
2009-08-29 13:05:01 ----D---- C:\Windows\system32\sk-SK
2009-08-29 13:05:01 ----D---- C:\Windows\system32\lv-LV
2009-08-29 13:05:01 ----D---- C:\Windows\system32\ko-KR
2009-08-29 13:05:01 ----D---- C:\Windows\system32\hr-HR
2009-08-29 13:05:01 ----D---- C:\Windows\system32\et-EE
2009-08-29 13:05:01 ----D---- C:\Windows\system32\da-DK
2009-08-29 13:05:00 ----D---- C:\Windows\system32\en-US
2009-08-29 13:04:58 ----D---- C:\Windows\system32\de-DE
2009-08-29 13:04:57 ----D---- C:\Windows\system32\oobe
2009-08-29 13:04:57 ----D---- C:\Windows\system32\migration
2009-08-29 13:04:57 ----D---- C:\Windows\system32\it-IT
2009-08-29 13:04:57 ----D---- C:\Windows\system32\el-GR
2009-08-29 13:04:55 ----D---- C:\Windows\system32\sv-SE
2009-08-29 13:04:55 ----D---- C:\Windows\system32\setup
2009-08-29 13:04:55 ----D---- C:\Windows\system32\ru-RU
2009-08-29 13:04:55 ----D---- C:\Windows\system32\he-IL
2009-08-29 13:04:55 ----D---- C:\Windows\system32\fr-FR
2009-08-29 13:04:55 ----D---- C:\Windows\system32\fi-FI
2009-08-29 13:04:55 ----D---- C:\Windows\system32\AdvancedInstallers
2009-08-29 13:04:54 ----D---- C:\Windows\system32\SLUI
2009-08-29 13:04:54 ----D---- C:\Windows\system32\pt-PT
2009-08-29 13:04:54 ----D---- C:\Windows\system32\hu-HU
2009-08-29 13:04:54 ----D---- C:\Windows\system32\cs-CZ
2009-08-29 13:04:53 ----D---- C:\Windows\system32\zh-CN
2009-08-29 13:04:53 ----D---- C:\Windows\system32\sr-Latn-CS
2009-08-29 13:04:53 ----D---- C:\Windows\system32\sl-SI
2009-08-29 13:04:53 ----D---- C:\Windows\system32\manifeststore
2009-08-29 13:04:53 ----D---- C:\Windows\system32\es-ES
2009-08-29 13:04:53 ----D---- C:\Windows\system32\en
2009-08-29 13:04:52 ----D---- C:\Windows\system32\zh-TW
2009-08-29 13:04:52 ----D---- C:\Windows\system32\uk-UA
2009-08-29 13:04:52 ----D---- C:\Windows\system32\th-TH
2009-08-29 13:04:52 ----D---- C:\Windows\system32\ro-RO
2009-08-29 13:04:52 ----D---- C:\Windows\system32\pl-PL
2009-08-29 13:04:52 ----D---- C:\Windows\system32\ja-JP
2009-08-29 13:04:52 ----D---- C:\Windows\system32\bg-BG
2009-08-29 13:04:51 ----D---- C:\Windows\system32\tr-TR
2009-08-29 13:04:50 ----D---- C:\Windows\system32\wbem
2009-08-29 13:04:49 ----D---- C:\Windows\system32\nl-NL
2009-08-29 13:04:49 ----D---- C:\Windows\system32\nb-NO
2009-08-29 13:04:49 ----D---- C:\Windows\system32\lt-LT
2009-08-29 13:04:49 ----D---- C:\Windows\system32\ar-SA
2009-08-29 13:04:48 ----D---- C:\Windows\system32\pt-BR
2009-08-29 13:04:48 ----D---- C:\Windows\system32\migwiz
2009-08-29 13:04:07 ----RSD---- C:\Windows\Fonts
2009-08-29 13:00:23 ----D---- C:\Windows\system32\Boot
2009-08-29 12:57:57 ----D---- C:\Windows\system32\RTCOM
2009-08-29 11:35:54 ----D---- C:\Windows\pss
2009-08-29 11:34:00 ----SHD---- C:\Windows\Installer
2009-08-29 11:34:00 ----HD---- C:\Config.Msi
2009-08-29 11:33:39 ----D---- C:\Windows\system32\zh-HK
2009-08-29 11:30:58 ----D---- C:\Program Files\Common Files\microsoft shared
2009-08-29 11:30:43 ----D---- C:\Program Files\Microsoft Works
2009-08-29 11:28:27 ----A---- C:\Windows\win.ini
2009-08-29 11:25:50 ----D---- C:\Program Files\Java
2009-08-28 15:00:06 ----D---- C:\Program Files\Common Files
2009-08-28 15:00:05 ----D---- C:\Program Files\Adobe
2009-08-27 11:20:34 ----D---- C:\Program Files\AskBarDis
2009-08-27 11:19:35 ----D---- C:\Program Files\MacroSoft Email Spider Full
2009-08-27 11:11:19 ----D---- C:\Windows\system32\Tasks
2009-08-27 11:10:40 ----D---- C:\Program Files\D-Link Media Server
2009-08-22 13:08:10 ----D---- C:\Program Files\SlySoft
2009-08-05 14:49:53 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 ELhid;EL hid Service; \??\C:\WINDOWS\System32\Drivers\Elhid.sys [2006-08-02 10112]
R1 ELkbd;EL KB Service; \??\C:\WINDOWS\System32\Drivers\Elkbd.sys [2006-08-02 6912]
R1 ELmon;EL Monitor Service; \??\C:\WINDOWS\System32\Drivers\Elmon.sys [2006-08-02 7040]
R1 ELmou;EL Mouse Service; \??\C:\WINDOWS\System32\Drivers\Elmou.sys [2006-08-02 6400]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-05-13 214024]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-04-09 130424]
R2 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [2003-12-17 17005]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-07-24 47640]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-12-01 103360]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-02-01 690176]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-15 218752]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 hcwPP2;Hauppauge WinTV PVR PCI II ([23|25|26]xxx); C:\Windows\system32\DRIVERS\hcwPP2.sys [2007-02-06 185728]
R3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-25 2015192]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2007-04-17 10144]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-05-13 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-05-13 35272]
R3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-05-13 34248]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-05-13 40552]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 Nmea;Sprint Connection Manager - emulates the NMEA ports; C:\Windows\system32\DRIVERS\pctnullport.sys [2008-07-07 38680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-08-28 7574976]
R3 NWADI;NWADI Bus Enumerator; C:\Windows\system32\DRIVERS\NWADIenum.sys [2007-09-06 194048]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2007-02-17 47360]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-19 9216]
R3 swmsflt;swmsflt; C:\Windows\System32\drivers\swmsflt.sys [2008-07-07 24840]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ELacpi;ELacpi; C:\Windows\system32\DRIVERS\ELacpi.sys [2006-08-02 9728]
S3 MHNDRV;MHN driver; C:\Windows\system32\DRIVERS\mhndrv.sys [2004-08-09 11008]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2007-10-12 27072]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\PCTINDIS5.SYS [2008-07-07 32408]
S3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-05-20 22784]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-05-29 39424]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\Windows\system32\DRIVERS\WudfPf.sys [2008-01-19 51200]
S4 ftsata2;ftsata2; C:\Windows\system32\drivers\ftsata2.sys [2005-06-29 175104]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-04-19 81920]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-03 1029456]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2008-10-16 116032]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2007-04-17 63040]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-05-01 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-04-09 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-04-09 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-05-13 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-05-08 893112]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-08-24 1097096]
R2 USBSafelyRemoveService;USB Safely Remove Assistant; C:\Program Files\USB Safely Remove\USBSRService.exe [2008-12-15 208144]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-05-08 606736]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 DynDNS_Updater_Service;DynDNS Updater Service; C:\Program Files\DynDNS Updater\DynDNS.exe []
S2 ELService;Intel(R) Quick Resume technology; C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe [2006-08-02 196608]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-07-24 358896]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-08-16 309744]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-08-16 166384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-05-08 365072]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-01-19 21504]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-07-24 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-08-16 1092080]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe []
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S4 CASprint;Sprint Con App Svc; C:\Program Files\Sprint\Sprint SmartView\ConAppsSvc.exe [2008-07-07 124184]
S4 CscService;Offline Files; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-06-21 49152]
S4 SprintRcAppSvc;Sprint RcAppSvc; C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe [2008-07-07 111896]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-04-11 71168]

-----------------EOF-----------------

corpit
2009-09-04, 21:39
info.txt logfile of random's system information tool 1.06 2009-09-04 13:10:47

======Uninstall list======

-->"C:\Program Files\WildTangent\Apps\My HP Game Console\Uninstall.exe"
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0ADEA8E1-B211-41B8-8DD4-D9A5FB04A5FA}
-->MsiExec.exe /I{267D350E-51AB-40B8-AF9F-DA7ED5687044}
-->MsiExec.exe /I{7A9DC8F6-2466-4E04-BF51-BE499C5D02BD}
-->MsiExec.exe /I{85BD5F12-49EF-4B40-B1E0-77D85F6E99BF}
-->MsiExec.exe /I{EA9741F6-A7F2-497B-BBE4-2ED0136649BE}
-->MsiExec.exe /X{C628EC93-8E17-4114-BCE7-2D181B93FA0F}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{2614F54E-A828-49FA-93BA-45A3F756BFAA}
Acrobat.com-->MsiExec.exe /X{6D8D64BE-F500-55B6-705D-DFD08AFE0624}
Ad-Aware-->"C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
AnswerWorks 5.0 English Runtime-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst -removeonly
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft MediaConverter 2.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E075B708-034C-4A4C-B7C9-308B9A25EAD2}\Setup.exe" -l0x9
ArcSoft ShowBiz DVD 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{09690861-8F86-4E06-A577-434FAB1F3C74}\Setup.exe" -l0x9
ArcSoft Video Downloader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6332AE1B-FD23-4448-B237-A63900602D72}\Setup.exe" -l0x9
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{244E21B9-164C-4EC1-AED8-9BD64161E66D}\Setup.exe" -l0x9
AT&T Yahoo! High Speed Internet Home Networking Installer-->C:\Program Files\2Wire\Uninstaller.exe
Avery Wizard 3.1-->MsiExec.exe /I{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Better Homes and Gardens HD Suite 7.0 Training Videos-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65A1FC3C-E496-41A9-98C7-2CEAFE7053B7}\Setup.exe" -l0x9 -uninst -removeonly
Better Homes and Gardens Home Designer Suite 7.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A557D4C9-03AA-4806-80A7-227D2C8E4439}\setup.exe" -l0x9 -removeonly
BlackBerry Desktop Software 4.3-->MsiExec.exe /i{C178B38F-613A-4EFE-B718-A675BD27A1E1}
BlackBerry Desktop Software 4.3-->MsiExec.exe /I{C178B38F-613A-4EFE-B718-A675BD27A1E1}
BlackBerry Device Software Updater-->MsiExec.exe /X{628AA77D-DFC9-4B3D-BE8E-CF9F7CD4C3C7}
BlackBerry Device Software v4.5.0 for the BlackBerry 8830 smartphone-->MsiExec.exe /X{628EE6C0-EA3F-4F36-B465-8F9D998B3E5C}
BlackBerry v4.2.2 for the 8830 Series Wireless Device-->MsiExec.exe /X{95A70059-F91E-4501-94EF-51F345861C09}
BUM-->MsiExec.exe /I{55937F00-A69B-4049-8D3A-1C7729742B6F}
BurnAware Free 2.3.9-->"C:\Program Files\BurnAware Free\unins000.exe"
Camtasia Studio 5-->MsiExec.exe /I{7EADB65C-70E8-4C94-AD0A-221462D41A85}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Customer Experience Enhancement-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Duplicate Music Files Finder 1.5.5-->"C:\Program Files\Duplicate Music Files Finder\unins000.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.5.0-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDFab 6.0.2.2 (June 26, 2009)-->"C:\Program Files\DVDFab 6\unins000.exe"
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
ffdshow [rev 2583] [2009-01-05]-->"C:\Program Files\ffdshow\unins000.exe"
GearDrvs-->MsiExec.exe /I{CB84F0F2-927B-458D-9DC5-87832E3DC653}
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Boot Optimizer-->MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP Document Manager 1.0-->C:\Program Files\HP\Digital Imaging\DocumentManager\hpzscr01.exe -datfile hpqbud18.dat
HP DVD Play 2.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Officejet All-In-One Series-->C:\Program Files\HP\Digital Imaging\{67335AB1-6341-4f87-A5B4-7FA92CEB77A4}\setup\hpzscr01.exe -datfile hpwscr20.dat -forcereboot
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
HP Web Helper-->regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll"
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) Quick Resume Technology Drivers-->C:\WINDOWS\System32\Elusetup.exe
Intel® Viiv™ Software-->MsiExec.exe /X{6BB374D3-5835-47D0-BADC-330BF34DBBD1}
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
iTunesFolderWatch-->MsiExec.exe /I{284C0EDD-C817-4ACB-AF69-5DCC637202FB}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
Kodak EasyShare software-->C:\ProgramData\Kodak\EasyShareSetup\$SETUP_3c0002_1173a894\Setup.exe /APR-REMOVE
Live Search Maps Add-In for Microsoft Office Outlook-->MsiExec.exe /I{EB9A4856-C28A-4BC2-9373-975A33BB9CD4}
LogMeIn-->MsiExec.exe /I{3FEC3A5B-60FF-4626-B425-08E09B121A15}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
MediaUndelete-->"C:\Program Files\MediaUndelete\uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Streets and Trips 2004-->MsiExec.exe /I{8704D51E-25B7-4F23-81E7-AA4F54790210}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MobileMe Control Panel-->MsiExec.exe /I{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}
Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3 Tag Tools v1.2-->"C:\Program Files\Mp3TagToolsv12\uninstall.exe"
MP3 to WAV Decoder-->C:\PROGRA~1\MP3TOW~1\UNWISE.EXE C:\PROGRA~1\MP3TOW~1\INSTALL.LOG
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NEC DISPLAY SOLUTIONS: Monitor Installer-->C:\Program Files\NEC DISPLAY SOLUTIONS\Drivers\Uninstall.exe
Nero 7 Ultra Edition-->MsiExec.exe /I{FC98FBE9-E931-494C-8717-497185371033}
netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
PC Inspector smart recovery-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x9
Popup Blocker (Windows Live Toolbar)-->MsiExec.exe /X{117CD9C0-0F15-4633-93D7-F957B50535A5}
Quicken 2009-->MsiExec.exe /X{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rio Music Manager-->MsiExec.exe /X{9E321DCB-3AC5-466C-B214-4CD340EE3A13}
Roxio Content 9-->MsiExec.exe /X{787F2DC2-1699-44FA-A72F-9107166AF9CC}
Roxio Media Manager-->MsiExec.exe /X{5EED93A8-33AD-46A7-A6AC-4DEAFBEFEEE1}
Safari-->MsiExec.exe /I{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.INF
Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sothink Movie DVD Maker-->"C:\Program Files\SourceTec\Sothink Movie DVD Maker\unins000.exe"
Sprint SmartView-->MsiExec.exe /X{5121C4F9-BC62-4F47-B313-474A619E3813}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
Startup Delayer v2.3 (build 134)-->C:\Program Files\r2 Studios\Startup Delayer\Uninstall.exe
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
TeraCopy 2.01-->"C:\Program Files\TeraCopy\unins000.exe"
tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
Ultimate Extras sounds from Microsoft® Tinker™-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\UltSound2.inf,Uninstall
Undelete Plus 2.94-->"C:\Program Files\Undelete Plus\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb972691)-->msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {AA020E6E-E2FB-45EF-B732-2400E2296742}
Updates from HP (remove only)-->C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
USB Safely Remove 4.0-->"C:\Program Files\USB Safely Remove\unins000.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Videora iPod classic Converter 3.02-->C:\Program Files\Red Kawa\Video Converter 3\uninstaller.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Sound Schemes-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\UltSound.inf,Uninstall
Windows Vista Upgrade Advisor-->MsiExec.exe /I{86BB059D-1231-457B-B88F-F9B315A18F90}
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Xilisoft MP4 Converter-->C:\Program Files\Xilisoft\MP4 Converter 3\Uninstall.exe

=====HijackThis Backups=====

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage [2009-08-30]

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AS: Spybot - Search and Destroy (disabled)
AS: Lavasoft Ad-Watch Live!

======System event log======

Computer Name: Office
Event Code: 4374
Message: Windows Servicing identified that package KB955839(Update) is not applicable for this system
Record Number: 145272
Source Name: Microsoft-Windows-Servicing
Time Written: 20081211080239.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Office
Event Code: 4374
Message: Windows Servicing identified that package KB955839(Update) is not applicable for this system
Record Number: 145271
Source Name: Microsoft-Windows-Servicing
Time Written: 20081211080239.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Office
Event Code: 4374
Message: Windows Servicing identified that package KB955839(Update) is not applicable for this system
Record Number: 145270
Source Name: Microsoft-Windows-Servicing
Time Written: 20081211080239.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Office
Event Code: 4374
Message: Windows Servicing identified that package KB955839(Update) is not applicable for this system
Record Number: 145269
Source Name: Microsoft-Windows-Servicing
Time Written: 20081211080239.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Office
Event Code: 4374
Message: Windows Servicing identified that package KB955839(Update) is not applicable for this system
Record Number: 145266
Source Name: Microsoft-Windows-Servicing
Time Written: 20081211080238.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: HP
Event Code: 101
Message:
Record Number: 32522
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20071127091801.000000-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: HP
Event Code: 1002
Message: The program Home Designer Suite 70.exe version 7.0.9.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1b50 Start Time: 01c830a3d8ec8d05 Termination Time: 50
Record Number: 32500
Source Name: Application Hang
Time Written: 20071127032345.000000-000
Event Type: Error
User:

Computer Name: HP
Event Code: 1002
Message: The program Home Designer Suite 70.exe version 7.0.9.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 954 Start Time: 01c830a2958d61c5 Termination Time: 51
Record Number: 32495
Source Name: Application Hang
Time Written: 20071127031601.000000-000
Event Type: Error
User:

Computer Name: HP
Event Code: 1002
Message: The program Home Designer Suite 70.exe version 7.0.9.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1b18 Start Time: 01c8309990ae901a Termination Time: 42
Record Number: 32493
Source Name: Application Hang
Time Written: 20071127030659.000000-000
Event Type: Error
User:

Computer Name: HP
Event Code: 1002
Message: The program Home Designer Suite 70.exe version 7.0.9.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1160 Start Time: 01c8308d06830ce7 Termination Time: 82
Record Number: 32488
Source Name: Application Hang
Time Written: 20071127015954.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: HP
Event Code: 4616
Message: The system time was changed.

Subject:
Security ID: S-1-5-18
Account Name: HP$
Account Domain: MARIANI
Logon ID: 0x3e7

Process Information:
Process ID: 0x434
Name: C:\Windows\System32\oobe\msoobe.exe

Previous Time: 10:28:00 PM 2/20/2007
New Time: 10:27:59 PM 2/20/2007

This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070221032759.999625-000
Event Type: Audit Success
User:

Computer Name: HP
Event Code: 1108
Message: The event logging service encountered an error while processing an incoming event published from Microsoft-Windows-Security-Auditing.
Record Number: 4
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070221032227.626002-000
Event Type: Audit Success
User:

Computer Name: HP
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 3
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070221032225.610377-000
Event Type: Audit Success
User:

Computer Name: HP
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 2
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070221030016.310515-000
Event Type: Audit Success
User:

Computer Name: HP
Event Code: 4647
Message: User initiated logoff:

Subject:
Security ID: S-1-5-21-51003140-4199384537-3980697693-500
Account Name: Administrator
Account Domain: 26L2233A1-06
Logon ID: 0x86377

This event is generated when a logoff is initiated but the token reference count is not zero and the logon session cannot be destroyed. No further user-initiated activity can occur. This event can be interpreted as a logoff event.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20061102130817.732800-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\HP\Digital Imaging\\bin;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\DivX Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Shaba
2009-09-05, 11:55
We will continue with ComboFix. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

A word of warning: Please do not run ComboFix on your own. This tool is not a toy and not for everyday use.

corpit
2009-09-06, 03:56
I tried running combofix but it got stuck on the "trying to create a new system restore point". It just sat there and nothing happened. I let it run for 1/2 hour...???

corpit
2009-09-06, 04:23
Ok, so I realized I didn't have system restore turned on, so I shut down combofix and turned it on, then re-ran combofix. now its sitting at "combofix is preparing to run". Its been sitting there for 1/2 hour now...

corpit
2009-09-06, 04:29
I had a process still running from McAfee, so I shut that down and am re-running Combo-fix. It backed up the registry and is still at combofix is preparing to run. i'll let it run for a while and get back to this later.

corpit
2009-09-06, 06:05
After nearly 2 hours, its still sitting at combofix is preparing to run...

Shaba
2009-09-06, 12:53
Please rerun it in safe mode and let me know if it helped :)

corpit
2009-09-06, 16:12
Didn't work. Said I need administrator access or permissions to run the program and to use an administrator command, or something like that...I tried just running the program as well as right clicking and selecting "run as administrator"

Shaba
2009-09-06, 16:21
Have you earlier uninstalled Windows Desktop Search?

That error message seems to be related to that program.

corpit
2009-09-06, 16:37
no, not that I recall. Doesn't Vista come with a version of DT Search installed already? The message is annoying, but doesn't seem to be causing any issues to my machine, so if you're saying I don't have a virus or spyware or anything, i'm really ok with leaving it as it is...

Shaba
2009-09-06, 18:09
Yes but that one comes with Live package.

Go to start - run

Type reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager c:\msln.reg and click ok

Open c:\msln.reg with notepad and post back contents here, please.

corpit
2009-09-06, 18:55
I ran the command and no msln.reg file could be found on the C drive, or anywhere else for that matter. No my computer is running extremely slow and erratic, which it wasn't doing before. Nothing you are suggesting seems to be getting us anywhere other than causing my computer to slow down and get worse. Are you sure you know what you are doing?

Shaba
2009-09-06, 19:09
If I didn't know what I'm doing, I wouldn't reply or have Security Expert status ;)

McAfee could have affected combofix run, it is possible.

Let's try this way:

Go to start - run

Type cmd and ok.

Type to appearing window this:

reg export HKLM\SYSTEM\CurrentControlSet\Control\Session Manager c:\msln.reg and press enter

Let me know if c:\msln.reg now exists.

corpit
2009-09-07, 22:30
When I tried typing this:

reg export HKLM\SYSTEM\CurrentControlSet\Control\Session Manager c:\msln.reg

I get an error that said its bad syntax. I looked at the help for reg export and tried this instead:

reg export HKLM\SYSTEM\CurrentControlSet\Control c:\msln.reg

it said the file was created but I can't find it anywhere.

Shaba
2009-09-07, 22:40
It is in c: root.

Go to start - run

Type notepad c:\msln.reg and press enter and it should open in Notepad.

corpit
2009-09-07, 22:53
Notepad can not find file.

Shaba
2009-09-08, 07:11
OK, we try then easier approach.

Go to start - run

Type regedit and press enter.

Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager and let me know what it says in BootExecute.

corpit
2009-09-08, 15:54
"autocheck msln autocheck autochk * lsdelete"

Shaba
2009-09-08, 17:32
Please use the following link to download ERUNT (http://aumha.org/downloads/erunt-setup.exe)
Use the setup program to install ERUNT on your computer

Click Erunt.exe to backup your registry to the folder of your choice.

Note:to restore your registry, go to the folder and start ERDNT.exe

After that, remove autocheck msln from BootExecute and reboot.

Let me know if it helped.

corpit
2009-09-09, 03:06
That seems to have worked. Thanks for all your help...and I'm sorry I doubted you...

Shaba
2009-09-09, 07:15
Good :)

We continue with this:

Please go to Kaspersky website (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) and perform an online antivirus scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply along with a fresh HijackThis log.

Shaba
2009-09-18, 22:10
Due to the lack of feedback this Topic is closed.

If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

Everyone else please begin a New Topic.