Unable to install Spybot, browser redirecting, failure to load security-related pages

Printable View

Show 40 post(s) from this thread on one page

2009-03-31, 08:34
edc1111

Unable to install Spybot, browser redirecting, failure to load security-related pages

Hello,

I just discovered this forum and this is my first post. Some kind of malware has prevented me from installing Spybot, other anti-spyware/malware programs, antivirus updates, and is causing many redirects and failure to load security-related pages (including the safer-networking.com homepage). Since neither IE or Firefox is able to access the final ERUNT download page because of an unstoppable redirect from those particular pages, I can't follow the #1 step in the procedure you recommend prior to posting a HijackThis log. So I haven't backed up my registry yet.

There is also an attempt to load an unknown program at start-up and its name is shown as a series of squares, with some other digits mixed in I think. This program is listed in the startup area of MSCONFIG.

I believe I only have the latest Adobe Acrobat reader installed. I installed Foxit and on my old computer it worked well. Now I don't use it because it causes streaks to run across the page and grossly distorts the view of pdf file pages making them almost illegible. Running QuickTime player also brings these strange streaks, although in a "milder" form. Not sure what causes this streak problem and because it began immediately after I installed my XP operating system on this new computer I have no reason to think it's malware-related.

My main issue seems very similar to the one resolved in this thread: http://forums.spybot.info/showthread...=manual+update

If I can resolve it simply by following the steps in that thread, or if different steps are needed, please let me know. Any help would be greatly appreciated. Thank you very much in advance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:31 AM, on 3/31/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe
C:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe
C:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe
C:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\My Documents\MyDownloadFiles\spybotsd_includes.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=???
?
F3 - REG:win.ini: run=???
?
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PreSonusUSBInstallApp] C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Email Protection] C:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
O4 - HKLM\..\Run: [Update Scheduler] C:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE /CHECK
O4 - HKLM\..\Run: [On-Line Protection] C:\PROGRA~1\QUICKH~1\QUICKH~1\CATEYE.EXE
O4 - HKLM\..\Run: [Messenger] C:\PROGRA~1\QUICKH~1\QUICKH~1\SCANMSG.EXE
O4 - HKLM\..\Run: [Startup Scan] C:\PROGRA~1\QUICKH~1\QUICKH~1\sensor.exe /loadrun
O4 - HKLM\..\Run: [ResumeQuickupDownload] C:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe
O4 - HKLM\..\RunOnce: [Startup Scan] C:\PROGRA~1\QUICKH~1\QUICKH~1\sensor.exe /check
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-448539723-1220945662-725345543-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'E2')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C01F2EA-6AE0-4750-8A78-8979817AB268}: NameServer = 85.255.112.146,85.255.112.76
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.146,85.255.112.76
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.146,85.255.112.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.146,85.255.112.76
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe
O23 - Service: Quick Heal Antivirus Plus Mail Protection - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE
O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Quick Heal Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 10798 bytes

I should also mention I use Avast antivirus, but temporarily had Avast disabled and QuickHeal installed in an attempt to resolve some problems at the time of this log. That's why both are listed.
2009-04-01, 07:43
Shaba
Hi edc1111

Please uninstall either QuickHeal or avast!

After that:

Please save any items you were working on... close any open programs. You may be asked to reboot your machine.
Please download Malwarebytes Anti-Malware and save it to your desktop. If needed...Tutorial w/screenshots
Alternate download sites available here or here.
1. Make sure you are connected to the Internet.
2. Double-click on Download_mbam-setup.exe to install the application.
3. When the installation begins, follow the prompts and do not make any changes to default settings.
4. When installation has finished, make sure you leave both of these checked:
  - Update Malwarebytes' Anti-Malware
  - Launch Malwarebytes' Anti-Malware
  - Then click Finish.
  MBAM will automatically start and you will be asked to update the program before performing a scan.
  - If an update is found, the program will automatically update itself.
  - Press the OK button to close that box and continue.
  - Problems downloading the updates? Manually download them from here and double-click on "mbam-rules.exe" to install.
On the Scanner tab:
1. Make sure the "Perform Quick Scan" option is selected.
2. Then click on the Scan button.
3. If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
4. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
5. When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
6. Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
1. Click on the Show Results button to see a list of any malware that was found.
2. Check all items except items in the C:\System Volume Information folder... then click on Remove Selected.
  We will take care of the System Volume Information items later.
3. When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
4. The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  The log can also be found here:
  C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
5. Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Please download RSIT by random/random... save it to your desktop.
1. Double click on RSIT.exe to run it.
2. Please read the disclaimer... click on Continue.
3. RSIT will start running. When done... 2 logs files...will be produced.
4. The first one, "log.txt", will be maximized
5. The second one, "info.txt", will be minimized.
Please post both... "log.txt" and "info.txt", file contents in your next reply.
(These logs can be lengthy, so post 1 log per reply please.)

Post:

- mbam log
- rsit logs (taken after mbam run)
2009-04-01, 08:43
edc1111

MBAM log

Malwarebytes' Anti-Malware 1.35
Database version: 1904
Windows 5.1.2600 Service Pack 2

4/1/2009 2:26:37 AM
mbam-log-2009-04-01 (02-26-37).txt

Scan type: Quick Scan
Objects scanned: 78154
Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 6
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9c01f2ea-6ae0-4750-8a78-8979817ab268}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9c01f2ea-6ae0-4750-8a78-8979817ab268}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9c01f2ea-6ae0-4750-8a78-8979817ab268}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
2009-04-01, 08:48
edc1111

RSIT log.txt - part 1 (full log exceeds max characters allowed)

Logfile of random's system information tool 1.06 (written by random/random)
Run by E at 2009-04-01 02:36:40
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 68 GB (68%) free of 101 GB
Total RAM: 2943 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:36:44 AM, on 4/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\E\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\E.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=???
?
F3 - REG:win.ini: run=???
?
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PreSonusUSBInstallApp] C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9164 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1220945662-725345543-1004.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-02-28 180224]
"P17Helper"=Rundll32 SPIRun.dll,RunDLLEntry []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-12 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"PreSonusUSBInstallApp"=C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe [2008-03-07 28672]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Creative MediaSource Go"=C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [2006-11-09 204800]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
"Google Update"=C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-24 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go]
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [2006-11-09 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
C:\WINDOWS\CTRegRun.EXE [2006-10-06 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-09 52256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files\lg_fwupdate\fwupdate.exe [2007-02-26 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
??????????????????????? []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-15 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
??????????????????????? []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Registration.lnk]
C:\PROGRA~1\Corel\WORDPE~1\Register\Remind32.exe [1998-07-23 67584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL 9.LNK]
C:\PROGRA~1\Corel\WORDPE~1\programs\ccwin9.exe [1999-03-31 589824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL Alarms.LNK]
C:\PROGRA~1\Corel\WORDPE~1\programs\alarm.exe [1999-03-30 225280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Application Director 9.LNK]
C:\PROGRA~1\Corel\WORDPE~1\programs\dad9.exe [1999-03-29 225280]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69851a73-f856-11dd-bb4b-002215e00ea4}]
shell\AutoRun\command - J:\MI.exe
2009-04-01, 08:49
edc1111

RSIT log.txt - part 2

======List of files/folders created in the last 3 months======

2009-04-01 02:36:40 ----D---- C:\rsit
2009-04-01 02:13:51 ----D---- C:\Documents and Settings\E\Application Data\Malwarebytes
2009-04-01 02:13:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-01 02:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-31 02:10:10 ----D---- C:\Program Files\Trend Micro
2009-03-31 01:44:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-31 01:29:26 ----D---- C:\Program Files\Lavasoft
2009-03-31 01:29:26 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-31 01:29:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-03-30 12:27:20 ----D---- C:\Documents and Settings\All Users\Application Data\Syncrosoft
2009-03-30 12:27:09 ----D---- C:\Program Files\Syncrosoft
2009-03-29 18:46:55 ----A---- C:\WINDOWS\sc.INI
2009-03-29 18:46:02 ----D---- C:\Program Files\MagicSofts
2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\java.exe
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\rmbe3260.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32sipr.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32dnet.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3228_8.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3214_4.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pngu3263.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pneng50.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pnc3250.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcp70.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\encdnet.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\decdnet.dll
2009-03-24 22:48:07 ----D---- C:\Documents and Settings\E\Application Data\ArcSoft
2009-03-24 22:48:06 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
2009-03-24 22:47:17 ----A---- C:\WINDOWS\system32\unicows.dll
2009-03-24 22:46:57 ----D---- C:\Program Files\Kodak
2009-03-24 22:46:57 ----D---- C:\Program Files\Common Files\ArcSoft
2009-03-23 05:41:12 ----D---- C:\Program Files\Audacity
2009-03-22 04:50:45 ----D---- C:\Program Files\Java
2009-03-20 19:40:30 ----D---- C:\Program Files\GPLGS
2009-03-20 19:39:59 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-03-20 19:39:53 ----D---- C:\Program Files\Acro Software
2009-03-17 01:58:04 ----A---- C:\WINDOWS\system32\Ltih30tb.dll
2009-03-17 01:58:03 ----D---- C:\Program Files\WexTech
2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\WexTech Shared
2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\LHSPF
2009-03-17 01:57:59 ----A---- C:\WINDOWS\IsUninst.exe
2009-03-17 01:55:45 ----N---- C:\WINDOWS\system32\FXAB32.DLL
2009-03-17 01:55:44 ----N---- C:\WINDOWS\system32\fxdb.dll
2009-03-17 01:55:13 ----N---- C:\WINDOWS\system32\iduninst.dll
2009-03-17 01:55:04 ----D---- C:\Program Files\Borland
2009-03-17 01:54:58 ----N---- C:\WINDOWS\system32\awpe.dll
2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\mfcuia32.dll
2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\MFCANS32.DLL
2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\LTIH21TB.DLL
2009-03-17 01:54:57 ----A---- C:\WINDOWS\system32\awrtl30.dll
2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shlwp9en.dll
2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shellwp.dll
2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\opengl.dll
2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\glut.dll
2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\glu.dll
2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\csh.dll
2009-03-17 01:54:23 ----D---- C:\Program Files\Corel
2009-03-17 01:53:13 ----D---- C:\WINDOWS\Corel
2009-03-16 01:03:49 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-15 03:50:37 ----D---- C:\Documents and Settings\All Users\Application Data\Quick Heal
2009-03-15 03:46:01 ----A---- C:\WINDOWS\sensor.INI
2009-03-15 03:45:35 ----D---- C:\Program Files\Quick Heal
2009-03-14 18:26:47 ----D---- C:\Documents and Settings\E\Application Data\Sony Setup
2009-03-14 18:26:32 ----D---- C:\Program Files\Sony Setup
2009-03-13 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-13 03:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-13 03:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-12 22:56:53 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-03-12 22:56:50 ----D---- C:\Program Files\Yahoo!
2009-03-08 20:01:20 ----D---- C:\Documents and Settings\All Users\Application Data\MediaMonkey
2009-03-08 05:53:54 ----D---- C:\Program Files\Jazz_Guitar_Solos_Vol_1-4
2009-03-08 05:53:44 ----D---- C:\Program Files\flatpick_guitar_solos
2009-03-08 05:53:31 ----D---- C:\Program Files\Roland
2009-03-07 18:55:15 ----D---- C:\Documents and Settings\E\Application Data\Help
2009-03-06 22:43:32 ----A---- C:\WINDOWS\demdata.txt
2009-03-06 20:56:15 ----D---- C:\Program Files\Garritan Instruments for Finale
2009-03-06 20:56:13 ----D---- C:\Program Files\Kontakt Player 2
2009-03-06 20:54:24 ----D---- C:\PSFONTS
2009-03-06 20:53:33 ----D---- C:\Program Files\Finale 2008
2009-03-06 20:17:02 ----D---- C:\Program Files\IZArc
2009-03-06 00:00:01 ----D---- C:\Program Files\Steinberg
2009-03-06 00:00:01 ----D---- C:\Documents and Settings\E\Application Data\Steinberg
2009-03-05 23:57:52 ----A---- C:\WINDOWS\system32\Synsopos.exe
2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SynsoLChk.dll
2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SYNSOACC.dll
2009-03-05 23:47:48 ----A---- C:\WINDOWS\system32\USBFindDevice.dll
2009-03-05 23:47:47 ----D---- C:\Program Files\AudioBox USB
2009-03-03 03:28:10 ----D---- C:\WINDOWS\Minidump
2009-03-02 02:47:11 ----A---- C:\WINDOWS\BBW_INFO.INI
2009-03-02 02:46:39 ----D---- C:\Program Files\PowerTracks DirectX Plugins
2009-03-02 02:45:16 ----D---- C:\bb
2009-03-01 18:46:22 ----D---- C:\Program Files\Common Files\Skype
2009-02-27 02:49:52 ----D---- C:\Program Files\Common Files\DESIGNER
2009-02-26 15:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-17 13:59:10 ----A---- C:\WINDOWS\CDPlayer.ini
2009-02-16 03:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-02-15 05:53:25 ----D---- C:\Program Files\NCH Swift Sound
2009-02-15 05:53:25 ----D---- C:\Documents and Settings\E\Application Data\NCH Swift Sound
2009-02-14 20:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-02-14 20:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-14 20:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-02-14 17:12:48 ----D---- C:\Program Files\PDF Text Reader
2009-02-14 17:12:34 ----D---- C:\Documents and Settings\E\Application Data\CTdeveloping
2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\devil.dll
2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\avisynth.dll
2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\i420vfw.dll
2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2009-02-11 22:43:03 ----D---- C:\Program Files\AviSynth 2.5
2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2009-02-11 22:42:49 ----D---- C:\Program Files\eRightSoft
2009-02-11 04:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-11 01:45:35 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-02-11 01:45:07 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-02-11 01:45:06 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-02-11 01:44:58 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-02-11 01:44:49 ----D---- C:\Program Files\Windows Media Connect 2
2009-02-11 01:44:40 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-02-11 01:43:39 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-02-11 01:42:59 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-02-07 05:00:46 ----D---- C:\Documents and Settings\E\Application Data\vlc
2009-02-06 04:43:48 ----D---- C:\Documents and Settings\E\Application Data\HP
2009-02-05 05:52:53 ----D---- C:\Program Files\IrfanView
2009-02-05 05:15:14 ----D---- C:\Program Files\VideoLAN
2009-02-05 04:24:15 ----D---- C:\Program Files\Strategy First
2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Pro
2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools
2009-02-05 04:08:41 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-02-05 04:07:56 ----D---- C:\Program Files\DAEMON Tools Lite
2009-02-05 04:03:56 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Lite
2009-02-04 18:46:08 ----D---- C:\Program Files\Sports Mogul
2009-02-04 18:44:55 ----D---- C:\Documents and Settings\All Users\Application Data\{29504223-5D4F-495C-BAC6-1C6DB2EEF1C8}
2009-02-03 07:47:41 ----D---- C:\Program Files\MagicISO
2009-02-02 18:30:06 ----D---- C:\Documents and Settings\E\Application Data\Ahead
2009-01-30 02:35:35 ----D---- C:\Documents and Settings\E\Application Data\LimeWire
2009-01-30 00:25:23 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-30 00:24:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-30 00:24:34 ----D---- C:\Program Files\Common Files\Adobe
2009-01-30 00:24:34 ----D---- C:\Program Files\Adobe
2009-01-30 00:22:43 ----D---- C:\Program Files\NOS
2009-01-30 00:22:43 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-29 01:15:46 ----D---- C:\WINDOWS\Sun
2009-01-27 15:14:29 ----D---- C:\Program Files\MSECache
2009-01-26 18:34:14 ----D---- C:\Program Files\Foxit Software
2009-01-26 07:16:51 ----D---- C:\Documents and Settings\E\Application Data\Acoustica
2009-01-26 07:16:30 ----A---- C:\WINDOWS\system32\Wnaspint.dll
2009-01-26 07:16:28 ----D---- C:\Program Files\Acoustica Shared Effects
2009-01-26 07:11:17 ----D---- C:\Documents and Settings\All Users\Application Data\Acoustica
2009-01-26 06:59:44 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-26 06:27:28 ----D---- C:\Documents and Settings\E\Application Data\Sun
2009-01-26 06:26:25 ----D---- C:\Program Files\Acoustica Mixcraft 4
2009-01-26 06:22:13 ----D---- C:\Program Files\LimeWire
2009-01-26 05:18:02 ----SHD---- C:\RECYCLER
2009-01-26 04:13:52 ----D---- C:\Program Files\uTorrent
2009-01-26 04:13:37 ----D---- C:\Documents and Settings\E\Application Data\uTorrent
2009-01-26 02:20:41 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-01-25 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2009-01-25 19:56:33 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2009-01-25 19:56:27 ----D---- C:\Documents and Settings\E\Application Data\HPAppData
2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2009-01-25 19:55:25 ----D---- C:\Program Files\Common Files\HP
2009-01-25 19:55:13 ----D---- C:\Program Files\Hewlett-Packard
2009-01-25 19:55:05 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-01-25 19:41:43 ----A---- C:\WINDOWS\ODBC.INI
2009-01-25 19:41:24 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-01-25 19:41:07 ----A---- C:\WINDOWS\system32\hpzll5ha.dll
2009-01-25 19:39:04 ----A---- C:\WINDOWS\system32\hpzids01.dll
2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpowiax3.dll
2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpovst10.dll
2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpotscl3.dll
2009-01-25 19:38:54 ----D---- C:\Program Files\HP
2009-01-25 19:37:53 ----HD---- C:\Config.Msi
2009-01-25 19:21:08 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-01-25 19:20:33 ----D---- C:\Program Files\Microsoft Works
2009-01-25 19:20:28 ----D---- C:\Program Files\MSBuild
2009-01-25 19:20:12 ----D---- C:\Program Files\Microsoft Visual Studio
2009-01-25 19:17:36 ----D---- C:\WINDOWS\SHELLNEW
2009-01-25 19:17:18 ----D---- C:\Program Files\Microsoft Office
2009-01-25 19:17:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-25 19:17:03 ----RHD---- C:\MSOCache
2009-01-25 18:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2009-01-25 18:51:19 ----A---- C:\WINDOWS\zllsputility.exe
2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\vsregexp.dll
2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcomm.dll
2009-01-25 18:51:06 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-01-25 18:51:06 ----D---- C:\Program Files\Zone Labs
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\zpeng24.dll
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vsxml.dll
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vswmi.dll
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vspubapi.dll
2009-01-25 18:51:05 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2009-01-25 18:48:40 ----D---- C:\WINDOWS\Internet Logs
2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsinit.dll
2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsdata.dll
2009-01-25 18:36:47 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-01-25 18:36:15 ----D---- C:\Program Files\Alwil Software
2009-01-25 06:50:44 ----D---- C:\Documents and Settings\E\Application Data\skypePM
2009-01-25 06:49:37 ----D---- C:\Documents and Settings\E\Application Data\Skype
2009-01-25 06:49:07 ----RD---- C:\Program Files\Skype
2009-01-25 06:48:58 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-01-25 04:57:05 ----D---- C:\Documents and Settings\E\Application Data\DivX
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\px.dll
2009-01-25 04:53:45 ----D---- C:\Program Files\DivX
2009-01-25 04:50:07 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-25 04:50:05 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2009-01-25 04:50:00 ----D---- C:\Documents and Settings\E\Application Data\Azureus
2009-01-25 04:47:43 ----D---- C:\Program Files\Vuze
2009-01-25 04:47:43 ----D---- C:\Program Files\Common Files\i4j_jres
2009-01-25 04:42:30 ----D---- C:\Program Files\MediaMonkey
2009-01-25 04:39:47 ----D---- C:\Program Files\MSXML 4.0
2009-01-25 04:37:09 ----D---- C:\Documents and Settings\E\Application Data\CyberLink
2009-01-25 04:37:06 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-01-25 04:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-01-25 04:30:11 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-01-25 04:29:59 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-01-25 04:27:08 ----D---- C:\Program Files\Nero
2009-01-25 04:27:08 ----D---- C:\Program Files\Common Files\Ahead
2009-01-25 04:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-01-25 04:26:34 ----D---- C:\WINDOWS\RegisteredPackages
2009-01-25 04:26:06 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-01-25 04:26:05 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-01-25 04:25:04 ----D---- C:\Temp
2009-01-25 04:24:27 ----A---- C:\WINDOWS\lgfwup.ini
2009-01-25 04:24:25 ----D---- C:\Program Files\lg_fwupdate
2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\Vb6stkit.dll
2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\VB6KO.DLL
2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\lgfwunis.exe
2009-01-25 04:22:29 ----N---- C:\WINDOWS\system32\msxml3a.dll
2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-01-25 04:21:45 ----D---- C:\Program Files\CyberLink
2009-01-25 04:15:21 ----D---- C:\WINDOWS\pss
2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Macromedia
2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Adobe
2009-01-25 04:05:37 ----D---- C:\Documents and Settings\E\Application Data\WinRAR
2009-01-25 04:05:23 ----D---- C:\Program Files\WinRAR
2009-01-25 03:35:03 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-01-25 03:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2009-01-25 03:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-25 03:34:32 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-01-25 03:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-25 03:34:08 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2009-01-25 03:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-25 03:33:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-25 03:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-01-25 03:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-01-25 03:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2009-01-25 03:32:53 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-01-25 03:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-01-25 03:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-01-25 03:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-25 03:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2009-01-25 03:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-25 03:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-01-25 03:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-01-25 03:30:49 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2009-01-25 03:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-01-25 03:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-01-25 03:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-01-25 03:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2009-01-25 03:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2009-01-25 03:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-01-25 03:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2009-01-25 03:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2009-01-25 03:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-01-25 03:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2009-01-25 03:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-01-25 03:28:05 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2009-01-25 03:27:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2009-01-25 03:27:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-25 03:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-25 03:27:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-25 03:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-01-25 03:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2009-01-25 03:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-25 03:26:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-01-25 03:26:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-01-25 03:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2009-01-25 03:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-01-25 03:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-01-25 03:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-25 03:25:07 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2009-01-25 03:24:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2009-01-25 03:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-01-25 03:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-01-25 03:24:26 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2009-01-25 03:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-01-25 03:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-01-25 03:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2009-01-25 03:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2009-01-25 03:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-01-25 03:23:03 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-01-25 03:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-01-25 03:22:25 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-01-25 03:22:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-25 03:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2009-01-25 03:21:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-25 03:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-01-25 03:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-25 03:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-01-25 03:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-25 03:21:00 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2009-01-25 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2009-01-25 03:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-01-25 03:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-01-25 03:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-25 03:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-01-25 03:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2009-01-25 03:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2009-01-25 03:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2009-01-25 03:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2009-01-25 03:19:04 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2009-01-25 03:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2009-01-25 03:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2009-01-25 03:18:32 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2009-01-25 03:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-25 03:17:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2009-01-25 03:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-25 03:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-01-25 03:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-01-25 03:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-25 03:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-25 03:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-01-25 03:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-25 03:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-25 03:15:02 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-01-25 03:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2009-01-25 03:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2009-01-25 03:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2009-01-25 03:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-01-25 03:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-01-25 03:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-01-25 03:14:22 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-01-25 03:13:47 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-25 03:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2009-01-25 03:13:35 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-01-25 03:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2009-01-25 03:00:29 ----D---- C:\Documents and Settings\E\Application Data\Apple Computer
2009-01-25 03:00:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-25 03:00:06 ----D---- C:\Program Files\iPod
2009-01-25 03:00:04 ----D---- C:\Program Files\iTunes
2009-01-25 03:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-25 02:59:52 ----D---- C:\Program Files\Bonjour
2009-01-25 02:59:29 ----D---- C:\Program Files\QuickTime
2009-01-25 02:59:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-25 02:59:17 ----D---- C:\Program Files\Apple Software Update
2009-01-25 02:58:59 ----D---- C:\Program Files\Common Files\Apple
2009-01-25 02:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-25 02:48:37 ----D---- C:\Documents and Settings\E\Application Data\Mozilla
2009-01-25 02:48:04 ----D---- C:\Program Files\Mozilla Firefox
2009-01-25 02:47:15 ----D---- C:\WINDOWS\system32\PreInstall
2009-01-25 02:47:14 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-25 02:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-01-25 02:47:12 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-25 02:44:48 ----A---- C:\WINDOWS\system32\wpa.bak
2009-01-25 02:40:28 ----D---- C:\WINDOWS\AsusInstAll
2009-01-25 02:39:04 ----D---- C:\Program Files\NVIDIA Corporation
2009-01-25 02:38:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-01-25 02:37:27 ----D---- C:\WINDOWS\nview
2009-01-25 02:37:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1.dll
2009-01-25 02:36:55 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-01-25 02:36:47 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2009-01-25 02:36:41 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-01-25 02:31:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-25 02:31:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-25 02:31:31 ----D---- C:\Program Files\AMD
2009-01-25 02:30:00 ----D---- C:\Documents and Settings\E\Application Data\Symantec
2009-01-25 02:27:54 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-01-25 02:27:37 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-01-25 02:27:16 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-01-25 02:25:57 ----A---- C:\WINDOWS\Ascd_log.ini
2009-01-25 02:25:51 ----D---- C:\Documents and Settings\E\Application Data\InstallShield
2009-01-25 02:25:00 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-01-25 02:19:40 ----D---- C:\Documents and Settings\E\Application Data\Creative
2009-01-25 02:16:12 ----N---- C:\WINDOWS\Ctregrun.exe
2009-01-25 02:14:12 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
2009-01-25 02:14:01 ----D---- C:\Program Files\Common Files\Creative
2009-01-25 02:14:00 ----HD---- C:\Program Files\Creative Installation Information
2009-01-25 02:13:28 ----N---- C:\WINDOWS\system32\AudioDrv.ini
2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\Ludap17.ini
2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\ctzapxx.ini
2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfms32.dll
2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfman32.dll
2009-01-25 02:12:42 ----RA---- C:\WINDOWS\MIDIDEF.EXE
2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpAA.tmp
2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpA9.tmp
2009-01-25 02:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-01-25 02:12:38 ----RA---- C:\WINDOWS\OALInst.exe
2009-01-25 02:12:22 ----RA---- C:\WINDOWS\system32\CtDvInst.dll
2009-01-25 02:12:21 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-01-25 02:12:12 ----RA---- C:\WINDOWS\system32\OLD65.tmp
2009-01-25 02:12:08 ----RA---- C:\WINDOWS\system32\AppSetup.exe
2009-01-25 02:12:08 ----RA---- C:\WINDOWS\sfsyn.ini
2009-01-25 02:12:08 ----RA---- C:\WINDOWS\SF32.exe
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\SPIRun.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17res.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17CPI.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\OemSpi.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\EAX.DLL
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\A3d.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\resdef.exe
2009-01-25 02:12:06 ----RA---- C:\WINDOWS\InRes.DLL
2009-01-25 02:10:47 ----D---- C:\Program Files\Creative
2009-01-25 02:09:24 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-25 02:09:21 ----D---- C:\Program Files\Common Files\InstallShield
2009-01-25 02:07:50 ----D---- C:\Documents and Settings\E\Application Data\Identities
2009-01-25 02:07:49 ----HD---- C:\Program Files\Uninstall Information
2009-01-25 02:07:46 ----ASH---- C:\Documents and Settings\E\Application Data\desktop.ini
2009-01-25 02:07:45 ----SD---- C:\Documents and Settings\E\Application Data\Microsoft
2009-01-25 02:05:53 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-25 02:05:52 ----SD---- C:\WINDOWS\system32\Microsoft
2009-01-25 02:05:52 ----D---- C:\WINDOWS\Prefetch
2009-01-25 02:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-25 02:02:48 ----D---- C:\WINDOWS\system32\xircom
2009-01-25 02:02:48 ----D---- C:\Program Files\xerox
2009-01-25 02:02:48 ----D---- C:\Program Files\microsoft frontpage
2009-01-25 02:02:30 ----A---- C:\WINDOWS\control.ini
2009-01-25 02:02:30 ----A---- C:\AUTOEXEC.BAT
2009-01-25 02:02:22 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-25 02:02:19 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-01-25 02:01:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-25 02:01:43 ----RD---- C:\WINDOWS\Offline Web Pages
2009-01-25 02:01:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-25 02:01:39 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-25 02:01:35 ----HD---- C:\Program Files\WindowsUpdate
2009-01-25 02:01:20 ----D---- C:\WINDOWS\system32\DirectX
2009-01-25 02:01:03 ----A---- C:\WINDOWS\system32\atrace.dll
2009-01-25 02:01:01 ----A---- C:\WINDOWS\system32\desktop.ini
2009-01-25 02:01:01 ----A---- C:\WINDOWS\desktop.ini
2009-01-25 02:00:55 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-01-25 02:00:54 ----D---- C:\Program Files\Common Files\Services
2009-01-25 02:00:54 ----A---- C:\WINDOWS\system32\acctres.dll
2009-01-25 02:00:52 ----SD---- C:\WINDOWS\Tasks
2009-01-25 02:00:52 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-01-25 02:00:51 ----D---- C:\Program Files\Common Files\MSSoap
2009-01-25 02:00:47 ----D---- C:\WINDOWS\system32\Macromed
2009-01-25 02:00:47 ----D---- C:\WINDOWS\srchasst
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wups.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-01-25 02:00:40 ----D---- C:\Program Files\Movie Maker
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-01-25 02:00:34 ----D---- C:\WINDOWS\system32\Restore
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\srclient.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\ils.dll
2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\msconf.dll
2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-01-25 02:00:30 ----D---- C:\Program Files\NetMeeting
2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetres.dll
2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-01-25 02:00:28 ----D---- C:\Program Files\Outlook Express
2009-01-25 02:00:28 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstask.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\isign32.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-01-25 02:00:22 ----D---- C:\Program Files\Internet Explorer
2009-01-25 02:00:22 ----D---- C:\Program Files\Common Files\System
2009-01-25 02:00:08 ----D---- C:\Program Files\ComPlus Applications
2009-01-25 02:00:06 ----A---- C:\WINDOWS\vbaddin.ini
2009-01-25 02:00:06 ----A---- C:\WINDOWS\vb.ini
2009-01-25 02:00:02 ----D---- C:\WINDOWS\Registration
2009-01-25 01:59:42 ----D---- C:\Program Files\Online Services
2009-01-25 01:59:41 ----D---- C:\Program Files\Windows Media Player
2009-01-25 01:59:38 ----D---- C:\Program Files\Messenger
2009-01-25 01:59:35 ----D---- C:\Program Files\MSN Gaming Zone
2009-01-25 01:59:35 ----A---- C:\WINDOWS\system32\write.exe
2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\hticons.dll
2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\avwav.dll
2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\winchat.exe
2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-01-25 01:59:22 ----A---- C:\WINDOWS\system32\getuname.dll
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\winmine.exe
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\sol.exe
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\charmap.exe
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\calc.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tskill.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tscon.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\shadow.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\reset.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\regini.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\freecell.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msg.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\logoff.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-01-25 01:59:18 ----N---- C:\WINDOWS\system32\mtxdm.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\stclient.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-01-25 01:59:11 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-01-25 01:59:00 ----D---- C:\Program Files\MSN
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-01-25 01:58:58 ----D---- C:\Program Files\Windows NT
2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\spider.exe
2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-01-25 01:58:56 ----D---- C:\WINDOWS\system32\MsDtc
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-01-25 01:58:54 ----D---- C:\WINDOWS\system32\Com
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\colbact.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comuid.dll
2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-01-24 17:58:00 ----A---- C:\WINDOWS\system32\h323log.txt
2009-01-24 17:51:02 ----A---- C:\WINDOWS\system32\usbui.dll
2009-01-24 17:50:11 ----A---- C:\WINDOWS\imsins.BAK
2009-01-24 17:50:09 ----SHD---- C:\WINDOWS\Installer
2009-01-24 17:50:09 ----D---- C:\Program Files\Common Files\ODBC
2009-01-24 17:50:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-24 17:50:09 ----A---- C:\WINDOWS\ODBCINST.INI
2009-01-24 17:50:06 ----RD---- C:\Program Files
2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files
2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-01-24 17:49:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-01-24 17:49:53 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-01-24 17:49:53 ----A---- C:\WINDOWS\system32\batt.dll
2009-01-24 17:49:53 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-01-24 17:49:52 ----A---- C:\WINDOWS\system32\storprop.dll
2009-01-24 17:49:46 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-01-24 17:49:44 ----RA---- C:\WINDOWS\SET8.tmp
2009-01-24 17:49:42 ----RA---- C:\WINDOWS\SET4.tmp
2009-01-24 17:49:40 ----RA---- C:\WINDOWS\SET3.tmp
2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-24 17:49:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-24 17:49:12 ----A---- C:\WINDOWS\setuplog.txt
2009-01-24 17:49:10 ----D---- C:\Documents and Settings
2009-01-24 17:49:09 ----SHD---- C:\System Volume Information
2009-01-24 17:48:37 ----RSH---- C:\boot.ini
2009-01-24 17:43:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-24 17:43:45 ----RSD---- C:\WINDOWS\Fonts
2009-01-24 17:43:45 ----RD---- C:\WINDOWS\Web
2009-01-24 17:43:45 ----HD---- C:\WINDOWS\inf
2009-01-24 17:43:45 ----D---- C:\WINDOWS\WinSxS
2009-01-24 17:43:45 ----D---- C:\WINDOWS\twain_32
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Temp
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wins
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wbem
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\usmt
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\spool
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ShellExt
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\Setup
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ras
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\oobe
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\npp
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\mui
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\IME
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\icsxml
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ias
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\export
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\drivers
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\dhcp
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\config
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3com_dmi
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3076
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\2052
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1054
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1042
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1041
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1037
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1033
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1031
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1028
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1025
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system
2009-01-24 17:43:45 ----D---- C:\WINDOWS\security
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Resources
2009-01-24 17:43:45 ----D---- C:\WINDOWS\repair
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Provisioning
2009-01-24 17:43:45 ----D---- C:\WINDOWS\PeerNet
2009-01-24 17:43:45 ----D---- C:\WINDOWS\pchealth
2009-01-24 17:43:45 ----D---- C:\WINDOWS\mui
2009-01-24 17:43:45 ----D---- C:\WINDOWS\msapps
2009-01-24 17:43:45 ----D---- C:\WINDOWS\msagent
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Media
2009-01-24 17:43:45 ----D---- C:\WINDOWS\java
2009-01-24 17:43:45 ----D---- C:\WINDOWS\ime
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Help
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Driver Cache
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Debug
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Cursors
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Connection Wizard
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Config
2009-01-24 17:43:45 ----D---- C:\WINDOWS\AppPatch
2009-01-24 17:43:45 ----D---- C:\WINDOWS\addins
2009-01-24 17:43:45 ----D---- C:\WINDOWS

======List of files/folders modified in the last 3 months======

2009-03-29 17:38:16 ----A---- C:\WINDOWS\win.ini
2009-03-22 07:00:44 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 RVIEG01;VSC Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 ControlTransferDriver;AudioBox USB Control Transfer; C:\WINDOWS\System32\Drivers\PreSonusUsb_xfer.sys [2008-02-18 28576]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-12-07 142336]
R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2006-08-07 162176]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-26 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-26 22016]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-12-07 114688]
R3 P17xfi;Sound Blaster X-Fi Xtreme Audio; C:\WINDOWS\system32\drivers\P17xfi.sys [2007-11-21 1174528]
R3 p17xfilt;p17xfilt; C:\WINDOWS\system32\drivers\p17xfilt.sys [2007-10-10 1664384]
R3 preSonusUsb;PreSonusUsb; C:\WINDOWS\System32\Drivers\preSonusUsb.sys [2008-02-18 49280]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]
S1 gaopdxserv.sys;gaopdxserv.sys; C:\WINDOWS\system32\drivers\gaopdxserv.sys []
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
S3 ao2ua9iq;ao2ua9iq; C:\WINDOWS\system32\drivers\ao2ua9iq.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-22 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys [2007-10-24 23288]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-04-24 598016]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-04-24 176128]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-13 272024]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------
2009-04-01, 08:52
edc1111

RSIT info.txt

I really appreciate your quick reply, Shaba. Thank you. Here is the final log file of the group.

edc

info.txt logfile of random's system information tool 1.06 2009-04-01 02:36:49

======Uninstall list======

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Acoustica Mixcraft 4.2-->C:\PROGRA~1\ACOUST~1\Unwise.exe
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly
AnswerWorks Runtime-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft MediaImpression for Kodak-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C70D3E4-8965-4C28-9B19-B526CD9F1C9F}\Setup.exe" -l0x9
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Baseball Mogul 2009-->"C:\Documents and Settings\All Users\Application Data\{29504223-5D4F-495C-BAC6-1C6DB2EEF1C8}\bb2k9-setup-1104-release.exe" REMOVE=TRUE MODIFY=FALSE
Baseball Mogul 2009-->"C:\Program Files\Strategy First\Baseball Mogul 2009\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Corel Applications-->C:\WINDOWS\Corel\Uninst32.exe
Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove
Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Finale 2008-->C:\Program Files\Finale 2008\uninstallFinale.exe
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
Google Talk Plugin-->MsiExec.exe /I{B279F2F1-3B2F-3A96-AC11-5743CD43DCCB}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Magic ISO Maker v5.5 (build 0273)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Master Blues Piano Solos Volume 1-->"c:\bb\unins016.exe"
Master Flatpick Guitar Volume 1-->"c:\Program Files\flatpick_guitar_solos\unins001.exe"
Master Jazz Guitar Solos SuperPAK-->"C:\Program Files\Jazz_Guitar_Solos_Vol_1-4\unins001.exe"
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
MediaMonkey Script - CustomReport 1.7-->"C:\Program Files\MediaMonkey\unins001.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Project MUI (English) 2007-->MsiExec.exe /X{90120000-00B4-0409-0000-0000000FF1CE}
Microsoft Office Project Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL
Microsoft Office Project Professional 2007-->MsiExec.exe /X{90120000-003B-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Visio MUI (English) 2007-->MsiExec.exe /X{90120000-0054-0409-0000-0000000FF1CE}
Microsoft Office Visio Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
Microsoft Office Visio Professional 2007-->MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 7 Essentials-->MsiExec.exe /X{EF3E420F-2DCF-4C24-8E37-896801901033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0409 -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
PDF Text Reader-->MsiExec.exe /I{17D95DC6-0FF1-40CF-9C09-B7C8B314D45B}
PG Music DirectX Plugins 1.3.4.1-->"C:\Program Files\PowerTracks DirectX Plugins\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
PreSonus 1.0.9.0 Driver-->"C:\Program Files\AudioBox USB\unins000.exe"
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
SecurDisc Viewer-->MsiExec.exe /X{BE90CE58-41DE-4708-9291-A9D1D49B1033}
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Sound Blaster X-Fi Xtreme Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{53E2DCBB-E6F7-4C83-B1EF-F78435B9814E}\SETUP.EXE" -l0x9 /remove
SoundCapture-->C:\PROGRA~1\MAGICS~1\SC\UNWISE.EXE C:\PROGRA~1\MAGICS~1\SC\INSTALL.LOG
Steinberg Cubase LE 4-->MsiExec.exe /I{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}
Steinberg Cubase SX v3.1.1.944-->C:\PROGRA~1\STEINB~1\CUBASE~2\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~2\INSTALL.LOG
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
Syncrosoft License Control-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Virtual Sound Canvas DXi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{745877DC-8FFE-4E4C-ABBC-589B887A47D1}\setup.exe" UNINSTALL_XXX
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090331-0]
FW: ZoneAlarm Firewall

======System event log======

Computer Name: E-3F4ED97A65D34
Event Code: 7000
Message: The PfModNT service failed to start due to the following error:
The system cannot find the file specified.

Record Number: 1901
Source Name: Service Control Manager
Time Written: 20090215003812.000000-300
Event Type: error
User:

Computer Name: E-3F4ED97A65D34
Event Code: 7000
Message: The Nero Registry InCD Service service failed to start due to the following error:
The system cannot find the file specified.

Record Number: 1900
Source Name: Service Control Manager
Time Written: 20090215003812.000000-300
Event Type: error
User:

Computer Name: E-3F4ED97A65D34
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 002215E00EA4. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 1899
Source Name: Dhcp
Time Written: 20090215003755.000000-300
Event Type: warning
User:

Computer Name: E-3F4ED97A65D34
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.

Record Number: 1884
Source Name: Disk
Time Written: 20090213001856.000000-300
Event Type: warning
User:

Computer Name: E-3F4ED97A65D34
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.

Record Number: 1871
Source Name: Disk
Time Written: 20090212131223.000000-300
Event Type: warning
User:

=====Application event log=====

Computer Name: E-3F4ED97A65D34
Event Code: 1000
Message: Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028, faulting module mso.dll, version 12.0.4518.1014, stamp 4542867b, debug? 0, fault address 0x00305b5f.

Record Number: 15589
Source Name: Microsoft Office 12
Time Written: 20090309212003.000000-300
Event Type: error
User:

Computer Name: E-3F4ED97A65D34
Event Code: 1002
Message: Hanging application iTunes.exe, version 8.0.2.20, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 15588
Source Name: Application Hang
Time Written: 20090309111027.000000-300
Event Type: error
User:

Computer Name: E-3F4ED97A65D34
Event Code: 1517
Message: Windows saved user E-3F4ED97A65D34\E registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 15578
Source Name: Userenv
Time Written: 20090309025303.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: E-3F4ED97A65D34
Event Code: 1000
Message: Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028, faulting module hpz3r5ha.dll, version 61.71.246.0, stamp 460a27bd, debug? 0, fault address 0x000467e8.

Record Number: 15577
Source Name: Microsoft Office 12
Time Written: 20090309022818.000000-300
Event Type: error
User:

Computer Name: E-3F4ED97A65D34
Event Code: 1000
Message: Faulting application skype.exe, version 4.0.0.206, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Record Number: 15576
Source Name: Application Error
Time Written: 20090309010930.000000-300
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"tvdumpflags"=8

-----------------EOF-----------------
2009-04-01, 16:13
Shaba

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

LimeWire 4.18.8

I'd like you to read the this thread.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Delete info.txt from c:\rsit folder.

Please run a new rsitl scan when finished and post the logs back here.
2009-04-01, 18:49
edc1111

Programs uninstalled, RSIT new log file posted (part 1)

Hi Saba,

I removed the programs you mentioned. When I ran RSIT this time it created only one log file, log.txt (there was no info.txt). I tried again, same thing.

Regards,

edc1111

Logfile of random's system information tool 1.06 (written by random/random)
Run by E at 2009-04-01 12:46:14
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 68 GB (68%) free of 101 GB
Total RAM: 2943 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:16 PM, on 4/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\E\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\E.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F3 - REG:win.ini: load=???
?
F3 - REG:win.ini: run=???
?
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PreSonusUSBInstallApp] C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9271 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1220945662-725345543-1004.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-02-28 180224]
"P17Helper"=Rundll32 SPIRun.dll,RunDLLEntry []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-12 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"PreSonusUSBInstallApp"=C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe [2008-03-07 28672]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe []
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
"Google Update"=C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-24 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go]
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [2006-11-09 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
C:\WINDOWS\CTRegRun.EXE [2006-10-06 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-09 52256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
C:\Program Files\lg_fwupdate\fwupdate.exe [2007-02-26 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
??????????????????????? []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-15 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
??????????????????????? []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Registration.lnk]
C:\PROGRA~1\Corel\WORDPE~1\Register\Remind32.exe [1998-07-23 67584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL 9.LNK]
C:\PROGRA~1\Corel\WORDPE~1\programs\ccwin9.exe [1999-03-31 589824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL Alarms.LNK]
C:\PROGRA~1\Corel\WORDPE~1\programs\alarm.exe [1999-03-30 225280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Application Director 9.LNK]
C:\PROGRA~1\Corel\WORDPE~1\programs\dad9.exe [1999-03-29 225280]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69851a73-f856-11dd-bb4b-002215e00ea4}]
shell\AutoRun\command - J:\MI.exe
2009-04-01, 18:54
Shaba

Please check if that is in c:\rsit folder.
2009-04-02, 07:50
edc1111

Part 2 of new RSIT log file

I submitted this 2nd half right after the 1st half 12 hrs ago before I went out. Just came back home and the page was still loading, trying to "post itself". Very unusual.... So here it is finally.

======List of files/folders created in the last 3 months======

2009-04-01 02:36:40 ----D---- C:\rsit
2009-04-01 02:13:51 ----D---- C:\Documents and Settings\E\Application Data\Malwarebytes
2009-04-01 02:13:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-04-01 02:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-31 02:10:10 ----D---- C:\Program Files\Trend Micro
2009-03-31 01:44:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-31 01:29:26 ----D---- C:\Program Files\Lavasoft
2009-03-31 01:29:26 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-31 01:29:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-03-30 12:27:20 ----D---- C:\Documents and Settings\All Users\Application Data\Syncrosoft
2009-03-30 12:27:09 ----D---- C:\Program Files\Syncrosoft
2009-03-29 18:46:55 ----A---- C:\WINDOWS\sc.INI
2009-03-29 18:46:02 ----D---- C:\Program Files\MagicSofts
2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\java.exe
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\rmbe3260.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32sipr.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32dnet.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3228_8.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3214_4.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pngu3263.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pneng50.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pnc3250.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcp70.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\encdnet.dll
2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\decdnet.dll
2009-03-24 22:48:07 ----D---- C:\Documents and Settings\E\Application Data\ArcSoft
2009-03-24 22:48:06 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
2009-03-24 22:47:17 ----A---- C:\WINDOWS\system32\unicows.dll
2009-03-24 22:46:57 ----D---- C:\Program Files\Kodak
2009-03-24 22:46:57 ----D---- C:\Program Files\Common Files\ArcSoft
2009-03-23 05:41:12 ----D---- C:\Program Files\Audacity
2009-03-22 04:50:45 ----D---- C:\Program Files\Java
2009-03-20 19:40:30 ----D---- C:\Program Files\GPLGS
2009-03-20 19:39:59 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-03-20 19:39:53 ----D---- C:\Program Files\Acro Software
2009-03-17 01:58:04 ----A---- C:\WINDOWS\system32\Ltih30tb.dll
2009-03-17 01:58:03 ----D---- C:\Program Files\WexTech
2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\WexTech Shared
2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\LHSPF
2009-03-17 01:57:59 ----A---- C:\WINDOWS\IsUninst.exe
2009-03-17 01:55:45 ----N---- C:\WINDOWS\system32\FXAB32.DLL
2009-03-17 01:55:44 ----N---- C:\WINDOWS\system32\fxdb.dll
2009-03-17 01:55:13 ----N---- C:\WINDOWS\system32\iduninst.dll
2009-03-17 01:55:04 ----D---- C:\Program Files\Borland
2009-03-17 01:54:58 ----N---- C:\WINDOWS\system32\awpe.dll
2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\mfcuia32.dll
2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\MFCANS32.DLL
2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\LTIH21TB.DLL
2009-03-17 01:54:57 ----A---- C:\WINDOWS\system32\awrtl30.dll
2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shlwp9en.dll
2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shellwp.dll
2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\opengl.dll
2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\glut.dll
2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\glu.dll
2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\csh.dll
2009-03-17 01:54:23 ----D---- C:\Program Files\Corel
2009-03-17 01:53:13 ----D---- C:\WINDOWS\Corel
2009-03-16 01:03:49 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-15 03:50:37 ----D---- C:\Documents and Settings\All Users\Application Data\Quick Heal
2009-03-15 03:46:01 ----A---- C:\WINDOWS\sensor.INI
2009-03-15 03:45:35 ----D---- C:\Program Files\Quick Heal
2009-03-14 18:26:47 ----D---- C:\Documents and Settings\E\Application Data\Sony Setup
2009-03-14 18:26:32 ----D---- C:\Program Files\Sony Setup
2009-03-13 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-13 03:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-13 03:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-12 22:56:53 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-03-12 22:56:50 ----D---- C:\Program Files\Yahoo!
2009-03-08 20:01:20 ----D---- C:\Documents and Settings\All Users\Application Data\MediaMonkey
2009-03-08 05:53:54 ----D---- C:\Program Files\Jazz_Guitar_Solos_Vol_1-4
2009-03-08 05:53:44 ----D---- C:\Program Files\flatpick_guitar_solos
2009-03-08 05:53:31 ----D---- C:\Program Files\Roland
2009-03-07 18:55:15 ----D---- C:\Documents and Settings\E\Application Data\Help
2009-03-06 22:43:32 ----A---- C:\WINDOWS\demdata.txt
2009-03-06 20:56:15 ----D---- C:\Program Files\Garritan Instruments for Finale
2009-03-06 20:56:13 ----D---- C:\Program Files\Kontakt Player 2
2009-03-06 20:54:24 ----D---- C:\PSFONTS
2009-03-06 20:53:33 ----D---- C:\Program Files\Finale 2008
2009-03-06 20:17:02 ----D---- C:\Program Files\IZArc
2009-03-06 00:00:01 ----D---- C:\Program Files\Steinberg
2009-03-06 00:00:01 ----D---- C:\Documents and Settings\E\Application Data\Steinberg
2009-03-05 23:57:52 ----A---- C:\WINDOWS\system32\Synsopos.exe
2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SynsoLChk.dll
2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SYNSOACC.dll
2009-03-05 23:47:48 ----A---- C:\WINDOWS\system32\USBFindDevice.dll
2009-03-05 23:47:47 ----D---- C:\Program Files\AudioBox USB
2009-03-03 03:28:10 ----D---- C:\WINDOWS\Minidump
2009-03-02 02:47:11 ----A---- C:\WINDOWS\BBW_INFO.INI
2009-03-02 02:46:39 ----D---- C:\Program Files\PowerTracks DirectX Plugins
2009-03-02 02:45:16 ----D---- C:\bb
2009-03-01 18:46:22 ----D---- C:\Program Files\Common Files\Skype
2009-02-27 02:49:52 ----D---- C:\Program Files\Common Files\DESIGNER
2009-02-26 15:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-17 13:59:10 ----A---- C:\WINDOWS\CDPlayer.ini
2009-02-16 03:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-02-15 05:53:25 ----D---- C:\Program Files\NCH Swift Sound
2009-02-15 05:53:25 ----D---- C:\Documents and Settings\E\Application Data\NCH Swift Sound
2009-02-14 20:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-02-14 20:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-14 20:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-02-14 17:12:48 ----D---- C:\Program Files\PDF Text Reader
2009-02-14 17:12:34 ----D---- C:\Documents and Settings\E\Application Data\CTdeveloping
2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\devil.dll
2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\avisynth.dll
2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\i420vfw.dll
2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2009-02-11 22:43:03 ----D---- C:\Program Files\AviSynth 2.5
2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\nbDX.dll
2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2009-02-11 22:42:49 ----D---- C:\Program Files\eRightSoft
2009-02-11 04:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-11 01:45:35 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-02-11 01:45:07 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-02-11 01:45:06 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-02-11 01:44:58 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-02-11 01:44:49 ----D---- C:\Program Files\Windows Media Connect 2
2009-02-11 01:44:40 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-02-11 01:43:39 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-02-11 01:42:59 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-02-07 05:00:46 ----D---- C:\Documents and Settings\E\Application Data\vlc
2009-02-06 04:43:48 ----D---- C:\Documents and Settings\E\Application Data\HP
2009-02-05 05:52:53 ----D---- C:\Program Files\IrfanView
2009-02-05 05:15:14 ----D---- C:\Program Files\VideoLAN
2009-02-05 04:24:15 ----D---- C:\Program Files\Strategy First
2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Pro
2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools
2009-02-05 04:08:41 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-02-05 04:07:56 ----D---- C:\Program Files\DAEMON Tools Lite
2009-02-05 04:03:56 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Lite
2009-02-04 18:46:08 ----D---- C:\Program Files\Sports Mogul
2009-02-04 18:44:55 ----D---- C:\Documents and Settings\All Users\Application Data\{29504223-5D4F-495C-BAC6-1C6DB2EEF1C8}
2009-02-03 07:47:41 ----D---- C:\Program Files\MagicISO
2009-02-02 18:30:06 ----D---- C:\Documents and Settings\E\Application Data\Ahead
2009-01-30 02:35:35 ----D---- C:\Documents and Settings\E\Application Data\LimeWire
2009-01-30 00:25:23 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-30 00:24:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-30 00:24:34 ----D---- C:\Program Files\Common Files\Adobe
2009-01-30 00:24:34 ----D---- C:\Program Files\Adobe
2009-01-30 00:22:43 ----D---- C:\Program Files\NOS
2009-01-30 00:22:43 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-29 01:15:46 ----D---- C:\WINDOWS\Sun
2009-01-27 15:14:29 ----D---- C:\Program Files\MSECache
2009-01-26 18:34:14 ----D---- C:\Program Files\Foxit Software
2009-01-26 07:16:51 ----D---- C:\Documents and Settings\E\Application Data\Acoustica
2009-01-26 07:16:30 ----A---- C:\WINDOWS\system32\Wnaspint.dll
2009-01-26 07:16:28 ----D---- C:\Program Files\Acoustica Shared Effects
2009-01-26 07:11:17 ----D---- C:\Documents and Settings\All Users\Application Data\Acoustica
2009-01-26 06:59:44 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-26 06:27:28 ----D---- C:\Documents and Settings\E\Application Data\Sun
2009-01-26 06:26:25 ----D---- C:\Program Files\Acoustica Mixcraft 4
2009-01-26 05:18:02 ----SHD---- C:\RECYCLER
2009-01-26 04:13:37 ----D---- C:\Documents and Settings\E\Application Data\uTorrent
2009-01-26 02:20:41 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-01-25 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2009-01-25 19:56:33 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2009-01-25 19:56:27 ----D---- C:\Documents and Settings\E\Application Data\HPAppData
2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2009-01-25 19:55:25 ----D---- C:\Program Files\Common Files\HP
2009-01-25 19:55:13 ----D---- C:\Program Files\Hewlett-Packard
2009-01-25 19:55:05 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-01-25 19:41:43 ----A---- C:\WINDOWS\ODBC.INI
2009-01-25 19:41:24 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-01-25 19:41:07 ----A---- C:\WINDOWS\system32\hpzll5ha.dll
2009-01-25 19:39:04 ----A---- C:\WINDOWS\system32\hpzids01.dll
2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpowiax3.dll
2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpovst10.dll
2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpotscl3.dll
2009-01-25 19:38:54 ----D---- C:\Program Files\HP
2009-01-25 19:37:53 ----HD---- C:\Config.Msi
2009-01-25 19:21:08 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-01-25 19:20:33 ----D---- C:\Program Files\Microsoft Works
2009-01-25 19:20:28 ----D---- C:\Program Files\MSBuild
2009-01-25 19:20:12 ----D---- C:\Program Files\Microsoft Visual Studio
2009-01-25 19:17:36 ----D---- C:\WINDOWS\SHELLNEW
2009-01-25 19:17:18 ----D---- C:\Program Files\Microsoft Office
2009-01-25 19:17:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-25 19:17:03 ----RHD---- C:\MSOCache
2009-01-25 18:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2009-01-25 18:51:19 ----A---- C:\WINDOWS\zllsputility.exe
2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\vsregexp.dll
2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcomm.dll
2009-01-25 18:51:06 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-01-25 18:51:06 ----D---- C:\Program Files\Zone Labs
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\zpeng24.dll
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vsxml.dll
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vswmi.dll
2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vspubapi.dll
2009-01-25 18:51:05 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2009-01-25 18:48:40 ----D---- C:\WINDOWS\Internet Logs
2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsutil.dll
2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsinit.dll
2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsdata.dll
2009-01-25 18:36:47 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-01-25 18:36:15 ----D---- C:\Program Files\Alwil Software
2009-01-25 06:50:44 ----D---- C:\Documents and Settings\E\Application Data\skypePM
2009-01-25 06:49:37 ----D---- C:\Documents and Settings\E\Application Data\Skype
2009-01-25 06:49:07 ----RD---- C:\Program Files\Skype
2009-01-25 06:48:58 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-01-25 04:57:05 ----D---- C:\Documents and Settings\E\Application Data\DivX
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\px.dll
2009-01-25 04:53:45 ----D---- C:\Program Files\DivX
2009-01-25 04:50:07 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-25 04:50:05 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2009-01-25 04:50:00 ----D---- C:\Documents and Settings\E\Application Data\Azureus
2009-01-25 04:47:43 ----D---- C:\Program Files\Vuze
2009-01-25 04:47:43 ----D---- C:\Program Files\Common Files\i4j_jres
2009-01-25 04:42:30 ----D---- C:\Program Files\MediaMonkey
2009-01-25 04:39:47 ----D---- C:\Program Files\MSXML 4.0
2009-01-25 04:37:09 ----D---- C:\Documents and Settings\E\Application Data\CyberLink
2009-01-25 04:37:06 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-01-25 04:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-01-25 04:30:11 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-01-25 04:29:59 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-01-25 04:27:08 ----D---- C:\Program Files\Nero
2009-01-25 04:27:08 ----D---- C:\Program Files\Common Files\Ahead
2009-01-25 04:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2009-01-25 04:26:34 ----D---- C:\WINDOWS\RegisteredPackages
2009-01-25 04:26:06 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-01-25 04:26:05 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-01-25 04:25:04 ----D---- C:\Temp
2009-01-25 04:24:27 ----A---- C:\WINDOWS\lgfwup.ini
2009-01-25 04:24:25 ----D---- C:\Program Files\lg_fwupdate
2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\Vb6stkit.dll
2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\VB6KO.DLL
2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\lgfwunis.exe
2009-01-25 04:22:29 ----N---- C:\WINDOWS\system32\msxml3a.dll
2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcr71.dll
2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcp71.dll
2009-01-25 04:21:45 ----D---- C:\Program Files\CyberLink
2009-01-25 04:15:21 ----D---- C:\WINDOWS\pss
2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Macromedia
2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Adobe
2009-01-25 04:05:37 ----D---- C:\Documents and Settings\E\Application Data\WinRAR
2009-01-25 04:05:23 ----D---- C:\Program Files\WinRAR
2009-01-25 03:35:03 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-01-25 03:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2009-01-25 03:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-25 03:34:32 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-01-25 03:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-25 03:34:08 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2009-01-25 03:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-25 03:33:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-25 03:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-01-25 03:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-01-25 03:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2009-01-25 03:32:53 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-01-25 03:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-01-25 03:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-01-25 03:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-25 03:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2009-01-25 03:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-25 03:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-01-25 03:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-01-25 03:30:49 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2009-01-25 03:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-01-25 03:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-01-25 03:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-01-25 03:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2009-01-25 03:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2009-01-25 03:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-01-25 03:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2009-01-25 03:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2009-01-25 03:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-01-25 03:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2009-01-25 03:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-01-25 03:28:05 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2009-01-25 03:27:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2009-01-25 03:27:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-25 03:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-25 03:27:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-25 03:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-01-25 03:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2009-01-25 03:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-25 03:26:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-01-25 03:26:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-01-25 03:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2009-01-25 03:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-01-25 03:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-01-25 03:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-25 03:25:07 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2009-01-25 03:24:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2009-01-25 03:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-01-25 03:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-01-25 03:24:26 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2009-01-25 03:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-01-25 03:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-01-25 03:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2009-01-25 03:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2009-01-25 03:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-01-25 03:23:03 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-01-25 03:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-01-25 03:22:25 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-01-25 03:22:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-25 03:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2009-01-25 03:21:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-25 03:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-01-25 03:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-25 03:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-01-25 03:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-25 03:21:00 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2009-01-25 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2009-01-25 03:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-01-25 03:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-01-25 03:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-25 03:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-01-25 03:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2009-01-25 03:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2009-01-25 03:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2009-01-25 03:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2009-01-25 03:19:04 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2009-01-25 03:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2009-01-25 03:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2009-01-25 03:18:32 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2009-01-25 03:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-25 03:17:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2009-01-25 03:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-25 03:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-01-25 03:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-01-25 03:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-25 03:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-25 03:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-01-25 03:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-01-25 03:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-25 03:15:02 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-01-25 03:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2009-01-25 03:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2009-01-25 03:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2009-01-25 03:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-01-25 03:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-01-25 03:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-01-25 03:14:22 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-01-25 03:13:47 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-25 03:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2009-01-25 03:13:35 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-01-25 03:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2009-01-25 03:00:29 ----D---- C:\Documents and Settings\E\Application Data\Apple Computer
2009-01-25 03:00:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-25 03:00:06 ----D---- C:\Program Files\iPod
2009-01-25 03:00:04 ----D---- C:\Program Files\iTunes
2009-01-25 03:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-25 02:59:52 ----D---- C:\Program Files\Bonjour
2009-01-25 02:59:29 ----D---- C:\Program Files\QuickTime
2009-01-25 02:59:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-25 02:59:17 ----D---- C:\Program Files\Apple Software Update
2009-01-25 02:58:59 ----D---- C:\Program Files\Common Files\Apple
2009-01-25 02:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-25 02:48:37 ----D---- C:\Documents and Settings\E\Application Data\Mozilla
2009-01-25 02:48:04 ----D---- C:\Program Files\Mozilla Firefox
2009-01-25 02:47:15 ----D---- C:\WINDOWS\system32\PreInstall
2009-01-25 02:47:14 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-25 02:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-01-25 02:47:12 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-25 02:44:48 ----A---- C:\WINDOWS\system32\wpa.bak
2009-01-25 02:40:28 ----D---- C:\WINDOWS\AsusInstAll
2009-01-25 02:39:04 ----D---- C:\Program Files\NVIDIA Corporation
2009-01-25 02:38:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-01-25 02:37:27 ----D---- C:\WINDOWS\nview
2009-01-25 02:37:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1.dll
2009-01-25 02:36:55 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-01-25 02:36:47 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2009-01-25 02:36:41 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-01-25 02:31:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-25 02:31:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-25 02:31:31 ----D---- C:\Program Files\AMD
2009-01-25 02:30:00 ----D---- C:\Documents and Settings\E\Application Data\Symantec
2009-01-25 02:27:54 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-01-25 02:27:37 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-01-25 02:27:16 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-01-25 02:25:57 ----A---- C:\WINDOWS\Ascd_log.ini
2009-01-25 02:25:51 ----D---- C:\Documents and Settings\E\Application Data\InstallShield
2009-01-25 02:25:00 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-01-25 02:19:40 ----D---- C:\Documents and Settings\E\Application Data\Creative
2009-01-25 02:16:12 ----N---- C:\WINDOWS\Ctregrun.exe
2009-01-25 02:14:12 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
2009-01-25 02:14:01 ----D---- C:\Program Files\Common Files\Creative
2009-01-25 02:14:00 ----HD---- C:\Program Files\Creative Installation Information
2009-01-25 02:13:28 ----N---- C:\WINDOWS\system32\AudioDrv.ini
2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\Ludap17.ini
2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\ctzapxx.ini
2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfms32.dll
2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfman32.dll
2009-01-25 02:12:42 ----RA---- C:\WINDOWS\MIDIDEF.EXE
2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpAA.tmp
2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpA9.tmp
2009-01-25 02:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-01-25 02:12:38 ----RA---- C:\WINDOWS\OALInst.exe
2009-01-25 02:12:22 ----RA---- C:\WINDOWS\system32\CtDvInst.dll
2009-01-25 02:12:21 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-01-25 02:12:12 ----RA---- C:\WINDOWS\system32\OLD65.tmp
2009-01-25 02:12:08 ----RA---- C:\WINDOWS\system32\AppSetup.exe
2009-01-25 02:12:08 ----RA---- C:\WINDOWS\sfsyn.ini
2009-01-25 02:12:08 ----RA---- C:\WINDOWS\SF32.exe
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\SPIRun.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17res.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17CPI.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\OemSpi.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\EAX.DLL
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\A3d.dll
2009-01-25 02:12:07 ----RA---- C:\WINDOWS\resdef.exe
2009-01-25 02:12:06 ----RA---- C:\WINDOWS\InRes.DLL
2009-01-25 02:10:47 ----D---- C:\Program Files\Creative
2009-01-25 02:09:24 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-25 02:09:21 ----D---- C:\Program Files\Common Files\InstallShield
2009-01-25 02:07:50 ----D---- C:\Documents and Settings\E\Application Data\Identities
2009-01-25 02:07:49 ----HD---- C:\Program Files\Uninstall Information
2009-01-25 02:07:46 ----ASH---- C:\Documents and Settings\E\Application Data\desktop.ini
2009-01-25 02:07:45 ----SD---- C:\Documents and Settings\E\Application Data\Microsoft
2009-01-25 02:05:53 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-25 02:05:52 ----SD---- C:\WINDOWS\system32\Microsoft
2009-01-25 02:05:52 ----D---- C:\WINDOWS\Prefetch
2009-01-25 02:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-25 02:02:48 ----D---- C:\WINDOWS\system32\xircom
2009-01-25 02:02:48 ----D---- C:\Program Files\xerox
2009-01-25 02:02:48 ----D---- C:\Program Files\microsoft frontpage
2009-01-25 02:02:30 ----A---- C:\WINDOWS\control.ini
2009-01-25 02:02:30 ----A---- C:\AUTOEXEC.BAT
2009-01-25 02:02:22 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-25 02:02:19 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-01-25 02:01:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-25 02:01:43 ----RD---- C:\WINDOWS\Offline Web Pages
2009-01-25 02:01:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-25 02:01:39 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-25 02:01:35 ----HD---- C:\Program Files\WindowsUpdate
2009-01-25 02:01:20 ----D---- C:\WINDOWS\system32\DirectX
2009-01-25 02:01:03 ----A---- C:\WINDOWS\system32\atrace.dll
2009-01-25 02:01:01 ----A---- C:\WINDOWS\system32\desktop.ini
2009-01-25 02:01:01 ----A---- C:\WINDOWS\desktop.ini
2009-01-25 02:00:55 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-01-25 02:00:54 ----D---- C:\Program Files\Common Files\Services
2009-01-25 02:00:54 ----A---- C:\WINDOWS\system32\acctres.dll
2009-01-25 02:00:52 ----SD---- C:\WINDOWS\Tasks
2009-01-25 02:00:52 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-01-25 02:00:51 ----D---- C:\Program Files\Common Files\MSSoap
2009-01-25 02:00:47 ----D---- C:\WINDOWS\system32\Macromed
2009-01-25 02:00:47 ----D---- C:\WINDOWS\srchasst
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wups.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-01-25 02:00:40 ----D---- C:\Program Files\Movie Maker
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-01-25 02:00:34 ----D---- C:\WINDOWS\system32\Restore
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\srclient.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\ils.dll
2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\msconf.dll
2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-01-25 02:00:30 ----D---- C:\Program Files\NetMeeting
2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetres.dll
2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-01-25 02:00:28 ----D---- C:\Program Files\Outlook Express
2009-01-25 02:00:28 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstask.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\isign32.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-01-25 02:00:22 ----D---- C:\Program Files\Internet Explorer
2009-01-25 02:00:22 ----D---- C:\Program Files\Common Files\System
2009-01-25 02:00:08 ----D---- C:\Program Files\ComPlus Applications
2009-01-25 02:00:06 ----A---- C:\WINDOWS\vbaddin.ini
2009-01-25 02:00:06 ----A---- C:\WINDOWS\vb.ini
2009-01-25 02:00:02 ----D---- C:\WINDOWS\Registration
2009-01-25 01:59:42 ----D---- C:\Program Files\Online Services
2009-01-25 01:59:41 ----D---- C:\Program Files\Windows Media Player
2009-01-25 01:59:38 ----D---- C:\Program Files\Messenger
2009-01-25 01:59:35 ----D---- C:\Program Files\MSN Gaming Zone
2009-01-25 01:59:35 ----A---- C:\WINDOWS\system32\write.exe
2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\hticons.dll
2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\avwav.dll
2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\winchat.exe
2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-01-25 01:59:22 ----A---- C:\WINDOWS\system32\getuname.dll
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\winmine.exe
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\sol.exe
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\charmap.exe
2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\calc.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tskill.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tscon.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\shadow.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\reset.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\regini.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\freecell.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msg.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\logoff.exe
2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-01-25 01:59:18 ----N---- C:\WINDOWS\system32\mtxdm.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\stclient.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-01-25 01:59:11 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-01-25 01:59:00 ----D---- C:\Program Files\MSN
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-01-25 01:58:58 ----D---- C:\Program Files\Windows NT
2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\spider.exe
2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-01-25 01:58:56 ----D---- C:\WINDOWS\system32\MsDtc
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-01-25 01:58:54 ----D---- C:\WINDOWS\system32\Com
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\colbact.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comuid.dll
2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-01-24 17:58:00 ----A---- C:\WINDOWS\system32\h323log.txt
2009-01-24 17:51:02 ----A---- C:\WINDOWS\system32\usbui.dll
2009-01-24 17:50:11 ----A---- C:\WINDOWS\imsins.BAK
2009-01-24 17:50:09 ----SHD---- C:\WINDOWS\Installer
2009-01-24 17:50:09 ----D---- C:\Program Files\Common Files\ODBC
2009-01-24 17:50:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-24 17:50:09 ----A---- C:\WINDOWS\ODBCINST.INI
2009-01-24 17:50:06 ----RD---- C:\Program Files
2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files
2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-01-24 17:49:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-01-24 17:49:53 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-01-24 17:49:53 ----A---- C:\WINDOWS\system32\batt.dll
2009-01-24 17:49:53 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-01-24 17:49:52 ----A---- C:\WINDOWS\system32\storprop.dll
2009-01-24 17:49:46 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-01-24 17:49:44 ----RA---- C:\WINDOWS\SET8.tmp
2009-01-24 17:49:42 ----RA---- C:\WINDOWS\SET4.tmp
2009-01-24 17:49:40 ----RA---- C:\WINDOWS\SET3.tmp
2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-24 17:49:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-24 17:49:12 ----A---- C:\WINDOWS\setuplog.txt
2009-01-24 17:49:10 ----D---- C:\Documents and Settings
2009-01-24 17:49:09 ----SHD---- C:\System Volume Information
2009-01-24 17:48:37 ----RSH---- C:\boot.ini
2009-01-24 17:43:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-24 17:43:45 ----RSD---- C:\WINDOWS\Fonts
2009-01-24 17:43:45 ----RD---- C:\WINDOWS\Web
2009-01-24 17:43:45 ----HD---- C:\WINDOWS\inf
2009-01-24 17:43:45 ----D---- C:\WINDOWS\WinSxS
2009-01-24 17:43:45 ----D---- C:\WINDOWS\twain_32
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Temp
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wins
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wbem
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\usmt
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\spool
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ShellExt
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\Setup
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ras
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\oobe
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\npp
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\mui
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\IME
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\icsxml
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ias
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\export
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\drivers
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\dhcp
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\config
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3com_dmi
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3076
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\2052
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1054
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1042
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1041
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1037
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1033
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1031
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1028
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1025
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32
2009-01-24 17:43:45 ----D---- C:\WINDOWS\system
2009-01-24 17:43:45 ----D---- C:\WINDOWS\security
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Resources
2009-01-24 17:43:45 ----D---- C:\WINDOWS\repair
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Provisioning
2009-01-24 17:43:45 ----D---- C:\WINDOWS\PeerNet
2009-01-24 17:43:45 ----D---- C:\WINDOWS\pchealth
2009-01-24 17:43:45 ----D---- C:\WINDOWS\mui
2009-01-24 17:43:45 ----D---- C:\WINDOWS\msapps
2009-01-24 17:43:45 ----D---- C:\WINDOWS\msagent
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Media
2009-01-24 17:43:45 ----D---- C:\WINDOWS\java
2009-01-24 17:43:45 ----D---- C:\WINDOWS\ime
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Help
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Driver Cache
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Debug
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Cursors
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Connection Wizard
2009-01-24 17:43:45 ----D---- C:\WINDOWS\Config
2009-01-24 17:43:45 ----D---- C:\WINDOWS\AppPatch
2009-01-24 17:43:45 ----D---- C:\WINDOWS\addins
2009-01-24 17:43:45 ----D---- C:\WINDOWS

======List of files/folders modified in the last 3 months======

2009-03-29 17:38:16 ----A---- C:\WINDOWS\win.ini
2009-03-22 07:00:44 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 RVIEG01;VSC Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 ControlTransferDriver;AudioBox USB Control Transfer; C:\WINDOWS\System32\Drivers\PreSonusUsb_xfer.sys [2008-02-18 28576]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-12-07 142336]
R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2006-08-07 162176]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-26 54400]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-26 22016]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-12-07 114688]
R3 P17xfi;Sound Blaster X-Fi Xtreme Audio; C:\WINDOWS\system32\drivers\P17xfi.sys [2007-11-21 1174528]
R3 p17xfilt;p17xfilt; C:\WINDOWS\system32\drivers\p17xfilt.sys [2007-10-10 1664384]
R3 preSonusUsb;PreSonusUsb; C:\WINDOWS\System32\Drivers\preSonusUsb.sys [2008-02-18 49280]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]
S1 gaopdxserv.sys;gaopdxserv.sys; C:\WINDOWS\system32\drivers\gaopdxserv.sys []
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
S3 ao2ua9iq;ao2ua9iq; C:\WINDOWS\system32\drivers\ao2ua9iq.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-22 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys [2007-10-24 23288]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-04-24 598016]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-04-24 176128]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-13 272024]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------

Show 40 post(s) from this thread on one page