Page 1 of 5 12345 LastLast
Results 1 to 10 of 43

Thread: Need help removing zlob.DNSchanger!

  1. #1
    Junior Member
    Join Date
    Nov 2008
    Posts
    24

    Default Need help removing zlob.DNSchanger!

    I ran my spybot and it scanned zlob.DNSchanger, I removed it several times but it keeps coming back. Here is my HijackThis log.



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:22:24 PM, on 10/31/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: rqRIcyAp - rqRIcyAp.dll (file missing)
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    O24 - Desktop Component 0: (no name) - http://i4.photobucket.com/albums/y11...exX/Bangs5.jpg
    O24 - Desktop Component 1: (no name) - http://l.yimg.com/www.flickr.com/images/spaceball.gif

    --
    End of file - 6346 bytes

  2. #2
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi aznkid

    Please post next spybot report
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  3. #3
    Junior Member
    Join Date
    Nov 2008
    Posts
    24

    Default

    I forgot to mention this but, I think this zlob.dnschanger is causing vimax ads on every website i go to. It is also causing me to have some pop ups when i go to regular sites. Also, I have ad-aware2008, MBAM, SAS, and avira antivir and only MBAM and Spybot detects this zlob.dnschanger. Well, here's my spybot log.



    Hint of the Day: Click the bar at the right of this to see more information! ()


    Zlob.DNSChanger: [SBI $041D1396] TCP/IP Settings #1 (Undefined) (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer=208.67.220.220,208.67.222.222

    Zlob.DNSChanger: [SBI $041D1396] TCP/IP Settings #2 (Undefined) (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5E14DD4E-9657-446A-8877-F53BC78E8750}\DhcpNameServer=208.67.220.220,208.67.222.222


    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-07-07 TeaTimer.exe (1.6.0.20)
    2008-11-01 unins000.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-07-07 SDHelper.dll (1.6.0.12)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-09-02 Includes\Adware.sbi (*)
    2008-10-26 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-09-02 Includes\Dialer.sbi (*)
    2008-09-09 Includes\DialerC.sbi (*)
    2008-07-22 Includes\HeavyDuty.sbi (*)
    2008-09-02 Includes\Hijackers.sbi (*)
    2008-10-28 Includes\HijackersC.sbi (*)
    2008-09-09 Includes\Keyloggers.sbi (*)
    2008-10-28 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-10-28 Includes\Malware.sbi (*)
    2008-10-28 Includes\MalwareC.sbi (*)
    2008-09-02 Includes\PUPS.sbi (*)
    2008-10-28 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-10-23 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-10-28 Includes\Spyware.sbi (*)
    2008-10-29 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti
    2008-10-29 Includes\Trojans.sbi (*)
    2008-10-29 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

  4. #4
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Those are not 100% sure sign of zlob.dnschanger as they are OpenDNS DNS services.

    Download F-Secure Blacklight and save it to your desktop -> ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe

    Doubleclick fsbl.exe, accept the agreement, click Scan, then click Next

    You'll see a list what have been found. A log will appear to your desktop, it is named fsbl.xxxxxxx.log (xxxxxxx will be random numbers).

    DON'T choose Rename if something was found!

    Post the contents of fsbl.xxxx.log to here (xxxx= random numbers,blacklight log from your desktop)
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  5. #5
    Junior Member
    Join Date
    Nov 2008
    Posts
    24

    Default

    Here is my fsbl log


    11/01/08 11:53:23 [Info]: BlackLight Engine 2.2.1092 initialized
    11/01/08 11:53:23 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    11/01/08 11:53:24 [Note]: 7019 4
    11/01/08 11:53:24 [Note]: 7005 0
    11/01/08 11:53:26 [Note]: 7006 0
    11/01/08 11:53:26 [Note]: 7011 472
    11/01/08 11:53:26 [Note]: 7035 0
    11/01/08 11:53:27 [Note]: 7026 0
    11/01/08 11:53:27 [Note]: 7026 0
    11/01/08 11:53:32 [Note]: FSRAW library version 1.7.1024
    11/01/08 12:07:39 [Note]: 7007 0

  6. #6
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    OK, no hidden file there.

    • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Click Continue at the disclaimer screen.
    • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  7. #7
    Junior Member
    Join Date
    Nov 2008
    Posts
    24

    Default

    Here is the log.txt

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Home at 2008-11-01 12:28:21
    Microsoft Windows XP Home Edition Service Pack 2
    System drive C: has 35 GB (61%) free of 57 GB
    Total RAM: 894 MB (55% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:28:32 PM, on 11/1/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Home\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Home.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: rqRIcyAp - rqRIcyAp.dll (file missing)
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    O24 - Desktop Component 0: (no name) - http://i4.photobucket.com/albums/y11...exX/Bangs5.jpg
    O24 - Desktop Component 1: (no name) - http://l.yimg.com/www.flickr.com/images/spaceball.gif

    --
    End of file - 6199 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947]
    "Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2007-05-14 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-10 385024]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-01-15 267048]
    "BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2004-08-04 110592]
    "DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-10-09 202544]
    "dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-10-09 16384]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
    "Auslogics BoostSpeed 4"=C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe [2008-06-26 362608]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-10 289088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Home^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    C:\PROGRA~1\LimeWire\LimeWire.exe [2005-03-09 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "CSIScanner"=2
    "ProtexisLicensing"=2
    "Bonjour Service"=2

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-10-11 90112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rqRIcyAp]
    rqRIcyAp.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{31CDFCB9-37D6-4C1D-A31D-AA2DD56F637B}"= []
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "authentication packages"=msv1_0
    C:\WINDOWS\system32\jkkKcywt

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
    "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    shell\AutoRun\command - F:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3db46087-cd32-11dc-8d5f-001a925e497b}]
    shell\AutoRun\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56de1938-a338-11dd-88a1-0019b955057d}]
    shell\AutoRun\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4f347c3-8837-11dd-885f-0019b955057d}]
    shell\AutoRun\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e69eca9a-545b-11dd-bd88-001a925e497b}]
    shell\AutoRun\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe


    ======List of files/folders created in the last 1 months======

    2008-11-01 12:28:21 ----D---- C:\rsit
    2008-11-01 00:39:48 ----D---- C:\fsaua.data
    2008-10-31 19:40:34 ----A---- C:\Program Files\qpbp.txt
    2008-10-31 18:06:18 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-31 17:14:44 ----A---- C:\WINDOWS\system32\rrsec2k.exe
    2008-10-31 17:14:44 ----A---- C:\WINDOWS\system32\rrsec.dll
    2008-10-31 17:14:42 ----D---- C:\Program Files\Registrar Registry Manager
    2008-10-31 16:14:15 ----A---- C:\WINDOWS\gmer.ini
    2008-10-31 16:14:13 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2008-10-31 16:14:13 ----A---- C:\WINDOWS\gmer.dll
    2008-10-31 16:14:12 ----A---- C:\WINDOWS\gmer.exe
    2008-10-28 22:15:33 ----D---- C:\Program Files\Avira
    2008-10-28 22:15:33 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2008-10-27 22:14:39 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-10-27 22:12:38 ----D---- C:\Program Files\SUPERAntiSpyware
    2008-10-27 22:12:38 ----D---- C:\Documents and Settings\Home\Application Data\SUPERAntiSpyware.com
    2008-10-27 18:28:36 ----D---- C:\Mp3 Output
    2008-10-27 18:28:32 ----A---- C:\WINDOWS\system32\xvidcore.dll
    2008-10-27 18:28:32 ----A---- C:\WINDOWS\system32\NCMedia.dll
    2008-10-27 18:28:32 ----A---- C:\WINDOWS\system32\libmp3lame-0.dll
    2008-10-27 18:28:31 ----D---- C:\Program Files\Smallvideosoft
    2008-10-26 17:22:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-26 16:32:13 ----D---- C:\Documents and Settings\Home\Application Data\Malwarebytes
    2008-10-26 16:32:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-25 23:16:34 ----D---- C:\Documents and Settings\Home\Application Data\ErrorSmart
    2008-10-25 22:46:02 ----HD---- C:\WINDOWS\PIF
    2008-10-25 22:37:28 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
    2008-10-25 20:02:52 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-10-25 20:02:11 ----D---- C:\Program Files\Windows Live
    2008-10-25 20:01:32 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-10-25 18:02:34 ----D---- C:\Documents and Settings\Home\Application Data\Corel
    2008-10-25 15:06:19 ----D---- C:\Documents and Settings\Home\Application Data\Auslogics
    2008-10-25 15:05:16 ----D---- C:\Program Files\Auslogics
    2008-10-25 01:40:39 ----D---- C:\Documents and Settings\All Users\Application Data\PrevxCSI
    2008-10-22 23:59:30 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt
    2008-10-22 16:52:40 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-10-21 14:53:15 ----D---- C:\WINDOWS\pss
    2008-10-21 08:29:50 ----D---- C:\Program Files\Trend Micro
    2008-10-20 16:54:30 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2008-10-20 15:49:16 ----SH---- C:\WINDOWS\system32\mxwllpxy.ini
    2008-10-20 14:24:35 ----A---- C:\WINDOWS\system32\sqwapblg.exe
    2008-10-19 15:00:05 ----D---- C:\Documents and Settings\All Users\Application Data\Backup
    2008-10-19 14:29:46 ----ASH---- C:\WINDOWS\system32\fcabnjrj.ini
    2008-10-19 13:34:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-19 11:25:23 ----SH---- C:\WINDOWS\system32\xhejiccx.ini
    2008-10-18 23:51:03 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-10-18 16:05:45 ----D---- C:\Program Files\Common Files\Macrovision Shared
    2008-10-18 14:27:09 ----A---- C:\WINDOWS\system32\cf3b60c5-.txt
    2008-10-18 14:26:24 ----ASH---- C:\WINDOWS\system32\twycKkkj.ini2
    2008-10-18 14:26:24 ----ASH---- C:\WINDOWS\system32\twycKkkj.ini
    2008-10-18 12:20:59 ----D---- C:\Program Files\Common Files\DirectX
    2008-10-18 12:10:21 ----D---- C:\Documents and Settings\Home\Application Data\DAEMON Tools
    2008-10-15 03:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-15 03:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-15 03:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-15 03:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-15 03:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-15 03:02:33 ----A---- C:\WINDOWS\system32\MRT.INI
    2008-10-11 03:01:16 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
    2008-10-10 20:27:42 ----D---- C:\Documents and Settings\Home\Application Data\BitTorrent
    2008-10-10 20:27:33 ----D---- C:\Program Files\BitTorrent
    2008-10-09 21:11:03 ----D---- C:\WINDOWS\ie7updates
    2008-10-09 21:10:28 ----D---- C:\WINDOWS\WBEM
    2008-10-09 21:10:27 ----D---- C:\WINDOWS\system32\en-US
    2008-10-09 21:09:03 ----HDC---- C:\WINDOWS\ie7
    2008-10-09 21:08:53 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2008-10-09 21:08:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2008-10-09 21:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2008-10-09 21:07:43 ----N---- C:\WINDOWS\system32\xmllite.dll
    2008-10-09 21:06:09 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-09 21:06:05 ----D---- C:\WINDOWS\network diagnostic
    2008-10-09 21:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2008-10-09 21:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
    2008-10-06 02:34:27 ----A---- C:\WINDOWS\msnmsgr.exe.ini
    2008-10-06 02:34:24 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo

    ======List of files/folders modified in the last 1 months======

    2008-11-01 12:27:41 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-01 12:22:36 ----D---- C:\Documents and Settings\Home\Application Data\DNA
    2008-11-01 11:14:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-11-01 10:39:55 ----D---- C:\WINDOWS\Temp
    2008-11-01 10:39:51 ----D---- C:\WINDOWS\Prefetch
    2008-11-01 10:32:31 ----SHD---- C:\WINDOWS\Installer
    2008-11-01 10:32:31 ----HD---- C:\Config.Msi
    2008-11-01 10:32:31 ----D---- C:\WINDOWS
    2008-11-01 10:32:26 ----D---- C:\WINDOWS\system32\drivers
    2008-11-01 10:32:25 ----D---- C:\WINDOWS\system32
    2008-11-01 09:12:36 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-01 01:24:14 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-01 00:46:19 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-11-01 00:34:38 ----SHD---- C:\System Volume Information
    2008-11-01 00:34:38 ----D---- C:\WINDOWS\system32\Restore
    2008-11-01 00:11:28 ----SH---- C:\boot.ini
    2008-11-01 00:11:28 ----A---- C:\WINDOWS\win.ini
    2008-11-01 00:11:28 ----A---- C:\WINDOWS\system.ini
    2008-10-31 23:55:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-10-31 21:12:40 ----D---- C:\WINDOWS\Minidump
    2008-10-31 19:55:16 ----AD---- C:\Program Files
    2008-10-31 18:32:32 ----D---- C:\Program Files\Enigma Software Group
    2008-10-30 16:47:55 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-10-26 22:57:15 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-10-26 22:34:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-26 22:18:56 ----D---- C:\Program Files\Common Files
    2008-10-26 00:49:08 ----D---- C:\Program Files\Bonjour
    2008-10-25 23:39:36 ----SD---- C:\WINDOWS\Tasks
    2008-10-25 19:38:33 ----D---- C:\WINDOWS\system32\spool
    2008-10-25 17:48:46 ----D---- C:\WINDOWS\WinSxS
    2008-10-25 17:48:44 ----SD---- C:\WINDOWS\system32\Microsoft
    2008-10-25 17:48:44 ----D---- C:\WINDOWS\system32\oobe
    2008-10-25 17:48:44 ----D---- C:\WINDOWS\system32\mui
    2008-10-25 17:48:43 ----D---- C:\WINDOWS\system32\Macromed
    2008-10-25 17:48:41 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
    2008-10-25 15:16:09 ----D---- C:\WINDOWS\Debug
    2008-10-25 15:05:21 ----RSD---- C:\WINDOWS\Fonts
    2008-10-25 09:51:25 ----D---- C:\Documents and Settings
    2008-10-25 01:51:02 ----D---- C:\WINDOWS\Help
    2008-10-25 01:35:14 ----D---- C:\Program Files\MagicISO
    2008-10-23 05:54:24 ----D---- C:\Documents and Settings\Home\Application Data\Adobe
    2008-10-22 20:54:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-10-22 20:54:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2008-10-22 20:52:42 ----D---- C:\Program Files\MSN Messenger
    2008-10-22 15:09:40 ----D---- C:\Documents and Settings\Home\Application Data\U3
    2008-10-21 15:53:46 ----D---- C:\WINDOWS\system32\config
    2008-10-21 15:29:46 ----D---- C:\WINDOWS\system32\CatRoot
    2008-10-20 16:30:20 ----HD---- C:\WINDOWS\inf
    2008-10-20 15:52:56 ----D---- C:\WINDOWS\system32\wbem
    2008-10-20 15:52:53 ----D---- C:\WINDOWS\Registration
    2008-10-19 17:51:52 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-19 13:55:52 ----SHD---- C:\RECYCLER
    2008-10-18 23:51:10 ----D---- C:\Program Files\Lavasoft
    2008-10-18 16:40:46 ----D---- C:\Program Files\Adobe
    2008-10-17 06:26:52 ----D---- C:\Program Files\Common Files\AOL
    2008-10-16 06:01:42 ----D---- C:\Program Files\LimeWire
    2008-10-15 03:04:34 ----HD---- C:\WINDOWS\$hf_mig$
    2008-10-15 03:04:06 ----D---- C:\Program Files\Internet Explorer
    2008-10-11 09:12:44 ----D---- C:\Program Files\WinRAR
    2008-10-09 21:10:20 ----D---- C:\WINDOWS\Media
    2008-10-05 15:03:02 ----D---- C:\Documents and Settings\Home\Application Data\gtk-2.0
    2008-10-03 10:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
    R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
    R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
    R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-04 88448]
    R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-04 63232]
    R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-04 55936]
    R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-10-11 1777152]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-03-16 604928]
    R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]
    R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-07-06 37424]
    R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-07-06 879496]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-12-01 936960]
    R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-12-01 192512]
    R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-03-27 74752]
    R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-01-18 35936]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
    R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
    R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-01 669696]
    S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
    S2 npkcrypt;npkcrypt; C:\WINDOWS\system32\drivers\npkcrypt.sys []
    S2 SVKP;SVKP; C:\WINDOWS\system32\drivers\SVKP.sys []
    S3 ane8e5jz;ane8e5jz; C:\WINDOWS\system32\drivers\ane8e5jz.sys []
    S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-07-06 539432]
    S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
    S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-04 38016]
    S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
    S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
    S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
    S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-06 156392]
    S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-07-06 55352]
    S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-07-06 37280]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-07-06 74656]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
    S3 fsbl;F-Secure BlackLight Engine Driver; \??\C:\DOCUME~1\Home\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsbldrv.sys []
    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-10-31 85969]
    S3 HidBth;Microsoft Bluetooth HID Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-03 25600]
    S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-01-31 49664]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-01-31 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-01-31 21568]
    S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\Ndisprot.sys []
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
    S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-04-10 18560]
    S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
    S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-04 11136]
    S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-04 10240]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 SoC PC-Camera Service;CIF USB CAMERA; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2004-02-10 127692]
    S3 SQTECH905C;DB CIF Cam; C:\WINDOWS\System32\Drivers\Capt905c.sys [2006-01-26 34686]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-01-15 30464]
    S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-04 73472]
    S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-28 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-28 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-10-11 430080]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-09-11 264800]
    R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-10-09 202544]
    R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-03-16 20480]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-01-15 504104]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-19 70656]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-22 654848]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    S4 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]

    -----------------EOF-----------------

  8. #8
    Junior Member
    Join Date
    Nov 2008
    Posts
    24

    Default

    Here is the info.txt

    info.txt logfile of random's system information tool 1.04 2008-11-01 12:28:36

    ======Uninstall list======

    -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{684CB795-C157-4E15-93D4-E26015FEF1EA}\Setup.exe" -l0x9
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    1Click DVD Copy 4.1-->"C:\Program Files\LG Software Innovations\1Click DVD Copy 4.1\setup\uninst.exe"
    Ad-aware 6 Professional-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Ad-Aware SE Professional-->C:\PROGRA~1\Lavasoft\AD-AWA~2\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~2\INSTALL.LOG
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
    Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
    Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
    Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
    Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    AMD Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
    Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->MsiExec.exe /I{EF40BAC3-372B-46F4-A32D-B37CF4217CE7}
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    AusLogics BoostSpeed-->"C:\Program Files\Auslogics\AusLogics BoostSpeed\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Broadcom 440x 10/100 Integrated Controller-->MsiExec.exe /X{612B9183-67A9-4B44-9877-2F059E35B86A}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CIF USB CAMERA-->C:\WINDOWS\CleanDev.exe C:\WINDOWS\DC3110.txt
    Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf
    CopyToDVD-->"C:\Program Files\vso\CopyToDVD\unins000.exe"
    DB CIF Cam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{766E4715-B801-46B3-9D91-12288AB88428}\Setup.exe" -l0x9
    Dell Mobile Broadband Card Utility-->MsiExec.exe /X{DF62D775-BB7C-4AFA-9CA4-DDA1C4855F28}
    Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
    Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
    DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
    Disney Pix 2.0-->MsiExec.exe /X{DC8235CC-3D5A-4D32-94BE-E2F0A1749920}
    Disney Pix Micro Downloader-->MsiExec.exe /X{183135A3-2CE8-43B5-BA5A-757EBAECB413}
    Freez FLV to MP3 Converter-->"C:\Program Files\Smallvideosoft\Freez FLV to MP3 Converter\unins000.exe"
    GIMP 2.4.6-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
    HaduriPhoto4_SetUp419-->MsiExec.exe /I{54F70D29-208E-445F-9151-B1AC8AC48C83}
    Helicon Filter 4.82.3 Free-->"C:\Program Files\Helicon Software\Helicon Filter\unins000.exe"
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB909394)-->"C:\WINDOWS\$NtUninstallKB909394$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    HP PSC & OfficeJet 6.1.A-->"C:\Program Files\HP\Digital Imaging\{27555031-A116-4EC6-9991-7B400142A936}\setup\hpzscr01.exe" -datfile hposcr08.dat
    iTunes-->MsiExec.exe /I{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Kwyshell MidpX Emulator Package 1.3.1-->C:\Program Files\Kwyshell\MidpX\uninst.exe
    LimeWire PRO 4.8.1-->"C:\Program Files\LimeWire\uninstall.exe"
    Magic ISO Maker v4.9 (build 0151)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    MAGIX Xtreme Photo Designer 6 6.0.19.0 (US)-->C:\Program Files\MAGIX\Xtreme_Photo_Designer_6\instslct.exe
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
    Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mouse Suite for Laptop Computers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF13AA9D-E4CE-4015-9778-ECC1D4FB06E4}\Setup.exe" -l0x9 -removeonly
    Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    Next Generation Visualisations-->MsiExec.exe /I{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}
    Nokia Connectivity Cable Driver-->MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
    PC Connectivity Solution-->MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}
    PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    Photo! Editor 1.0 Beta-->"C:\Program Files\Photo!\Photo! Editor\unins000.exe"
    QuickSet-->C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe -runfromtemp -l0x0009 APPDRVNT4 -removeonly
    QuickTime-->MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
    RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Registrar Registry Manager 5.62-->"C:\Program Files\Registrar Registry Manager\unins000.exe"
    Rumble Fighter-->"C:\Program Files\OGPlanet\RumbleFighter\uninstall.exe"
    Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    Thinkwell-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBE9670D-C3DA-4561-BB89-251B82E2E92B}\Setup.exe" -uninst
    Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
    Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
    Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Update for Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
    Update for Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
    Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
    Wedding Dash 2 - Rings Around the World-->"C:\WINDOWS\Wedding Dash 2 - Rings Around the World\uninstall.exe" "/U:C:\Program Files\Wedding Dash 2 - Rings Around the World\Uninstall\uninstall.xml"
    WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
    Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Driver Package - Nokia Modem (10/12/2007 3.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
    Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\dpinst.exe /us C:\PROGRA~1\DIFX\UninstallScripts\4569969E1360D2854474C661EF9B4D54F143EB16
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
    Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
    Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
    Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
    Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
    Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

    =====HijackThis Backups=====

    R3 - URLSearchHook: (no name) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - (no file)
    O20 - Winlogon Notify: RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlls.dll (file missing)
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://messenger.zone.msn.com/EN-US/...jolauncher.cab
    O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players...stallAsst2.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    ======Security center information======

    AV: Avira AntiVir PersonalEdition

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 76 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=4c02
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

    -----------------EOF-----------------

  9. #9
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    BitTorrent DNA
    LimeWire PRO 4.8.1


    I'd like you to read the this thread.

    Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

    Delete info.txt from c:\rsit folder

    Please run a new RSIT scan when finished and post the logs back here.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  10. #10
    Junior Member
    Join Date
    Nov 2008
    Posts
    24

    Default

    Heres the log of the RSIT

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Home at 2008-11-01 13:25:05
    Microsoft Windows XP Home Edition Service Pack 2
    System drive C: has 29 GB (50%) free of 57 GB
    Total RAM: 894 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:25:11 PM, on 11/1/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Home\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Home.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Auslogics BoostSpeed 4] C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Link to &MidpX - C:\Program Files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: rqRIcyAp - rqRIcyAp.dll (file missing)
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    O24 - Desktop Component 0: (no name) - http://i4.photobucket.com/albums/y11...exX/Bangs5.jpg
    O24 - Desktop Component 1: (no name) - http://l.yimg.com/www.flickr.com/images/spaceball.gif

    --
    End of file - 6198 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947]
    "Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2007-05-14 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-01-10 385024]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-01-15 267048]
    "BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2004-08-04 110592]
    "DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-10-09 202544]
    "dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-10-09 16384]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
    "Auslogics BoostSpeed 4"=C:\Program Files\Auslogics\AusLogics BoostSpeed\boostspeed.exe [2008-06-26 362608]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-10 289088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Home^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    C:\PROGRA~1\LimeWire\LimeWire.exe -startup []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "CSIScanner"=2
    "ProtexisLicensing"=2
    "Bonjour Service"=2

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-10-11 90112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rqRIcyAp]
    rqRIcyAp.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{31CDFCB9-37D6-4C1D-A31D-AA2DD56F637B}"= []
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "authentication packages"=msv1_0
    C:\WINDOWS\system32\jkkKcywt

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
    "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
    "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    shell\AutoRun\command - F:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3db46087-cd32-11dc-8d5f-001a925e497b}]
    shell\AutoRun\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56de1938-a338-11dd-88a1-0019b955057d}]
    shell\AutoRun\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4f347c3-8837-11dd-885f-0019b955057d}]
    shell\AutoRun\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e69eca9a-545b-11dd-bd88-001a925e497b}]
    shell\AutoRun\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
    shell\open\command - G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe


    ======List of files/folders created in the last 1 months======

    2008-11-01 12:28:21 ----D---- C:\rsit
    2008-11-01 00:39:48 ----D---- C:\fsaua.data
    2008-10-31 19:40:34 ----A---- C:\Program Files\qpbp.txt
    2008-10-31 18:06:18 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-31 17:14:44 ----A---- C:\WINDOWS\system32\rrsec2k.exe
    2008-10-31 17:14:44 ----A---- C:\WINDOWS\system32\rrsec.dll
    2008-10-31 17:14:42 ----D---- C:\Program Files\Registrar Registry Manager
    2008-10-31 16:14:15 ----A---- C:\WINDOWS\gmer.ini
    2008-10-31 16:14:13 ----A---- C:\WINDOWS\gmer_uninstall.cmd
    2008-10-31 16:14:13 ----A---- C:\WINDOWS\gmer.dll
    2008-10-31 16:14:12 ----A---- C:\WINDOWS\gmer.exe
    2008-10-28 22:15:33 ----D---- C:\Program Files\Avira
    2008-10-28 22:15:33 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2008-10-27 22:14:39 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-10-27 22:12:38 ----D---- C:\Program Files\SUPERAntiSpyware
    2008-10-27 22:12:38 ----D---- C:\Documents and Settings\Home\Application Data\SUPERAntiSpyware.com
    2008-10-27 18:28:36 ----D---- C:\Mp3 Output
    2008-10-27 18:28:32 ----A---- C:\WINDOWS\system32\xvidcore.dll
    2008-10-27 18:28:32 ----A---- C:\WINDOWS\system32\NCMedia.dll
    2008-10-27 18:28:32 ----A---- C:\WINDOWS\system32\libmp3lame-0.dll
    2008-10-27 18:28:31 ----D---- C:\Program Files\Smallvideosoft
    2008-10-26 17:22:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-26 16:32:13 ----D---- C:\Documents and Settings\Home\Application Data\Malwarebytes
    2008-10-26 16:32:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-25 23:16:34 ----D---- C:\Documents and Settings\Home\Application Data\ErrorSmart
    2008-10-25 22:46:02 ----HD---- C:\WINDOWS\PIF
    2008-10-25 22:37:28 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
    2008-10-25 20:02:52 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-10-25 20:02:11 ----D---- C:\Program Files\Windows Live
    2008-10-25 20:01:32 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-10-25 18:02:34 ----D---- C:\Documents and Settings\Home\Application Data\Corel
    2008-10-25 15:06:19 ----D---- C:\Documents and Settings\Home\Application Data\Auslogics
    2008-10-25 15:05:16 ----D---- C:\Program Files\Auslogics
    2008-10-25 01:40:39 ----D---- C:\Documents and Settings\All Users\Application Data\PrevxCSI
    2008-10-22 23:59:30 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt
    2008-10-22 16:52:40 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-10-21 14:53:15 ----D---- C:\WINDOWS\pss
    2008-10-21 08:29:50 ----D---- C:\Program Files\Trend Micro
    2008-10-20 16:54:30 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2008-10-20 15:49:16 ----SH---- C:\WINDOWS\system32\mxwllpxy.ini
    2008-10-20 14:24:35 ----A---- C:\WINDOWS\system32\sqwapblg.exe
    2008-10-19 15:00:05 ----D---- C:\Documents and Settings\All Users\Application Data\Backup
    2008-10-19 14:29:46 ----ASH---- C:\WINDOWS\system32\fcabnjrj.ini
    2008-10-19 13:34:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-19 11:25:23 ----SH---- C:\WINDOWS\system32\xhejiccx.ini
    2008-10-18 23:51:03 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-10-18 16:05:45 ----D---- C:\Program Files\Common Files\Macrovision Shared
    2008-10-18 14:27:09 ----A---- C:\WINDOWS\system32\cf3b60c5-.txt
    2008-10-18 14:26:24 ----ASH---- C:\WINDOWS\system32\twycKkkj.ini2
    2008-10-18 14:26:24 ----ASH---- C:\WINDOWS\system32\twycKkkj.ini
    2008-10-18 12:20:59 ----D---- C:\Program Files\Common Files\DirectX
    2008-10-18 12:10:21 ----D---- C:\Documents and Settings\Home\Application Data\DAEMON Tools
    2008-10-15 03:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-15 03:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-15 03:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-15 03:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-15 03:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-15 03:02:33 ----A---- C:\WINDOWS\system32\MRT.INI
    2008-10-11 03:01:16 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
    2008-10-09 21:11:03 ----D---- C:\WINDOWS\ie7updates
    2008-10-09 21:10:28 ----D---- C:\WINDOWS\WBEM
    2008-10-09 21:10:27 ----D---- C:\WINDOWS\system32\en-US
    2008-10-09 21:09:03 ----HDC---- C:\WINDOWS\ie7
    2008-10-09 21:08:53 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2008-10-09 21:08:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2008-10-09 21:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2008-10-09 21:07:43 ----N---- C:\WINDOWS\system32\xmllite.dll
    2008-10-09 21:06:09 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-09 21:06:05 ----D---- C:\WINDOWS\network diagnostic
    2008-10-09 21:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2008-10-09 21:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
    2008-10-06 02:34:27 ----A---- C:\WINDOWS\msnmsgr.exe.ini
    2008-10-06 02:34:24 ----D---- C:\Documents and Settings\All Users\Application Data\MumboJumbo

    ======List of files/folders modified in the last 1 months======

    2008-11-01 13:23:27 ----D---- C:\Program Files\LimeWire
    2008-11-01 13:22:42 ----D---- C:\Documents and Settings\Home\Application Data\DNA
    2008-11-01 13:02:11 ----AD---- C:\Program Files
    2008-11-01 12:57:00 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-01 12:28:32 ----D---- C:\WINDOWS\Prefetch
    2008-11-01 11:14:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-11-01 10:39:55 ----D---- C:\WINDOWS\Temp
    2008-11-01 10:32:31 ----SHD---- C:\WINDOWS\Installer
    2008-11-01 10:32:31 ----HD---- C:\Config.Msi
    2008-11-01 10:32:31 ----D---- C:\WINDOWS
    2008-11-01 10:32:26 ----D---- C:\WINDOWS\system32\drivers
    2008-11-01 10:32:25 ----D---- C:\WINDOWS\system32
    2008-11-01 09:12:36 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-01 01:24:14 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-01 00:46:19 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-11-01 00:34:38 ----SHD---- C:\System Volume Information
    2008-11-01 00:34:38 ----D---- C:\WINDOWS\system32\Restore
    2008-11-01 00:11:28 ----SH---- C:\boot.ini
    2008-11-01 00:11:28 ----A---- C:\WINDOWS\win.ini
    2008-11-01 00:11:28 ----A---- C:\WINDOWS\system.ini
    2008-10-31 23:55:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-10-31 21:12:40 ----D---- C:\WINDOWS\Minidump
    2008-10-31 18:32:32 ----D---- C:\Program Files\Enigma Software Group
    2008-10-30 16:47:55 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-10-26 22:57:15 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-10-26 22:34:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-26 22:18:56 ----D---- C:\Program Files\Common Files
    2008-10-26 00:49:08 ----D---- C:\Program Files\Bonjour
    2008-10-25 23:39:36 ----SD---- C:\WINDOWS\Tasks
    2008-10-25 19:38:33 ----D---- C:\WINDOWS\system32\spool
    2008-10-25 17:48:46 ----D---- C:\WINDOWS\WinSxS
    2008-10-25 17:48:44 ----SD---- C:\WINDOWS\system32\Microsoft
    2008-10-25 17:48:44 ----D---- C:\WINDOWS\system32\oobe
    2008-10-25 17:48:44 ----D---- C:\WINDOWS\system32\mui
    2008-10-25 17:48:43 ----D---- C:\WINDOWS\system32\Macromed
    2008-10-25 17:48:41 ----D---- C:\Documents and Settings\All Users\Application Data\Corel
    2008-10-25 15:16:09 ----D---- C:\WINDOWS\Debug
    2008-10-25 15:05:21 ----RSD---- C:\WINDOWS\Fonts
    2008-10-25 09:51:25 ----D---- C:\Documents and Settings
    2008-10-25 01:51:02 ----D---- C:\WINDOWS\Help
    2008-10-25 01:35:14 ----D---- C:\Program Files\MagicISO
    2008-10-23 05:54:24 ----D---- C:\Documents and Settings\Home\Application Data\Adobe
    2008-10-22 20:54:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-10-22 20:54:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2008-10-22 20:52:42 ----D---- C:\Program Files\MSN Messenger
    2008-10-22 15:09:40 ----D---- C:\Documents and Settings\Home\Application Data\U3
    2008-10-21 15:53:46 ----D---- C:\WINDOWS\system32\config
    2008-10-21 15:29:46 ----D---- C:\WINDOWS\system32\CatRoot
    2008-10-20 16:30:20 ----HD---- C:\WINDOWS\inf
    2008-10-20 15:52:56 ----D---- C:\WINDOWS\system32\wbem
    2008-10-20 15:52:53 ----D---- C:\WINDOWS\Registration
    2008-10-19 17:51:52 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-19 13:55:52 ----SHD---- C:\RECYCLER
    2008-10-18 23:51:10 ----D---- C:\Program Files\Lavasoft
    2008-10-18 16:40:46 ----D---- C:\Program Files\Adobe
    2008-10-17 06:26:52 ----D---- C:\Program Files\Common Files\AOL
    2008-10-15 03:04:34 ----HD---- C:\WINDOWS\$hf_mig$
    2008-10-15 03:04:06 ----D---- C:\Program Files\Internet Explorer
    2008-10-11 09:12:44 ----D---- C:\Program Files\WinRAR
    2008-10-09 21:10:20 ----D---- C:\WINDOWS\Media
    2008-10-05 15:03:02 ----D---- C:\Documents and Settings\Home\Application Data\gtk-2.0
    2008-10-03 10:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
    R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
    R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
    R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-04 88448]
    R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-04 63232]
    R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-04 55936]
    R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-10-11 1777152]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-03-16 604928]
    R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]
    R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-07-06 37424]
    R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-07-06 879496]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2005-12-01 936960]
    R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2005-12-01 192512]
    R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2006-03-27 74752]
    R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-01-18 35936]
    R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
    R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
    R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
    R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
    R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2005-12-01 669696]
    S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
    S2 npkcrypt;npkcrypt; C:\WINDOWS\system32\drivers\npkcrypt.sys []
    S2 SVKP;SVKP; C:\WINDOWS\system32\drivers\SVKP.sys []
    S3 ane8e5jz;ane8e5jz; C:\WINDOWS\system32\drivers\ane8e5jz.sys []
    S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-07-06 539432]
    S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
    S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-04 38016]
    S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
    S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
    S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
    S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-06 156392]
    S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-07-06 55352]
    S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-07-06 37280]
    S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-07-06 74656]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
    S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
    S3 fsbl;F-Secure BlackLight Engine Driver; \??\C:\DOCUME~1\Home\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsbldrv.sys []
    S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-10-31 85969]
    S3 HidBth;Microsoft Bluetooth HID Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-03 25600]
    S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-01-31 49664]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-01-31 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-01-31 21568]
    S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
    S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\Ndisprot.sys []
    S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
    S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
    S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
    S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-04-10 18560]
    S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
    S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-04 11136]
    S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-04 10240]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
    S3 SoC PC-Camera Service;CIF USB CAMERA; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2004-02-10 127692]
    S3 SQTECH905C;DB CIF Cam; C:\WINDOWS\System32\Drivers\Capt905c.sys [2006-01-26 34686]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
    S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-01-15 30464]
    S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
    S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
    S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-04 73472]
    S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-28 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-28 151297]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-10-11 430080]
    R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-09-11 264800]
    R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-10-09 202544]
    R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-03-16 20480]
    R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-01-15 504104]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-19 70656]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-22 654848]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-12-10 353280]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    S4 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]

    -----------------EOF-----------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •