Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Unable to install Spybot, browser redirecting, failure to load security-related pages

  1. #1
    Junior Member
    Join Date
    Mar 2009
    Posts
    9

    Default Unable to install Spybot, browser redirecting, failure to load security-related pages

    Hello,

    I just discovered this forum and this is my first post. Some kind of malware has prevented me from installing Spybot, other anti-spyware/malware programs, antivirus updates, and is causing many redirects and failure to load security-related pages (including the safer-networking.com homepage). Since neither IE or Firefox is able to access the final ERUNT download page because of an unstoppable redirect from those particular pages, I can't follow the #1 step in the procedure you recommend prior to posting a HijackThis log. So I haven't backed up my registry yet.

    There is also an attempt to load an unknown program at start-up and its name is shown as a series of squares, with some other digits mixed in I think. This program is listed in the startup area of MSCONFIG.

    I believe I only have the latest Adobe Acrobat reader installed. I installed Foxit and on my old computer it worked well. Now I don't use it because it causes streaks to run across the page and grossly distorts the view of pdf file pages making them almost illegible. Running QuickTime player also brings these strange streaks, although in a "milder" form. Not sure what causes this streak problem and because it began immediately after I installed my XP operating system on this new computer I have no reason to think it's malware-related.

    My main issue seems very similar to the one resolved in this thread: http://forums.spybot.info/showthread...=manual+update

    If I can resolve it simply by following the steps in that thread, or if different steps are needed, please let me know. Any help would be greatly appreciated. Thank you very much in advance.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:10:31 AM, on 3/31/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe
    C:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe
    C:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe
    C:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\My Documents\MyDownloadFiles\spybotsd_includes.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    F3 - REG:win.ini: load=???
    ?
    F3 - REG:win.ini: run=???
    ?
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
    O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PreSonusUSBInstallApp] C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Email Protection] C:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
    O4 - HKLM\..\Run: [Update Scheduler] C:\PROGRA~1\QUICKH~1\QUICKH~1\UPSCHD.EXE /CHECK
    O4 - HKLM\..\Run: [On-Line Protection] C:\PROGRA~1\QUICKH~1\QUICKH~1\CATEYE.EXE
    O4 - HKLM\..\Run: [Messenger] C:\PROGRA~1\QUICKH~1\QUICKH~1\SCANMSG.EXE
    O4 - HKLM\..\Run: [Startup Scan] C:\PROGRA~1\QUICKH~1\QUICKH~1\sensor.exe /loadrun
    O4 - HKLM\..\Run: [ResumeQuickupDownload] C:\PROGRA~1\QUICKH~1\QUICKH~1\acappaa.exe
    O4 - HKLM\..\RunOnce: [Startup Scan] C:\PROGRA~1\QUICKH~1\QUICKH~1\sensor.exe /check
    O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-21-448539723-1220945662-725345543-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'E2')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C01F2EA-6AE0-4750-8A78-8979817AB268}: NameServer = 85.255.112.146,85.255.112.76
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.146,85.255.112.76
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.146,85.255.112.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.146,85.255.112.76
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\opssvc.exe
    O23 - Service: Quick Heal Antivirus Plus Mail Protection - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\EMLPROXY.EXE
    O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\quhlpsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Quick Heal Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - C:\PROGRA~1\QUICKH~1\QUICKH~1\scanwscs.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 10798 bytes

    I should also mention I use Avast antivirus, but temporarily had Avast disabled and QuickHeal installed in an attempt to resolve some problems at the time of this log. That's why both are listed.

  2. #2
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi edc1111

    Please uninstall either QuickHeal or avast!

    After that:

    Please save any items you were working on... close any open programs. You may be asked to reboot your machine.
    Please download Malwarebytes Anti-Malware and save it to your desktop. If needed...Tutorial w/screenshots
    Alternate download sites available here or here.
    1. Make sure you are connected to the Internet.
    2. Double-click on Download_mbam-setup.exe to install the application.
    3. When the installation begins, follow the prompts and do not make any changes to default settings.
    4. When installation has finished, make sure you leave both of these checked:
      • Update Malwarebytes' Anti-Malware
      • Launch Malwarebytes' Anti-Malware
      • Then click Finish.
      MBAM will automatically start and you will be asked to update the program before performing a scan.
      • If an update is found, the program will automatically update itself.
      • Press the OK button to close that box and continue.
      • Problems downloading the updates? Manually download them from here and double-click on "mbam-rules.exe" to install.

    On the Scanner tab:
    1. Make sure the "Perform Quick Scan" option is selected.
    2. Then click on the Scan button.
    3. If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    4. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    5. When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    6. Click OK to close the message box and continue with the removal process.


    Back at the main Scanner screen:
    1. Click on the Show Results button to see a list of any malware that was found.
    2. Check all items except items in the C:\System Volume Information folder... then click on Remove Selected.
      We will take care of the System Volume Information items later.
    3. When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
    4. The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
      The log can also be found here:
      C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    5. Copy and paste the contents of that report in your next reply and exit MBAM.


    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
    Click OK to either and let MBAM proceed with the disinfection process.
    If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


    Please download RSIT by random/random... save it to your desktop.
    1. Double click on RSIT.exe to run it.
    2. Please read the disclaimer... click on Continue.
    3. RSIT will start running. When done... 2 logs files...will be produced.
    4. The first one, "log.txt", will be maximized
    5. The second one, "info.txt", will be minimized.

    Please post both... "log.txt" and "info.txt", file contents in your next reply.
    (These logs can be lengthy, so post 1 log per reply please.)

    Post:

    - mbam log
    - rsit logs (taken after mbam run)
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  3. #3
    Junior Member
    Join Date
    Mar 2009
    Posts
    9

    Default MBAM log

    Malwarebytes' Anti-Malware 1.35
    Database version: 1904
    Windows 5.1.2600 Service Pack 2

    4/1/2009 2:26:37 AM
    mbam-log-2009-04-01 (02-26-37).txt

    Scan type: Quick Scan
    Objects scanned: 78154
    Time elapsed: 5 minute(s), 21 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 6
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9c01f2ea-6ae0-4750-8a78-8979817ab268}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9c01f2ea-6ae0-4750-8a78-8979817ab268}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{9c01f2ea-6ae0-4750-8a78-8979817ab268}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.146,85.255.112.76 -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

  4. #4
    Junior Member
    Join Date
    Mar 2009
    Posts
    9

    Default RSIT log.txt - part 1 (full log exceeds max characters allowed)

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by E at 2009-04-01 02:36:40
    Microsoft Windows XP Home Edition Service Pack 2
    System drive C: has 68 GB (68%) free of 101 GB
    Total RAM: 2943 MB (81% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:36:44 AM, on 4/1/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\E\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\E.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    F3 - REG:win.ini: load=???
    ?
    F3 - REG:win.ini: run=???
    ?
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
    O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PreSonusUSBInstallApp] C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9164 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1220945662-725345543-1004.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
    HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-02-28 180224]
    "P17Helper"=Rundll32 SPIRun.dll,RunDLLEntry []
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
    "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-12 49152]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "PreSonusUSBInstallApp"=C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe [2008-03-07 28672]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
    "ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]
    "H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Creative MediaSource Go"=C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [2006-11-09 204800]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
    "Google Update"=C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-24 133104]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go]
    C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [2006-11-09 204800]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
    C:\WINDOWS\CTRegRun.EXE [2006-10-06 53248]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
    C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-09 52256]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
    C:\Program Files\lg_fwupdate\fwupdate.exe [2007-02-26 249856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
    ? ?????????????????????? []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-15 71216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
    ? ?????????????????????? []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
    C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Registration.lnk]
    C:\PROGRA~1\Corel\WORDPE~1\Register\Remind32.exe [1998-07-23 67584]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL 9.LNK]
    C:\PROGRA~1\Corel\WORDPE~1\programs\ccwin9.exe [1999-03-31 589824]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL Alarms.LNK]
    C:\PROGRA~1\Corel\WORDPE~1\programs\alarm.exe [1999-03-30 225280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Application Director 9.LNK]
    C:\PROGRA~1\Corel\WORDPE~1\programs\dad9.exe [1999-03-29 225280]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
    "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
    "C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69851a73-f856-11dd-bb4b-002215e00ea4}]
    shell\AutoRun\command - J:\MI.exe

  5. #5
    Junior Member
    Join Date
    Mar 2009
    Posts
    9

    Default RSIT log.txt - part 2

    ======List of files/folders created in the last 3 months======

    2009-04-01 02:36:40 ----D---- C:\rsit
    2009-04-01 02:13:51 ----D---- C:\Documents and Settings\E\Application Data\Malwarebytes
    2009-04-01 02:13:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-04-01 02:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-03-31 02:10:10 ----D---- C:\Program Files\Trend Micro
    2009-03-31 01:44:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-03-31 01:29:26 ----D---- C:\Program Files\Lavasoft
    2009-03-31 01:29:26 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2009-03-31 01:29:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-03-30 12:27:20 ----D---- C:\Documents and Settings\All Users\Application Data\Syncrosoft
    2009-03-30 12:27:09 ----D---- C:\Program Files\Syncrosoft
    2009-03-29 18:46:55 ----A---- C:\WINDOWS\sc.INI
    2009-03-29 18:46:02 ----D---- C:\Program Files\MagicSofts
    2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\java.exe
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\rmbe3260.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32sipr.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32dnet.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3228_8.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3214_4.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pngu3263.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pneng50.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pncrt.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pnc3250.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcr70.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcp70.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\encdnet.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\decdnet.dll
    2009-03-24 22:48:07 ----D---- C:\Documents and Settings\E\Application Data\ArcSoft
    2009-03-24 22:48:06 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
    2009-03-24 22:47:17 ----A---- C:\WINDOWS\system32\unicows.dll
    2009-03-24 22:46:57 ----D---- C:\Program Files\Kodak
    2009-03-24 22:46:57 ----D---- C:\Program Files\Common Files\ArcSoft
    2009-03-23 05:41:12 ----D---- C:\Program Files\Audacity
    2009-03-22 04:50:45 ----D---- C:\Program Files\Java
    2009-03-20 19:40:30 ----D---- C:\Program Files\GPLGS
    2009-03-20 19:39:59 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
    2009-03-20 19:39:53 ----D---- C:\Program Files\Acro Software
    2009-03-17 01:58:04 ----A---- C:\WINDOWS\system32\Ltih30tb.dll
    2009-03-17 01:58:03 ----D---- C:\Program Files\WexTech
    2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\WexTech Shared
    2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\LHSPF
    2009-03-17 01:57:59 ----A---- C:\WINDOWS\IsUninst.exe
    2009-03-17 01:55:45 ----N---- C:\WINDOWS\system32\FXAB32.DLL
    2009-03-17 01:55:44 ----N---- C:\WINDOWS\system32\fxdb.dll
    2009-03-17 01:55:13 ----N---- C:\WINDOWS\system32\iduninst.dll
    2009-03-17 01:55:04 ----D---- C:\Program Files\Borland
    2009-03-17 01:54:58 ----N---- C:\WINDOWS\system32\awpe.dll
    2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\mfcuia32.dll
    2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\MFCANS32.DLL
    2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\LTIH21TB.DLL
    2009-03-17 01:54:57 ----A---- C:\WINDOWS\system32\awrtl30.dll
    2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shlwp9en.dll
    2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shellwp.dll
    2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\opengl.dll
    2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\glut.dll
    2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\glu.dll
    2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\csh.dll
    2009-03-17 01:54:23 ----D---- C:\Program Files\Corel
    2009-03-17 01:53:13 ----D---- C:\WINDOWS\Corel
    2009-03-16 01:03:49 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-03-15 03:50:37 ----D---- C:\Documents and Settings\All Users\Application Data\Quick Heal
    2009-03-15 03:46:01 ----A---- C:\WINDOWS\sensor.INI
    2009-03-15 03:45:35 ----D---- C:\Program Files\Quick Heal
    2009-03-14 18:26:47 ----D---- C:\Documents and Settings\E\Application Data\Sony Setup
    2009-03-14 18:26:32 ----D---- C:\Program Files\Sony Setup
    2009-03-13 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-13 03:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-13 03:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
    2009-03-12 22:56:53 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
    2009-03-12 22:56:50 ----D---- C:\Program Files\Yahoo!
    2009-03-08 20:01:20 ----D---- C:\Documents and Settings\All Users\Application Data\MediaMonkey
    2009-03-08 05:53:54 ----D---- C:\Program Files\Jazz_Guitar_Solos_Vol_1-4
    2009-03-08 05:53:44 ----D---- C:\Program Files\flatpick_guitar_solos
    2009-03-08 05:53:31 ----D---- C:\Program Files\Roland
    2009-03-07 18:55:15 ----D---- C:\Documents and Settings\E\Application Data\Help
    2009-03-06 22:43:32 ----A---- C:\WINDOWS\demdata.txt
    2009-03-06 20:56:15 ----D---- C:\Program Files\Garritan Instruments for Finale
    2009-03-06 20:56:13 ----D---- C:\Program Files\Kontakt Player 2
    2009-03-06 20:54:24 ----D---- C:\PSFONTS
    2009-03-06 20:53:33 ----D---- C:\Program Files\Finale 2008
    2009-03-06 20:17:02 ----D---- C:\Program Files\IZArc
    2009-03-06 00:00:01 ----D---- C:\Program Files\Steinberg
    2009-03-06 00:00:01 ----D---- C:\Documents and Settings\E\Application Data\Steinberg
    2009-03-05 23:57:52 ----A---- C:\WINDOWS\system32\Synsopos.exe
    2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SynsoLChk.dll
    2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SYNSOACC.dll
    2009-03-05 23:47:48 ----A---- C:\WINDOWS\system32\USBFindDevice.dll
    2009-03-05 23:47:47 ----D---- C:\Program Files\AudioBox USB
    2009-03-03 03:28:10 ----D---- C:\WINDOWS\Minidump
    2009-03-02 02:47:11 ----A---- C:\WINDOWS\BBW_INFO.INI
    2009-03-02 02:46:39 ----D---- C:\Program Files\PowerTracks DirectX Plugins
    2009-03-02 02:45:16 ----D---- C:\bb
    2009-03-01 18:46:22 ----D---- C:\Program Files\Common Files\Skype
    2009-02-27 02:49:52 ----D---- C:\Program Files\Common Files\DESIGNER
    2009-02-26 15:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-02-17 13:59:10 ----A---- C:\WINDOWS\CDPlayer.ini
    2009-02-16 03:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-02-15 05:53:25 ----D---- C:\Program Files\NCH Swift Sound
    2009-02-15 05:53:25 ----D---- C:\Documents and Settings\E\Application Data\NCH Swift Sound
    2009-02-14 20:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-02-14 20:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-02-14 20:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
    2009-02-14 17:12:48 ----D---- C:\Program Files\PDF Text Reader
    2009-02-14 17:12:34 ----D---- C:\Documents and Settings\E\Application Data\CTdeveloping
    2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\devil.dll
    2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\avisynth.dll
    2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\yv12vfw.dll
    2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\i420vfw.dll
    2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\AVSredirect.dll
    2009-02-11 22:43:03 ----D---- C:\Program Files\AviSynth 2.5
    2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\nbDX.dll
    2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\msfDX.dll
    2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\flvDX.dll
    2009-02-11 22:42:49 ----D---- C:\Program Files\eRightSoft
    2009-02-11 04:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
    2009-02-11 01:45:35 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2009-02-11 01:45:07 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-02-11 01:45:06 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2009-02-11 01:44:58 ----A---- C:\WINDOWS\system32\wmpns.dll
    2009-02-11 01:44:49 ----D---- C:\Program Files\Windows Media Connect 2
    2009-02-11 01:44:40 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2009-02-11 01:43:39 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-02-11 01:42:59 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2009-02-07 05:00:46 ----D---- C:\Documents and Settings\E\Application Data\vlc
    2009-02-06 04:43:48 ----D---- C:\Documents and Settings\E\Application Data\HP
    2009-02-05 05:52:53 ----D---- C:\Program Files\IrfanView
    2009-02-05 05:15:14 ----D---- C:\Program Files\VideoLAN
    2009-02-05 04:24:15 ----D---- C:\Program Files\Strategy First
    2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Pro
    2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools
    2009-02-05 04:08:41 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
    2009-02-05 04:07:56 ----D---- C:\Program Files\DAEMON Tools Lite
    2009-02-05 04:03:56 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Lite
    2009-02-04 18:46:08 ----D---- C:\Program Files\Sports Mogul
    2009-02-04 18:44:55 ----D---- C:\Documents and Settings\All Users\Application Data\{29504223-5D4F-495C-BAC6-1C6DB2EEF1C8}
    2009-02-03 07:47:41 ----D---- C:\Program Files\MagicISO
    2009-02-02 18:30:06 ----D---- C:\Documents and Settings\E\Application Data\Ahead
    2009-01-30 02:35:35 ----D---- C:\Documents and Settings\E\Application Data\LimeWire
    2009-01-30 00:25:23 ----D---- C:\Program Files\Common Files\Adobe AIR
    2009-01-30 00:24:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-01-30 00:24:34 ----D---- C:\Program Files\Common Files\Adobe
    2009-01-30 00:24:34 ----D---- C:\Program Files\Adobe
    2009-01-30 00:22:43 ----D---- C:\Program Files\NOS
    2009-01-30 00:22:43 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-01-29 01:15:46 ----D---- C:\WINDOWS\Sun
    2009-01-27 15:14:29 ----D---- C:\Program Files\MSECache
    2009-01-26 18:34:14 ----D---- C:\Program Files\Foxit Software
    2009-01-26 07:16:51 ----D---- C:\Documents and Settings\E\Application Data\Acoustica
    2009-01-26 07:16:30 ----A---- C:\WINDOWS\system32\Wnaspint.dll
    2009-01-26 07:16:28 ----D---- C:\Program Files\Acoustica Shared Effects
    2009-01-26 07:11:17 ----D---- C:\Documents and Settings\All Users\Application Data\Acoustica
    2009-01-26 06:59:44 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-01-26 06:27:28 ----D---- C:\Documents and Settings\E\Application Data\Sun
    2009-01-26 06:26:25 ----D---- C:\Program Files\Acoustica Mixcraft 4
    2009-01-26 06:22:13 ----D---- C:\Program Files\LimeWire
    2009-01-26 05:18:02 ----SHD---- C:\RECYCLER
    2009-01-26 04:13:52 ----D---- C:\Program Files\uTorrent
    2009-01-26 04:13:37 ----D---- C:\Documents and Settings\E\Application Data\uTorrent
    2009-01-26 02:20:41 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-01-25 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
    2009-01-25 19:56:33 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
    2009-01-25 19:56:27 ----D---- C:\Documents and Settings\E\Application Data\HPAppData
    2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
    2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP
    2009-01-25 19:55:25 ----D---- C:\Program Files\Common Files\HP
    2009-01-25 19:55:13 ----D---- C:\Program Files\Hewlett-Packard
    2009-01-25 19:55:05 ----D---- C:\Program Files\Common Files\Hewlett-Packard
    2009-01-25 19:41:43 ----A---- C:\WINDOWS\ODBC.INI
    2009-01-25 19:41:24 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2009-01-25 19:41:07 ----A---- C:\WINDOWS\system32\hpzll5ha.dll
    2009-01-25 19:39:04 ----A---- C:\WINDOWS\system32\hpzids01.dll
    2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpowiax3.dll
    2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpovst10.dll
    2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpotscl3.dll
    2009-01-25 19:38:54 ----D---- C:\Program Files\HP
    2009-01-25 19:37:53 ----HD---- C:\Config.Msi
    2009-01-25 19:21:08 ----A---- C:\WINDOWS\system32\msonpmon.dll
    2009-01-25 19:20:33 ----D---- C:\Program Files\Microsoft Works
    2009-01-25 19:20:28 ----D---- C:\Program Files\MSBuild
    2009-01-25 19:20:12 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-01-25 19:17:36 ----D---- C:\WINDOWS\SHELLNEW
    2009-01-25 19:17:18 ----D---- C:\Program Files\Microsoft Office
    2009-01-25 19:17:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-01-25 19:17:03 ----RHD---- C:\MSOCache
    2009-01-25 18:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2009-01-25 18:51:19 ----A---- C:\WINDOWS\zllsputility.exe
    2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\vsregexp.dll
    2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
    2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcommdb.dll
    2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcomm.dll
    2009-01-25 18:51:06 ----D---- C:\WINDOWS\system32\ZoneLabs
    2009-01-25 18:51:06 ----D---- C:\Program Files\Zone Labs
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\zpeng24.dll
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vsxml.dll
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vswmi.dll
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vspubapi.dll
    2009-01-25 18:51:05 ----A---- C:\WINDOWS\system32\vsmonapi.dll
    2009-01-25 18:48:40 ----D---- C:\WINDOWS\Internet Logs
    2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsutil.dll
    2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsinit.dll
    2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsdata.dll
    2009-01-25 18:36:47 ----D---- C:\WINDOWS\system32\LogFiles
    2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\MFC71.dll
    2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-01-25 18:36:15 ----D---- C:\Program Files\Alwil Software
    2009-01-25 06:50:44 ----D---- C:\Documents and Settings\E\Application Data\skypePM
    2009-01-25 06:49:37 ----D---- C:\Documents and Settings\E\Application Data\Skype
    2009-01-25 06:49:07 ----RD---- C:\Program Files\Skype
    2009-01-25 06:48:58 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
    2009-01-25 04:57:05 ----D---- C:\Documents and Settings\E\Application Data\DivX
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\px.dll
    2009-01-25 04:53:45 ----D---- C:\Program Files\DivX
    2009-01-25 04:50:07 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-01-25 04:50:05 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
    2009-01-25 04:50:00 ----D---- C:\Documents and Settings\E\Application Data\Azureus
    2009-01-25 04:47:43 ----D---- C:\Program Files\Vuze
    2009-01-25 04:47:43 ----D---- C:\Program Files\Common Files\i4j_jres
    2009-01-25 04:42:30 ----D---- C:\Program Files\MediaMonkey
    2009-01-25 04:39:47 ----D---- C:\Program Files\MSXML 4.0
    2009-01-25 04:37:09 ----D---- C:\Documents and Settings\E\Application Data\CyberLink
    2009-01-25 04:37:06 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2009-01-25 04:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
    2009-01-25 04:30:11 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
    2009-01-25 04:29:59 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-01-25 04:27:08 ----D---- C:\Program Files\Nero
    2009-01-25 04:27:08 ----D---- C:\Program Files\Common Files\Ahead
    2009-01-25 04:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
    2009-01-25 04:26:34 ----D---- C:\WINDOWS\RegisteredPackages
    2009-01-25 04:26:06 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-01-25 04:26:05 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-01-25 04:25:04 ----D---- C:\Temp
    2009-01-25 04:24:27 ----A---- C:\WINDOWS\lgfwup.ini
    2009-01-25 04:24:25 ----D---- C:\Program Files\lg_fwupdate
    2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\Vb6stkit.dll
    2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\VB6KO.DLL
    2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\lgfwunis.exe
    2009-01-25 04:22:29 ----N---- C:\WINDOWS\system32\msxml3a.dll
    2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcr71.dll
    2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcp71.dll
    2009-01-25 04:21:45 ----D---- C:\Program Files\CyberLink
    2009-01-25 04:15:21 ----D---- C:\WINDOWS\pss
    2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Macromedia
    2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Adobe
    2009-01-25 04:05:37 ----D---- C:\Documents and Settings\E\Application Data\WinRAR
    2009-01-25 04:05:23 ----D---- C:\Program Files\WinRAR
    2009-01-25 03:35:03 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
    2009-01-25 03:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
    2009-01-25 03:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-01-25 03:34:32 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
    2009-01-25 03:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-01-25 03:34:08 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
    2009-01-25 03:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-01-25 03:33:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-01-25 03:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
    2009-01-25 03:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
    2009-01-25 03:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
    2009-01-25 03:32:53 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
    2009-01-25 03:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
    2009-01-25 03:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
    2009-01-25 03:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2009-01-25 03:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
    2009-01-25 03:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2009-01-25 03:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
    2009-01-25 03:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
    2009-01-25 03:30:49 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
    2009-01-25 03:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
    2009-01-25 03:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
    2009-01-25 03:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
    2009-01-25 03:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
    2009-01-25 03:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
    2009-01-25 03:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
    2009-01-25 03:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
    2009-01-25 03:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
    2009-01-25 03:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
    2009-01-25 03:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
    2009-01-25 03:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
    2009-01-25 03:28:05 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
    2009-01-25 03:27:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
    2009-01-25 03:27:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-01-25 03:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2009-01-25 03:27:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2009-01-25 03:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
    2009-01-25 03:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
    2009-01-25 03:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2009-01-25 03:26:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
    2009-01-25 03:26:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
    2009-01-25 03:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
    2009-01-25 03:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
    2009-01-25 03:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
    2009-01-25 03:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-01-25 03:25:07 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
    2009-01-25 03:24:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
    2009-01-25 03:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
    2009-01-25 03:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
    2009-01-25 03:24:26 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
    2009-01-25 03:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
    2009-01-25 03:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
    2009-01-25 03:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
    2009-01-25 03:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
    2009-01-25 03:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
    2009-01-25 03:23:03 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
    2009-01-25 03:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-01-25 03:22:25 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
    2009-01-25 03:22:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-01-25 03:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
    2009-01-25 03:21:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-01-25 03:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
    2009-01-25 03:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-01-25 03:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
    2009-01-25 03:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-01-25 03:21:00 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
    2009-01-25 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
    2009-01-25 03:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
    2009-01-25 03:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
    2009-01-25 03:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-01-25 03:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
    2009-01-25 03:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
    2009-01-25 03:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
    2009-01-25 03:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
    2009-01-25 03:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
    2009-01-25 03:19:04 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
    2009-01-25 03:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
    2009-01-25 03:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
    2009-01-25 03:18:32 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
    2009-01-25 03:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-01-25 03:17:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
    2009-01-25 03:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2009-01-25 03:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
    2009-01-25 03:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
    2009-01-25 03:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-01-25 03:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-01-25 03:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
    2009-01-25 03:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-01-25 03:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-01-25 03:15:02 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
    2009-01-25 03:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
    2009-01-25 03:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
    2009-01-25 03:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
    2009-01-25 03:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
    2009-01-25 03:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
    2009-01-25 03:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
    2009-01-25 03:14:22 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-01-25 03:13:47 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-01-25 03:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
    2009-01-25 03:13:35 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
    2009-01-25 03:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
    2009-01-25 03:00:29 ----D---- C:\Documents and Settings\E\Application Data\Apple Computer
    2009-01-25 03:00:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-01-25 03:00:06 ----D---- C:\Program Files\iPod
    2009-01-25 03:00:04 ----D---- C:\Program Files\iTunes
    2009-01-25 03:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2009-01-25 02:59:52 ----D---- C:\Program Files\Bonjour
    2009-01-25 02:59:29 ----D---- C:\Program Files\QuickTime
    2009-01-25 02:59:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2009-01-25 02:59:17 ----D---- C:\Program Files\Apple Software Update
    2009-01-25 02:58:59 ----D---- C:\Program Files\Common Files\Apple
    2009-01-25 02:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
    2009-01-25 02:48:37 ----D---- C:\Documents and Settings\E\Application Data\Mozilla
    2009-01-25 02:48:04 ----D---- C:\Program Files\Mozilla Firefox
    2009-01-25 02:47:15 ----D---- C:\WINDOWS\system32\PreInstall
    2009-01-25 02:47:14 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2009-01-25 02:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-01-25 02:47:12 ----HD---- C:\WINDOWS\$hf_mig$
    2009-01-25 02:44:48 ----A---- C:\WINDOWS\system32\wpa.bak
    2009-01-25 02:40:28 ----D---- C:\WINDOWS\AsusInstAll
    2009-01-25 02:39:04 ----D---- C:\Program Files\NVIDIA Corporation
    2009-01-25 02:38:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2009-01-25 02:37:27 ----D---- C:\WINDOWS\nview
    2009-01-25 02:37:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
    2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
    2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1.dll
    2009-01-25 02:36:55 ----A---- C:\WINDOWS\system32\nvunrm.exe
    2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\nvconrm.dll
    2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
    2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1.dll
    2009-01-25 02:36:47 ----RA---- C:\WINDOWS\system32\nvusmb.exe
    2009-01-25 02:36:41 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
    2009-01-25 02:31:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-01-25 02:31:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-01-25 02:31:31 ----D---- C:\Program Files\AMD
    2009-01-25 02:30:00 ----D---- C:\Documents and Settings\E\Application Data\Symantec
    2009-01-25 02:27:54 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
    2009-01-25 02:27:37 ----D---- C:\Program Files\Common Files\Symantec Shared
    2009-01-25 02:27:16 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
    2009-01-25 02:25:57 ----A---- C:\WINDOWS\Ascd_log.ini
    2009-01-25 02:25:51 ----D---- C:\Documents and Settings\E\Application Data\InstallShield
    2009-01-25 02:25:00 ----A---- C:\WINDOWS\Ascd_tmp.ini
    2009-01-25 02:19:40 ----D---- C:\Documents and Settings\E\Application Data\Creative
    2009-01-25 02:16:12 ----N---- C:\WINDOWS\Ctregrun.exe
    2009-01-25 02:14:12 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
    2009-01-25 02:14:01 ----D---- C:\Program Files\Common Files\Creative
    2009-01-25 02:14:00 ----HD---- C:\Program Files\Creative Installation Information
    2009-01-25 02:13:28 ----N---- C:\WINDOWS\system32\AudioDrv.ini
    2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\Ludap17.ini
    2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\ctzapxx.ini
    2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfms32.dll
    2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfman32.dll
    2009-01-25 02:12:42 ----RA---- C:\WINDOWS\MIDIDEF.EXE
    2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpAA.tmp
    2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpA9.tmp
    2009-01-25 02:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
    2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\wrap_oal.dll
    2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\OpenAL32.dll
    2009-01-25 02:12:38 ----RA---- C:\WINDOWS\OALInst.exe
    2009-01-25 02:12:22 ----RA---- C:\WINDOWS\system32\CtDvInst.dll
    2009-01-25 02:12:21 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-01-25 02:12:12 ----RA---- C:\WINDOWS\system32\OLD65.tmp
    2009-01-25 02:12:08 ----RA---- C:\WINDOWS\system32\AppSetup.exe
    2009-01-25 02:12:08 ----RA---- C:\WINDOWS\sfsyn.ini
    2009-01-25 02:12:08 ----RA---- C:\WINDOWS\SF32.exe
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\SPIRun.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17res.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17CPI.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\OemSpi.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\EAX.DLL
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\A3d.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\resdef.exe
    2009-01-25 02:12:06 ----RA---- C:\WINDOWS\InRes.DLL
    2009-01-25 02:10:47 ----D---- C:\Program Files\Creative
    2009-01-25 02:09:24 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-01-25 02:09:21 ----D---- C:\Program Files\Common Files\InstallShield
    2009-01-25 02:07:50 ----D---- C:\Documents and Settings\E\Application Data\Identities
    2009-01-25 02:07:49 ----HD---- C:\Program Files\Uninstall Information
    2009-01-25 02:07:46 ----ASH---- C:\Documents and Settings\E\Application Data\desktop.ini
    2009-01-25 02:07:45 ----SD---- C:\Documents and Settings\E\Application Data\Microsoft
    2009-01-25 02:05:53 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-01-25 02:05:52 ----SD---- C:\WINDOWS\system32\Microsoft
    2009-01-25 02:05:52 ----D---- C:\WINDOWS\Prefetch
    2009-01-25 02:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-01-25 02:02:48 ----D---- C:\WINDOWS\system32\xircom
    2009-01-25 02:02:48 ----D---- C:\Program Files\xerox
    2009-01-25 02:02:48 ----D---- C:\Program Files\microsoft frontpage
    2009-01-25 02:02:30 ----A---- C:\WINDOWS\control.ini
    2009-01-25 02:02:30 ----A---- C:\AUTOEXEC.BAT
    2009-01-25 02:02:22 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-01-25 02:02:19 ----A---- C:\WINDOWS\system32\mapi32.dll
    2009-01-25 02:01:43 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-01-25 02:01:43 ----RD---- C:\WINDOWS\Offline Web Pages
    2009-01-25 02:01:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2009-01-25 02:01:39 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2009-01-25 02:01:35 ----HD---- C:\Program Files\WindowsUpdate
    2009-01-25 02:01:20 ----D---- C:\WINDOWS\system32\DirectX
    2009-01-25 02:01:03 ----A---- C:\WINDOWS\system32\atrace.dll
    2009-01-25 02:01:01 ----A---- C:\WINDOWS\system32\desktop.ini
    2009-01-25 02:01:01 ----A---- C:\WINDOWS\desktop.ini
    2009-01-25 02:00:55 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2009-01-25 02:00:54 ----D---- C:\Program Files\Common Files\Services
    2009-01-25 02:00:54 ----A---- C:\WINDOWS\system32\acctres.dll
    2009-01-25 02:00:52 ----SD---- C:\WINDOWS\Tasks
    2009-01-25 02:00:52 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2009-01-25 02:00:51 ----D---- C:\Program Files\Common Files\MSSoap
    2009-01-25 02:00:47 ----D---- C:\WINDOWS\system32\Macromed
    2009-01-25 02:00:47 ----D---- C:\WINDOWS\srchasst
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuweb.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wups.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wucltui.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuapi.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgr.dll
    2009-01-25 02:00:40 ----D---- C:\Program Files\Movie Maker
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrslv.dll
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrdm.dll
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2009-01-25 02:00:34 ----D---- C:\WINDOWS\system32\Restore
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srsvc.dll
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srrstr.dll
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltmc.exe
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltlib.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\srclient.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\ils.dll
    2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\msconf.dll
    2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2009-01-25 02:00:30 ----D---- C:\Program Files\NetMeeting
    2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoert2.dll
    2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetres.dll
    2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2009-01-25 02:00:28 ----D---- C:\Program Files\Outlook Express
    2009-01-25 02:00:28 ----A---- C:\WINDOWS\system32\schedsvc.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstinit.exe
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstask.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\isign32.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\inetcfg.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwdial.dll
    2009-01-25 02:00:22 ----D---- C:\Program Files\Internet Explorer
    2009-01-25 02:00:22 ----D---- C:\Program Files\Common Files\System
    2009-01-25 02:00:08 ----D---- C:\Program Files\ComPlus Applications
    2009-01-25 02:00:06 ----A---- C:\WINDOWS\vbaddin.ini
    2009-01-25 02:00:06 ----A---- C:\WINDOWS\vb.ini
    2009-01-25 02:00:02 ----D---- C:\WINDOWS\Registration
    2009-01-25 01:59:42 ----D---- C:\Program Files\Online Services
    2009-01-25 01:59:41 ----D---- C:\Program Files\Windows Media Player
    2009-01-25 01:59:38 ----D---- C:\Program Files\Messenger
    2009-01-25 01:59:35 ----D---- C:\Program Files\MSN Gaming Zone
    2009-01-25 01:59:35 ----A---- C:\WINDOWS\system32\write.exe
    2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\sndvol32.exe
    2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\hticons.dll
    2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\avwav.dll
    2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\winchat.exe
    2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avtapi.dll
    2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avmeter.dll
    2009-01-25 01:59:22 ----A---- C:\WINDOWS\system32\getuname.dll
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\winmine.exe
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\sol.exe
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\charmap.exe
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\calc.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tslabels.ini
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tskill.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tscon.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\shadow.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\reset.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\regini.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\qwinsta.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\mshearts.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\freecell.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msg.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\logoff.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
    2009-01-25 01:59:18 ----N---- C:\WINDOWS\system32\mtxdm.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\stclient.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxex.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comsnap.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comrepl.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comaddin.dll
    2009-01-25 01:59:11 ----A---- C:\WINDOWS\system32\wmimgmt.msc
    2009-01-25 01:59:00 ----D---- C:\Program Files\MSN
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\mplay32.exe
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\accwiz.exe
    2009-01-25 01:58:58 ----D---- C:\Program Files\Windows NT
    2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\spider.exe
    2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\mspaint.exe
    2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\remotepg.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdshost.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdchost.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstscax.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstsc.exe
    2009-01-25 01:58:56 ----D---- C:\WINDOWS\system32\MsDtc
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\tscupgrd.exe
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\termsrv.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpwsx.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpsnd.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpclip.exe
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\qprocess.exe
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\mtxoci.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\icaapi.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\xolehlp.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtctm.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtcprx.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtclog.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtc.exe
    2009-01-25 01:58:54 ----D---- C:\WINDOWS\system32\Com
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\colbact.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\clbcatex.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvut.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvps.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrv.dll
    2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comuid.dll
    2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comsvcs.dll
    2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\clbcatq.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\servdeps.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\mmfutil.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\licwmi.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\cmprops.dll
    2009-01-24 17:58:00 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-01-24 17:51:02 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-01-24 17:50:11 ----A---- C:\WINDOWS\imsins.BAK
    2009-01-24 17:50:09 ----SHD---- C:\WINDOWS\Installer
    2009-01-24 17:50:09 ----D---- C:\Program Files\Common Files\ODBC
    2009-01-24 17:50:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-01-24 17:50:09 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-01-24 17:50:06 ----RD---- C:\Program Files
    2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\SpeechEngines
    2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files
    2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-01-24 17:49:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP
    2009-01-24 17:49:53 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-01-24 17:49:53 ----A---- C:\WINDOWS\system32\batt.dll
    2009-01-24 17:49:53 ----A---- C:\WINDOWS\NOTEPAD.EXE
    2009-01-24 17:49:52 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-01-24 17:49:46 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-01-24 17:49:44 ----RA---- C:\WINDOWS\SET8.tmp
    2009-01-24 17:49:42 ----RA---- C:\WINDOWS\SET4.tmp
    2009-01-24 17:49:40 ----RA---- C:\WINDOWS\SET3.tmp
    2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot
    2009-01-24 17:49:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-01-24 17:49:12 ----A---- C:\WINDOWS\setuplog.txt
    2009-01-24 17:49:10 ----D---- C:\Documents and Settings
    2009-01-24 17:49:09 ----SHD---- C:\System Volume Information
    2009-01-24 17:48:37 ----RSH---- C:\boot.ini
    2009-01-24 17:43:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-01-24 17:43:45 ----RSD---- C:\WINDOWS\Fonts
    2009-01-24 17:43:45 ----RD---- C:\WINDOWS\Web
    2009-01-24 17:43:45 ----HD---- C:\WINDOWS\inf
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\WinSxS
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\twain_32
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Temp
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wins
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wbem
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\usmt
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\spool
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ShellExt
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\Setup
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ras
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\oobe
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\npp
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\mui
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\inetsrv
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\IME
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\icsxml
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ias
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\export
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\drivers
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\dhcp
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\config
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3076
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\2052
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1054
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1042
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1041
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1037
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1033
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1031
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1028
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1025
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\security
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Resources
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\repair
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Provisioning
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\PeerNet
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\pchealth
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\mui
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\msapps
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\msagent
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Media
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\java
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\ime
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Help
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Driver Cache
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Debug
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Cursors
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Connection Wizard
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Config
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\AppPatch
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\addins
    2009-01-24 17:43:45 ----D---- C:\WINDOWS

    ======List of files/folders modified in the last 3 months======

    2009-03-29 17:38:16 ----A---- C:\WINDOWS\win.ini
    2009-03-22 07:00:44 ----A---- C:\WINDOWS\system.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
    R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
    R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
    R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 RVIEG01;VSC Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys []
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
    R3 ControlTransferDriver;AudioBox USB Control Transfer; C:\WINDOWS\System32\Drivers\PreSonusUsb_xfer.sys [2008-02-18 28576]
    R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-12-07 142336]
    R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2006-08-07 162176]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
    R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-26 54400]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-26 22016]
    R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-12-07 114688]
    R3 P17xfi;Sound Blaster X-Fi Xtreme Audio; C:\WINDOWS\system32\drivers\P17xfi.sys [2007-11-21 1174528]
    R3 p17xfilt;p17xfilt; C:\WINDOWS\system32\drivers\p17xfilt.sys [2007-10-10 1664384]
    R3 preSonusUsb;PreSonusUsb; C:\WINDOWS\System32\Drivers\preSonusUsb.sys [2008-02-18 49280]
    R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]
    S1 gaopdxserv.sys;gaopdxserv.sys; C:\WINDOWS\system32\drivers\gaopdxserv.sys []
    S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
    S3 ao2ua9iq;ao2ua9iq; C:\WINDOWS\system32\drivers\ao2ua9iq.sys []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-22 49920]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-22 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
    S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
    S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
    S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys [2007-10-24 23288]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
    R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-04-24 598016]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
    R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-04-24 176128]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-13 272024]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
    S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
    S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

    -----------------EOF-----------------

  6. #6
    Junior Member
    Join Date
    Mar 2009
    Posts
    9

    Default RSIT info.txt

    I really appreciate your quick reply, Shaba. Thank you. Here is the final log file of the group.

    edc

    info.txt logfile of random's system information tool 1.06 2009-04-01 02:36:49

    ======Uninstall list======

    -->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
    -->"C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009
    -->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
    -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
    -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
    -->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
    -->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
    -->"C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\NuNInst.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x9 /remove
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x9 /remove
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
    Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
    Acoustica Mixcraft 4.2-->C:\PROGRA~1\ACOUST~1\Unwise.exe
    Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
    Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
    AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly
    AnswerWorks Runtime-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu"
    Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ArcSoft MediaImpression for Kodak-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C70D3E4-8965-4C28-9B19-B526CD9F1C9F}\Setup.exe" -l0x9
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
    Baseball Mogul 2009-->"C:\Documents and Settings\All Users\Application Data\{29504223-5D4F-495C-BAC6-1C6DB2EEF1C8}\bb2k9-setup-1104-release.exe" REMOVE=TRUE MODIFY=FALSE
    Baseball Mogul 2009-->"C:\Program Files\Strategy First\Baseball Mogul 2009\unins000.exe"
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    Corel Applications-->C:\WINDOWS\Corel\Uninst32.exe
    Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
    Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
    Creative Software AutoUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove
    Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
    Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
    CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
    Finale 2008-->C:\Program Files\Finale 2008\uninstallFinale.exe
    Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
    FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul
    Google Talk Plugin-->MsiExec.exe /I{B279F2F1-3B2F-3A96-AC11-5743CD43DCCB}
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
    Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
    HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
    HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
    HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
    iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
    IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
    Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
    LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
    LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
    Magic ISO Maker v5.5 (build 0273)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Master Blues Piano Solos Volume 1-->"c:\bb\unins016.exe"
    Master Flatpick Guitar Volume 1-->"c:\Program Files\flatpick_guitar_solos\unins001.exe"
    Master Jazz Guitar Solos SuperPAK-->"C:\Program Files\Jazz_Guitar_Solos_Vol_1-4\unins001.exe"
    MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
    MediaMonkey Script - CustomReport 1.7-->"C:\Program Files\MediaMonkey\unins001.exe"
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Project MUI (English) 2007-->MsiExec.exe /X{90120000-00B4-0409-0000-0000000FF1CE}
    Microsoft Office Project Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL
    Microsoft Office Project Professional 2007-->MsiExec.exe /X{90120000-003B-0000-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Visio MUI (English) 2007-->MsiExec.exe /X{90120000-0054-0409-0000-0000000FF1CE}
    Microsoft Office Visio Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
    Microsoft Office Visio Professional 2007-->MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Nero 7 Essentials-->MsiExec.exe /X{EF3E420F-2DCF-4C24-8E37-896801901033}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x0409 -removeonly
    NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
    PDF Text Reader-->MsiExec.exe /I{17D95DC6-0FF1-40CF-9C09-B7C8B314D45B}
    PG Music DirectX Plugins 1.3.4.1-->"C:\Program Files\PowerTracks DirectX Plugins\unins000.exe"
    PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
    PreSonus 1.0.9.0 Driver-->"C:\Program Files\AudioBox USB\unins000.exe"
    QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
    SecurDisc Viewer-->MsiExec.exe /X{BE90CE58-41DE-4708-9291-A9D1D49B1033}
    Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
    Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
    Security Update for Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
    Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
    Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
    Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
    Sound Blaster X-Fi Xtreme Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{53E2DCBB-E6F7-4C83-B1EF-F78435B9814E}\SETUP.EXE" -l0x9 /remove
    SoundCapture-->C:\PROGRA~1\MAGICS~1\SC\UNWISE.EXE C:\PROGRA~1\MAGICS~1\SC\INSTALL.LOG
    Steinberg Cubase LE 4-->MsiExec.exe /I{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}
    Steinberg Cubase SX v3.1.1.944-->C:\PROGRA~1\STEINB~1\CUBASE~2\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~2\INSTALL.LOG
    SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
    SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
    Syncrosoft License Control-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
    Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
    Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
    Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
    Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
    Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
    Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
    Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
    Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
    Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
    Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
    Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
    Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
    Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
    VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
    Virtual Sound Canvas DXi-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{745877DC-8FFE-4E4C-ABBC-589B887A47D1}\setup.exe" UNINSTALL_XXX
    VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
    Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
    Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
    Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
    Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
    Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
    Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

    ======Security center information======

    AV: avast! antivirus 4.8.1335 [VPS 090331-0]
    FW: ZoneAlarm Firewall

    ======System event log======

    Computer Name: E-3F4ED97A65D34
    Event Code: 7000
    Message: The PfModNT service failed to start due to the following error:
    The system cannot find the file specified.


    Record Number: 1901
    Source Name: Service Control Manager
    Time Written: 20090215003812.000000-300
    Event Type: error
    User:

    Computer Name: E-3F4ED97A65D34
    Event Code: 7000
    Message: The Nero Registry InCD Service service failed to start due to the following error:
    The system cannot find the file specified.


    Record Number: 1900
    Source Name: Service Control Manager
    Time Written: 20090215003812.000000-300
    Event Type: error
    User:

    Computer Name: E-3F4ED97A65D34
    Event Code: 1003
    Message: Your computer was not able to renew its address from the network (from the
    DHCP Server) for the Network Card with network address 002215E00EA4. The following
    error occurred:
    The operation was canceled by the user.
    .
    Your computer will continue to try and obtain an address on its own from
    the network address (DHCP) server.

    Record Number: 1899
    Source Name: Dhcp
    Time Written: 20090215003755.000000-300
    Event Type: warning
    User:

    Computer Name: E-3F4ED97A65D34
    Event Code: 51
    Message: An error was detected on device \Device\Harddisk1\D during a paging operation.

    Record Number: 1884
    Source Name: Disk
    Time Written: 20090213001856.000000-300
    Event Type: warning
    User:

    Computer Name: E-3F4ED97A65D34
    Event Code: 51
    Message: An error was detected on device \Device\Harddisk1\D during a paging operation.

    Record Number: 1871
    Source Name: Disk
    Time Written: 20090212131223.000000-300
    Event Type: warning
    User:

    =====Application event log=====

    Computer Name: E-3F4ED97A65D34
    Event Code: 1000
    Message: Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028, faulting module mso.dll, version 12.0.4518.1014, stamp 4542867b, debug? 0, fault address 0x00305b5f.

    Record Number: 15589
    Source Name: Microsoft Office 12
    Time Written: 20090309212003.000000-300
    Event Type: error
    User:

    Computer Name: E-3F4ED97A65D34
    Event Code: 1002
    Message: Hanging application iTunes.exe, version 8.0.2.20, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Record Number: 15588
    Source Name: Application Hang
    Time Written: 20090309111027.000000-300
    Event Type: error
    User:

    Computer Name: E-3F4ED97A65D34
    Event Code: 1517
    Message: Windows saved user E-3F4ED97A65D34\E registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


    This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

    Record Number: 15578
    Source Name: Userenv
    Time Written: 20090309025303.000000-300
    Event Type: warning
    User: NT AUTHORITY\SYSTEM

    Computer Name: E-3F4ED97A65D34
    Event Code: 1000
    Message: Faulting application winword.exe, version 12.0.4518.1014, stamp 45428028, faulting module hpz3r5ha.dll, version 61.71.246.0, stamp 460a27bd, debug? 0, fault address 0x000467e8.

    Record Number: 15577
    Source Name: Microsoft Office 12
    Time Written: 20090309022818.000000-300
    Event Type: error
    User:

    Computer Name: E-3F4ED97A65D34
    Event Code: 1000
    Message: Faulting application skype.exe, version 4.0.0.206, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

    Record Number: 15576
    Source Name: Application Error
    Time Written: 20090309010930.000000-300
    Event Type: error
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=6b02
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "tvdumpflags"=8

    -----------------EOF-----------------

  7. #7
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    LimeWire 4.18.8

    I'd like you to read the this thread.

    Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

    Delete info.txt from c:\rsit folder.

    Please run a new rsitl scan when finished and post the logs back here.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  8. #8
    Junior Member
    Join Date
    Mar 2009
    Posts
    9

    Default Programs uninstalled, RSIT new log file posted (part 1)

    Hi Saba,

    I removed the programs you mentioned. When I ran RSIT this time it created only one log file, log.txt (there was no info.txt). I tried again, same thing.

    Regards,

    edc1111

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by E at 2009-04-01 12:46:14
    Microsoft Windows XP Home Edition Service Pack 2
    System drive C: has 68 GB (68%) free of 101 GB
    Total RAM: 2943 MB (77% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:46:16 PM, on 4/1/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\SNDVOL32.EXE
    C:\Program Files\iTunes\iTunes.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
    C:\Documents and Settings\E\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\E.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    F3 - REG:win.ini: load=???
    ?
    F3 - REG:win.ini: run=???
    ?
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
    O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PreSonusUSBInstallApp] C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9271 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1220945662-725345543-1004.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
    HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
    HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2007-02-28 180224]
    "P17Helper"=Rundll32 SPIRun.dll,RunDLLEntry []
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
    "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-12 49152]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "PreSonusUSBInstallApp"=C:\Program Files\AudioBox USB\InstPresonusUSBDrv.exe [2008-03-07 28672]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
    "ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]
    "H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe []
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
    "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720]
    "Google Update"=C:\Documents and Settings\E\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-24 133104]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative MediaSource Go]
    C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe [2006-11-09 204800]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
    C:\WINDOWS\CTRegRun.EXE [2006-10-06 53248]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2008-02-18 1057064]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
    C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-09 52256]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
    C:\Program Files\lg_fwupdate\fwupdate.exe [2007-02-26 249856]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
    ? ?????????????????????? []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-02-27 570664]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    nwiz.exe /install []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-15 71216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
    ? ?????????????????????? []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
    C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2008-02-18 1629480]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Registration.lnk]
    C:\PROGRA~1\Corel\WORDPE~1\Register\Remind32.exe [1998-07-23 67584]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL 9.LNK]
    C:\PROGRA~1\Corel\WORDPE~1\programs\ccwin9.exe [1999-03-31 589824]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL Alarms.LNK]
    C:\PROGRA~1\Corel\WORDPE~1\programs\alarm.exe [1999-03-30 225280]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Application Director 9.LNK]
    C:\PROGRA~1\Corel\WORDPE~1\programs\dad9.exe [1999-03-29 225280]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
    "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
    "C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\E\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
    "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69851a73-f856-11dd-bb4b-002215e00ea4}]
    shell\AutoRun\command - J:\MI.exe

  9. #9
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Please check if that is in c:\rsit folder.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  10. #10
    Junior Member
    Join Date
    Mar 2009
    Posts
    9

    Default Part 2 of new RSIT log file

    I submitted this 2nd half right after the 1st half 12 hrs ago before I went out. Just came back home and the page was still loading, trying to "post itself". Very unusual.... So here it is finally.

    ======List of files/folders created in the last 3 months======

    2009-04-01 02:36:40 ----D---- C:\rsit
    2009-04-01 02:13:51 ----D---- C:\Documents and Settings\E\Application Data\Malwarebytes
    2009-04-01 02:13:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-04-01 02:13:46 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-03-31 02:10:10 ----D---- C:\Program Files\Trend Micro
    2009-03-31 01:44:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-03-31 01:29:26 ----D---- C:\Program Files\Lavasoft
    2009-03-31 01:29:26 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2009-03-31 01:29:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-03-30 12:27:20 ----D---- C:\Documents and Settings\All Users\Application Data\Syncrosoft
    2009-03-30 12:27:09 ----D---- C:\Program Files\Syncrosoft
    2009-03-29 18:46:55 ----A---- C:\WINDOWS\sc.INI
    2009-03-29 18:46:02 ----D---- C:\Program Files\MagicSofts
    2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-03-29 18:30:25 ----A---- C:\WINDOWS\system32\java.exe
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\rmbe3260.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32sipr.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra32dnet.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3228_8.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\ra3214_4.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pngu3263.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pneng50.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pncrt.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\pnc3250.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcr70.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\msvcp70.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\encdnet.dll
    2009-03-29 05:29:38 ----A---- C:\WINDOWS\system32\decdnet.dll
    2009-03-24 22:48:07 ----D---- C:\Documents and Settings\E\Application Data\ArcSoft
    2009-03-24 22:48:06 ----D---- C:\Documents and Settings\All Users\Application Data\ArcSoft
    2009-03-24 22:47:17 ----A---- C:\WINDOWS\system32\unicows.dll
    2009-03-24 22:46:57 ----D---- C:\Program Files\Kodak
    2009-03-24 22:46:57 ----D---- C:\Program Files\Common Files\ArcSoft
    2009-03-23 05:41:12 ----D---- C:\Program Files\Audacity
    2009-03-22 04:50:45 ----D---- C:\Program Files\Java
    2009-03-20 19:40:30 ----D---- C:\Program Files\GPLGS
    2009-03-20 19:39:59 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
    2009-03-20 19:39:53 ----D---- C:\Program Files\Acro Software
    2009-03-17 01:58:04 ----A---- C:\WINDOWS\system32\Ltih30tb.dll
    2009-03-17 01:58:03 ----D---- C:\Program Files\WexTech
    2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\WexTech Shared
    2009-03-17 01:58:03 ----D---- C:\Program Files\Common Files\LHSPF
    2009-03-17 01:57:59 ----A---- C:\WINDOWS\IsUninst.exe
    2009-03-17 01:55:45 ----N---- C:\WINDOWS\system32\FXAB32.DLL
    2009-03-17 01:55:44 ----N---- C:\WINDOWS\system32\fxdb.dll
    2009-03-17 01:55:13 ----N---- C:\WINDOWS\system32\iduninst.dll
    2009-03-17 01:55:04 ----D---- C:\Program Files\Borland
    2009-03-17 01:54:58 ----N---- C:\WINDOWS\system32\awpe.dll
    2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\mfcuia32.dll
    2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\MFCANS32.DLL
    2009-03-17 01:54:57 ----N---- C:\WINDOWS\system32\LTIH21TB.DLL
    2009-03-17 01:54:57 ----A---- C:\WINDOWS\system32\awrtl30.dll
    2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shlwp9en.dll
    2009-03-17 01:54:41 ----N---- C:\WINDOWS\system32\shellwp.dll
    2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\opengl.dll
    2009-03-17 01:54:40 ----N---- C:\WINDOWS\system32\glut.dll
    2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\glu.dll
    2009-03-17 01:54:39 ----N---- C:\WINDOWS\system32\csh.dll
    2009-03-17 01:54:23 ----D---- C:\Program Files\Corel
    2009-03-17 01:53:13 ----D---- C:\WINDOWS\Corel
    2009-03-16 01:03:49 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-03-15 03:50:37 ----D---- C:\Documents and Settings\All Users\Application Data\Quick Heal
    2009-03-15 03:46:01 ----A---- C:\WINDOWS\sensor.INI
    2009-03-15 03:45:35 ----D---- C:\Program Files\Quick Heal
    2009-03-14 18:26:47 ----D---- C:\Documents and Settings\E\Application Data\Sony Setup
    2009-03-14 18:26:32 ----D---- C:\Program Files\Sony Setup
    2009-03-13 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-03-13 03:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
    2009-03-13 03:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
    2009-03-12 22:56:53 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
    2009-03-12 22:56:50 ----D---- C:\Program Files\Yahoo!
    2009-03-08 20:01:20 ----D---- C:\Documents and Settings\All Users\Application Data\MediaMonkey
    2009-03-08 05:53:54 ----D---- C:\Program Files\Jazz_Guitar_Solos_Vol_1-4
    2009-03-08 05:53:44 ----D---- C:\Program Files\flatpick_guitar_solos
    2009-03-08 05:53:31 ----D---- C:\Program Files\Roland
    2009-03-07 18:55:15 ----D---- C:\Documents and Settings\E\Application Data\Help
    2009-03-06 22:43:32 ----A---- C:\WINDOWS\demdata.txt
    2009-03-06 20:56:15 ----D---- C:\Program Files\Garritan Instruments for Finale
    2009-03-06 20:56:13 ----D---- C:\Program Files\Kontakt Player 2
    2009-03-06 20:54:24 ----D---- C:\PSFONTS
    2009-03-06 20:53:33 ----D---- C:\Program Files\Finale 2008
    2009-03-06 20:17:02 ----D---- C:\Program Files\IZArc
    2009-03-06 00:00:01 ----D---- C:\Program Files\Steinberg
    2009-03-06 00:00:01 ----D---- C:\Documents and Settings\E\Application Data\Steinberg
    2009-03-05 23:57:52 ----A---- C:\WINDOWS\system32\Synsopos.exe
    2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SynsoLChk.dll
    2009-03-05 23:57:50 ----A---- C:\WINDOWS\system32\SYNSOACC.dll
    2009-03-05 23:47:48 ----A---- C:\WINDOWS\system32\USBFindDevice.dll
    2009-03-05 23:47:47 ----D---- C:\Program Files\AudioBox USB
    2009-03-03 03:28:10 ----D---- C:\WINDOWS\Minidump
    2009-03-02 02:47:11 ----A---- C:\WINDOWS\BBW_INFO.INI
    2009-03-02 02:46:39 ----D---- C:\Program Files\PowerTracks DirectX Plugins
    2009-03-02 02:45:16 ----D---- C:\bb
    2009-03-01 18:46:22 ----D---- C:\Program Files\Common Files\Skype
    2009-02-27 02:49:52 ----D---- C:\Program Files\Common Files\DESIGNER
    2009-02-26 15:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-02-17 13:59:10 ----A---- C:\WINDOWS\CDPlayer.ini
    2009-02-16 03:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-02-15 05:53:25 ----D---- C:\Program Files\NCH Swift Sound
    2009-02-15 05:53:25 ----D---- C:\Documents and Settings\E\Application Data\NCH Swift Sound
    2009-02-14 20:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-02-14 20:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-02-14 20:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
    2009-02-14 17:12:48 ----D---- C:\Program Files\PDF Text Reader
    2009-02-14 17:12:34 ----D---- C:\Documents and Settings\E\Application Data\CTdeveloping
    2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\devil.dll
    2009-02-11 22:43:05 ----A---- C:\WINDOWS\system32\avisynth.dll
    2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\yv12vfw.dll
    2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\i420vfw.dll
    2009-02-11 22:43:04 ----A---- C:\WINDOWS\system32\AVSredirect.dll
    2009-02-11 22:43:03 ----D---- C:\Program Files\AviSynth 2.5
    2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\nbDX.dll
    2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\msfDX.dll
    2009-02-11 22:42:55 ----RSH---- C:\WINDOWS\system32\flvDX.dll
    2009-02-11 22:42:49 ----D---- C:\Program Files\eRightSoft
    2009-02-11 04:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
    2009-02-11 01:45:35 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2009-02-11 01:45:07 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-02-11 01:45:06 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2009-02-11 01:44:58 ----A---- C:\WINDOWS\system32\wmpns.dll
    2009-02-11 01:44:49 ----D---- C:\Program Files\Windows Media Connect 2
    2009-02-11 01:44:40 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2009-02-11 01:43:39 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-02-11 01:42:59 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2009-02-07 05:00:46 ----D---- C:\Documents and Settings\E\Application Data\vlc
    2009-02-06 04:43:48 ----D---- C:\Documents and Settings\E\Application Data\HP
    2009-02-05 05:52:53 ----D---- C:\Program Files\IrfanView
    2009-02-05 05:15:14 ----D---- C:\Program Files\VideoLAN
    2009-02-05 04:24:15 ----D---- C:\Program Files\Strategy First
    2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Pro
    2009-02-05 04:09:30 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools
    2009-02-05 04:08:41 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
    2009-02-05 04:07:56 ----D---- C:\Program Files\DAEMON Tools Lite
    2009-02-05 04:03:56 ----D---- C:\Documents and Settings\E\Application Data\DAEMON Tools Lite
    2009-02-04 18:46:08 ----D---- C:\Program Files\Sports Mogul
    2009-02-04 18:44:55 ----D---- C:\Documents and Settings\All Users\Application Data\{29504223-5D4F-495C-BAC6-1C6DB2EEF1C8}
    2009-02-03 07:47:41 ----D---- C:\Program Files\MagicISO
    2009-02-02 18:30:06 ----D---- C:\Documents and Settings\E\Application Data\Ahead
    2009-01-30 02:35:35 ----D---- C:\Documents and Settings\E\Application Data\LimeWire
    2009-01-30 00:25:23 ----D---- C:\Program Files\Common Files\Adobe AIR
    2009-01-30 00:24:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-01-30 00:24:34 ----D---- C:\Program Files\Common Files\Adobe
    2009-01-30 00:24:34 ----D---- C:\Program Files\Adobe
    2009-01-30 00:22:43 ----D---- C:\Program Files\NOS
    2009-01-30 00:22:43 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-01-29 01:15:46 ----D---- C:\WINDOWS\Sun
    2009-01-27 15:14:29 ----D---- C:\Program Files\MSECache
    2009-01-26 18:34:14 ----D---- C:\Program Files\Foxit Software
    2009-01-26 07:16:51 ----D---- C:\Documents and Settings\E\Application Data\Acoustica
    2009-01-26 07:16:30 ----A---- C:\WINDOWS\system32\Wnaspint.dll
    2009-01-26 07:16:28 ----D---- C:\Program Files\Acoustica Shared Effects
    2009-01-26 07:11:17 ----D---- C:\Documents and Settings\All Users\Application Data\Acoustica
    2009-01-26 06:59:44 ----A---- C:\WINDOWS\system32\deploytk.dll
    2009-01-26 06:27:28 ----D---- C:\Documents and Settings\E\Application Data\Sun
    2009-01-26 06:26:25 ----D---- C:\Program Files\Acoustica Mixcraft 4
    2009-01-26 05:18:02 ----SHD---- C:\RECYCLER
    2009-01-26 04:13:37 ----D---- C:\Documents and Settings\E\Application Data\uTorrent
    2009-01-26 02:20:41 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-01-25 20:16:32 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
    2009-01-25 19:56:33 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
    2009-01-25 19:56:27 ----D---- C:\Documents and Settings\E\Application Data\HPAppData
    2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
    2009-01-25 19:55:37 ----D---- C:\Documents and Settings\All Users\Application Data\HP
    2009-01-25 19:55:25 ----D---- C:\Program Files\Common Files\HP
    2009-01-25 19:55:13 ----D---- C:\Program Files\Hewlett-Packard
    2009-01-25 19:55:05 ----D---- C:\Program Files\Common Files\Hewlett-Packard
    2009-01-25 19:41:43 ----A---- C:\WINDOWS\ODBC.INI
    2009-01-25 19:41:24 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2009-01-25 19:41:07 ----A---- C:\WINDOWS\system32\hpzll5ha.dll
    2009-01-25 19:39:04 ----A---- C:\WINDOWS\system32\hpzids01.dll
    2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpowiax3.dll
    2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpovst10.dll
    2009-01-25 19:39:01 ----A---- C:\WINDOWS\system32\hpotscl3.dll
    2009-01-25 19:38:54 ----D---- C:\Program Files\HP
    2009-01-25 19:37:53 ----HD---- C:\Config.Msi
    2009-01-25 19:21:08 ----A---- C:\WINDOWS\system32\msonpmon.dll
    2009-01-25 19:20:33 ----D---- C:\Program Files\Microsoft Works
    2009-01-25 19:20:28 ----D---- C:\Program Files\MSBuild
    2009-01-25 19:20:12 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-01-25 19:17:36 ----D---- C:\WINDOWS\SHELLNEW
    2009-01-25 19:17:18 ----D---- C:\Program Files\Microsoft Office
    2009-01-25 19:17:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-01-25 19:17:03 ----RHD---- C:\MSOCache
    2009-01-25 18:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
    2009-01-25 18:51:19 ----A---- C:\WINDOWS\zllsputility.exe
    2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\vsregexp.dll
    2009-01-25 18:51:10 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
    2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcommdb.dll
    2009-01-25 18:51:09 ----A---- C:\WINDOWS\system32\zlcomm.dll
    2009-01-25 18:51:06 ----D---- C:\WINDOWS\system32\ZoneLabs
    2009-01-25 18:51:06 ----D---- C:\Program Files\Zone Labs
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\zpeng24.dll
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vsxml.dll
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vswmi.dll
    2009-01-25 18:51:06 ----A---- C:\WINDOWS\system32\vspubapi.dll
    2009-01-25 18:51:05 ----A---- C:\WINDOWS\system32\vsmonapi.dll
    2009-01-25 18:48:40 ----D---- C:\WINDOWS\Internet Logs
    2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsutil.dll
    2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsinit.dll
    2009-01-25 18:48:40 ----A---- C:\WINDOWS\system32\vsdata.dll
    2009-01-25 18:36:47 ----D---- C:\WINDOWS\system32\LogFiles
    2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\MFC71.dll
    2009-01-25 18:36:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-01-25 18:36:15 ----D---- C:\Program Files\Alwil Software
    2009-01-25 06:50:44 ----D---- C:\Documents and Settings\E\Application Data\skypePM
    2009-01-25 06:49:37 ----D---- C:\Documents and Settings\E\Application Data\Skype
    2009-01-25 06:49:07 ----RD---- C:\Program Files\Skype
    2009-01-25 06:48:58 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
    2009-01-25 04:57:05 ----D---- C:\Documents and Settings\E\Application Data\DivX
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\vxblock.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxwave.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxsfs.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxmas.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsi64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxinsa64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxhpinst.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxdrv.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxcpya64.exe
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\pxafs.dll
    2009-01-25 04:54:19 ----N---- C:\WINDOWS\system32\px.dll
    2009-01-25 04:53:45 ----D---- C:\Program Files\DivX
    2009-01-25 04:50:07 ----A---- C:\WINDOWS\NeroDigital.ini
    2009-01-25 04:50:05 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
    2009-01-25 04:50:00 ----D---- C:\Documents and Settings\E\Application Data\Azureus
    2009-01-25 04:47:43 ----D---- C:\Program Files\Vuze
    2009-01-25 04:47:43 ----D---- C:\Program Files\Common Files\i4j_jres
    2009-01-25 04:42:30 ----D---- C:\Program Files\MediaMonkey
    2009-01-25 04:39:47 ----D---- C:\Program Files\MSXML 4.0
    2009-01-25 04:37:09 ----D---- C:\Documents and Settings\E\Application Data\CyberLink
    2009-01-25 04:37:06 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2009-01-25 04:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
    2009-01-25 04:30:11 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
    2009-01-25 04:29:59 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-01-25 04:27:08 ----D---- C:\Program Files\Nero
    2009-01-25 04:27:08 ----D---- C:\Program Files\Common Files\Ahead
    2009-01-25 04:27:08 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
    2009-01-25 04:26:34 ----D---- C:\WINDOWS\RegisteredPackages
    2009-01-25 04:26:06 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-01-25 04:26:05 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-01-25 04:25:04 ----D---- C:\Temp
    2009-01-25 04:24:27 ----A---- C:\WINDOWS\lgfwup.ini
    2009-01-25 04:24:25 ----D---- C:\Program Files\lg_fwupdate
    2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\Vb6stkit.dll
    2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\VB6KO.DLL
    2009-01-25 04:24:25 ----A---- C:\WINDOWS\system32\lgfwunis.exe
    2009-01-25 04:22:29 ----N---- C:\WINDOWS\system32\msxml3a.dll
    2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcr71.dll
    2009-01-25 04:21:58 ----A---- C:\WINDOWS\system32\msvcp71.dll
    2009-01-25 04:21:45 ----D---- C:\Program Files\CyberLink
    2009-01-25 04:15:21 ----D---- C:\WINDOWS\pss
    2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Macromedia
    2009-01-25 04:12:11 ----D---- C:\Documents and Settings\E\Application Data\Adobe
    2009-01-25 04:05:37 ----D---- C:\Documents and Settings\E\Application Data\WinRAR
    2009-01-25 04:05:23 ----D---- C:\Program Files\WinRAR
    2009-01-25 03:35:03 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
    2009-01-25 03:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
    2009-01-25 03:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-01-25 03:34:32 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
    2009-01-25 03:34:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-01-25 03:34:08 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
    2009-01-25 03:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-01-25 03:33:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-01-25 03:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
    2009-01-25 03:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
    2009-01-25 03:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
    2009-01-25 03:32:53 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
    2009-01-25 03:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
    2009-01-25 03:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
    2009-01-25 03:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
    2009-01-25 03:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
    2009-01-25 03:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2009-01-25 03:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
    2009-01-25 03:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
    2009-01-25 03:30:49 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
    2009-01-25 03:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
    2009-01-25 03:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
    2009-01-25 03:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
    2009-01-25 03:29:27 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
    2009-01-25 03:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
    2009-01-25 03:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
    2009-01-25 03:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
    2009-01-25 03:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
    2009-01-25 03:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
    2009-01-25 03:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
    2009-01-25 03:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
    2009-01-25 03:28:05 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
    2009-01-25 03:27:53 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
    2009-01-25 03:27:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-01-25 03:27:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2009-01-25 03:27:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2009-01-25 03:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
    2009-01-25 03:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
    2009-01-25 03:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2009-01-25 03:26:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
    2009-01-25 03:26:12 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
    2009-01-25 03:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
    2009-01-25 03:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
    2009-01-25 03:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
    2009-01-25 03:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-01-25 03:25:07 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
    2009-01-25 03:24:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
    2009-01-25 03:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
    2009-01-25 03:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
    2009-01-25 03:24:26 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
    2009-01-25 03:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
    2009-01-25 03:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
    2009-01-25 03:23:32 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
    2009-01-25 03:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
    2009-01-25 03:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
    2009-01-25 03:23:03 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
    2009-01-25 03:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-01-25 03:22:25 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
    2009-01-25 03:22:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-01-25 03:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
    2009-01-25 03:21:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-01-25 03:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
    2009-01-25 03:21:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-01-25 03:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
    2009-01-25 03:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-01-25 03:21:00 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
    2009-01-25 03:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
    2009-01-25 03:20:36 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
    2009-01-25 03:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
    2009-01-25 03:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-01-25 03:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
    2009-01-25 03:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
    2009-01-25 03:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
    2009-01-25 03:19:21 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
    2009-01-25 03:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
    2009-01-25 03:19:04 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
    2009-01-25 03:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
    2009-01-25 03:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
    2009-01-25 03:18:32 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
    2009-01-25 03:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-01-25 03:17:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
    2009-01-25 03:16:59 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2009-01-25 03:16:38 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
    2009-01-25 03:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
    2009-01-25 03:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-01-25 03:15:53 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-01-25 03:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
    2009-01-25 03:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-01-25 03:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-01-25 03:15:02 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
    2009-01-25 03:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
    2009-01-25 03:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
    2009-01-25 03:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
    2009-01-25 03:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
    2009-01-25 03:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
    2009-01-25 03:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
    2009-01-25 03:14:22 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-01-25 03:13:47 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-01-25 03:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
    2009-01-25 03:13:35 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
    2009-01-25 03:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
    2009-01-25 03:00:29 ----D---- C:\Documents and Settings\E\Application Data\Apple Computer
    2009-01-25 03:00:21 ----A---- C:\WINDOWS\system32\GEARAspi.dll
    2009-01-25 03:00:06 ----D---- C:\Program Files\iPod
    2009-01-25 03:00:04 ----D---- C:\Program Files\iTunes
    2009-01-25 03:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2009-01-25 02:59:52 ----D---- C:\Program Files\Bonjour
    2009-01-25 02:59:29 ----D---- C:\Program Files\QuickTime
    2009-01-25 02:59:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2009-01-25 02:59:17 ----D---- C:\Program Files\Apple Software Update
    2009-01-25 02:58:59 ----D---- C:\Program Files\Common Files\Apple
    2009-01-25 02:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
    2009-01-25 02:48:37 ----D---- C:\Documents and Settings\E\Application Data\Mozilla
    2009-01-25 02:48:04 ----D---- C:\Program Files\Mozilla Firefox
    2009-01-25 02:47:15 ----D---- C:\WINDOWS\system32\PreInstall
    2009-01-25 02:47:14 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2009-01-25 02:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-01-25 02:47:12 ----HD---- C:\WINDOWS\$hf_mig$
    2009-01-25 02:44:48 ----A---- C:\WINDOWS\system32\wpa.bak
    2009-01-25 02:40:28 ----D---- C:\WINDOWS\AsusInstAll
    2009-01-25 02:39:04 ----D---- C:\Program Files\NVIDIA Corporation
    2009-01-25 02:38:05 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2009-01-25 02:37:27 ----D---- C:\WINDOWS\nview
    2009-01-25 02:37:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
    2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
    2009-01-25 02:36:57 ----RA---- C:\WINDOWS\system32\fdco1.dll
    2009-01-25 02:36:55 ----A---- C:\WINDOWS\system32\nvunrm.exe
    2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\nvconrm.dll
    2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
    2009-01-25 02:36:49 ----RA---- C:\WINDOWS\system32\bdco1.dll
    2009-01-25 02:36:47 ----RA---- C:\WINDOWS\system32\nvusmb.exe
    2009-01-25 02:36:41 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
    2009-01-25 02:31:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-01-25 02:31:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-01-25 02:31:31 ----D---- C:\Program Files\AMD
    2009-01-25 02:30:00 ----D---- C:\Documents and Settings\E\Application Data\Symantec
    2009-01-25 02:27:54 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
    2009-01-25 02:27:37 ----D---- C:\Program Files\Common Files\Symantec Shared
    2009-01-25 02:27:16 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
    2009-01-25 02:25:57 ----A---- C:\WINDOWS\Ascd_log.ini
    2009-01-25 02:25:51 ----D---- C:\Documents and Settings\E\Application Data\InstallShield
    2009-01-25 02:25:00 ----A---- C:\WINDOWS\Ascd_tmp.ini
    2009-01-25 02:19:40 ----D---- C:\Documents and Settings\E\Application Data\Creative
    2009-01-25 02:16:12 ----N---- C:\WINDOWS\Ctregrun.exe
    2009-01-25 02:14:12 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
    2009-01-25 02:14:01 ----D---- C:\Program Files\Common Files\Creative
    2009-01-25 02:14:00 ----HD---- C:\Program Files\Creative Installation Information
    2009-01-25 02:13:28 ----N---- C:\WINDOWS\system32\AudioDrv.ini
    2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\Ludap17.ini
    2009-01-25 02:13:10 ----RA---- C:\WINDOWS\system32\ctzapxx.ini
    2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfms32.dll
    2009-01-25 02:12:42 ----RA---- C:\WINDOWS\system32\sfman32.dll
    2009-01-25 02:12:42 ----RA---- C:\WINDOWS\MIDIDEF.EXE
    2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpAA.tmp
    2009-01-25 02:12:39 ----RA---- C:\WINDOWS\system32\tmpA9.tmp
    2009-01-25 02:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
    2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\wrap_oal.dll
    2009-01-25 02:12:39 ----A---- C:\WINDOWS\system32\OpenAL32.dll
    2009-01-25 02:12:38 ----RA---- C:\WINDOWS\OALInst.exe
    2009-01-25 02:12:22 ----RA---- C:\WINDOWS\system32\CtDvInst.dll
    2009-01-25 02:12:21 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-01-25 02:12:12 ----RA---- C:\WINDOWS\system32\OLD65.tmp
    2009-01-25 02:12:08 ----RA---- C:\WINDOWS\system32\AppSetup.exe
    2009-01-25 02:12:08 ----RA---- C:\WINDOWS\sfsyn.ini
    2009-01-25 02:12:08 ----RA---- C:\WINDOWS\SF32.exe
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\SPIRun.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17res.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\P17CPI.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\OemSpi.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\EAX.DLL
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\system32\A3d.dll
    2009-01-25 02:12:07 ----RA---- C:\WINDOWS\resdef.exe
    2009-01-25 02:12:06 ----RA---- C:\WINDOWS\InRes.DLL
    2009-01-25 02:10:47 ----D---- C:\Program Files\Creative
    2009-01-25 02:09:24 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-01-25 02:09:21 ----D---- C:\Program Files\Common Files\InstallShield
    2009-01-25 02:07:50 ----D---- C:\Documents and Settings\E\Application Data\Identities
    2009-01-25 02:07:49 ----HD---- C:\Program Files\Uninstall Information
    2009-01-25 02:07:46 ----ASH---- C:\Documents and Settings\E\Application Data\desktop.ini
    2009-01-25 02:07:45 ----SD---- C:\Documents and Settings\E\Application Data\Microsoft
    2009-01-25 02:05:53 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-01-25 02:05:52 ----SD---- C:\WINDOWS\system32\Microsoft
    2009-01-25 02:05:52 ----D---- C:\WINDOWS\Prefetch
    2009-01-25 02:05:52 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-01-25 02:02:48 ----D---- C:\WINDOWS\system32\xircom
    2009-01-25 02:02:48 ----D---- C:\Program Files\xerox
    2009-01-25 02:02:48 ----D---- C:\Program Files\microsoft frontpage
    2009-01-25 02:02:30 ----A---- C:\WINDOWS\control.ini
    2009-01-25 02:02:30 ----A---- C:\AUTOEXEC.BAT
    2009-01-25 02:02:22 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-01-25 02:02:19 ----A---- C:\WINDOWS\system32\mapi32.dll
    2009-01-25 02:01:43 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-01-25 02:01:43 ----RD---- C:\WINDOWS\Offline Web Pages
    2009-01-25 02:01:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2009-01-25 02:01:39 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2009-01-25 02:01:35 ----HD---- C:\Program Files\WindowsUpdate
    2009-01-25 02:01:20 ----D---- C:\WINDOWS\system32\DirectX
    2009-01-25 02:01:03 ----A---- C:\WINDOWS\system32\atrace.dll
    2009-01-25 02:01:01 ----A---- C:\WINDOWS\system32\desktop.ini
    2009-01-25 02:01:01 ----A---- C:\WINDOWS\desktop.ini
    2009-01-25 02:00:55 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2009-01-25 02:00:54 ----D---- C:\Program Files\Common Files\Services
    2009-01-25 02:00:54 ----A---- C:\WINDOWS\system32\acctres.dll
    2009-01-25 02:00:52 ----SD---- C:\WINDOWS\Tasks
    2009-01-25 02:00:52 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2009-01-25 02:00:51 ----D---- C:\Program Files\Common Files\MSSoap
    2009-01-25 02:00:47 ----D---- C:\WINDOWS\system32\Macromed
    2009-01-25 02:00:47 ----D---- C:\WINDOWS\srchasst
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuweb.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wups.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wucltui.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\wuapi.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2009-01-25 02:00:44 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2009-01-25 02:00:43 ----A---- C:\WINDOWS\system32\qmgr.dll
    2009-01-25 02:00:40 ----D---- C:\Program Files\Movie Maker
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrslv.dll
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrdm.dll
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2009-01-25 02:00:37 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2009-01-25 02:00:34 ----D---- C:\WINDOWS\system32\Restore
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srsvc.dll
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\srrstr.dll
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltmc.exe
    2009-01-25 02:00:34 ----A---- C:\WINDOWS\system32\fltlib.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\srclient.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2009-01-25 02:00:33 ----A---- C:\WINDOWS\system32\ils.dll
    2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\msconf.dll
    2009-01-25 02:00:32 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2009-01-25 02:00:30 ----D---- C:\Program Files\NetMeeting
    2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoert2.dll
    2009-01-25 02:00:30 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetres.dll
    2009-01-25 02:00:29 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2009-01-25 02:00:28 ----D---- C:\Program Files\Outlook Express
    2009-01-25 02:00:28 ----A---- C:\WINDOWS\system32\schedsvc.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstinit.exe
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\mstask.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\isign32.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\inetcfg.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
    2009-01-25 02:00:27 ----A---- C:\WINDOWS\system32\icwdial.dll
    2009-01-25 02:00:22 ----D---- C:\Program Files\Internet Explorer
    2009-01-25 02:00:22 ----D---- C:\Program Files\Common Files\System
    2009-01-25 02:00:08 ----D---- C:\Program Files\ComPlus Applications
    2009-01-25 02:00:06 ----A---- C:\WINDOWS\vbaddin.ini
    2009-01-25 02:00:06 ----A---- C:\WINDOWS\vb.ini
    2009-01-25 02:00:02 ----D---- C:\WINDOWS\Registration
    2009-01-25 01:59:42 ----D---- C:\Program Files\Online Services
    2009-01-25 01:59:41 ----D---- C:\Program Files\Windows Media Player
    2009-01-25 01:59:38 ----D---- C:\Program Files\Messenger
    2009-01-25 01:59:35 ----D---- C:\Program Files\MSN Gaming Zone
    2009-01-25 01:59:35 ----A---- C:\WINDOWS\system32\write.exe
    2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\sndvol32.exe
    2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\hticons.dll
    2009-01-25 01:59:28 ----A---- C:\WINDOWS\system32\avwav.dll
    2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\winchat.exe
    2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avtapi.dll
    2009-01-25 01:59:27 ----A---- C:\WINDOWS\system32\avmeter.dll
    2009-01-25 01:59:22 ----A---- C:\WINDOWS\system32\getuname.dll
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\winmine.exe
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\sol.exe
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\charmap.exe
    2009-01-25 01:59:21 ----A---- C:\WINDOWS\system32\calc.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tslabels.ini
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tskill.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\tscon.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\shadow.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rwinsta.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\reset.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\regini.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\qwinsta.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\mshearts.exe
    2009-01-25 01:59:20 ----A---- C:\WINDOWS\system32\freecell.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msg.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\logoff.exe
    2009-01-25 01:59:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
    2009-01-25 01:59:18 ----N---- C:\WINDOWS\system32\mtxdm.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\stclient.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\mtxex.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comsnap.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comrepl.dll
    2009-01-25 01:59:18 ----A---- C:\WINDOWS\system32\comaddin.dll
    2009-01-25 01:59:11 ----A---- C:\WINDOWS\system32\wmimgmt.msc
    2009-01-25 01:59:00 ----D---- C:\Program Files\MSN
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\mplay32.exe
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2009-01-25 01:58:59 ----A---- C:\WINDOWS\system32\accwiz.exe
    2009-01-25 01:58:58 ----D---- C:\Program Files\Windows NT
    2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\spider.exe
    2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\mspaint.exe
    2009-01-25 01:58:58 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\remotepg.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdshost.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\rdchost.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstscax.dll
    2009-01-25 01:58:57 ----A---- C:\WINDOWS\system32\mstsc.exe
    2009-01-25 01:58:56 ----D---- C:\WINDOWS\system32\MsDtc
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\tscupgrd.exe
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\termsrv.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpwsx.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpsnd.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\rdpclip.exe
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\qprocess.exe
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\mtxoci.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\icaapi.dll
    2009-01-25 01:58:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\xolehlp.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtctm.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtcprx.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtclog.dll
    2009-01-25 01:58:55 ----A---- C:\WINDOWS\system32\msdtc.exe
    2009-01-25 01:58:54 ----D---- C:\WINDOWS\system32\Com
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\colbact.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\clbcatex.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvut.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrvps.dll
    2009-01-25 01:58:54 ----A---- C:\WINDOWS\system32\catsrv.dll
    2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comuid.dll
    2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\comsvcs.dll
    2009-01-25 01:58:53 ----A---- C:\WINDOWS\system32\clbcatq.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\servdeps.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\mmfutil.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\licwmi.dll
    2009-01-25 01:58:49 ----A---- C:\WINDOWS\system32\cmprops.dll
    2009-01-24 17:58:00 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-01-24 17:51:02 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-01-24 17:50:11 ----A---- C:\WINDOWS\imsins.BAK
    2009-01-24 17:50:09 ----SHD---- C:\WINDOWS\Installer
    2009-01-24 17:50:09 ----D---- C:\Program Files\Common Files\ODBC
    2009-01-24 17:50:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-01-24 17:50:09 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-01-24 17:50:06 ----RD---- C:\Program Files
    2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\SpeechEngines
    2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2009-01-24 17:50:06 ----D---- C:\Program Files\Common Files
    2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-01-24 17:50:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-01-24 17:50:02 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-01-24 17:50:00 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-01-24 17:49:59 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-01-24 17:49:57 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-01-24 17:49:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-01-24 17:49:55 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-01-24 17:49:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP
    2009-01-24 17:49:53 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-01-24 17:49:53 ----A---- C:\WINDOWS\system32\batt.dll
    2009-01-24 17:49:53 ----A---- C:\WINDOWS\NOTEPAD.EXE
    2009-01-24 17:49:52 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-01-24 17:49:46 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-01-24 17:49:44 ----RA---- C:\WINDOWS\SET8.tmp
    2009-01-24 17:49:42 ----RA---- C:\WINDOWS\SET4.tmp
    2009-01-24 17:49:40 ----RA---- C:\WINDOWS\SET3.tmp
    2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-01-24 17:49:35 ----D---- C:\WINDOWS\system32\CatRoot
    2009-01-24 17:49:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-01-24 17:49:12 ----A---- C:\WINDOWS\setuplog.txt
    2009-01-24 17:49:10 ----D---- C:\Documents and Settings
    2009-01-24 17:49:09 ----SHD---- C:\System Volume Information
    2009-01-24 17:48:37 ----RSH---- C:\boot.ini
    2009-01-24 17:43:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-01-24 17:43:45 ----RSD---- C:\WINDOWS\Fonts
    2009-01-24 17:43:45 ----RD---- C:\WINDOWS\Web
    2009-01-24 17:43:45 ----HD---- C:\WINDOWS\inf
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\WinSxS
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\twain_32
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Temp
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wins
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\wbem
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\usmt
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\spool
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ShellExt
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\Setup
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ras
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\oobe
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\npp
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\mui
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\inetsrv
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\IME
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\icsxml
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\ias
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\export
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\drivers
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\dhcp
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\config
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\3076
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\2052
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1054
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1042
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1041
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1037
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1033
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1031
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1028
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32\1025
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system32
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\system
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\security
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Resources
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\repair
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Provisioning
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\PeerNet
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\pchealth
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\mui
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\msapps
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\msagent
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Media
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\java
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\ime
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Help
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Driver Cache
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Debug
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Cursors
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Connection Wizard
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\Config
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\AppPatch
    2009-01-24 17:43:45 ----D---- C:\WINDOWS\addins
    2009-01-24 17:43:45 ----D---- C:\WINDOWS

    ======List of files/folders modified in the last 3 months======

    2009-03-29 17:38:16 ----A---- C:\WINDOWS\win.ini
    2009-03-22 07:00:44 ----A---- C:\WINDOWS\system.ini

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
    R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
    R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-02-18 36648]
    R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-02-18 38312]
    R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
    R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
    R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
    R2 RVIEG01;VSC Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys []
    R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
    R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
    R3 ControlTransferDriver;AudioBox USB Control Transfer; C:\WINDOWS\System32\Drivers\PreSonusUsb_xfer.sys [2008-02-18 28576]
    R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-12-07 142336]
    R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2006-08-07 162176]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
    R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-03-26 54400]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-03-26 22016]
    R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-12-07 114688]
    R3 P17xfi;Sound Blaster X-Fi Xtreme Audio; C:\WINDOWS\system32\drivers\P17xfi.sys [2007-11-21 1174528]
    R3 p17xfilt;p17xfilt; C:\WINDOWS\system32\drivers\p17xfilt.sys [2007-10-10 1664384]
    R3 preSonusUsb;PreSonusUsb; C:\WINDOWS\System32\Drivers\preSonusUsb.sys [2008-02-18 49280]
    R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
    R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-02-18 118952]
    S1 gaopdxserv.sys;gaopdxserv.sys; C:\WINDOWS\system32\drivers\gaopdxserv.sys []
    S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
    S3 ao2ua9iq;ao2ua9iq; C:\WINDOWS\system32\drivers\ao2ua9iq.sys []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-22 49920]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-22 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
    S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
    S3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys []
    S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys [2007-10-24 23288]
    S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
    R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-04-24 598016]
    R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2008-02-18 1553704]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
    R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
    R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-04-24 176128]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-13 272024]
    R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
    R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
    S1 InCDrec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-02-18 16040]
    S2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe []
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

    -----------------EOF-----------------

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •