RSIT/HJT log...
Many thanks Shaba! Here are the logs from RSIT...by the way, I do a lot of graphic design/video/Flash work, so you'll probably see a lot of that. I've just always felt like there might be a 'backdoor' somewhere in my system...hmmm, not sure. Thanks for all your help!
noobnate
Logfile of random's system information tool 1.06 (written by random/random)
Run by Nathan at 2009-04-03 12:21:34
Microsoft Windows XP Professional Service Pack 2
System drive C: has 122 GB (43%) free of 286 GB
Total RAM: 2047 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:21:39 PM, on 4/3/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nathan\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Nathan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: Web-Based Email Tools -
http://email01.secureserver.net/Download.CAB
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photos.walmart.com/WalmartActivia.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DCPFLICS service (DCPFLICS) - Unknown owner - C:\Program Files\DCPFLICS\dcpflics.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
--
End of file - 7567 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B9F5787-88A5-4945-90E7-C4B18563BC5E}]
CKeyScramblerBHO Object - C:\Program Files\KeyScrambler\KeyScramblerIE.dll [2008-06-01 808936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2007-05-10 624248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-Blaxx Manager]
C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link Wireless G WDA-1320]
C:\Program Files\D-Link\Wireless G WDA-1320\AirGCFG.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostSurf Reminder]
C:\Program Files\GhostSurf Platinum\Privacy Control Center.exe reminder []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostSurfDelSatellite]
C:\Program Files\GhostSurf Platinum\DeleteSatellite.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2007-07-22 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-04-27 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-02-26 16125440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe [2009-01-20 4033618]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Privacy Auditor.lnk]
C:\PROGRA~1\GHOSTS~1\PRIVAC~2.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Privoxy.lnk]
C:\PROGRA~1\VIDALI~1\Privoxy\privoxy.exe [2006-11-20 250368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SpyCatcher Protector.lnk]
C:\PROGRA~1\GHOSTS~1\PROTEC~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wireless Configuration Utility HW.51.lnk]
C:\WINDOWS\Installer\{29F15D3F-5B37-44DB-BB89-390B3AD1404E}\NewShortcut1.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nathan^Start Menu^Programs^Startup^GhostSurf proxy.lnk]
C:\PROGRA~1\GHOSTS~1\Proxy.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nathan^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE [2008-05-27 547840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nathan^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nathan^Start Menu^Programs^Startup^Scheduler.lnk]
C:\PROGRA~1\GHOSTS~1\SCHEDU~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nathan^Start Menu^Programs^Startup^TracksCleaner.lnk]
C:\PROGRA~1\GHOSTS~1\TRACKS~1.EXE startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PnkBstrA"=2
"rpcapd"=3
"WMPNetworkSvc"=3
"ose"=3
"odserv"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-02 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2007-07-22 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-03 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:LocalSubNet
isabled
xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 months======
2009-04-03 12:21:34 ----D---- C:\rsit
2009-04-02 00:51:34 ----D---- C:\Program Files\Trend Micro
2009-04-02 00:38:38 ----D---- C:\Program Files\KeyScrambler
2009-03-17 22:22:16 ----A---- C:\WINDOWS\system32\hidserv.dll
======List of files/folders modified in the last 1 months======
2009-04-03 12:21:16 ----D---- C:\WINDOWS\Prefetch
2009-04-03 12:18:04 ----D---- C:\WINDOWS\Temp
2009-04-03 12:16:31 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-03 12:16:22 ----D---- C:\Program Files\Mozilla Firefox
2009-04-03 02:56:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-02 23:52:28 ----D---- C:\WINDOWS
2009-04-02 21:56:57 ----D---- C:\Documents and Settings\Nathan\Application Data\FileZilla
2009-04-02 19:12:13 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-02 16:26:37 ----A---- C:\vraylog.txt
2009-04-02 01:37:43 ----D---- C:\Documents and Settings\Nathan\Application Data\Vidalia
2009-04-02 01:37:43 ----D---- C:\Documents and Settings\Nathan\Application Data\tor
2009-04-02 00:51:34 ----RD---- C:\Program Files
2009-04-02 00:38:38 ----D---- C:\WINDOWS\system32\drivers
2009-04-01 23:15:04 ----D---- C:\WINDOWS\system32
2009-03-27 23:41:21 ----SH---- C:\boot.ini
2009-03-27 23:41:21 ----A---- C:\WINDOWS\win.ini
2009-03-27 23:41:21 ----A---- C:\WINDOWS\system.ini
2009-03-25 16:07:38 ----D---- C:\Program Files\Replay AV 8
2009-03-19 14:44:41 ----D---- C:\Program Files\particleIllusion_3
2009-03-17 22:30:33 ----A---- C:\WINDOWS\ntbtlog.txt
2009-03-17 22:23:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-16 21:15:57 ----D---- C:\STUFF
2009-03-16 12:26:19 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-03-14 13:14:10 ----SD---- C:\Documents and Settings\Nathan\Application Data\Microsoft
2009-03-12 13:00:54 ----D---- C:\Documents and Settings\Nathan\Application Data\Adobe
2009-03-09 00:03:09 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-06 00:30:15 ----D---- C:\WINDOWS\pss
2009-03-04 13:27:14 ----D---- C:\Documents and Settings\All Users\Application Data\Tenebril
2009-03-04 02:42:13 ----D---- C:\Program Files\Winamp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-02 3100160]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-07-22 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-01 4484608]
R3 KeyScrambler;KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [2008-03-22 113896]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-05-27 96896]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-07-22 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-10-02 10368]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2007-07-22 12416]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-07-22 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-07-22 59392]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-07-22 17152]
R3 W8335XP;802.11g Wireless PC Card/PCI Adapter; C:\WINDOWS\system32\DRIVERS\MRV8335XP.sys [2006-09-04 280576]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB); C:\WINDOWS\system32\DRIVERS\A3AB.sys [2006-10-15 472832]
S3 APLMp50;APLMp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\APLMp50.sys [2006-11-28 28224]
S3 aq0gxqjm;aq0gxqjm; C:\WINDOWS\system32\drivers\aq0gxqjm.sys []
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 42000]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-07-22 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-07-22 82944]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-03 73472]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-02 552960]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Iprip;RIP Listener; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
S3 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-05 72704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DCPFLICS;DCPFLICS service; C:\Program Files\DCPFLICS\dcpflics.exe [2006-12-01 139268]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-04-29 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 PNRPSvc;Peer Name Resolution Protocol; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2004-08-03 8704]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe []
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S4 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 p2pgasvc;Peer Networking Group Authentication; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S4 p2pimsvc;Peer Networking Identity Manager; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S4 p2psvc;Peer Networking; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe []
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S4 SimpTcp;Simple TCP/IP Services; C:\WINDOWS\system32\tcpsvcs.exe [2001-08-23 19456]
S4 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2004-08-03 32768]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-04-03 12:21:41
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3dsmax ancillary install-->MsiExec.exe /I{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Add or Remove Adobe Creative Suite 3 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\4dcfd9b7e901b57f81f667144603236\Setup.exe
Adobe After Effects CS3 Presets-->MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3 Third Party Content-->C:\Program Files\Common Files\Adobe\Installers\3675c95c239b992d5d0ee8fce969b9e\Setup.exe
Adobe After Effects CS3 Third Party Content-->MsiExec.exe /I{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}
Adobe After Effects CS3-->MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Creative Suite 3 Master Collection-->MsiExec.exe /I{8718DC03-D066-4957-94E5-50C3C5042E8E}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe Encore CS3 Codecs-->MsiExec.exe /I{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}
Adobe Encore CS3-->MsiExec.exe /I{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Fireworks CS3-->MsiExec.exe /I{7DFC1012-D346-46CE-B03E-FF79125AE029}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{7ACFB90E-8FD0-4397-AD3A-5195412623A3}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Premiere Pro CS3 Functional Content-->MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content-->MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Premiere Pro CS3-->MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Setup-->MsiExec.exe /I{004685F7-9FB6-4789-812F-59ABB34A55AF}
Adobe Setup-->MsiExec.exe /I{4458C442-7376-4CF9-AF58-E8CEA6722363}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Soundbooth CS3 Codecs-->MsiExec.exe /I{0327FA9D-975C-448C-A086-577D57BB25B8}
Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server-->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AfterBurn 3.2a for 3ds Max R9 (32 bit)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C932270-F7AD-4B1C-B3C7-EA5204479B7F}\setup.exe"
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Animation Master v11.1d+-->C:\PROGRA~1\HASHIN~1\V11.1\UNWISE.EXE C:\PROGRA~1\HASHIN~1\V11.1\INSTALL.LOG
Antares Auto-Tune v4.39-->C:\PROGRA~1\ANTARE~1\AUTO-T~1\AIRLOG~1\AT4\UNWISE.EXE C:\PROGRA~1\ANTARE~1\AUTO-T~1\AIRLOG~1\AT4\INSTALL.LOG
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class
ISPLAY -clean
Autodesk 3ds Max 9 32-bit-->MsiExec.exe /I{E96D4088-AAC5-437F-9E39-EC0E387897B4}
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Backburner-->MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
BLM 2.7.7-->"C:\Program Files\Bluetack\Blocklist Manager\unins000.exe"
Bryce 6-->C:\WINDOWS\unvise32.exe C:\Program Files\DAZ\Bryce 6\Bryce Uninstall.log
Bryce Lightning 2.0 b-->C:\WINDOWS\unvise32.exe C:\Program Files\DAZ\Bryce Lightning 2.0\Bryce Lightning Uninstall.log
Camtasia Studio 5-->MsiExec.exe /I{7EADB65C-70E8-4C94-AD0A-221462D41A85}
Canon iP1600-->C:\WINDOWS\system32\CNMCP75.exe "-PRINTERNAMECanon iP1600" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP1600 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0409.dll"
DAZ|Studio 1.3.1.0-->C:\WINDOWS\unvise32.exe C:\Program Files\DAZ\Studio\DAZ Studio Uninstall.log
DreamScape 2.5c for 3ds Max R9 (32 bit)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F103D27-8E21-436F-A701-F247724B0DF7}\setup.exe"
DVD to VCD AVI DivX Converter v3.2 (build 062)-->C:\PROGRA~1\MAGICD~2\UNWISE.EXE C:\PROGRA~1\MAGICD~2\INSTALL.LOG
East West Colossus-->C:\PROGRA~1\EASTWE~1\Colossus\UNWISE.EXE C:\PROGRA~1\EASTWE~1\Colossus\INSTALL.LOG
Enhanced Sound Card Driver 8.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Replay AV 8\irunin.ini"
FaceGen Modeller 3.1-->MsiExec.exe /I{332B1B33-D0EE-4A0A-AB2F-12BF56BCE1C3}
FBX Plugin 2006.08 for Max 9.0-->C:\Program Files\Autodesk\FBX\FbxPlugins\2006.08\Max90\Uninstall.exe
Final Effects Complete 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1D5DE157-8964-46FD-BED3-22FC05ED3170}\setup.exe" -l0x9 -removeonly
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
FlashRelease-->MsiExec.exe /I{A2E3586F-AEAD-4CED-96AB-0173406B3811}
FumeFX 1.0 (32-bit)-->C:\Program Files\InstallShield Installation Information\{A7C36258-B246-45B2-BC85-F2E359F3613D}\setup.exe -runfromtemp -l0x0009 -removeonly
Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"
HairFX Version 1.60.66-->"C:\Program Files\Autodesk\3ds Max 9\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hydra Licensing System-->C:\STUFF\3DSTUD~1\3DSMAX~1\(DIGIM~1.1MA\\plugins\DIGIMA~1\Hydra\UNWISE.EXE C:\STUFF\3DSTUD~1\3DSMAX~1\(DIGIM~1.1MA\\plugins\DIGIMA~1\Hydra\Hydra.LOG
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
KeyScrambler-->C:\Program Files\KeyScrambler\uninstall.exe
K-Lite Mega Codec Pack 3.9.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Magic Bullet Suite 2.0-->C:\WINDOWS\unvise32.exe C:\PROGRAM FILES\ADOBE\ADOBE AFTER EFFECTS CS3\SUPPORT FILES\PLUG-INS\mbsuite20.log
Magic Bullet Suite 2.1-->C:\WINDOWS\unvise32.exe C:\PROGRAM FILES\ADOBE\ADOBE AFTER EFFECTS CS3\SUPPORT FILES\PLUG-INS\mbsuite21.log
Magic ISO Maker v5.4 (build 0239)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
MagicDisc 2.7.97-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
MemoriesOnTV 4.0.4-->"C:\Program Files\MemoriesOnTV4\unins000.exe"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Rise Of Nations-->"C:\Program Files\Microsoft Games\Rise of Nations\UNINSTAL.EXE" /runtemp /addremove
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MilkShape 3D 1.8.4-->"C:\Program Files\MilkShape 3D 1.8.4\uninstall.exe"
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Nero 7 Ultra Edition-->MsiExec.exe /I{F14B8ECC-BDA0-4987-9201-D7B7DBE11033}
Panopticum Water 1.0 for Adobe After Effects-->"C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\Plug-ins\Panopticum\unins000.exe"
particleIllusion 3.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\particleIllusion_3\Uninst.isu"
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Poser 7-->C:\WINDOWS\unvise32.exe C:\Program Files\e frontier\Poser 7\uninstal.log
Privoxy 3.0.6-->"C:\Program Files\Vidalia Bundle\Uninstall.exe"
Quicken 2008-->MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280}
QuickTime-->MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Replay AV 8-->C:\WINDOWS\iun6002.exe "C:\Program Files\Replay AV 8\uninstall8.ini"
Replay AV 8-->C:\WINDOWS\iun6002.exe "C:\Program Files\Replay AV 8\uninstallRAV8.ini"
Replay Converter 2.8-->C:\WINDOWS\iun6002.exe "C:\Program Files\Replay AV 8\iruninRCV.ini"
Rise of Nations Thrones and Patriots-->"C:\Program Files\Microsoft Games\Rise of Nations\UNINSTLX.EXE" /runtemp /uninstall
SCRABBLE-->C:\PROGRA~1\GAMEHO~1\SCRABBLE\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\SCRABBLE\INSTALL.LOG
SnagIt 9-->MsiExec.exe /I{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}
Sony Noise Reduction Plug-In 2.0e-->MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}
Sony Sound Forge 9.0-->MsiExec.exe /X{6842DCCB-2840-4E46-8AF3-BEA9CFF3455B}
Sony Vegas Pro 8.0-->MsiExec.exe /X{1246FF64-3035-4A92-8FE6-A968275495EB}
Sothink SWF Decompiler-->"C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe"
Strong Encryption Pack 1.0-->"C:\Program Files\Tenebril SEP\unins000.exe"
SUPER © Version 2008.bld.33 (Sep 2, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Swift 3D v5.00-->MsiExec.exe /I{2023D8DE-CD8E-4958-B831-9DB3166D1B07}
SWiSH Max2-->C:\WINDOWS\unvise32.exe C:\Program Files\SWiSH Max2\uninstal.log
SWiSHvideo2-->C:\WINDOWS\unvise32.exe C:\Program Files\SWiSHvideo2\uninstal.log
SWiSHzone.com FLV Filter-->C:\WINDOWS\unvise32.exe C:\Program Files\SWiSHzone FLV Filter\uninstal.log
The Rosetta Stone-->C:\WINDOWS\unvise32.exe C:\Program Files\The Rosetta Stone\TRS Support\uninstal.log
Tinderbox1 2.1v4 for After Effects CS3-->"C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\Plug-ins\Tinderbox1-2.1\unins000.exe"
Tinderbox2 2.1v4 for After Effects CS3-->"C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\Plug-ins\Tinderbox2-2.1\unins000.exe"
Tinderbox3 2.1v4 for After Effects CS3-->"C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\Plug-ins\Tinderbox3-2.1\unins000.exe"
Tinderbox4 2.1v4 for After Effects CS3-->"C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\Plug-ins\Tinderbox4-2.1\unins000.exe"
Tor 0.2.0.34-->"C:\Program Files\Vidalia Bundle\Uninstall.exe"
Vidalia 0.1.10-->"C:\Program Files\Vidalia Bundle\Uninstall.exe"
V-Ray for 3dsmax R9 for x86-->"C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x86\uninstall\wininstaller.exe"-uninstall="C:\Program Files\Chaos Group\V-Ray\3dsmax R9 for x86\uninstall\install.log" -uninstallApp="V-Ray for 3dsmax R9 for x86"
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
WinPcap 4.0-->C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
=====HijackThis Backups=====
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\GhostSurf Platinum\SCActiveBlock.dll (file missing) [2009-04-02]
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) [2009-04-02]
======Hosts File======
127.0.0.1 view.atdmt.com
127.0.0.1 rad.live.com
66.98.148.65 auto.search.msn.com
66.98.148.65 auto.search.msn.es
======Security center information======
AV: avast! antivirus 4.8.1335 [VPS 090403-0]
======System event log======
Computer Name: KOMPUTER
Event Code: 7034
Message: The FLEXnet Licensing Service service terminated unexpectedly. It has done this 1 time(s).
Record Number: 36085
Source Name: Service Control Manager
Time Written: 20090312125227.000000-420
Event Type: error
User:
Computer Name: KOMPUTER
Event Code: 2504
Message: The server could not bind to the transport \Device\NetBT_Tcpip_{3815CE60-852D-4AA2-86E7-5DDB9B018ED6}.
Record Number: 36042
Source Name: Server
Time Written: 20090312020502.000000-420
Event Type: warning
User:
Computer Name: KOMPUTER
Event Code: 7034
Message: The Autodesk Licensing Service service terminated unexpectedly. It has done this 2 time(s).
Record Number: 36006
Source Name: Service Control Manager
Time Written: 20090312001315.000000-420
Event Type: error
User:
Computer Name: KOMPUTER
Event Code: 7034
Message: The Autodesk Licensing Service service terminated unexpectedly. It has done this 1 time(s).
Record Number: 35993
Source Name: Service Control Manager
Time Written: 20090311235649.000000-420
Event Type: error
User:
Computer Name: KOMPUTER
Event Code: 1001
Message: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0018E70D2BF1. The following error
occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Record Number: 35988
Source Name: Dhcp
Time Written: 20090311234056.000000-420
Event Type: error
User:
=====Application event log=====
Computer Name: KOMPUTER
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)
Record Number: 5447
Source Name: Adobe Version Cue CS3
Time Written: 20090312125500.000000-420
Event Type: error
User:
Computer Name: KOMPUTER
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)
Record Number: 5446
Source Name: Adobe Version Cue CS3
Time Written: 20090312125500.000000-420
Event Type: error
User:
Computer Name: KOMPUTER
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)
Record Number: 5445
Source Name: Adobe Version Cue CS3
Time Written: 20090312125500.000000-420
Event Type: error
User:
Computer Name: KOMPUTER
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)
Record Number: 5444
Source Name: Adobe Version Cue CS3
Time Written: 20090312125500.000000-420
Event Type: error
User:
Computer Name: KOMPUTER
Event Code: 3
Message: AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)
Record Number: 5443
Source Name: Adobe Version Cue CS3
Time Written: 20090312125500.000000-420
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Autodesk\Backburner\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
