Virtumonde

D

dudforla

New member
http://forums.spybot.info/showthread.php?p=248103#post248103
recently I had a similar problem. Is my computer still not fixed?


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:14:34 PM, on 11/4/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 1566 bytes
 
Hi dudforla

Your HijackThis log isn't complete.

Right-click HijackThis.exe, choosen run as administrator, click do a system scan only and save a logfile and post back a fresh HijackThis log, please :)
 
Hi Shaba I have to run now Be back in 6-7 hours.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:38:00 AM, on 11/5/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_include/_common/Cab/GamehiSpecCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8849 bytes
 
Have you uninstalled Symantec?

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
 
never had symantics i believe
only one Log file opened.


Code: 
Logfile of random's system information tool 1.04 (written by random/random)
Run by Sam at 2008-11-05 15:23:59
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 341 GB (73%) free of 469 GB
Total RAM: 1918 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:24:04 PM, on 11/5/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Sam\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Sam.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_include/_common/Cab/GamehiSpecCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8877 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2006-11-20 155648]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-22 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-22 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe"="C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe:*:Enabled:River Past Screen Recorder Pro"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55ffa042-83cf-11dc-9183-806e6f6e6963}]
shell\AutoRun\command - E:\Autorun.exe


======List of files/folders created in the last 1 months======

2008-11-02 00:14:25 ----D---- C:\Users\Sam\AppData\Roaming\LimeWire
2008-11-01 11:48:10 ----A---- C:\Windows\system32\EncDec.dll
2008-11-01 11:48:09 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-31 14:26:47 ----D---- C:\ComboFix
2008-10-31 03:08:12 ----D---- C:\Program Files\Panda Security
2008-10-31 03:05:09 ----D---- C:\Windows\temp
2008-10-31 03:03:21 ----A---- C:\ComboFix.txt
2008-10-30 22:57:23 ----D---- C:\Windows\Sun
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaws.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaw.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\java.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\deploytk.dll
2008-10-30 16:41:43 ----D---- C:\Windows\ERDNT
2008-10-30 16:38:32 ----D---- C:\Users\Sam\AppData\Roaming\Malwarebytes
2008-10-30 16:38:23 ----D---- C:\ProgramData\Malwarebytes
2008-10-30 14:26:03 ----D---- C:\rsit
2008-10-29 20:15:25 ----D---- C:\Program Files\Trend Micro
2008-10-29 15:53:14 ----D---- C:\Temp
2008-10-28 17:45:44 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 17:45:44 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 17:45:43 ----A---- C:\Windows\system32\win32spl.dll
2008-10-26 14:50:07 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-26 14:50:02 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-24 16:26:22 ----D---- C:\Users\Sam\AppData\Roaming\InstallShield Installation Information
2008-10-23 19:27:27 ----A---- C:\Windows\system32\netapi32.dll
2008-10-18 13:40:30 ----D---- C:\AeriaGames
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 16:03:10 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 16:03:10 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 16:03:08 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-06 19:23:15 ----D---- C:\Users\Sam\AppData\Roaming\Yahoo!
2008-10-06 19:23:15 ----D---- C:\ProgramData\Yahoo! Companion

======List of files/folders modified in the last 1 months======

2008-11-05 15:23:33 ----D---- C:\Windows\Prefetch
2008-11-04 23:43:36 ----SHD---- C:\System Volume Information
2008-11-04 18:14:53 ----RD---- C:\Program Files
2008-11-04 15:44:59 ----D---- C:\Windows\system32\drivers
2008-11-04 07:56:14 ----D---- C:\Windows\System32
2008-11-04 07:56:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-04 07:56:13 ----D---- C:\Windows\inf
2008-11-01 13:36:38 ----D---- C:\Windows\Microsoft.NET
2008-11-01 13:36:23 ----RSD---- C:\Windows\assembly
2008-11-01 12:20:57 ----D---- C:\Windows\ehome
2008-11-01 12:18:36 ----D---- C:\Windows\winsxs
2008-11-01 11:46:24 ----D---- C:\Windows\system32\catroot
2008-11-01 11:46:23 ----D---- C:\Windows\system32\catroot2
2008-10-31 14:27:02 ----D---- C:\Windows
2008-10-31 14:26:47 ----D---- C:\Windows\system32\en-US
2008-10-31 03:07:13 ----SD---- C:\Windows\Downloaded Program Files
2008-10-31 03:01:56 ----A---- C:\Windows\system.ini
2008-10-31 03:01:00 ----D---- C:\Windows\AppPatch
2008-10-31 03:01:00 ----D---- C:\Program Files\Common Files
2008-10-31 01:05:35 ----SHD---- C:\Windows\Installer
2008-10-31 01:05:34 ----D---- C:\Program Files\Java
2008-10-31 00:06:19 ----D---- C:\Incomplete
2008-10-30 16:48:11 ----D---- C:\Windows\system32\config
2008-10-30 16:45:30 ----D---- C:\Program Files\Internet Explorer
2008-10-30 16:38:23 ----HD---- C:\ProgramData
2008-10-29 17:12:36 ----HD---- C:\Windows\system32\GroupPolicyUsers
2008-10-29 17:10:44 ----HD---- C:\Windows\system32\GroupPolicy
2008-10-29 16:01:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-29 15:59:01 ----HD---- C:\Users\Sam\AppData\Roaming\ijjigame
2008-10-28 18:26:42 ----D---- C:\Downloads
2008-10-27 22:56:03 ----D---- C:\Users\Sam\AppData\Roaming\Winff
2008-10-26 14:31:17 ----A---- C:\Windows\system32\pbsvc.exe
2008-10-25 19:55:34 ----RSD---- C:\Windows\Fonts
2008-10-24 16:26:26 ----D---- C:\Program Files\EA GAMES
2008-10-24 16:10:28 ----D---- C:\Windows\system32\Tasks
2008-10-24 16:01:22 ----D---- C:\Program Files\Electronic Arts
2008-10-23 14:41:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-15 06:12:39 ----D---- C:\Windows\system32\migration
2008-10-15 06:12:39 ----D---- C:\Program Files\Windows Mail
2008-10-14 22:27:37 ----D---- C:\ProgramData\Microsoft Help
2008-10-07 11:19:40 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MCSTRM;MCSTRM; C:\Windows\system32\drivers\MCSTRM.sys [2007-06-03 8413]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hcw18bda;Hauppauge WinTV 418 Driver; C:\Windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-04 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-22 7465312]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 sdtr;sdtr; C:\Windows\system32\drivers\sdtr.sys [2008-10-29 21504]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\npkcrypt.sys []
S3 auvdl3nr;auvdl3nr; C:\Windows\system32\drivers\auvdl3nr.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmuda3.sys [2005-10-28 1355456]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2006-11-28 19128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
S3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 ntgrip;Gravis GamePort device driver; C:\Windows\system32\drivers\ntgrip.sys [2001-08-17 51552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 XDva143;XDva143; \??\C:\Windows\system32\XDva143.sys []
S3 XDva189;XDva189; \??\C:\Windows\system32\XDva189.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-22 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-26 66872]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-30 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-01 887544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-01 87288]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]

-----------------EOF-----------------
 
dudforla said:
never had symantics i believe
only one Log file opened.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Sam at 2008-11-05 15:23:59
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 341 GB (73%) free of 469 GB
Total RAM: 1918 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:24:04 PM, on 11/5/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Sam\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Sam.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_include/_common/Cab/GamehiSpecCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8877 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2006-11-20 155648]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-22 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-22 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe"="C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe:*:Enabled:River Past Screen Recorder Pro"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55ffa042-83cf-11dc-9183-806e6f6e6963}]
shell\AutoRun\command - E:\Autorun.exe


======List of files/folders created in the last 1 months======

2008-11-02 00:14:25 ----D---- C:\Users\Sam\AppData\Roaming\LimeWire
2008-11-01 11:48:10 ----A---- C:\Windows\system32\EncDec.dll
2008-11-01 11:48:09 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-31 14:26:47 ----D---- C:\ComboFix
2008-10-31 03:08:12 ----D---- C:\Program Files\Panda Security
2008-10-31 03:05:09 ----D---- C:\Windows\temp
2008-10-31 03:03:21 ----A---- C:\ComboFix.txt
2008-10-30 22:57:23 ----D---- C:\Windows\Sun
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaws.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaw.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\java.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\deploytk.dll
2008-10-30 16:41:43 ----D---- C:\Windows\ERDNT
2008-10-30 16:38:32 ----D---- C:\Users\Sam\AppData\Roaming\Malwarebytes
2008-10-30 16:38:23 ----D---- C:\ProgramData\Malwarebytes
2008-10-30 14:26:03 ----D---- C:\rsit
2008-10-29 20:15:25 ----D---- C:\Program Files\Trend Micro
2008-10-29 15:53:14 ----D---- C:\Temp
2008-10-28 17:45:44 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 17:45:44 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 17:45:43 ----A---- C:\Windows\system32\win32spl.dll
2008-10-26 14:50:07 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-26 14:50:02 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-24 16:26:22 ----D---- C:\Users\Sam\AppData\Roaming\InstallShield Installation Information
2008-10-23 19:27:27 ----A---- C:\Windows\system32\netapi32.dll
2008-10-18 13:40:30 ----D---- C:\AeriaGames
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 16:03:10 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 16:03:10 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 16:03:08 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-06 19:23:15 ----D---- C:\Users\Sam\AppData\Roaming\Yahoo!
2008-10-06 19:23:15 ----D---- C:\ProgramData\Yahoo! Companion

======List of files/folders modified in the last 1 months======

2008-11-05 15:23:33 ----D---- C:\Windows\Prefetch
2008-11-04 23:43:36 ----SHD---- C:\System Volume Information
2008-11-04 18:14:53 ----RD---- C:\Program Files
2008-11-04 15:44:59 ----D---- C:\Windows\system32\drivers
2008-11-04 07:56:14 ----D---- C:\Windows\System32
2008-11-04 07:56:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-04 07:56:13 ----D---- C:\Windows\inf
2008-11-01 13:36:38 ----D---- C:\Windows\Microsoft.NET
2008-11-01 13:36:23 ----RSD---- C:\Windows\assembly
2008-11-01 12:20:57 ----D---- C:\Windows\ehome
2008-11-01 12:18:36 ----D---- C:\Windows\winsxs
2008-11-01 11:46:24 ----D---- C:\Windows\system32\catroot
2008-11-01 11:46:23 ----D---- C:\Windows\system32\catroot2
2008-10-31 14:27:02 ----D---- C:\Windows
2008-10-31 14:26:47 ----D---- C:\Windows\system32\en-US
2008-10-31 03:07:13 ----SD---- C:\Windows\Downloaded Program Files
2008-10-31 03:01:56 ----A---- C:\Windows\system.ini
2008-10-31 03:01:00 ----D---- C:\Windows\AppPatch
2008-10-31 03:01:00 ----D---- C:\Program Files\Common Files
2008-10-31 01:05:35 ----SHD---- C:\Windows\Installer
2008-10-31 01:05:34 ----D---- C:\Program Files\Java
2008-10-31 00:06:19 ----D---- C:\Incomplete
2008-10-30 16:48:11 ----D---- C:\Windows\system32\config
2008-10-30 16:45:30 ----D---- C:\Program Files\Internet Explorer
2008-10-30 16:38:23 ----HD---- C:\ProgramData
2008-10-29 17:12:36 ----HD---- C:\Windows\system32\GroupPolicyUsers
2008-10-29 17:10:44 ----HD---- C:\Windows\system32\GroupPolicy
2008-10-29 16:01:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-29 15:59:01 ----HD---- C:\Users\Sam\AppData\Roaming\ijjigame
2008-10-28 18:26:42 ----D---- C:\Downloads
2008-10-27 22:56:03 ----D---- C:\Users\Sam\AppData\Roaming\Winff
2008-10-26 14:31:17 ----A---- C:\Windows\system32\pbsvc.exe
2008-10-25 19:55:34 ----RSD---- C:\Windows\Fonts
2008-10-24 16:26:26 ----D---- C:\Program Files\EA GAMES
2008-10-24 16:10:28 ----D---- C:\Windows\system32\Tasks
2008-10-24 16:01:22 ----D---- C:\Program Files\Electronic Arts
2008-10-23 14:41:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-15 06:12:39 ----D---- C:\Windows\system32\migration
2008-10-15 06:12:39 ----D---- C:\Program Files\Windows Mail
2008-10-14 22:27:37 ----D---- C:\ProgramData\Microsoft Help
2008-10-07 11:19:40 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MCSTRM;MCSTRM; C:\Windows\system32\drivers\MCSTRM.sys [2007-06-03 8413]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hcw18bda;Hauppauge WinTV 418 Driver; C:\Windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-04 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-22 7465312]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 sdtr;sdtr; C:\Windows\system32\drivers\sdtr.sys [2008-10-29 21504]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\npkcrypt.sys []
S3 auvdl3nr;auvdl3nr; C:\Windows\system32\drivers\auvdl3nr.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmuda3.sys [2005-10-28 1355456]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2006-11-28 19128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
S3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 ntgrip;Gravis GamePort device driver; C:\Windows\system32\drivers\ntgrip.sys [2001-08-17 51552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 XDva143;XDva143; \??\C:\Windows\system32\XDva143.sys []
S3 XDva189;XDva189; \??\C:\Windows\system32\XDva189.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-22 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-26 66872]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-30 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-01 887544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-01 87288]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]

-----------------EOF-----------------
Click to expand...


I deleted all Symantec files that I could find. I believe i already uninstalled two years ago.
I still only receieve one Log when I run RSIT

Here is the recent one.
Logfile of random's system information tool 1.04 (written by random/random)
Run by Sam at 2008-11-06 00:06:39
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 338 GB (72%) free of 469 GB
Total RAM: 1918 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:45 AM, on 11/6/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Sam\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Sam.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_include/_common/Cab/GamehiSpecCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8825 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2006-11-20 155648]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-22 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-22 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe"="C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe:*:Enabled:River Past Screen Recorder Pro"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55ffa042-83cf-11dc-9183-806e6f6e6963}]
shell\AutoRun\command - E:\Autorun.exe


======List of files/folders created in the last 1 months======

2008-11-02 00:14:25 ----D---- C:\Users\Sam\AppData\Roaming\LimeWire
2008-11-01 11:48:10 ----A---- C:\Windows\system32\EncDec.dll
2008-11-01 11:48:09 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-31 14:26:47 ----D---- C:\ComboFix
2008-10-31 03:08:12 ----D---- C:\Program Files\Panda Security
2008-10-31 03:05:09 ----D---- C:\Windows\temp
2008-10-31 03:03:21 ----A---- C:\ComboFix.txt
2008-10-30 22:57:23 ----D---- C:\Windows\Sun
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaws.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaw.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\java.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\deploytk.dll
2008-10-30 16:41:43 ----D---- C:\Windows\ERDNT
2008-10-30 16:38:32 ----D---- C:\Users\Sam\AppData\Roaming\Malwarebytes
2008-10-30 16:38:23 ----D---- C:\ProgramData\Malwarebytes
2008-10-30 14:26:03 ----D---- C:\rsit
2008-10-29 20:15:25 ----D---- C:\Program Files\Trend Micro
2008-10-29 15:53:14 ----D---- C:\Temp
2008-10-28 17:45:44 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 17:45:44 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 17:45:43 ----A---- C:\Windows\system32\win32spl.dll
2008-10-26 14:50:07 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-26 14:50:02 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-24 16:26:22 ----D---- C:\Users\Sam\AppData\Roaming\InstallShield Installation Information
2008-10-23 19:27:27 ----A---- C:\Windows\system32\netapi32.dll
2008-10-18 13:40:30 ----D---- C:\AeriaGames
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 16:03:10 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 16:03:10 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 16:03:08 ----A---- C:\Windows\system32\jsproxy.dll

======List of files/folders modified in the last 1 months======

2008-11-06 00:05:12 ----D---- C:\Windows\Prefetch
2008-11-06 00:05:07 ----D---- C:\Program Files\Common Files
2008-11-05 21:31:26 ----SHD---- C:\System Volume Information
2008-11-04 18:14:53 ----RD---- C:\Program Files
2008-11-04 15:44:59 ----D---- C:\Windows\system32\drivers
2008-11-04 07:56:14 ----D---- C:\Windows\System32
2008-11-04 07:56:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-04 07:56:13 ----D---- C:\Windows\inf
2008-11-01 13:36:38 ----D---- C:\Windows\Microsoft.NET
2008-11-01 13:36:23 ----RSD---- C:\Windows\assembly
2008-11-01 12:20:57 ----D---- C:\Windows\ehome
2008-11-01 12:18:36 ----D---- C:\Windows\winsxs
2008-11-01 11:46:24 ----D---- C:\Windows\system32\catroot
2008-11-01 11:46:23 ----D---- C:\Windows\system32\catroot2
2008-10-31 14:27:02 ----D---- C:\Windows
2008-10-31 14:26:47 ----D---- C:\Windows\system32\en-US
2008-10-31 03:07:13 ----SD---- C:\Windows\Downloaded Program Files
2008-10-31 03:01:56 ----A---- C:\Windows\system.ini
2008-10-31 03:01:00 ----D---- C:\Windows\AppPatch
2008-10-31 01:05:35 ----SHD---- C:\Windows\Installer
2008-10-31 01:05:34 ----D---- C:\Program Files\Java
2008-10-31 00:06:19 ----D---- C:\Incomplete
2008-10-30 16:48:11 ----D---- C:\Windows\system32\config
2008-10-30 16:45:30 ----D---- C:\Program Files\Internet Explorer
2008-10-30 16:38:23 ----HD---- C:\ProgramData
2008-10-29 17:12:36 ----HD---- C:\Windows\system32\GroupPolicyUsers
2008-10-29 17:10:44 ----HD---- C:\Windows\system32\GroupPolicy
2008-10-29 16:01:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-29 15:59:01 ----HD---- C:\Users\Sam\AppData\Roaming\ijjigame
2008-10-28 18:26:42 ----D---- C:\Downloads
2008-10-27 22:56:03 ----D---- C:\Users\Sam\AppData\Roaming\Winff
2008-10-26 14:31:17 ----A---- C:\Windows\system32\pbsvc.exe
2008-10-25 19:55:34 ----RSD---- C:\Windows\Fonts
2008-10-24 16:26:26 ----D---- C:\Program Files\EA GAMES
2008-10-24 16:10:28 ----D---- C:\Windows\system32\Tasks
2008-10-24 16:01:22 ----D---- C:\Program Files\Electronic Arts
2008-10-23 14:41:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-18 14:33:40 ----D---- C:\ProgramData\Yahoo! Companion
2008-10-15 06:12:39 ----D---- C:\Windows\system32\migration
2008-10-15 06:12:39 ----D---- C:\Program Files\Windows Mail
2008-10-14 22:27:37 ----D---- C:\ProgramData\Microsoft Help
2008-10-07 11:19:40 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MCSTRM;MCSTRM; C:\Windows\system32\drivers\MCSTRM.sys [2007-06-03 8413]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hcw18bda;Hauppauge WinTV 418 Driver; C:\Windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-04 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-22 7465312]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 sdtr;sdtr; C:\Windows\system32\drivers\sdtr.sys [2008-10-29 21504]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\npkcrypt.sys []
S3 auvdl3nr;auvdl3nr; C:\Windows\system32\drivers\auvdl3nr.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmuda3.sys [2005-10-28 1355456]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2006-11-28 19128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
S3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 ntgrip;Gravis GamePort device driver; C:\Windows\system32\drivers\ntgrip.sys [2001-08-17 51552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 XDva143;XDva143; \??\C:\Windows\system32\XDva143.sys []
S3 XDva189;XDva189; \??\C:\Windows\system32\XDva189.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-22 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-26 66872]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-30 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-01 887544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-01 87288]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]

-----------------EOF-----------------
 
Last edited by a moderator:
To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

uninstall-man.jpg


5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.
 
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Photoshop CS2
Adobe Reader 7.0.8
Adobe Shockwave Player
AIM 6
Apple Mobile Device Support
Apple Software Update
Battlefield 2: Special Forces
Bonjour
Canon MP600
C-Media PCI Audio Driver
dBpoweramp m4a Codec
Enhanced Multimedia Keyboard Solution
Fraps (remove only)
Free Mp3/Wma/Ogg Converter 4.0.1
GoldWave v5.20
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
HP Active Support Library
HP Active Support Library 32 bit components
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Core
HP Easy Setup - Frontend
HP On-Screen Caps/Num/Scroll Lock Indicator
HP Picasso Media Center Add-In
HP Total Care Advisor
HP Update
HyperCam 2
iTunes
Java(TM) 6 Update 7
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Windows Media Video 9 VCM
Microsoft Works
Mozilla Firefox (2.0.0.17)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
My HP Games
NVIDIA Drivers
Panda ActiveScan 2.0
Pocket RAR documentation
Project Reality 0809 Core
Project Reality 0809 Levels
Python 2.4.3
QuickTime
Realtek High Definition Audio Driver
Rhapsody Player Engine
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Visio 2007 (KB947590)
Soft Data Fax Modem with SmartCP
Spybot - Search & Destroy
TeamSpeak 2 RC2
Update for Office 2007 (KB946691)
Ventrilo Client
VeohTV BETA
Verizon High Speed Internet
Windows Live Messenger
Windows Live Photo Gallery
WinFF 0.4
WinRAR archiver
Xfire (remove only)
Yahoo! Toolbar
 
would this be it ?

ComboFix 08-10-30.12 - Sam 2008-10-31 3:59:21.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1214 [GMT -7:00]
Running from: C:\Users\Sam\Desktop\ComboFix.exe
Command switches used :: C:\Users\Sam\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Windows\System32\vghd.scr
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\DNA
C:\Program Files\DNA\btdna.exe
C:\Program Files\DNA\DNAcpl.cpl
C:\Program Files\DNA\plugins\npbtdna.dll
C:\Program Files\FrostWire
C:\Program Files\FrostWire\log.txt
C:\Program Files\vghd
C:\Program Files\vghd\dxmodules.dll
C:\Program Files\vghd\msvcr70.dll
C:\Program Files\vghd\System.dll
C:\Program Files\vghd\vghd.exe
C:\Program Files\vghd\vhd.dll
C:\Program Files\vghd\VirtuaGirl_Downloader.exe
C:\Program Files\vghd\Windows.dll
C:\Program Files\vghd\WindowsEx.dll
C:\Temp\xp34
C:\Temp\xp34\cPH.log
C:\Users\Sam\AppData\Roaming\LimeWire
C:\Users\Sam\AppData\Roaming\LimeWire\412splashfree.png
C:\Users\Sam\AppData\Roaming\LimeWire\412splashpro.png
C:\Users\Sam\AppData\Roaming\LimeWire\414splashfree.png
C:\Users\Sam\AppData\Roaming\LimeWire\certificate\limewire.keystore
C:\Users\Sam\AppData\Roaming\LimeWire\createtimes.cache
C:\Users\Sam\AppData\Roaming\LimeWire\data.ser
C:\Users\Sam\AppData\Roaming\LimeWire\downloads.dat
C:\Users\Sam\AppData\Roaming\LimeWire\fileurns.bak
C:\Users\Sam\AppData\Roaming\LimeWire\fileurns.cache
C:\Users\Sam\AppData\Roaming\LimeWire\filters.props
C:\Users\Sam\AppData\Roaming\LimeWire\gnutella.net
C:\Users\Sam\AppData\Roaming\LimeWire\installation.props
C:\Users\Sam\AppData\Roaming\LimeWire\library.dat
C:\Users\Sam\AppData\Roaming\LimeWire\limewire.props
C:\Users\Sam\AppData\Roaming\LimeWire\mojito.props
C:\Users\Sam\AppData\Roaming\LimeWire\promotion\promodb.backup
C:\Users\Sam\AppData\Roaming\LimeWire\promotion\promodb.data
C:\Users\Sam\AppData\Roaming\LimeWire\promotion\promodb.properties
C:\Users\Sam\AppData\Roaming\LimeWire\promotion\promodb.script
C:\Users\Sam\AppData\Roaming\LimeWire\pub1.key
C:\Users\Sam\AppData\Roaming\LimeWire\public.key
C:\Users\Sam\AppData\Roaming\LimeWire\questions.props
C:\Users\Sam\AppData\Roaming\LimeWire\responses.cache
C:\Users\Sam\AppData\Roaming\LimeWire\secureMessage.key
C:\Users\Sam\AppData\Roaming\LimeWire\simpp.xml
C:\Users\Sam\AppData\Roaming\LimeWire\spam.dat
C:\Users\Sam\AppData\Roaming\LimeWire\tables.props
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme.lwtp
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\01_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\02_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\03_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\04_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\05_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\chat.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\dir_closed.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\dir_open.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\forward_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\forward_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\kill.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\kill_on.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\lime.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\logo.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\notsearching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\pause_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\pause_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\play_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\play_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\question.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\rewind_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\rewind_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\searching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\splash.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\splashpro.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\stop_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\stop_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\theme.txt
C:\Users\Sam\AppData\Roaming\LimeWire\themes\black_theme\warning.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme.lwtp
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\01_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\02_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\03_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\04_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\05_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\chat.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\dir_closed.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\dir_open.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\forward_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\forward_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\kill.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\logo.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\notsearching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\pause_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\pause_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\play_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\play_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\question.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\rewind_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\rewind_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\search.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\searching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\splash.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\splashpro.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\stop_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\stop_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\theme.txt
C:\Users\Sam\AppData\Roaming\LimeWire\themes\classic_theme\warning.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme.lwtp
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\01_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\02_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\03_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\04_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\05_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\chat.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\dir_closed.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\dir_open.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\forward_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\forward_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\kill.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\kill_on.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\lime.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\logo.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\notsearching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\pause_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\pause_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\play_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\play_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\question.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\rewind_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\rewind_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\searching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\splash.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\splashpro.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\stop_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\stop_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\theme.txt
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewire_theme\warning.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme.lwtp
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\01_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\02_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\03_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\04_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\05_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\chat.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\dir_closed.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\dir_open.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\forward_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\forward_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\kill.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\kill_on.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\lime.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\logo.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\notsearching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\pause_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\pause_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\play_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\play_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\question.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\rewind_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\rewind_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\searching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\splash.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\splashpro.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\stop_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\stop_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\theme.txt
C:\Users\Sam\AppData\Roaming\LimeWire\themes\limewirePro_theme\warning.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme.lwtp
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\01_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\02_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\03_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\04_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\05_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\chat.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\forward_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\forward_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\kill.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\kill_on.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\logo.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\notsearching.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\pause_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\pause_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\play_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\play_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\question.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\rewind_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\rewind_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\searching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\splash.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\splashpro.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\stop_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\stop_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\theme.txt
C:\Users\Sam\AppData\Roaming\LimeWire\themes\other_theme\warning.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme.lwtp
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\01_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\02_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\03_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\04_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\05_star.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\chat.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\forward_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\forward_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\kill.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\kill_on.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\logo.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\notsearching.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\pause_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\pause_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\play_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\play_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\question.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\rewind_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\rewind_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\searching.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\splash.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\splashpro.png
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\stop_dn.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\stop_up.gif
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\theme.txt
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\version.txt
C:\Users\Sam\AppData\Roaming\LimeWire\themes\windows_theme\warning.gif
C:\Users\Sam\AppData\Roaming\LimeWire\ttree.cache
C:\Users\Sam\AppData\Roaming\LimeWire\ttrees.cache
C:\Users\Sam\AppData\Roaming\LimeWire\ttroot.cache
C:\Users\Sam\AppData\Roaming\LimeWire\update.xml
C:\Users\Sam\AppData\Roaming\LimeWire\version.key
C:\Users\Sam\AppData\Roaming\LimeWire\version.xml
C:\Users\Sam\AppData\Roaming\LimeWire\versions.props
C:\Users\Sam\AppData\Roaming\LimeWire\xml\data\audio.sxml2
C:\Users\Sam\AppData\Roaming\LimeWire\xml\data\delete_me
C:\Users\Sam\AppData\Roaming\LimeWire\xml\misc\application.gif
C:\Users\Sam\AppData\Roaming\LimeWire\xml\misc\audio.gif
C:\Users\Sam\AppData\Roaming\LimeWire\xml\misc\document.gif
C:\Users\Sam\AppData\Roaming\LimeWire\xml\misc\image.gif
C:\Users\Sam\AppData\Roaming\LimeWire\xml\misc\video.gif
C:\Users\Sam\AppData\Roaming\LimeWire\xml\schemas\application.xsd
C:\Users\Sam\AppData\Roaming\LimeWire\xml\schemas\audio.xsd
C:\Users\Sam\AppData\Roaming\LimeWire\xml\schemas\document.xsd
C:\Users\Sam\AppData\Roaming\LimeWire\xml\schemas\image.xsd
C:\Users\Sam\AppData\Roaming\LimeWire\xml\schemas\video.xsd
C:\Users\Sam\AppData\Roaming\uTorrent
C:\Users\Sam\AppData\Roaming\uTorrent\[051028][TYPE-MOON](129181) Fate/hollow ataraxia (1DVD)(iso)(dummycut).torrent
C:\Users\Sam\AppData\Roaming\uTorrent\2008_Sexiest_UK_Girl_Wallpapers_Widescreen_Edition_freewareboard.com.rar.1.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\2008_Sexiest_UK_Girl_Wallpapers_Widescreen_Edition_freewareboard.com.rar.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\3D Custom Girl + Uncensored Patch.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\Battlefield 1942.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\Battlefield 2142 Northern Strike PC.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\BattleField.2142.Northern.Strike-CLaiN.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\BF2.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\dht.dat
C:\Users\Sam\AppData\Roaming\uTorrent\dht.dat.old
C:\Users\Sam\AppData\Roaming\uTorrent\pr_0809_core_setup.exe.torrent
C:\Users\Sam\AppData\Roaming\uTorrent\resume.dat
C:\Users\Sam\AppData\Roaming\uTorrent\resume.dat.old
C:\Users\Sam\AppData\Roaming\uTorrent\rss.dat
C:\Users\Sam\AppData\Roaming\uTorrent\rss.dat.old
C:\Users\Sam\AppData\Roaming\uTorrent\settings.dat
C:\Users\Sam\AppData\Roaming\uTorrent\settings.dat.old
C:\Users\Sam\AppData\Roaming\uTorrent\utorrent-help.zip
C:\Users\Sam\AppData\Roaming\uTorrent\utorrent.chm
C:\Users\Sam\AppData\Roaming\uTorrent\utorrent.lng
C:\Users\Sam\AppData\Roaming\vghd
C:\Users\Sam\AppData\Roaming\vghd\Data\musics\musiclist.mpl
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backabout.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backcalendar.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backcollection.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backdelete.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backdownload_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backdownload_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backenterpassword.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\background.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backplaylists.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backregister_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backregister_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backscreensaver.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backsettings_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backsettings_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backwarnbox.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\backwarnbox_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_add_playlist_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_add_playlist_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_add_playlist_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_add_playlist_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_buy_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_buy_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_buy_off_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_buy_off_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_buy_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_buy_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_small.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_small_click.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_small_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancel_small_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancelregister_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancelregister_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancelregister_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_cancelregister_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_confirm_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_confirm_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_confirm_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_confirm_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_off_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_off_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_playlist_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_playlist_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_playlist_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_delete_playlist_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_download_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_download_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_download_off_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_download_off_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_download_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_download_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_downloadtrailer_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_downloadtrailer_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_downloadtrailer_off_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_downloadtrailer_off_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_downloadtrailer_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_downloadtrailer_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_enable_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_enable_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_enable_off_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_enable_off_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_enable_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_enable_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_finish_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_finish_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_finish_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_finish_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_no_click.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_no_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_no_on.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_no_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_ok_playlist_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_ok_playlist_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_ok_playlist_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_ok_playlist_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_ok_small.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_ok_small_click.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset1_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset1_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset1_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset1_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset2_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset2_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset2_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset2_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset3_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset3_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset3_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset3_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset4_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset4_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset4_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preset4_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preview_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preview_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preview_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_preview_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_previewsmall_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_previewsmall_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_previewsmall_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_previewsmall_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_products.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_resetdisabled_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_resetdisabled_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_resetdisabled_off_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_resetdisabled_off_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_resetdisabled_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_resetdisabled_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_select_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_select_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_select_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_select_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_show_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_show_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_show_off_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_show_off_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_show_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_show_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_skins.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_toggle_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_toggle_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_toggle_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_toggle_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_whatsnew_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_whatsnew_click_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_whatsnew_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_whatsnew_on_us.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_yes_click.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_yes_click_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_yes_on.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\button_yes_on_fr.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\calendar_comingsoon.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\calendar_nocard.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\checkbox.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\down_about.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\down_calendar.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\down_collection.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\down_downloads.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\down_settings.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\down_settings2.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\empty_girl.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\favorite.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\favorite_selected.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\list_disabled.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\list_enabled.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\logo.BMP
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\plus.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\radio.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\register_sticker.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr00001.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr00003.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr00004.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr00005.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr1.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr3.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr4.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\scr5.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\slider.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\tip_background.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\tooltip_button.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\tooltip_button_click.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\tooltip_check_off.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\tooltip_check_on.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\tooltip_close.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\up_about.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\up_calendar.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\up_collection.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\up_downloads.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\up_settings.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\up_settings2.bmp
C:\Users\Sam\AppData\Roaming\vghd\Data\skins\VirtuaGirlHD\classic skin\vgirl.pack
C:\Windows\System32\ec2
C:\Windows\System32\EV02
C:\Windows\System32\fs3
C:\Windows\System32\m3v
C:\Windows\System32\PX
C:\Windows\System32\vghd.scr
C:\Windows\System32\wi

.
((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-31 )))))))))))))))))))))))))))))))
.

2008-10-31 01:07 . 2008-10-31 01:07 <DIR> d-------- C:\Users\Sam\Incomplete
2008-10-30 23:57 . 2008-10-30 23:57 <DIR> d-------- C:\Windows\Sun
2008-10-30 23:03 . 2008-10-30 23:03 410,976 --a------ C:\Windows\System32\deploytk.dll
2008-10-30 17:38 . 2008-10-30 17:38 <DIR> d-------- C:\Users\Sam\AppData\Roaming\Malwarebytes
2008-10-30 17:38 . 2008-10-30 17:38 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-10-30 17:38 . 2008-10-30 17:38 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-10-30 17:38 . 2008-10-31 02:02 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-30 15:26 . 2008-10-30 15:26 <DIR> d-------- C:\rsit
2008-10-29 21:15 . 2008-10-29 21:15 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-29 16:53 . 2008-10-31 04:00 <DIR> d-------- C:\Temp
2008-10-29 16:52 . 2008-10-29 16:52 21,504 --a------ C:\Windows\System32\drivers\sdtr.sys
2008-10-29 16:33 . 2008-10-29 16:40 3 --a------ C:\Windows\sbacknt.bin
2008-10-28 18:45 . 2008-08-11 20:39 443,392 --a------ C:\Windows\System32\win32spl.dll
2008-10-28 18:45 . 2008-09-17 21:56 147,456 --a------ C:\Windows\System32\Faultrep.dll
2008-10-28 18:45 . 2008-09-17 21:56 125,952 --a------ C:\Windows\System32\wersvc.dll
2008-10-26 15:50 . 2008-10-31 02:07 183,128 --a------ C:\Windows\System32\PnkBstrB.exe
2008-10-26 15:50 . 2008-10-31 02:09 138,464 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-10-26 15:50 . 2008-10-26 15:50 66,872 --a------ C:\Windows\System32\PnkBstrA.exe
2008-10-24 17:26 . 2008-10-24 17:26 <DIR> d-------- C:\Users\Sam\AppData\Roaming\InstallShield Installation Information
2008-10-18 14:40 . 2008-10-18 14:40 <DIR> d-------- C:\AeriaGames
2008-10-17 21:44 . 2008-10-17 21:44 <DIR> d-------- C:\Users\Sam\Program Files
2008-10-14 17:03 . 2008-09-17 22:09 3,601,464 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-10-14 17:03 . 2008-09-17 22:09 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-10-14 17:03 . 2008-09-17 19:16 2,032,640 --a------ C:\Windows\System32\win32k.sys
2008-10-14 17:03 . 2008-10-01 18:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-10-14 17:03 . 2008-10-01 20:49 827,392 --a------ C:\Windows\System32\wininet.dll
2008-10-14 17:03 . 2008-08-26 18:06 288,768 --a------ C:\Windows\System32\drivers\srv.sys
2008-10-06 20:23 . 2008-10-06 20:23 <DIR> d-------- C:\Users\Sam\AppData\Roaming\Yahoo!
2008-10-06 20:23 . 2008-10-18 15:33 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2008-10-06 20:23 . 2008-10-18 15:33 <DIR> d-------- C:\ProgramData\Yahoo! Companion
2008-10-03 07:15 . 2008-10-03 07:15 <DIR> d-------- C:\Users\All Users\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-03 07:15 . 2008-10-03 07:15 <DIR> d-------- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-03 07:15 . 2008-10-03 07:15 <DIR> d-------- C:\Program Files\iTunes
2008-10-03 07:15 . 2008-10-03 07:15 <DIR> d-------- C:\Program Files\iPod
2008-10-01 13:01 . 2008-10-01 13:01 32,000 --a------ C:\Windows\System32\drivers\usbaapl.sys
2008-09-21 17:07 . 2008-09-21 17:07 <DIR> d-------- C:\Program Files\Common Files\EasyInfo
2008-09-19 06:27 . 2008-10-24 17:26 <DIR> d-------- C:\Program Files\EA GAMES
2008-09-15 16:05 . 2008-09-15 16:05 <DIR> d-------- C:\Program Files\Free Mp3WmaOgg Converter
2008-09-15 16:05 . 2007-10-24 18:57 835,584 --a------ C:\Windows\System32\NCTAudioCDGrabber2.dll
2008-09-14 00:54 . 2008-09-14 00:54 <DIR> d-------- C:\Program Files\Veoh Networks
2008-09-12 07:24 . 2008-09-12 07:24 <DIR> d----c--- C:\Windows\System32\DRVSTORE
2008-09-12 07:24 . 2008-04-17 13:12 107,368 --a------ C:\Windows\System32\GEARAspi.dll
2008-09-12 07:24 . 2008-04-17 13:12 15,464 --a------ C:\Windows\System32\drivers\GEARAspiWDM.sys
2008-09-12 07:22 . 2008-09-12 07:22 <DIR> d-------- C:\Program Files\QuickTime
2008-09-12 07:22 . 2008-09-12 07:22 <DIR> d-------- C:\Program Files\Bonjour
2008-09-10 03:57 . 2008-07-30 18:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-09-10 03:57 . 2008-08-01 18:01 625,152 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2008-09-10 03:57 . 2008-06-25 20:29 565,248 --a------ C:\Windows\System32\emdmgmt.dll
2008-09-10 03:57 . 2008-06-25 20:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll
2008-09-10 03:57 . 2008-05-08 12:21 211,968 --a------ C:\Windows\System32\drivers\mrxsmb10.sys
2008-09-10 03:57 . 2008-05-19 19:07 148,480 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-09-10 03:57 . 2008-06-25 20:29 45,056 --a------ C:\Windows\System32\dataclen.dll
2008-09-10 03:57 . 2008-08-01 20:26 36,864 --a------ C:\Windows\System32\cdd.dll
2008-09-10 03:57 . 2008-07-30 20:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\Windows\System32\QuickTimeVR.qtx
2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\Windows\System32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-31 09:05 --------- d-----w C:\Program Files\Java
2008-10-30 00:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-29 23:59 --------- d--h--w C:\Users\Sam\AppData\Roaming\ijjigame
2008-10-28 06:56 --------- d-----w C:\Users\Sam\AppData\Roaming\Winff
2008-10-26 22:31 682,280 ----a-w C:\Windows\System32\pbsvc.exe
2008-10-25 00:01 --------- d-----w C:\Program Files\Electronic Arts
2008-10-23 22:41 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-22 23:45 21,248 ----a-w C:\Windows\Help\OEM\Scripts\HPScript.exe
2008-10-15 14:12 --------- d-----w C:\Program Files\Windows Mail
2008-10-15 06:27 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-27 20:55 --------- d---a-w C:\ProgramData\TEMP
2008-09-27 06:45 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-09-15 23:00 --------- d-----w C:\Program Files\Blaze Media Pro
2008-09-15 06:02 --------- d-----w C:\Program Files\HooTech
2008-09-12 14:22 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-10 22:44 --------- d-----w C:\Program Files\Microsoft Works
2008-08-30 20:08 --------- d-----w C:\Program Files\Fate/hollow ataraxia
2008-08-30 19:03 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-08-30 19:00 --------- d-----w C:\Users\Sam\AppData\Roaming\Roxio
2008-08-30 07:06 --------- d-----w C:\Program Files\HP
2008-08-30 07:03 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-08-29 17:18 87,336 ----a-w C:\Windows\System32\dns-sd.exe
2008-08-29 16:53 61,440 ----a-w C:\Windows\System32\dnssd.dll
2008-08-19 19:16 131,072 ----a-w C:\Windows\System32\SpoonUninstall.exe
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-19 05:10 53,448 ----a-w C:\Windows\System32\wuauclt.exe
2008-07-19 05:10 45,768 ----a-w C:\Windows\System32\wups2.dll
2008-07-19 05:10 36,552 ----a-w C:\Windows\System32\wups.dll
2008-07-19 05:09 563,912 ----a-w C:\Windows\System32\wuapi.dll
2008-07-19 05:09 1,811,656 ----a-w C:\Windows\System32\wuaueng.dll
2008-07-19 05:08 163,904 ----a-w C:\Windows\System32\wuwebv.dll
2008-07-19 03:44 83,456 ----a-w C:\Windows\System32\wudriver.dll
2008-07-19 03:44 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-07-19 03:44 1,524,736 ----a-w C:\Windows\System32\wucltux.dll
2008-07-18 18:34 586,240 ----a-w C:\Windows\WLXPGSS.SCR
2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-06-19 01:19 174 --sha-w C:\Program Files\desktop.ini
2007-12-21 20:58 22,328 ----a-w C:\Users\Sam\AppData\Roaming\PnkBstrK.sys
.

((((((((((((((((((((((((((((( snapshot@2008-10-30_22.55.01.55 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-31 01:00:33 1,572,864 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-10-31 05:53:02 1,572,864 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
- 2008-10-30 02:54:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-31 08:50:45 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-10-30 02:54:55 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-31 08:50:45 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-10-30 02:54:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-31 08:50:45 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-31 00:44:16 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-10-31 10:58:44 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
- 2008-10-31 00:54:29 104,834 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-10-31 08:16:59 104,834 ----a-w C:\Windows\System32\perfc009.dat
- 2008-10-31 00:54:29 603,774 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-10-31 08:16:59 603,774 ----a-w C:\Windows\System32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
2008-07-28 03:46 160496 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VirtualExpanderFile.1]
@="{E4000AC4-5E5F-4956-807A-C5854405D64F}"
[HKEY_CLASSES_ROOT\CLSID\{E4000AC4-5E5F-4956-807A-C5854405D64F}]
2008-01-26 13:30 73728 --------- C:\Users\Sam\AppData\Local\Sony Corporation\VirtualExpander\VEShellExt.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 155648]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-05-22 13539872]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-05-22 92704]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2006-11-24 44136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2548796055-3142071288-23208715-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F9769C7B-896E-4EFD-8212-FFE507F32B4A}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{C43FA443-9BDB-47BA-A655-B188A5165C47}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A505F2CA-2F96-482D-BCB8-DAE1EC95354A}"= C:\Program Files\HP Connections\6811507\Program\HP Connections:HP Connections
"{4244B846-ACB8-4011-A774-E5BCDD004D5C}"= UDP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{6DA29B0A-B117-424B-AC47-BB99BD4E57AC}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{5119FB1A-4EE3-44BF-A5BA-7B7B3EE49601}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0EE9970A-D8EF-4A4F-A063-FCC5A951ADD3}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{E7709959-0D93-49BB-9A35-0DE6F5F35F4A}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{1BBCBE8B-ECD2-43A0-AEF4-00F07B1CCFD6}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{99E30E7E-F47A-49F1-A812-BFC1D2E910DD}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{E1CE631F-904C-41E5-9894-F49B9A0575A6}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{CB6AFA01-4D4D-42E3-B0CF-287B21E4A6A6}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F9B246A7-FCE4-4452-8417-859DC8A211C4}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{34F1BA11-2001-4C0E-810D-F96BDE3B4C6E}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{31707E77-5F2A-402F-99CF-3BBBF0FDEF48}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{C9FD1D12-A989-4A12-87B3-D18037153F7D}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire
"UDP Query User{C21ADAB3-9D52-48E6-8A01-21A0044A77F5}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire
"{034E55D6-3D87-409C-A97E-F16A29EC9EB3}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{A66A30B0-F12F-4B53-A96B-BDD521146BFF}C:\\program files\\steam\\steamapps\\dudforla53\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\dudforla53\counter-strike source\hl2.exe:hl2
"UDP Query User{C6981A8D-4018-4094-A5D5-A47518268C51}C:\\program files\\steam\\steamapps\\dudforla53\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\dudforla53\counter-strike source\hl2.exe:hl2
"TCP Query User{42400786-8871-43F3-8267-1F151E0F8462}C:\\program files\\rhapsody\\rhapsody.exe"= UDP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"UDP Query User{554756E3-ED2F-4020-8D35-A9407200344A}C:\\program files\\rhapsody\\rhapsody.exe"= TCP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"TCP Query User{225B4AA2-9718-40AD-B4D9-2A5425871F13}C:\\nexon\\maplestory\\patcher.exe"= UDP:C:\nexon\maplestory\patcher.exe:Patcher MFC ?? ????
"UDP Query User{5ACFC794-6023-4ABD-908C-4642485B9E4B}C:\\nexon\\maplestory\\patcher.exe"= TCP:C:\nexon\maplestory\patcher.exe:Patcher MFC ?? ????
"TCP Query User{D2E7F4B3-6CC3-4818-B4B5-5D6917917708}C:\\nexon\\maplestory\\newpatcher.exe"= UDP:C:\nexon\maplestory\newpatcher.exe:Patcher MFC ?? ????
"UDP Query User{10A28B8D-43F1-499D-B21A-726C468EEB5E}C:\\nexon\\maplestory\\newpatcher.exe"= TCP:C:\nexon\maplestory\newpatcher.exe:Patcher MFC ?? ????
"TCP Query User{20926430-4AB7-4D1D-AE11-E8149977F10F}C:\\ijji\\english\\u_sf\\soldierfront.exe"= Disabled:UDP:C:\ijji\english\u_sf\soldierfront.exe:soldierfront
"UDP Query User{A88FA4DB-0210-484E-8D11-DDB2121FDF83}C:\\ijji\\english\\u_sf\\soldierfront.exe"= Disabled:TCP:C:\ijji\english\u_sf\soldierfront.exe:soldierfront
"TCP Query User{36B4F7F1-169C-4DEE-8574-60D4039EA535}C:\\program files\\patcher.exe"= UDP:C:\program files\patcher.exe:Patcher MFC ?? ????
"UDP Query User{8821AED1-0960-400F-9AA2-E3FFAE72DEF9}C:\\program files\\patcher.exe"= TCP:C:\program files\patcher.exe:Patcher MFC ?? ????
"TCP Query User{96F1CE02-4C73-4695-8C6F-5897C3BF6F3F}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{70E4FB77-09C3-4F65-ABD7-921BDE65D68D}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{4B8B7E7E-6FDA-4D1A-BD97-C9BC74C76F34}C:\\program files\\newpatcher.exe"= UDP:C:\program files\newpatcher.exe:Patcher MFC ?? ????
"UDP Query User{C581519E-ACAD-4872-A261-A8557FF3F22C}C:\\program files\\newpatcher.exe"= TCP:C:\program files\newpatcher.exe:Patcher MFC ?? ????
"TCP Query User{317F6A51-F55E-40C9-AFDD-5D65DFFE8628}C:\\program files\\steam\\steam.exe"= UDP:C:\program files\steam\steam.exe:Steam
"UDP Query User{B277742E-3819-45A5-B009-84837CDD7F27}C:\\program files\\steam\\steam.exe"= TCP:C:\program files\steam\steam.exe:Steam
"{1CAA87E5-DF6A-44C0-9E05-7B0135796000}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{C5AA2223-4BC1-455A-8253-6C15C296A7EB}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{EEAB8383-2283-43F3-944A-7AE4DEEFA0B3}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{5D809320-D574-42C9-B5F8-77B64F88C208}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{F4D85DE7-6670-4D84-BCBC-B4129918DF93}C:\\program files\\rhapsody\\rhapsody.exe"= UDP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"UDP Query User{192BBCFE-5380-49F4-BF3C-A38DD2004994}C:\\program files\\rhapsody\\rhapsody.exe"= TCP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"{24FFFD03-9A3A-418E-A709-A4F6309A3161}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{6011C803-69E3-4DEA-90A7-943C0774CDD6}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{FA7413EE-DA2D-41E5-AC6C-B9F180333596}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"{4BA28EFD-1318-4DB4-A4EF-C510569E1B3D}"= UDP:C:\Program Files\AIM6\aim6.exe:AIM
"{360E2AC8-61A9-4676-B4A0-A4760848C57B}"= TCP:C:\Program Files\AIM6\aim6.exe:AIM
"{C7BC6FCD-49FC-45FE-ADE4-9D80BF9E67D0}"= UDP:C:\ProgramData\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{B279F710-6590-4D8C-8901-91A3B7E4D5C3}"= TCP:C:\ProgramData\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{C616EEC7-7B62-4E31-A7E7-56BDEFAC233D}"= UDP:C:\Nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{5B7BEE7E-EE78-490A-B15C-77375277EB18}"= TCP:C:\Nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{E5F4F2B3-5E20-4B2B-B64D-8903F4E1713A}"= UDP:C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"{8A1174CC-03D8-4663-A287-CBD8B03075E3}"= TCP:C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2
"{1EE4DF9D-FDEA-493A-BD4D-7CAA293D6FCC}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F18AF929-9720-4CC7-904A-44AFDFCF70FD}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{5FB159F3-2EC0-478B-AAF4-C402842B1EFF}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{8A999894-C08F-456A-A95A-C6DEB6D1366C}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{ED79165D-61E0-4724-BC8F-05487D2E929E}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{968FCA9A-0699-4D07-B797-ECEE24E99099}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"C:\\Program Files\\River Past\\Screen Recorder Pro\\ScreenRecorderPro.exe"= C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe:*:Enabled:River Past Screen Recorder Pro
"C:\\Nexon\\Combat Arms\\CombatArms.exe"= C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"C:\\Nexon\\Combat Arms\\Engine.exe"= C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe

R3 hcw18bda;Hauppauge WinTV 418 Driver;C:\Windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
S1 sdtr;sdtr;C:\Windows\system32\drivers\sdtr.sys [2008-10-29 21504]
S3 ctgame;Game Port;C:\Windows\system32\DRIVERS\ctgame.sys [2006-11-28 19128]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-01 87288]

*Newly Created Service* - PNKBSTRK
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-31 04:02:00
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-31 4:03:20
ComboFix-quarantined-files.txt 2008-10-31 11:03:12

Pre-Run: 359,606,562,816 bytes free
Post-Run: 359,642,079,232 bytes free

710 --- E O F --- 2008-10-29 10:00:43
 
The previous post is not the right File.

Code: 
Logfile of random's system information tool 1.04 (written by random/random)
Run by Sam at 2008-11-06 16:07:19
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 338 GB (72%) free of 469 GB
Total RAM: 1918 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:07:23 PM, on 11/6/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sam\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Sam.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_include/_common/Cab/GamehiSpecCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8866 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2006-11-20 155648]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-22 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-22 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe"="C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe:*:Enabled:River Past Screen Recorder Pro"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55ffa042-83cf-11dc-9183-806e6f6e6963}]
shell\AutoRun\command - E:\Autorun.exe


======List of files/folders created in the last 1 months======

2008-11-02 00:14:25 ----D---- C:\Users\Sam\AppData\Roaming\LimeWire
2008-11-01 11:48:10 ----A---- C:\Windows\system32\EncDec.dll
2008-11-01 11:48:09 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-31 14:26:47 ----D---- C:\ComboFix
2008-10-31 03:08:12 ----D---- C:\Program Files\Panda Security
2008-10-31 03:05:09 ----D---- C:\Windows\temp
2008-10-30 22:57:23 ----D---- C:\Windows\Sun
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaws.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaw.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\java.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\deploytk.dll
2008-10-30 16:41:43 ----D---- C:\Windows\ERDNT
2008-10-30 16:38:32 ----D---- C:\Users\Sam\AppData\Roaming\Malwarebytes
2008-10-30 16:38:23 ----D---- C:\ProgramData\Malwarebytes
2008-10-30 14:26:03 ----D---- C:\rsit
2008-10-29 20:15:25 ----D---- C:\Program Files\Trend Micro
2008-10-29 15:53:14 ----D---- C:\Temp
2008-10-28 17:45:44 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 17:45:44 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 17:45:43 ----A---- C:\Windows\system32\win32spl.dll
2008-10-26 14:50:07 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-26 14:50:02 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-24 16:26:22 ----D---- C:\Users\Sam\AppData\Roaming\InstallShield Installation Information
2008-10-23 19:27:27 ----A---- C:\Windows\system32\netapi32.dll
2008-10-18 13:40:30 ----D---- C:\AeriaGames
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 16:03:10 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 16:03:10 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 16:03:08 ----A---- C:\Windows\system32\jsproxy.dll

======List of files/folders modified in the last 1 months======

2008-11-06 00:05:12 ----D---- C:\Windows\Prefetch
2008-11-06 00:05:07 ----D---- C:\Program Files\Common Files
2008-11-05 21:31:26 ----SHD---- C:\System Volume Information
2008-11-04 18:14:53 ----RD---- C:\Program Files
2008-11-04 15:44:59 ----D---- C:\Windows\system32\drivers
2008-11-04 07:56:14 ----D---- C:\Windows\System32
2008-11-04 07:56:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-04 07:56:13 ----D---- C:\Windows\inf
2008-11-01 13:36:38 ----D---- C:\Windows\Microsoft.NET
2008-11-01 13:36:23 ----RSD---- C:\Windows\assembly
2008-11-01 12:20:57 ----D---- C:\Windows\ehome
2008-11-01 12:18:36 ----D---- C:\Windows\winsxs
2008-11-01 11:46:24 ----D---- C:\Windows\system32\catroot
2008-11-01 11:46:23 ----D---- C:\Windows\system32\catroot2
2008-10-31 14:27:02 ----D---- C:\Windows
2008-10-31 14:26:47 ----D---- C:\Windows\system32\en-US
2008-10-31 03:07:13 ----SD---- C:\Windows\Downloaded Program Files
2008-10-31 03:01:56 ----A---- C:\Windows\system.ini
2008-10-31 03:01:00 ----D---- C:\Windows\AppPatch
2008-10-31 01:05:35 ----SHD---- C:\Windows\Installer
2008-10-31 01:05:34 ----D---- C:\Program Files\Java
2008-10-31 00:06:19 ----D---- C:\Incomplete
2008-10-30 16:48:11 ----D---- C:\Windows\system32\config
2008-10-30 16:45:30 ----D---- C:\Program Files\Internet Explorer
2008-10-30 16:38:23 ----HD---- C:\ProgramData
2008-10-29 17:12:36 ----HD---- C:\Windows\system32\GroupPolicyUsers
2008-10-29 17:10:44 ----HD---- C:\Windows\system32\GroupPolicy
2008-10-29 16:01:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-29 15:59:01 ----HD---- C:\Users\Sam\AppData\Roaming\ijjigame
2008-10-28 18:26:42 ----D---- C:\Downloads
2008-10-27 22:56:03 ----D---- C:\Users\Sam\AppData\Roaming\Winff
2008-10-26 14:31:17 ----A---- C:\Windows\system32\pbsvc.exe
2008-10-25 19:55:34 ----RSD---- C:\Windows\Fonts
2008-10-24 16:26:26 ----D---- C:\Program Files\EA GAMES
2008-10-24 16:10:28 ----D---- C:\Windows\system32\Tasks
2008-10-24 16:01:22 ----D---- C:\Program Files\Electronic Arts
2008-10-23 14:41:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-18 14:33:40 ----D---- C:\ProgramData\Yahoo! Companion
2008-10-15 06:12:39 ----D---- C:\Windows\system32\migration
2008-10-15 06:12:39 ----D---- C:\Program Files\Windows Mail
2008-10-14 22:27:37 ----D---- C:\ProgramData\Microsoft Help
2008-10-07 11:19:40 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MCSTRM;MCSTRM; C:\Windows\system32\drivers\MCSTRM.sys [2007-06-03 8413]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hcw18bda;Hauppauge WinTV 418 Driver; C:\Windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-04 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-22 7465312]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 sdtr;sdtr; C:\Windows\system32\drivers\sdtr.sys [2008-10-29 21504]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\npkcrypt.sys []
S3 auvdl3nr;auvdl3nr; C:\Windows\system32\drivers\auvdl3nr.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmuda3.sys [2005-10-28 1355456]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2006-11-28 19128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
S3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 ntgrip;Gravis GamePort device driver; C:\Windows\system32\drivers\ntgrip.sys [2001-08-17 51552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 XDva143;XDva143; \??\C:\Windows\system32\XDva143.sys []
S3 XDva189;XDva189; \??\C:\Windows\system32\XDva189.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-22 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-26 66872]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-30 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-01 887544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-01 87288]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]

-----------------EOF-----------------

I absolutely cannot find the other file that is suppose to open
 
would this be the correct one?
Code: 
Logfile of random's system information tool 1.04 (written by random/random)
Run by Sam at 2008-11-06 16:07:19
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 338 GB (72%) free of 469 GB
Total RAM: 1918 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:07:23 PM, on 11/6/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sam\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Sam.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_include/_common/Cab/GamehiSpecCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8866 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2006-11-20 155648]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-22 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-22 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe"="C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe:*:Enabled:River Past Screen Recorder Pro"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55ffa042-83cf-11dc-9183-806e6f6e6963}]
shell\AutoRun\command - E:\Autorun.exe


======List of files/folders created in the last 1 months======

2008-11-02 00:14:25 ----D---- C:\Users\Sam\AppData\Roaming\LimeWire
2008-11-01 11:48:10 ----A---- C:\Windows\system32\EncDec.dll
2008-11-01 11:48:09 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-31 14:26:47 ----D---- C:\ComboFix
2008-10-31 03:08:12 ----D---- C:\Program Files\Panda Security
2008-10-31 03:05:09 ----D---- C:\Windows\temp
2008-10-30 22:57:23 ----D---- C:\Windows\Sun
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaws.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaw.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\java.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\deploytk.dll
2008-10-30 16:41:43 ----D---- C:\Windows\ERDNT
2008-10-30 16:38:32 ----D---- C:\Users\Sam\AppData\Roaming\Malwarebytes
2008-10-30 16:38:23 ----D---- C:\ProgramData\Malwarebytes
2008-10-30 14:26:03 ----D---- C:\rsit
2008-10-29 20:15:25 ----D---- C:\Program Files\Trend Micro
2008-10-29 15:53:14 ----D---- C:\Temp
2008-10-28 17:45:44 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 17:45:44 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 17:45:43 ----A---- C:\Windows\system32\win32spl.dll
2008-10-26 14:50:07 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-26 14:50:02 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-24 16:26:22 ----D---- C:\Users\Sam\AppData\Roaming\InstallShield Installation Information
2008-10-23 19:27:27 ----A---- C:\Windows\system32\netapi32.dll
2008-10-18 13:40:30 ----D---- C:\AeriaGames
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 16:03:10 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 16:03:10 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 16:03:08 ----A---- C:\Windows\system32\jsproxy.dll

======List of files/folders modified in the last 1 months======

2008-11-06 00:05:12 ----D---- C:\Windows\Prefetch
2008-11-06 00:05:07 ----D---- C:\Program Files\Common Files
2008-11-05 21:31:26 ----SHD---- C:\System Volume Information
2008-11-04 18:14:53 ----RD---- C:\Program Files
2008-11-04 15:44:59 ----D---- C:\Windows\system32\drivers
2008-11-04 07:56:14 ----D---- C:\Windows\System32
2008-11-04 07:56:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-04 07:56:13 ----D---- C:\Windows\inf
2008-11-01 13:36:38 ----D---- C:\Windows\Microsoft.NET
2008-11-01 13:36:23 ----RSD---- C:\Windows\assembly
2008-11-01 12:20:57 ----D---- C:\Windows\ehome
2008-11-01 12:18:36 ----D---- C:\Windows\winsxs
2008-11-01 11:46:24 ----D---- C:\Windows\system32\catroot
2008-11-01 11:46:23 ----D---- C:\Windows\system32\catroot2
2008-10-31 14:27:02 ----D---- C:\Windows
2008-10-31 14:26:47 ----D---- C:\Windows\system32\en-US
2008-10-31 03:07:13 ----SD---- C:\Windows\Downloaded Program Files
2008-10-31 03:01:56 ----A---- C:\Windows\system.ini
2008-10-31 03:01:00 ----D---- C:\Windows\AppPatch
2008-10-31 01:05:35 ----SHD---- C:\Windows\Installer
2008-10-31 01:05:34 ----D---- C:\Program Files\Java
2008-10-31 00:06:19 ----D---- C:\Incomplete
2008-10-30 16:48:11 ----D---- C:\Windows\system32\config
2008-10-30 16:45:30 ----D---- C:\Program Files\Internet Explorer
2008-10-30 16:38:23 ----HD---- C:\ProgramData
2008-10-29 17:12:36 ----HD---- C:\Windows\system32\GroupPolicyUsers
2008-10-29 17:10:44 ----HD---- C:\Windows\system32\GroupPolicy
2008-10-29 16:01:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-29 15:59:01 ----HD---- C:\Users\Sam\AppData\Roaming\ijjigame
2008-10-28 18:26:42 ----D---- C:\Downloads
2008-10-27 22:56:03 ----D---- C:\Users\Sam\AppData\Roaming\Winff
2008-10-26 14:31:17 ----A---- C:\Windows\system32\pbsvc.exe
2008-10-25 19:55:34 ----RSD---- C:\Windows\Fonts
2008-10-24 16:26:26 ----D---- C:\Program Files\EA GAMES
2008-10-24 16:10:28 ----D---- C:\Windows\system32\Tasks
2008-10-24 16:01:22 ----D---- C:\Program Files\Electronic Arts
2008-10-23 14:41:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-18 14:33:40 ----D---- C:\ProgramData\Yahoo! Companion
2008-10-15 06:12:39 ----D---- C:\Windows\system32\migration
2008-10-15 06:12:39 ----D---- C:\Program Files\Windows Mail
2008-10-14 22:27:37 ----D---- C:\ProgramData\Microsoft Help
2008-10-07 11:19:40 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MCSTRM;MCSTRM; C:\Windows\system32\drivers\MCSTRM.sys [2007-06-03 8413]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hcw18bda;Hauppauge WinTV 418 Driver; C:\Windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-04 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-22 7465312]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 sdtr;sdtr; C:\Windows\system32\drivers\sdtr.sys [2008-10-29 21504]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\npkcrypt.sys []
S3 auvdl3nr;auvdl3nr; C:\Windows\system32\drivers\auvdl3nr.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmuda3.sys [2005-10-28 1355456]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2006-11-28 19128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
S3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 ntgrip;Gravis GamePort device driver; C:\Windows\system32\drivers\ntgrip.sys [2001-08-17 51552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 XDva143;XDva143; \??\C:\Windows\system32\XDva143.sys []
S3 XDva189;XDva189; \??\C:\Windows\system32\XDva189.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-22 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-26 66872]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-30 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-01 887544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-01 87288]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]

-----------------EOF-----------------
 
yea I'm sorry I cannot seem to find the second Log file you want. Only that file seems to show everytime I run RSIT
 
Your first log was correct.

Have you used CFScript from someone else's thread?
 
no i have not. old script that was still on my computer documents location
The RSIT does not open a second window
 
Go to vista run, see here

Type "%userprofile%/Desktop/RSIT.exe" /info and press enter.

Let me know if it was now successful.
 
sorry for late response.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Sam at 2008-11-08 11:12:17
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 339 GB (72%) free of 469 GB
Total RAM: 1918 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:25 AM, on 11/8/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\conime.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\cmd.exe
C:\Users\Sam\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Sam.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter24 Class) - http://download.netmarble.com/web/nmstarter/NMStarter24.cab
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_include/_common/Cab/GamehiSpecCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Neowiz Login Control) - http://dl.sayclub.com/sayclub/sayctl/sayax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_include/_common/cab/RedbananaAutoPlay.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8854 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-06-03 2403392]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2006-11-20 155648]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-22 13539872]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-22 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-24 44136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
"C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe"="C:\Program Files\River Past\Screen Recorder Pro\ScreenRecorderPro.exe:*:Enabled:River Past Screen Recorder Pro"
"C:\Nexon\Combat Arms\CombatArms.exe"="C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms\Engine.exe"="C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55ffa042-83cf-11dc-9183-806e6f6e6963}]
shell\AutoRun\command - E:\Autorun.exe


======List of files/folders created in the last 1 months======

2008-11-07 12:10:36 ----D---- C:\f0fd5791416ab650bc
2008-11-02 00:14:25 ----D---- C:\Users\Sam\AppData\Roaming\LimeWire
2008-11-01 11:48:10 ----A---- C:\Windows\system32\EncDec.dll
2008-11-01 11:48:09 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-31 14:26:47 ----D---- C:\ComboFix
2008-10-31 03:08:12 ----D---- C:\Program Files\Panda Security
2008-10-31 03:05:09 ----D---- C:\Windows\temp
2008-10-30 22:57:23 ----D---- C:\Windows\Sun
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaws.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\javaw.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\java.exe
2008-10-30 22:03:36 ----A---- C:\Windows\system32\deploytk.dll
2008-10-30 16:41:43 ----D---- C:\Windows\ERDNT
2008-10-30 16:38:32 ----D---- C:\Users\Sam\AppData\Roaming\Malwarebytes
2008-10-30 16:38:23 ----D---- C:\ProgramData\Malwarebytes
2008-10-30 14:26:03 ----D---- C:\rsit
2008-10-29 20:15:25 ----D---- C:\Program Files\Trend Micro
2008-10-29 15:53:14 ----D---- C:\Temp
2008-10-28 17:45:44 ----A---- C:\Windows\system32\wersvc.dll
2008-10-28 17:45:44 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-28 17:45:43 ----A---- C:\Windows\system32\win32spl.dll
2008-10-26 14:50:07 ----A---- C:\Windows\system32\PnkBstrB.exe
2008-10-26 14:50:02 ----A---- C:\Windows\system32\PnkBstrA.exe
2008-10-24 16:26:22 ----D---- C:\Users\Sam\AppData\Roaming\InstallShield Installation Information
2008-10-23 19:27:27 ----A---- C:\Windows\system32\netapi32.dll
2008-10-18 13:40:30 ----D---- C:\AeriaGames
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 16:03:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-14 16:03:10 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 16:03:10 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 16:03:09 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 16:03:08 ----A---- C:\Windows\system32\jsproxy.dll

======List of files/folders modified in the last 1 months======

2008-11-08 02:35:55 ----SHD---- C:\System Volume Information
2008-11-07 22:05:45 ----D---- C:\Windows\Prefetch
2008-11-06 00:05:07 ----D---- C:\Program Files\Common Files
2008-11-04 18:14:53 ----RD---- C:\Program Files
2008-11-04 15:44:59 ----D---- C:\Windows\system32\drivers
2008-11-04 07:56:14 ----D---- C:\Windows\System32
2008-11-04 07:56:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-04 07:56:13 ----D---- C:\Windows\inf
2008-11-01 13:36:38 ----D---- C:\Windows\Microsoft.NET
2008-11-01 13:36:23 ----RSD---- C:\Windows\assembly
2008-11-01 12:20:57 ----D---- C:\Windows\ehome
2008-11-01 12:18:36 ----D---- C:\Windows\winsxs
2008-11-01 11:46:24 ----D---- C:\Windows\system32\catroot
2008-11-01 11:46:23 ----D---- C:\Windows\system32\catroot2
2008-10-31 14:27:02 ----D---- C:\Windows
2008-10-31 14:26:47 ----D---- C:\Windows\system32\en-US
2008-10-31 03:07:13 ----SD---- C:\Windows\Downloaded Program Files
2008-10-31 03:01:56 ----A---- C:\Windows\system.ini
2008-10-31 03:01:00 ----D---- C:\Windows\AppPatch
2008-10-31 01:05:35 ----SHD---- C:\Windows\Installer
2008-10-31 01:05:34 ----D---- C:\Program Files\Java
2008-10-31 00:06:19 ----D---- C:\Incomplete
2008-10-30 16:48:11 ----D---- C:\Windows\system32\config
2008-10-30 16:45:30 ----D---- C:\Program Files\Internet Explorer
2008-10-30 16:38:23 ----HD---- C:\ProgramData
2008-10-29 17:12:36 ----HD---- C:\Windows\system32\GroupPolicyUsers
2008-10-29 17:10:44 ----HD---- C:\Windows\system32\GroupPolicy
2008-10-29 16:01:02 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-29 15:59:01 ----HD---- C:\Users\Sam\AppData\Roaming\ijjigame
2008-10-28 18:26:42 ----D---- C:\Downloads
2008-10-27 22:56:03 ----D---- C:\Users\Sam\AppData\Roaming\Winff
2008-10-26 14:31:17 ----A---- C:\Windows\system32\pbsvc.exe
2008-10-25 19:55:34 ----RSD---- C:\Windows\Fonts
2008-10-24 16:26:26 ----D---- C:\Program Files\EA GAMES
2008-10-24 16:10:28 ----D---- C:\Windows\system32\Tasks
2008-10-24 16:01:22 ----D---- C:\Program Files\Electronic Arts
2008-10-23 14:41:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-18 14:33:40 ----D---- C:\ProgramData\Yahoo! Companion
2008-10-15 06:12:39 ----D---- C:\Windows\system32\migration
2008-10-15 06:12:39 ----D---- C:\Program Files\Windows Mail
2008-10-14 22:27:37 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MCSTRM;MCSTRM; C:\Windows\system32\drivers\MCSTRM.sys [2007-06-03 8413]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hcw18bda;Hauppauge WinTV 418 Driver; C:\Windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-05-04 1065384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-22 7465312]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 sdtr;sdtr; C:\Windows\system32\drivers\sdtr.sys [2008-10-29 21504]
S2 npkcrypt;npkcrypt; \??\C:\Program Files\npkcrypt.sys []
S3 auvdl3nr;auvdl3nr; C:\Windows\system32\drivers\auvdl3nr.sys []
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmuda3.sys [2005-10-28 1355456]
S3 ctgame;Game Port; C:\Windows\system32\DRIVERS\ctgame.sys [2006-11-28 19128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
S3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 ntgrip;Gravis GamePort device driver; C:\Windows\system32\drivers\ntgrip.sys [2001-08-17 51552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2005-08-17 73696]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 XDva143;XDva143; \??\C:\Windows\system32\XDva143.sys []
S3 XDva189;XDva189; \??\C:\Windows\system32\XDva189.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-22 118784]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-26 66872]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-30 72704]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-06-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-01 887544]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-01 87288]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 78752]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]

-----------------EOF-----------------
[/CODE]
Code: 
info.txt logfile of random's system information tool 1.04 2008-11-08 11:12:28

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Bistro Stars\Uninstall.exe"
-->"C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Boggle Supreme\Uninstall.exe"
-->"C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\Family Feud\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\LEGO Builder Bots\Uninstall.exe"
-->"C:\Program Files\HP Games\Mahjong Journey of Enlightenment\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\The Apprentice\Uninstall.exe"
-->"C:\Program Files\HP Games\Tornado Jockey\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0.8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
AIM 6-->C:\Program Files\AIM6\uninst.exe
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Battlefield 2: Special Forces-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x9  -removeonly
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Canon MP600-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600 /L0x0009
C-Media PCI Audio Driver-->C:\Windows\system32\CMRMDRV3.exe
dBpoweramp m4a Codec-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Free Mp3/Wma/Ogg Converter 4.0.1-->"C:\Program Files\Free Mp3WmaOgg Converter\unins000.exe"
GoldWave v5.20-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.20" "C:\Program Files\GoldWave\unstall.log"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Hardware Diagnostic Tools-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Hewlett-Packard Active Check for Health Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library 32 bit components-->MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{290B83AA-093A-45BF-A917-D1C4A1E8D917}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9  -removeonly
HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Easy Setup - Core-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9 
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9  -removeonly
HP On-Screen Caps/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
HP Total Care Advisor-->MsiExec.exe /X{CBFEEA43-2B94-44AF-8325-B413E62D2A5D}
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\wmv9vcm.inf, Uninstall
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Pocket RAR documentation-->C:\Program Files\PocketRAR\uninstall.exe
Project Reality 0809 Core-->"C:\Program Files\EA GAMES\Battlefield 2\unins000.exe"
Project Reality 0809 Levels-->"C:\Program Files\EA GAMES\Battlefield 2\unins001.exe"
Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~2\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9  -removeonly
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9-->MsiExec.exe /X{E4A02A3F-4F8A-4D94-BB99-68BC1D1CF6DB}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.INF
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
Verizon High Speed Internet-->"C:\Windows\DSL\unins000.exe"
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Photo Gallery-->MsiExec.exe /X{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}
WinFF 0.4-->"C:\Program Files\WinFF\unins000.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File======

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com

======Security center information======

AS: Windows Defender

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 67 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4302
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"PLATFORM"=HPD
"PCBRAND"=Pavilion
"OnlineServices"=Online Services
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
 
Last edited by a moderator:
Sorry for late reply, I got no email notification.

Please download the OTMoveIt3 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code: 
    :files
C:\Users\Sam\AppData\Roaming\LimeWire

:commands
[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste List of Files/Folders to Move" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
 
this wold be slightly incorrect?
do i have to follow the reboot proceedure?
========== FILES ==========
File/Folder C:\Users\Sam\AppData\Roaming\LimeWire not found.
========== COMMANDS ==========
File delete failed. C:\Users\Sam\AppData\Local\Temp\Low\~DF3121.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 11102008_111519
 
You must log in or register to reply here.
Back
Top