Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hijack log, I may have Trojan, keylogger,etc. Please help.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » August 31st, 2008, 1:48 pm

Hello, here's my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:54:05 AM, on 8/31/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11354 bytes


Thank you!
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm
Advertisement
Register to Remove

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby Shaba » September 2nd, 2008, 9:33 am

Hi rbrassea13

What kind of problems you have?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » September 2nd, 2008, 12:51 pm

Hello, about 4 days ago, I did a Norton 360 full scan and It founded this: infostealer.gampass
I deleted the file, but after another scan, it was founded in another file. I deleted the file, but I guess it's still active.

Also, after another scan, it founded : backdoor.graybird, I couldn't fix that, and I know both of those trojan/backdoor virus are dangerous to my personal information privacy.

Did you noticed something wrong in the hijackthis log?
Should I make another log?

Thank you!
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » September 2nd, 2008, 12:54 pm

I also have heard rare noises while using the computer...sounds that I have never heard in it before.
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby Shaba » September 2nd, 2008, 12:57 pm

Please post next Norton scan report if possible :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » September 2nd, 2008, 4:23 pm

Norton scan did not find anything now, I still think the backdoor virus is stillin my PC because when Norton detected it,it said that it was impossible or difficult to remove it without assistance.

Please tell meif there's a problem with the hijackthislog that I posted.

Thank you.
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby Shaba » September 3rd, 2008, 4:35 am

HijackThis is clean.

Let's some further research:

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » September 3rd, 2008, 2:10 pm

Hello, this is the log.txt:
Logfile of random's system information tool (written by random/random)
Run by RBrassea at 2008-09-03 11:04:51
Microsoft® Windows Vista™ Home Premium
System drive C: has 91 GB (40%) free of 226 GB
Total RAM: 1982 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:05:07 AM, on 9/3/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Norton 360\ScanStub.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\notepad.exe
C:\Users\RBrassea\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\RBrassea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11589 bytes

Scheduled tasks folder

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\ParetoLogic Registration.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]
HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-19 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-19 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-19 81920]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-17 218408]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-12-05 1006264]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-10 115816]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2006-11-02 2159104]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-03-31 507904]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-11-07 3739672]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

List of files/folders created in the last three months

2008-09-03 11:04:51 ----D---- C:\rsit
2008-08-31 09:44:16 ----D---- C:\Program Files\Trend Micro
2008-08-30 10:12:33 ----D---- C:\Program Files\GPLGS
2008-08-28 14:08:46 ----A---- C:\Windows\system32\BASSMOD.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wups2.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wucltux.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuaueng.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuauclt.exe
2008-08-27 15:11:01 ----A---- C:\Windows\system32\wups.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wudriver.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wuapi.dll
2008-08-27 15:10:35 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-27 15:10:34 ----A---- C:\Windows\system32\wuapp.exe
2008-08-26 20:12:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-08-26 20:09:57 ----SHD---- C:\Config.Msi
2008-08-26 20:02:52 ----D---- C:\ProgramData\Martau
2008-08-26 20:02:18 ----D---- C:\Program Files\Total Uninstall 4
2008-08-26 13:24:21 ----AD---- C:\ProgramData\TEMP
2008-08-26 13:24:12 ----D---- C:\Users\RBrassea\AppData\Roaming\PC Tools
2008-08-26 13:24:12 ----D---- C:\Program Files\Spyware Doctor
2008-08-26 10:23:58 ----A---- C:\rollback.ini
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic Anti-Virus PLUS
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic
2008-08-26 10:19:42 ----D---- C:\Program Files\Common Files\ParetoLogic
2008-08-26 10:13:30 ----D---- C:\ProgramData\Downloaded Installations
2008-08-25 15:12:23 ----D---- C:\Users\RBrassea\AppData\Roaming\FFSJ
2008-08-24 20:26:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Player Classic
2008-08-24 20:09:42 ----D---- C:\Program Files\ratDVD
2008-08-22 17:54:25 ----D---- C:\Program Files\uTorrent
2008-08-22 17:54:13 ----D---- C:\Users\RBrassea\AppData\Roaming\uTorrent
2008-08-21 18:32:29 ----D---- C:\ProgramData\Messenger Plus!
2008-08-21 18:30:25 ----D---- C:\Program Files\Messenger Plus! Live
2008-08-20 09:36:34 ----D---- C:\Program Files\SystemRequirementsLab
2008-08-20 09:36:30 ----D---- C:\Users\RBrassea\AppData\Roaming\SystemRequirementsLab
2008-08-20 09:28:42 ----D---- C:\ProgramData\Microsoft Corporation
2008-08-20 09:27:22 ----D---- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-08-19 13:18:44 ----A---- C:\Windows\system32\javaws.exe
2008-08-19 13:18:38 ----A---- C:\Windows\system32\javaw.exe
2008-08-19 13:18:29 ----A---- C:\Windows\system32\java.exe
2008-08-19 10:19:42 ----D---- C:\Users\RBrassea\AppData\Roaming\DivX
2008-08-19 10:19:03 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-08-19 10:18:45 ----D---- C:\Program Files\DivX
2008-08-18 18:19:09 ----D---- C:\Users\RBrassea\AppData\Roaming\Ahead
2008-08-18 17:18:34 ----D---- C:\Program Files\DVD Decrypter
2008-08-18 13:54:49 ----D---- C:\Program Files\AC3Filter
2008-08-18 11:29:13 ----D---- C:\Users\RBrassea\AppData\Roaming\HP
2008-08-18 09:45:45 ----D---- C:\ProgramData\LightScribe
2008-08-18 01:38:07 ----D---- C:\ProgramData\Stardock
2008-08-18 01:38:04 ----A---- C:\Windows\system32\wbhelp2.dll
2008-08-18 01:38:03 ----D---- C:\Program Files\Stardock
2008-08-17 10:34:10 ----A---- C:\Windows\system32\es.dll
2008-08-17 02:03:20 ----A---- C:\Windows\ntbtlog.txt
2008-08-16 21:59:36 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-16 21:59:36 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-16 21:56:46 ----D---- C:\Program Files\Microsoft.NET
2008-08-16 21:48:29 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-08-16 21:40:52 ----RHD---- C:\MSOCache
2008-08-16 21:33:52 ----D---- C:\Users\RBrassea\AppData\Roaming\LimeWire
2008-08-16 21:33:35 ----D---- C:\Program Files\LimeWire
2008-08-16 11:01:47 ----D---- C:\Program Files\BaroufaSoft
2008-08-16 08:00:05 ----D---- C:\Program Files\DIY DataRecovery DiskPatch
2008-08-16 03:54:22 ----A---- C:\Windows\system32\winipsec.dll
2008-08-16 03:54:22 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\polstore.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-08-16 03:52:59 ----A---- C:\Windows\system32\wtsapi32.dll
2008-08-16 03:52:55 ----A---- C:\Windows\explorer.exe
2008-08-16 03:52:54 ----A---- C:\Windows\system32\sysmain.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanhlp.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanapi.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansvc.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansec.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlanmsm.dll
2008-08-16 03:51:39 ----A---- C:\Windows\system32\WebClnt.dll
2008-08-16 03:48:14 ----A---- C:\Windows\system32\shell32.dll
2008-08-16 03:45:32 ----A---- C:\Windows\system32\tzres.dll
2008-08-16 03:37:19 ----A---- C:\Windows\system32\wmploc.DLL
2008-08-16 03:37:18 ----A---- C:\Windows\system32\wmp.dll
2008-08-16 03:37:17 ----A---- C:\Windows\system32\spwmp.dll
2008-08-16 03:37:15 ----A---- C:\Windows\system32\dxmasf.dll
2008-08-16 03:37:13 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hcrstco.dll
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hccoin.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netiougc.exe
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netcfg.exe
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-08-16 03:32:20 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-08-16 03:32:19 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-08-16 03:32:15 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-08-16 03:32:14 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-08-16 03:32:12 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-08-16 03:32:08 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-08-16 03:32:06 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-08-16 03:32:02 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0046.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0045.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0049.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0047.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0039.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0021.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0020.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0024.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0022.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0027.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0026.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0013.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0011.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0010.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0018.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0000.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0019.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0002.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0001.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0009.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0007.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0003.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004b.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004a.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004e.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004c.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData003e.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData002a.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData001a.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001d.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001b.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000c.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000a.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000f.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000d.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0416.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0414.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NlsData0816.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsData081a.dll
2008-08-16 03:31:43 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-08-16 03:27:34 ----A---- C:\Windows\system32\advpack.dll
2008-08-16 03:27:33 ----A---- C:\Windows\system32\ieapfltr.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\wininet.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\jsproxy.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtrans.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtmsft.dll
2008-08-16 03:27:28 ----A---- C:\Windows\system32\ieui.dll
2008-08-16 03:27:26 ----A---- C:\Windows\system32\ieframe.dll
2008-08-16 03:27:23 ----A---- C:\Windows\system32\mshtmled.dll
2008-08-16 03:27:21 ----A---- C:\Windows\system32\mshtml.dll
2008-08-16 03:27:17 ----A---- C:\Windows\system32\mstime.dll
2008-08-16 03:27:16 ----A---- C:\Windows\system32\icardie.dll
2008-08-16 03:27:12 ----A---- C:\Windows\system32\ieUnatt.exe
2008-08-16 03:27:10 ----A---- C:\Windows\system32\urlmon.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\pngfilt.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\ie4uinit.exe
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iesetup.dll
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iernonce.dll
2008-08-16 03:23:54 ----A---- C:\Windows\system32\setupapi.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srdelayed.exe
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srcore.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srclient.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\rstrui.exe
2008-08-16 03:23:04 ----A---- C:\Windows\system32\wpd_ci.dll
2008-08-16 03:23:04 ----A---- C:\Windows\system32\kd1394.dll
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winresume.exe
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winload.exe
2008-08-16 03:23:02 ----A---- C:\Windows\system32\ci.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\drvinst.exe
2008-08-16 03:23:01 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\oleaut32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\nshhttp.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\kbd106n.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\dpx.dll
2008-08-16 03:22:59 ----A---- C:\Windows\system32\unlodctr.exe
2008-08-16 03:22:59 ----A---- C:\Windows\system32\lodctr.exe
2008-08-16 03:22:58 ----A---- C:\Windows\system32\prflbmsg.dll
2008-08-16 03:22:58 ----A---- C:\Windows\system32\loadperf.dll
2008-08-16 03:22:57 ----A---- C:\Windows\system32\schedsvc.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\dispci.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\batt.dll
2008-08-16 03:19:58 ----A---- C:\Windows\system32\WMASF.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\LAPRXY.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\asferror.dll
2008-08-16 03:19:40 ----A---- C:\Windows\system32\gdi32.dll
2008-08-16 03:18:44 ----A---- C:\Windows\system32\wshrm.dll
2008-08-16 03:18:12 ----A---- C:\Windows\system32\sbunattend.exe
2008-08-16 03:16:43 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-08-16 03:16:43 ----A---- C:\Windows\system32\gameux.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsapi.dll
2008-08-16 03:15:35 ----A---- C:\Windows\system32\rpcrt4.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\INETRES.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-16 03:14:48 ----A---- C:\Windows\system32\quartz.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\mcmde.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\EncDec.dll
2008-08-16 03:14:04 ----A---- C:\Windows\system32\psisdecd.dll
2008-08-16 03:13:26 ----D---- C:\Program Files\MSXML 4.0
2008-08-15 19:11:33 ----D---- C:\cygdrive
2008-08-15 17:02:52 ----D---- C:\Users\RBrassea\AppData\Roaming\CyberLink
2008-08-15 16:59:20 ----D---- C:\Users\RBrassea\AppData\Roaming\dvdcss
2008-08-15 16:23:32 ----D---- C:\Program Files\Common Files\Intel
2008-08-15 16:23:30 ----D---- C:\Program Files\CounterPath
2008-08-15 14:49:14 ----D---- C:\Users\RBrassea\AppData\Roaming\Symantec
2008-08-15 11:40:37 ----D---- C:\ProgramData\OrbNetworks
2008-08-15 11:40:34 ----D---- C:\Program Files\Winamp Remote
2008-08-15 11:39:50 ----N---- C:\Windows\system32\pxcpya64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxinsa64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxhpinst.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxafs.dll
2008-08-15 11:39:46 ----N---- C:\Windows\system32\pxsfs.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\vxblock.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxwave.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxdrv.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\pxmas.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\px.dll
2008-08-15 11:39:41 ----D---- C:\Users\RBrassea\AppData\Roaming\Winamp
2008-08-15 11:39:41 ----D---- C:\Program Files\Winamp
2008-08-15 11:35:19 ----D---- C:\Users\RBrassea\AppData\Roaming\vlc
2008-08-15 11:34:32 ----D---- C:\Program Files\VideoLAN
2008-08-15 11:18:11 ----A---- C:\NBDBList.ini
2008-08-15 10:45:49 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-15 10:45:27 ----D---- C:\Program Files\Windows Live
2008-08-15 10:44:54 ----D---- C:\ProgramData\WLInstaller
2008-08-15 10:30:17 ----D---- C:\Program Files\NeroInstall.bak
2008-08-15 10:26:52 ----D---- C:\Users\RBrassea\AppData\Roaming\Nero
2008-08-15 10:26:18 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-08-15 10:21:31 ----D---- C:\ProgramData\Nero
2008-08-15 10:21:31 ----D---- C:\Program Files\Nero
2008-08-15 10:21:30 ----D---- C:\Program Files\Common Files\Nero
2008-08-15 10:10:24 ----A---- C:\Windows\system32\SymNPPWA.dll
2008-08-15 09:54:52 ----A---- C:\Windows\system32\cpwmon2k.dll
2008-08-15 09:54:51 ----D---- C:\Program Files\Acro Software
2008-08-15 09:52:13 ----D---- C:\Users\RBrassea\AppData\Roaming\TuneUp Software
2008-08-15 09:52:02 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-08-15 09:51:54 ----A---- C:\Windows\system32\uxtuneup.dll
2008-08-15 09:51:39 ----D---- C:\ProgramData\TuneUp Software
2008-08-15 09:51:05 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-08-15 09:50:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-15 09:37:24 ----D---- C:\Program Files\Norton 360
2008-08-15 09:35:35 ----D---- C:\Program Files\Symantec
2008-08-15 09:35:29 ----D---- C:\ProgramData\Symantec
2008-08-15 09:28:32 ----D---- C:\Users\RBrassea\AppData\Roaming\Mozilla
2008-08-15 09:27:54 ----D---- C:\Program Files\Mozilla Firefox
2008-08-14 23:20:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Adobe
2008-08-14 23:03:11 ----D---- C:\Users\RBrassea\AppData\Roaming\Megaupload
2008-08-14 23:03:04 ----D---- C:\Users\RBrassea\AppData\Roaming\Yahoo!
2008-08-14 23:03:04 ----D---- C:\ProgramData\Megaupload
2008-08-14 23:03:03 ----D---- C:\Users\RBrassea\AppData\Roaming\MegauploadToolbar
2008-08-14 23:03:03 ----D---- C:\ProgramData\EmailNotifier
2008-08-14 23:03:03 ----D---- C:\Program Files\MegauploadToolbar
2008-08-14 23:02:53 ----D---- C:\Program Files\Megaupload
2008-08-14 22:46:57 ----D---- C:\Users\RBrassea\AppData\Roaming\WinRAR
2008-08-14 22:43:33 ----D---- C:\Program Files\WinRar
2008-08-14 22:14:04 ----D---- C:\Program Files\Alcohol Soft
2008-08-14 21:52:58 ----D---- C:\Users\RBrassea\AppData\Roaming\Identities
2008-08-14 21:50:28 ----D---- C:\Users\RBrassea\AppData\Roaming\Macromedia
2008-08-14 21:49:59 ----D---- C:\Users\RBrassea\AppData\Roaming\Hewlett-Packard
2008-08-14 21:48:18 ----D---- C:\ProgramData\Electronic Arts
2008-08-14 21:43:36 ----D---- C:\Program Files\Electronic Arts
2008-08-14 21:43:20 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-08-14 21:43:19 ----A---- C:\Windows\system32\xinput1_2.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xinput1_1.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-08-14 21:43:17 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-08-14 21:43:09 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-08-14 21:43:06 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-08-14 21:43:05 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-08-14 21:43:04 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-08-14 21:43:03 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-08-14 21:41:30 ----D---- C:\Program Files\Common Files\LightScribe
2008-08-14 21:39:31 ----D---- C:\Program Files\Broadcom
2008-08-14 21:39:15 ----D---- C:\Users\RBrassea\AppData\Roaming\InstallShield
2008-08-14 21:38:18 ----SD---- C:\Users\RBrassea\AppData\Roaming\Microsoft
2008-08-14 21:38:18 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Center Programs
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Templates
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Start Menu
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Favorites
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Documents
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Desktop
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Application Data
2008-08-14 21:33:52 ----SHD---- C:\Documents and Settings
2008-08-14 21:31:46 ----SHD---- C:\System Volume Information
2008-07-25 01:36:00 ----A---- C:\Windows\system32\DivXsm.exe
2008-07-25 01:34:54 ----A---- C:\Windows\system32\dpl100.dll
2008-07-25 01:34:52 ----A---- C:\Windows\system32\dtu100.dll
2008-07-25 01:34:50 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpv11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpus11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu10.dll
2008-07-25 01:34:42 ----A---- C:\Windows\system32\divx_xx07.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx11.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-07-25 01:34:36 ----A---- C:\Windows\system32\DivX.dll
2008-07-25 01:34:30 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-07-23 09:50:52 ----A---- C:\Windows\system32\qt-dx331.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\ssldivx.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\libdivx.dll
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-07-23 09:46:38 ----A---- C:\Windows\system32\DivXWMPExtType.dll

List of drivers

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-08-18 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080829.001\IDSvix86.sys [2008-07-16 261680]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2007-04-14 418104]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\system32\System32\Drivers\SYMTDI.SYS []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-08-16 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-08-18 99376]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVENG.SYS [2008-08-20 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVEX15.SYS [2008-08-20 873552]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-19 7626400]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-12-05 82432]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\system32\System32\Drivers\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-08-15 123952]
R3 SYMFW;SYMFW; C:\Windows\system32\System32\Drivers\SYMFW.SYS []
R3 SYMIDS;SYMIDS; C:\Windows\system32\System32\Drivers\SYMIDS.SYS []
R3 SYMNDISV;SYMNDISV; C:\Windows\system32\System32\Drivers\SYMNDISV.SYS []
R3 SYMREDRV;SYMREDRV; C:\Windows\system32\System32\Drivers\SYMREDRV.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2007-12-05 132864]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-08-16 11264]
S3 aoc9numu;aoc9numu; C:\Windows\system32\drivers\aoc9numu.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-18 1380864]
S3 IKFileSec;File Security Driver; C:\Windows\system32\system32\drivers\ikfilesec.sys []
S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]

List of services

R2 ccEvtMgr;ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-09-30 271760]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-09-30 112016]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-13 49248]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-08-15 1251720]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-11-07 98840]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-23 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-08-15 306432]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

This is the info.txt:

info.txt logfile of random's system information tool 2008-09-03 11:05:10

Uninstall list

-->"C:\Program Files\HP Games\3D Ultra Minigolf Adventures\Uninstall.exe"
-->"C:\Program Files\HP Games\7 Wonders of the Ancient World\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest Solitaire\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Otto's Magic Blocks\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\Shooting Stars Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
AIM 6-->C:\Program Files\AIM6\uninst.exe
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IQh30CFza.INF
CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DIY DataRecovery DiskPatch 3-->"C:\Program Files\DIY DataRecovery DiskPatch\unins000.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EA Link-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F5577101-33CC-4711-8235-3A95BCD49DB0} /l1033
ESU for Microsoft Vista-->MsiExec.exe /I{68471BF2-F1F7-4C89-BBBA-400B94996596}
GearDrvs-->MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)-->C:\PROGRA~1\WinTV\UNSftMCE.EXE C:\PROGRA~1\WinTV\softMCE.LOG
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -I*.INF
Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD0E2B92-3814-46F0-893B-4612EA010C7E}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /I{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.30 E1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP QuickPlay 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP QuickTouch 1.00 C4-->MsiExec.exe /I{7DC4A410-9986-4329-9E5D-687B2C42CA39}
HP Smart Web Printing-->msiexec /i{082F8ABA-84D5-4837-9DFC-F365D91A07D4}
HP Total Care Advisor-->MsiExec.exe /X{b02df929-29a7-4fd2-9a70-81a644b635f7}
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HP User Guides 0087-->MsiExec.exe /I{4D49757C-367A-4333-BDB3-68966162B14E}
HP Wireless Assistant-->MsiExec.exe /I{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
LimeWire PRO 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
LogonStudio Vista-->C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\INSTALL.LOG
Matrix Screen Locker-->MsiExec.exe /X{34B426CD-5758-4309-AA64-3CAA49A55237}
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSCU for Microsoft Vista-->MsiExec.exe /I{F7F3B252-E772-48AA-93EB-7964BC326067}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{250E9609-E830-43EB-B379-DAB7546A2422}\muveesetup.exe -removeonly -runfromtemp
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Nero 8-->MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Norton 360 (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X
Norton 360 Help-->MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}
Norton 360-->MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360-->MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360-->MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Authentification Component-->MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
QuickPlay SlingPlayer 0.4.4-->"C:\Program Files\HP\QuickPlay\unins000.exe"
ratDVD 0.78.1444-->C:\Program Files\ratDVD\uninst.exe
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
SuppSoft-->MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}
Symantec Technical Support Controls-->MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Total Uninstall 4.9.1-->"C:\Program Files\Total Uninstall 4\unins000.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WeatherBug Gadget-->MsiExec.exe /I{209CDA54-D390-46A2-A97C-7BF61734418D}
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{F1E17FB0-12BC-45D0-ABA3-287F2A1E3A1E}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Vista Upgrade Advisor-->MsiExec.exe /I{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
X-Lite 3.0-->"C:\Program Files\CounterPath\X-Lite\unins000.exe"

Security center information

AV: Norton 360
FW: Kaspersky Anti-Hacker
FW: Norton 360
AS: Spyware Doctor (disabled)
AS: Windows Defender (disabled)
AS: Norton 360

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6802
"NUMBER_OF_PROCESSORS"=2
"PLATFORM"=MCD
"PCBRAND"=Pavilion
"OnlineServices"=Online Services
"USERPART"=E:

-----------------EOF-----------------

Thank you! Waiting for your reply.
Rene
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » September 3rd, 2008, 2:10 pm

Hello, this is the log.txt:
Logfile of random's system information tool (written by random/random)
Run by RBrassea at 2008-09-03 11:04:51
Microsoft® Windows Vista™ Home Premium
System drive C: has 91 GB (40%) free of 226 GB
Total RAM: 1982 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:05:07 AM, on 9/3/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Norton 360\ScanStub.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\notepad.exe
C:\Users\RBrassea\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\RBrassea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11589 bytes

Scheduled tasks folder

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\ParetoLogic Registration.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]
HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-19 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-19 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-19 81920]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-17 218408]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-12-05 1006264]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-10 115816]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2006-11-02 2159104]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-03-31 507904]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-11-07 3739672]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

List of files/folders created in the last three months

2008-09-03 11:04:51 ----D---- C:\rsit
2008-08-31 09:44:16 ----D---- C:\Program Files\Trend Micro
2008-08-30 10:12:33 ----D---- C:\Program Files\GPLGS
2008-08-28 14:08:46 ----A---- C:\Windows\system32\BASSMOD.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wups2.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wucltux.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuaueng.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuauclt.exe
2008-08-27 15:11:01 ----A---- C:\Windows\system32\wups.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wudriver.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wuapi.dll
2008-08-27 15:10:35 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-27 15:10:34 ----A---- C:\Windows\system32\wuapp.exe
2008-08-26 20:12:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-08-26 20:09:57 ----SHD---- C:\Config.Msi
2008-08-26 20:02:52 ----D---- C:\ProgramData\Martau
2008-08-26 20:02:18 ----D---- C:\Program Files\Total Uninstall 4
2008-08-26 13:24:21 ----AD---- C:\ProgramData\TEMP
2008-08-26 13:24:12 ----D---- C:\Users\RBrassea\AppData\Roaming\PC Tools
2008-08-26 13:24:12 ----D---- C:\Program Files\Spyware Doctor
2008-08-26 10:23:58 ----A---- C:\rollback.ini
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic Anti-Virus PLUS
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic
2008-08-26 10:19:42 ----D---- C:\Program Files\Common Files\ParetoLogic
2008-08-26 10:13:30 ----D---- C:\ProgramData\Downloaded Installations
2008-08-25 15:12:23 ----D---- C:\Users\RBrassea\AppData\Roaming\FFSJ
2008-08-24 20:26:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Player Classic
2008-08-24 20:09:42 ----D---- C:\Program Files\ratDVD
2008-08-22 17:54:25 ----D---- C:\Program Files\uTorrent
2008-08-22 17:54:13 ----D---- C:\Users\RBrassea\AppData\Roaming\uTorrent
2008-08-21 18:32:29 ----D---- C:\ProgramData\Messenger Plus!
2008-08-21 18:30:25 ----D---- C:\Program Files\Messenger Plus! Live
2008-08-20 09:36:34 ----D---- C:\Program Files\SystemRequirementsLab
2008-08-20 09:36:30 ----D---- C:\Users\RBrassea\AppData\Roaming\SystemRequirementsLab
2008-08-20 09:28:42 ----D---- C:\ProgramData\Microsoft Corporation
2008-08-20 09:27:22 ----D---- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-08-19 13:18:44 ----A---- C:\Windows\system32\javaws.exe
2008-08-19 13:18:38 ----A---- C:\Windows\system32\javaw.exe
2008-08-19 13:18:29 ----A---- C:\Windows\system32\java.exe
2008-08-19 10:19:42 ----D---- C:\Users\RBrassea\AppData\Roaming\DivX
2008-08-19 10:19:03 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-08-19 10:18:45 ----D---- C:\Program Files\DivX
2008-08-18 18:19:09 ----D---- C:\Users\RBrassea\AppData\Roaming\Ahead
2008-08-18 17:18:34 ----D---- C:\Program Files\DVD Decrypter
2008-08-18 13:54:49 ----D---- C:\Program Files\AC3Filter
2008-08-18 11:29:13 ----D---- C:\Users\RBrassea\AppData\Roaming\HP
2008-08-18 09:45:45 ----D---- C:\ProgramData\LightScribe
2008-08-18 01:38:07 ----D---- C:\ProgramData\Stardock
2008-08-18 01:38:04 ----A---- C:\Windows\system32\wbhelp2.dll
2008-08-18 01:38:03 ----D---- C:\Program Files\Stardock
2008-08-17 10:34:10 ----A---- C:\Windows\system32\es.dll
2008-08-17 02:03:20 ----A---- C:\Windows\ntbtlog.txt
2008-08-16 21:59:36 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-16 21:59:36 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-16 21:56:46 ----D---- C:\Program Files\Microsoft.NET
2008-08-16 21:48:29 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-08-16 21:40:52 ----RHD---- C:\MSOCache
2008-08-16 21:33:52 ----D---- C:\Users\RBrassea\AppData\Roaming\LimeWire
2008-08-16 21:33:35 ----D---- C:\Program Files\LimeWire
2008-08-16 11:01:47 ----D---- C:\Program Files\BaroufaSoft
2008-08-16 08:00:05 ----D---- C:\Program Files\DIY DataRecovery DiskPatch
2008-08-16 03:54:22 ----A---- C:\Windows\system32\winipsec.dll
2008-08-16 03:54:22 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\polstore.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-08-16 03:52:59 ----A---- C:\Windows\system32\wtsapi32.dll
2008-08-16 03:52:55 ----A---- C:\Windows\explorer.exe
2008-08-16 03:52:54 ----A---- C:\Windows\system32\sysmain.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanhlp.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanapi.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansvc.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansec.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlanmsm.dll
2008-08-16 03:51:39 ----A---- C:\Windows\system32\WebClnt.dll
2008-08-16 03:48:14 ----A---- C:\Windows\system32\shell32.dll
2008-08-16 03:45:32 ----A---- C:\Windows\system32\tzres.dll
2008-08-16 03:37:19 ----A---- C:\Windows\system32\wmploc.DLL
2008-08-16 03:37:18 ----A---- C:\Windows\system32\wmp.dll
2008-08-16 03:37:17 ----A---- C:\Windows\system32\spwmp.dll
2008-08-16 03:37:15 ----A---- C:\Windows\system32\dxmasf.dll
2008-08-16 03:37:13 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hcrstco.dll
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hccoin.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netiougc.exe
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netcfg.exe
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-08-16 03:32:20 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-08-16 03:32:19 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-08-16 03:32:15 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-08-16 03:32:14 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-08-16 03:32:12 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-08-16 03:32:08 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-08-16 03:32:06 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-08-16 03:32:02 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0046.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0045.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0049.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0047.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0039.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0021.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0020.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0024.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0022.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0027.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0026.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0013.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0011.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0010.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0018.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0000.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0019.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0002.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0001.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0009.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0007.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0003.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004b.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004a.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004e.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004c.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData003e.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData002a.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData001a.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001d.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001b.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000c.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000a.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000f.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000d.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0416.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0414.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NlsData0816.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsData081a.dll
2008-08-16 03:31:43 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-08-16 03:27:34 ----A---- C:\Windows\system32\advpack.dll
2008-08-16 03:27:33 ----A---- C:\Windows\system32\ieapfltr.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\wininet.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\jsproxy.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtrans.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtmsft.dll
2008-08-16 03:27:28 ----A---- C:\Windows\system32\ieui.dll
2008-08-16 03:27:26 ----A---- C:\Windows\system32\ieframe.dll
2008-08-16 03:27:23 ----A---- C:\Windows\system32\mshtmled.dll
2008-08-16 03:27:21 ----A---- C:\Windows\system32\mshtml.dll
2008-08-16 03:27:17 ----A---- C:\Windows\system32\mstime.dll
2008-08-16 03:27:16 ----A---- C:\Windows\system32\icardie.dll
2008-08-16 03:27:12 ----A---- C:\Windows\system32\ieUnatt.exe
2008-08-16 03:27:10 ----A---- C:\Windows\system32\urlmon.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\pngfilt.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\ie4uinit.exe
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iesetup.dll
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iernonce.dll
2008-08-16 03:23:54 ----A---- C:\Windows\system32\setupapi.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srdelayed.exe
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srcore.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srclient.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\rstrui.exe
2008-08-16 03:23:04 ----A---- C:\Windows\system32\wpd_ci.dll
2008-08-16 03:23:04 ----A---- C:\Windows\system32\kd1394.dll
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winresume.exe
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winload.exe
2008-08-16 03:23:02 ----A---- C:\Windows\system32\ci.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\drvinst.exe
2008-08-16 03:23:01 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\oleaut32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\nshhttp.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\kbd106n.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\dpx.dll
2008-08-16 03:22:59 ----A---- C:\Windows\system32\unlodctr.exe
2008-08-16 03:22:59 ----A---- C:\Windows\system32\lodctr.exe
2008-08-16 03:22:58 ----A---- C:\Windows\system32\prflbmsg.dll
2008-08-16 03:22:58 ----A---- C:\Windows\system32\loadperf.dll
2008-08-16 03:22:57 ----A---- C:\Windows\system32\schedsvc.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\dispci.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\batt.dll
2008-08-16 03:19:58 ----A---- C:\Windows\system32\WMASF.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\LAPRXY.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\asferror.dll
2008-08-16 03:19:40 ----A---- C:\Windows\system32\gdi32.dll
2008-08-16 03:18:44 ----A---- C:\Windows\system32\wshrm.dll
2008-08-16 03:18:12 ----A---- C:\Windows\system32\sbunattend.exe
2008-08-16 03:16:43 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-08-16 03:16:43 ----A---- C:\Windows\system32\gameux.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsapi.dll
2008-08-16 03:15:35 ----A---- C:\Windows\system32\rpcrt4.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\INETRES.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-16 03:14:48 ----A---- C:\Windows\system32\quartz.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\mcmde.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\EncDec.dll
2008-08-16 03:14:04 ----A---- C:\Windows\system32\psisdecd.dll
2008-08-16 03:13:26 ----D---- C:\Program Files\MSXML 4.0
2008-08-15 19:11:33 ----D---- C:\cygdrive
2008-08-15 17:02:52 ----D---- C:\Users\RBrassea\AppData\Roaming\CyberLink
2008-08-15 16:59:20 ----D---- C:\Users\RBrassea\AppData\Roaming\dvdcss
2008-08-15 16:23:32 ----D---- C:\Program Files\Common Files\Intel
2008-08-15 16:23:30 ----D---- C:\Program Files\CounterPath
2008-08-15 14:49:14 ----D---- C:\Users\RBrassea\AppData\Roaming\Symantec
2008-08-15 11:40:37 ----D---- C:\ProgramData\OrbNetworks
2008-08-15 11:40:34 ----D---- C:\Program Files\Winamp Remote
2008-08-15 11:39:50 ----N---- C:\Windows\system32\pxcpya64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxinsa64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxhpinst.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxafs.dll
2008-08-15 11:39:46 ----N---- C:\Windows\system32\pxsfs.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\vxblock.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxwave.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxdrv.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\pxmas.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\px.dll
2008-08-15 11:39:41 ----D---- C:\Users\RBrassea\AppData\Roaming\Winamp
2008-08-15 11:39:41 ----D---- C:\Program Files\Winamp
2008-08-15 11:35:19 ----D---- C:\Users\RBrassea\AppData\Roaming\vlc
2008-08-15 11:34:32 ----D---- C:\Program Files\VideoLAN
2008-08-15 11:18:11 ----A---- C:\NBDBList.ini
2008-08-15 10:45:49 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-15 10:45:27 ----D---- C:\Program Files\Windows Live
2008-08-15 10:44:54 ----D---- C:\ProgramData\WLInstaller
2008-08-15 10:30:17 ----D---- C:\Program Files\NeroInstall.bak
2008-08-15 10:26:52 ----D---- C:\Users\RBrassea\AppData\Roaming\Nero
2008-08-15 10:26:18 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-08-15 10:21:31 ----D---- C:\ProgramData\Nero
2008-08-15 10:21:31 ----D---- C:\Program Files\Nero
2008-08-15 10:21:30 ----D---- C:\Program Files\Common Files\Nero
2008-08-15 10:10:24 ----A---- C:\Windows\system32\SymNPPWA.dll
2008-08-15 09:54:52 ----A---- C:\Windows\system32\cpwmon2k.dll
2008-08-15 09:54:51 ----D---- C:\Program Files\Acro Software
2008-08-15 09:52:13 ----D---- C:\Users\RBrassea\AppData\Roaming\TuneUp Software
2008-08-15 09:52:02 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-08-15 09:51:54 ----A---- C:\Windows\system32\uxtuneup.dll
2008-08-15 09:51:39 ----D---- C:\ProgramData\TuneUp Software
2008-08-15 09:51:05 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-08-15 09:50:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-15 09:37:24 ----D---- C:\Program Files\Norton 360
2008-08-15 09:35:35 ----D---- C:\Program Files\Symantec
2008-08-15 09:35:29 ----D---- C:\ProgramData\Symantec
2008-08-15 09:28:32 ----D---- C:\Users\RBrassea\AppData\Roaming\Mozilla
2008-08-15 09:27:54 ----D---- C:\Program Files\Mozilla Firefox
2008-08-14 23:20:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Adobe
2008-08-14 23:03:11 ----D---- C:\Users\RBrassea\AppData\Roaming\Megaupload
2008-08-14 23:03:04 ----D---- C:\Users\RBrassea\AppData\Roaming\Yahoo!
2008-08-14 23:03:04 ----D---- C:\ProgramData\Megaupload
2008-08-14 23:03:03 ----D---- C:\Users\RBrassea\AppData\Roaming\MegauploadToolbar
2008-08-14 23:03:03 ----D---- C:\ProgramData\EmailNotifier
2008-08-14 23:03:03 ----D---- C:\Program Files\MegauploadToolbar
2008-08-14 23:02:53 ----D---- C:\Program Files\Megaupload
2008-08-14 22:46:57 ----D---- C:\Users\RBrassea\AppData\Roaming\WinRAR
2008-08-14 22:43:33 ----D---- C:\Program Files\WinRar
2008-08-14 22:14:04 ----D---- C:\Program Files\Alcohol Soft
2008-08-14 21:52:58 ----D---- C:\Users\RBrassea\AppData\Roaming\Identities
2008-08-14 21:50:28 ----D---- C:\Users\RBrassea\AppData\Roaming\Macromedia
2008-08-14 21:49:59 ----D---- C:\Users\RBrassea\AppData\Roaming\Hewlett-Packard
2008-08-14 21:48:18 ----D---- C:\ProgramData\Electronic Arts
2008-08-14 21:43:36 ----D---- C:\Program Files\Electronic Arts
2008-08-14 21:43:20 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-08-14 21:43:19 ----A---- C:\Windows\system32\xinput1_2.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xinput1_1.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-08-14 21:43:17 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-08-14 21:43:09 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-08-14 21:43:06 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-08-14 21:43:05 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-08-14 21:43:04 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-08-14 21:43:03 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-08-14 21:41:30 ----D---- C:\Program Files\Common Files\LightScribe
2008-08-14 21:39:31 ----D---- C:\Program Files\Broadcom
2008-08-14 21:39:15 ----D---- C:\Users\RBrassea\AppData\Roaming\InstallShield
2008-08-14 21:38:18 ----SD---- C:\Users\RBrassea\AppData\Roaming\Microsoft
2008-08-14 21:38:18 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Center Programs
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Templates
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Start Menu
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Favorites
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Documents
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Desktop
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Application Data
2008-08-14 21:33:52 ----SHD---- C:\Documents and Settings
2008-08-14 21:31:46 ----SHD---- C:\System Volume Information
2008-07-25 01:36:00 ----A---- C:\Windows\system32\DivXsm.exe
2008-07-25 01:34:54 ----A---- C:\Windows\system32\dpl100.dll
2008-07-25 01:34:52 ----A---- C:\Windows\system32\dtu100.dll
2008-07-25 01:34:50 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpv11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpus11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu10.dll
2008-07-25 01:34:42 ----A---- C:\Windows\system32\divx_xx07.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx11.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-07-25 01:34:36 ----A---- C:\Windows\system32\DivX.dll
2008-07-25 01:34:30 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-07-23 09:50:52 ----A---- C:\Windows\system32\qt-dx331.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\ssldivx.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\libdivx.dll
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-07-23 09:46:38 ----A---- C:\Windows\system32\DivXWMPExtType.dll

List of drivers

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-08-18 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080829.001\IDSvix86.sys [2008-07-16 261680]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2007-04-14 418104]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\system32\System32\Drivers\SYMTDI.SYS []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-08-16 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-08-18 99376]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVENG.SYS [2008-08-20 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVEX15.SYS [2008-08-20 873552]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-19 7626400]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-12-05 82432]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\system32\System32\Drivers\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-08-15 123952]
R3 SYMFW;SYMFW; C:\Windows\system32\System32\Drivers\SYMFW.SYS []
R3 SYMIDS;SYMIDS; C:\Windows\system32\System32\Drivers\SYMIDS.SYS []
R3 SYMNDISV;SYMNDISV; C:\Windows\system32\System32\Drivers\SYMNDISV.SYS []
R3 SYMREDRV;SYMREDRV; C:\Windows\system32\System32\Drivers\SYMREDRV.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2007-12-05 132864]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-08-16 11264]
S3 aoc9numu;aoc9numu; C:\Windows\system32\drivers\aoc9numu.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-18 1380864]
S3 IKFileSec;File Security Driver; C:\Windows\system32\system32\drivers\ikfilesec.sys []
S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]

List of services

R2 ccEvtMgr;ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-09-30 271760]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-09-30 112016]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-13 49248]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-08-15 1251720]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-11-07 98840]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-23 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-08-15 306432]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

This is the info.txt:

info.txt logfile of random's system information tool 2008-09-03 11:05:10

Uninstall list

-->"C:\Program Files\HP Games\3D Ultra Minigolf Adventures\Uninstall.exe"
-->"C:\Program Files\HP Games\7 Wonders of the Ancient World\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest Solitaire\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Otto's Magic Blocks\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\Shooting Stars Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
AIM 6-->C:\Program Files\AIM6\uninst.exe
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IQh30CFza.INF
CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DIY DataRecovery DiskPatch 3-->"C:\Program Files\DIY DataRecovery DiskPatch\unins000.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EA Link-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F5577101-33CC-4711-8235-3A95BCD49DB0} /l1033
ESU for Microsoft Vista-->MsiExec.exe /I{68471BF2-F1F7-4C89-BBBA-400B94996596}
GearDrvs-->MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)-->C:\PROGRA~1\WinTV\UNSftMCE.EXE C:\PROGRA~1\WinTV\softMCE.LOG
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -I*.INF
Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD0E2B92-3814-46F0-893B-4612EA010C7E}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /I{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.30 E1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP QuickPlay 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP QuickTouch 1.00 C4-->MsiExec.exe /I{7DC4A410-9986-4329-9E5D-687B2C42CA39}
HP Smart Web Printing-->msiexec /i{082F8ABA-84D5-4837-9DFC-F365D91A07D4}
HP Total Care Advisor-->MsiExec.exe /X{b02df929-29a7-4fd2-9a70-81a644b635f7}
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HP User Guides 0087-->MsiExec.exe /I{4D49757C-367A-4333-BDB3-68966162B14E}
HP Wireless Assistant-->MsiExec.exe /I{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
LimeWire PRO 4.18.3-->"C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
LogonStudio Vista-->C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\INSTALL.LOG
Matrix Screen Locker-->MsiExec.exe /X{34B426CD-5758-4309-AA64-3CAA49A55237}
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSCU for Microsoft Vista-->MsiExec.exe /I{F7F3B252-E772-48AA-93EB-7964BC326067}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{250E9609-E830-43EB-B379-DAB7546A2422}\muveesetup.exe -removeonly -runfromtemp
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Nero 8-->MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Norton 360 (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X
Norton 360 Help-->MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}
Norton 360-->MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360-->MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360-->MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Authentification Component-->MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
QuickPlay SlingPlayer 0.4.4-->"C:\Program Files\HP\QuickPlay\unins000.exe"
ratDVD 0.78.1444-->C:\Program Files\ratDVD\uninst.exe
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
SuppSoft-->MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}
Symantec Technical Support Controls-->MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Total Uninstall 4.9.1-->"C:\Program Files\Total Uninstall 4\unins000.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WeatherBug Gadget-->MsiExec.exe /I{209CDA54-D390-46A2-A97C-7BF61734418D}
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{F1E17FB0-12BC-45D0-ABA3-287F2A1E3A1E}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Vista Upgrade Advisor-->MsiExec.exe /I{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
X-Lite 3.0-->"C:\Program Files\CounterPath\X-Lite\unins000.exe"

Security center information

AV: Norton 360
FW: Kaspersky Anti-Hacker
FW: Norton 360
AS: Spyware Doctor (disabled)
AS: Windows Defender (disabled)
AS: Norton 360

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6802
"NUMBER_OF_PROCESSORS"=2
"PLATFORM"=MCD
"PCBRAND"=Pavilion
"OnlineServices"=Online Services
"USERPART"=E:

-----------------EOF-----------------

Thank you! Waiting for your reply.
Rene
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby Shaba » September 3rd, 2008, 2:27 pm

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

LimeWire PRO 4.18.3

I'd like you to read the MRU policy for P2P Programs.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Delete info.txt from c:\rsit folder

Please run a new rsit scan when finished and post logs back here.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » September 3rd, 2008, 4:25 pm

OK, I uninstalled it...here are the logs:
log.txt:

Logfile of random's system information tool (written by random/random)
Run by RBrassea at 2008-09-03 13:21:58
Microsoft® Windows Vista™ Home Premium
System drive C: has 91 GB (40%) free of 226 GB
Total RAM: 1982 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:22:10 PM, on 9/3/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Norton 360\ScanStub.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\notepad.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\RBrassea\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\RBrassea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11588 bytes

Scheduled tasks folder

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\ParetoLogic Registration.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]
HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-19 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-19 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-19 81920]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-17 218408]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-12-05 1006264]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-10 115816]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2006-11-02 2159104]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-03-31 507904]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-11-07 3739672]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

List of files/folders created in the last three months

2008-09-03 11:04:51 ----D---- C:\rsit
2008-08-31 09:44:16 ----D---- C:\Program Files\Trend Micro
2008-08-30 10:12:33 ----D---- C:\Program Files\GPLGS
2008-08-28 14:08:46 ----A---- C:\Windows\system32\BASSMOD.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wups2.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wucltux.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuaueng.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuauclt.exe
2008-08-27 15:11:01 ----A---- C:\Windows\system32\wups.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wudriver.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wuapi.dll
2008-08-27 15:10:35 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-27 15:10:34 ----A---- C:\Windows\system32\wuapp.exe
2008-08-26 20:12:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-08-26 20:09:57 ----SHD---- C:\Config.Msi
2008-08-26 20:02:52 ----D---- C:\ProgramData\Martau
2008-08-26 20:02:18 ----D---- C:\Program Files\Total Uninstall 4
2008-08-26 13:24:21 ----AD---- C:\ProgramData\TEMP
2008-08-26 13:24:12 ----D---- C:\Users\RBrassea\AppData\Roaming\PC Tools
2008-08-26 13:24:12 ----D---- C:\Program Files\Spyware Doctor
2008-08-26 10:23:58 ----A---- C:\rollback.ini
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic Anti-Virus PLUS
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic
2008-08-26 10:19:42 ----D---- C:\Program Files\Common Files\ParetoLogic
2008-08-26 10:13:30 ----D---- C:\ProgramData\Downloaded Installations
2008-08-25 15:12:23 ----D---- C:\Users\RBrassea\AppData\Roaming\FFSJ
2008-08-24 20:26:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Player Classic
2008-08-24 20:09:42 ----D---- C:\Program Files\ratDVD
2008-08-22 17:54:25 ----D---- C:\Program Files\uTorrent
2008-08-22 17:54:13 ----D---- C:\Users\RBrassea\AppData\Roaming\uTorrent
2008-08-21 18:32:29 ----D---- C:\ProgramData\Messenger Plus!
2008-08-21 18:30:25 ----D---- C:\Program Files\Messenger Plus! Live
2008-08-20 09:36:34 ----D---- C:\Program Files\SystemRequirementsLab
2008-08-20 09:36:30 ----D---- C:\Users\RBrassea\AppData\Roaming\SystemRequirementsLab
2008-08-20 09:28:42 ----D---- C:\ProgramData\Microsoft Corporation
2008-08-20 09:27:22 ----D---- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-08-19 13:18:44 ----A---- C:\Windows\system32\javaws.exe
2008-08-19 13:18:38 ----A---- C:\Windows\system32\javaw.exe
2008-08-19 13:18:29 ----A---- C:\Windows\system32\java.exe
2008-08-19 10:19:42 ----D---- C:\Users\RBrassea\AppData\Roaming\DivX
2008-08-19 10:19:03 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-08-19 10:18:45 ----D---- C:\Program Files\DivX
2008-08-18 18:19:09 ----D---- C:\Users\RBrassea\AppData\Roaming\Ahead
2008-08-18 17:18:34 ----D---- C:\Program Files\DVD Decrypter
2008-08-18 13:54:49 ----D---- C:\Program Files\AC3Filter
2008-08-18 11:29:13 ----D---- C:\Users\RBrassea\AppData\Roaming\HP
2008-08-18 09:45:45 ----D---- C:\ProgramData\LightScribe
2008-08-18 01:38:07 ----D---- C:\ProgramData\Stardock
2008-08-18 01:38:04 ----A---- C:\Windows\system32\wbhelp2.dll
2008-08-18 01:38:03 ----D---- C:\Program Files\Stardock
2008-08-17 10:34:10 ----A---- C:\Windows\system32\es.dll
2008-08-17 02:03:20 ----A---- C:\Windows\ntbtlog.txt
2008-08-16 21:59:36 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-16 21:59:36 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-16 21:56:46 ----D---- C:\Program Files\Microsoft.NET
2008-08-16 21:48:29 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-08-16 21:40:52 ----RHD---- C:\MSOCache
2008-08-16 21:33:52 ----D---- C:\Users\RBrassea\AppData\Roaming\LimeWire
2008-08-16 21:33:35 ----D---- C:\Program Files\LimeWire
2008-08-16 11:01:47 ----D---- C:\Program Files\BaroufaSoft
2008-08-16 08:00:05 ----D---- C:\Program Files\DIY DataRecovery DiskPatch
2008-08-16 03:54:22 ----A---- C:\Windows\system32\winipsec.dll
2008-08-16 03:54:22 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\polstore.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-08-16 03:52:59 ----A---- C:\Windows\system32\wtsapi32.dll
2008-08-16 03:52:55 ----A---- C:\Windows\explorer.exe
2008-08-16 03:52:54 ----A---- C:\Windows\system32\sysmain.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanhlp.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanapi.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansvc.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansec.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlanmsm.dll
2008-08-16 03:51:39 ----A---- C:\Windows\system32\WebClnt.dll
2008-08-16 03:48:14 ----A---- C:\Windows\system32\shell32.dll
2008-08-16 03:45:32 ----A---- C:\Windows\system32\tzres.dll
2008-08-16 03:37:19 ----A---- C:\Windows\system32\wmploc.DLL
2008-08-16 03:37:18 ----A---- C:\Windows\system32\wmp.dll
2008-08-16 03:37:17 ----A---- C:\Windows\system32\spwmp.dll
2008-08-16 03:37:15 ----A---- C:\Windows\system32\dxmasf.dll
2008-08-16 03:37:13 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hcrstco.dll
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hccoin.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netiougc.exe
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netcfg.exe
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-08-16 03:32:20 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-08-16 03:32:19 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-08-16 03:32:15 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-08-16 03:32:14 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-08-16 03:32:12 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-08-16 03:32:08 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-08-16 03:32:06 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-08-16 03:32:02 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0046.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0045.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0049.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0047.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0039.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0021.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0020.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0024.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0022.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0027.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0026.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0013.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0011.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0010.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0018.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0000.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0019.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0002.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0001.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0009.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0007.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0003.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004b.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004a.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004e.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004c.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData003e.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData002a.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData001a.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001d.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001b.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000c.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000a.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000f.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000d.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0416.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0414.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NlsData0816.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsData081a.dll
2008-08-16 03:31:43 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-08-16 03:27:34 ----A---- C:\Windows\system32\advpack.dll
2008-08-16 03:27:33 ----A---- C:\Windows\system32\ieapfltr.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\wininet.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\jsproxy.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtrans.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtmsft.dll
2008-08-16 03:27:28 ----A---- C:\Windows\system32\ieui.dll
2008-08-16 03:27:26 ----A---- C:\Windows\system32\ieframe.dll
2008-08-16 03:27:23 ----A---- C:\Windows\system32\mshtmled.dll
2008-08-16 03:27:21 ----A---- C:\Windows\system32\mshtml.dll
2008-08-16 03:27:17 ----A---- C:\Windows\system32\mstime.dll
2008-08-16 03:27:16 ----A---- C:\Windows\system32\icardie.dll
2008-08-16 03:27:12 ----A---- C:\Windows\system32\ieUnatt.exe
2008-08-16 03:27:10 ----A---- C:\Windows\system32\urlmon.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\pngfilt.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\ie4uinit.exe
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iesetup.dll
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iernonce.dll
2008-08-16 03:23:54 ----A---- C:\Windows\system32\setupapi.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srdelayed.exe
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srcore.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srclient.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\rstrui.exe
2008-08-16 03:23:04 ----A---- C:\Windows\system32\wpd_ci.dll
2008-08-16 03:23:04 ----A---- C:\Windows\system32\kd1394.dll
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winresume.exe
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winload.exe
2008-08-16 03:23:02 ----A---- C:\Windows\system32\ci.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\drvinst.exe
2008-08-16 03:23:01 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\oleaut32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\nshhttp.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\kbd106n.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\dpx.dll
2008-08-16 03:22:59 ----A---- C:\Windows\system32\unlodctr.exe
2008-08-16 03:22:59 ----A---- C:\Windows\system32\lodctr.exe
2008-08-16 03:22:58 ----A---- C:\Windows\system32\prflbmsg.dll
2008-08-16 03:22:58 ----A---- C:\Windows\system32\loadperf.dll
2008-08-16 03:22:57 ----A---- C:\Windows\system32\schedsvc.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\dispci.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\batt.dll
2008-08-16 03:19:58 ----A---- C:\Windows\system32\WMASF.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\LAPRXY.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\asferror.dll
2008-08-16 03:19:40 ----A---- C:\Windows\system32\gdi32.dll
2008-08-16 03:18:44 ----A---- C:\Windows\system32\wshrm.dll
2008-08-16 03:18:12 ----A---- C:\Windows\system32\sbunattend.exe
2008-08-16 03:16:43 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-08-16 03:16:43 ----A---- C:\Windows\system32\gameux.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsapi.dll
2008-08-16 03:15:35 ----A---- C:\Windows\system32\rpcrt4.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\INETRES.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-16 03:14:48 ----A---- C:\Windows\system32\quartz.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\mcmde.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\EncDec.dll
2008-08-16 03:14:04 ----A---- C:\Windows\system32\psisdecd.dll
2008-08-16 03:13:26 ----D---- C:\Program Files\MSXML 4.0
2008-08-15 19:11:33 ----D---- C:\cygdrive
2008-08-15 17:02:52 ----D---- C:\Users\RBrassea\AppData\Roaming\CyberLink
2008-08-15 16:59:20 ----D---- C:\Users\RBrassea\AppData\Roaming\dvdcss
2008-08-15 16:23:32 ----D---- C:\Program Files\Common Files\Intel
2008-08-15 16:23:30 ----D---- C:\Program Files\CounterPath
2008-08-15 14:49:14 ----D---- C:\Users\RBrassea\AppData\Roaming\Symantec
2008-08-15 11:40:37 ----D---- C:\ProgramData\OrbNetworks
2008-08-15 11:40:34 ----D---- C:\Program Files\Winamp Remote
2008-08-15 11:39:50 ----N---- C:\Windows\system32\pxcpya64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxinsa64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxhpinst.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxafs.dll
2008-08-15 11:39:46 ----N---- C:\Windows\system32\pxsfs.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\vxblock.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxwave.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxdrv.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\pxmas.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\px.dll
2008-08-15 11:39:41 ----D---- C:\Users\RBrassea\AppData\Roaming\Winamp
2008-08-15 11:39:41 ----D---- C:\Program Files\Winamp
2008-08-15 11:35:19 ----D---- C:\Users\RBrassea\AppData\Roaming\vlc
2008-08-15 11:34:32 ----D---- C:\Program Files\VideoLAN
2008-08-15 11:18:11 ----A---- C:\NBDBList.ini
2008-08-15 10:45:49 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-15 10:45:27 ----D---- C:\Program Files\Windows Live
2008-08-15 10:44:54 ----D---- C:\ProgramData\WLInstaller
2008-08-15 10:30:17 ----D---- C:\Program Files\NeroInstall.bak
2008-08-15 10:26:52 ----D---- C:\Users\RBrassea\AppData\Roaming\Nero
2008-08-15 10:26:18 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-08-15 10:21:31 ----D---- C:\ProgramData\Nero
2008-08-15 10:21:31 ----D---- C:\Program Files\Nero
2008-08-15 10:21:30 ----D---- C:\Program Files\Common Files\Nero
2008-08-15 10:10:24 ----A---- C:\Windows\system32\SymNPPWA.dll
2008-08-15 09:54:52 ----A---- C:\Windows\system32\cpwmon2k.dll
2008-08-15 09:54:51 ----D---- C:\Program Files\Acro Software
2008-08-15 09:52:13 ----D---- C:\Users\RBrassea\AppData\Roaming\TuneUp Software
2008-08-15 09:52:02 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-08-15 09:51:54 ----A---- C:\Windows\system32\uxtuneup.dll
2008-08-15 09:51:39 ----D---- C:\ProgramData\TuneUp Software
2008-08-15 09:51:05 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-08-15 09:50:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-15 09:37:24 ----D---- C:\Program Files\Norton 360
2008-08-15 09:35:35 ----D---- C:\Program Files\Symantec
2008-08-15 09:35:29 ----D---- C:\ProgramData\Symantec
2008-08-15 09:28:32 ----D---- C:\Users\RBrassea\AppData\Roaming\Mozilla
2008-08-15 09:27:54 ----D---- C:\Program Files\Mozilla Firefox
2008-08-14 23:20:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Adobe
2008-08-14 23:03:11 ----D---- C:\Users\RBrassea\AppData\Roaming\Megaupload
2008-08-14 23:03:04 ----D---- C:\Users\RBrassea\AppData\Roaming\Yahoo!
2008-08-14 23:03:04 ----D---- C:\ProgramData\Megaupload
2008-08-14 23:03:03 ----D---- C:\Users\RBrassea\AppData\Roaming\MegauploadToolbar
2008-08-14 23:03:03 ----D---- C:\ProgramData\EmailNotifier
2008-08-14 23:03:03 ----D---- C:\Program Files\MegauploadToolbar
2008-08-14 23:02:53 ----D---- C:\Program Files\Megaupload
2008-08-14 22:46:57 ----D---- C:\Users\RBrassea\AppData\Roaming\WinRAR
2008-08-14 22:43:33 ----D---- C:\Program Files\WinRar
2008-08-14 22:14:04 ----D---- C:\Program Files\Alcohol Soft
2008-08-14 21:52:58 ----D---- C:\Users\RBrassea\AppData\Roaming\Identities
2008-08-14 21:50:28 ----D---- C:\Users\RBrassea\AppData\Roaming\Macromedia
2008-08-14 21:49:59 ----D---- C:\Users\RBrassea\AppData\Roaming\Hewlett-Packard
2008-08-14 21:48:18 ----D---- C:\ProgramData\Electronic Arts
2008-08-14 21:43:36 ----D---- C:\Program Files\Electronic Arts
2008-08-14 21:43:20 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-08-14 21:43:19 ----A---- C:\Windows\system32\xinput1_2.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xinput1_1.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-08-14 21:43:17 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-08-14 21:43:09 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-08-14 21:43:06 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-08-14 21:43:05 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-08-14 21:43:04 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-08-14 21:43:03 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-08-14 21:41:30 ----D---- C:\Program Files\Common Files\LightScribe
2008-08-14 21:39:31 ----D---- C:\Program Files\Broadcom
2008-08-14 21:39:15 ----D---- C:\Users\RBrassea\AppData\Roaming\InstallShield
2008-08-14 21:38:18 ----SD---- C:\Users\RBrassea\AppData\Roaming\Microsoft
2008-08-14 21:38:18 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Center Programs
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Templates
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Start Menu
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Favorites
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Documents
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Desktop
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Application Data
2008-08-14 21:33:52 ----SHD---- C:\Documents and Settings
2008-08-14 21:31:46 ----SHD---- C:\System Volume Information
2008-07-25 01:36:00 ----A---- C:\Windows\system32\DivXsm.exe
2008-07-25 01:34:54 ----A---- C:\Windows\system32\dpl100.dll
2008-07-25 01:34:52 ----A---- C:\Windows\system32\dtu100.dll
2008-07-25 01:34:50 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpv11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpus11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu10.dll
2008-07-25 01:34:42 ----A---- C:\Windows\system32\divx_xx07.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx11.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-07-25 01:34:36 ----A---- C:\Windows\system32\DivX.dll
2008-07-25 01:34:30 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-07-23 09:50:52 ----A---- C:\Windows\system32\qt-dx331.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\ssldivx.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\libdivx.dll
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-07-23 09:46:38 ----A---- C:\Windows\system32\DivXWMPExtType.dll

List of drivers

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-08-18 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080829.001\IDSvix86.sys [2008-07-16 261680]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2007-04-14 418104]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\system32\System32\Drivers\SYMTDI.SYS []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-08-16 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-08-18 99376]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVENG.SYS [2008-08-20 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVEX15.SYS [2008-08-20 873552]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-19 7626400]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-12-05 82432]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\system32\System32\Drivers\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-08-15 123952]
R3 SYMFW;SYMFW; C:\Windows\system32\System32\Drivers\SYMFW.SYS []
R3 SYMIDS;SYMIDS; C:\Windows\system32\System32\Drivers\SYMIDS.SYS []
R3 SYMNDISV;SYMNDISV; C:\Windows\system32\System32\Drivers\SYMNDISV.SYS []
R3 SYMREDRV;SYMREDRV; C:\Windows\system32\System32\Drivers\SYMREDRV.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2007-12-05 132864]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-08-16 11264]
S3 aoc9numu;aoc9numu; C:\Windows\system32\drivers\aoc9numu.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-18 1380864]
S3 IKFileSec;File Security Driver; C:\Windows\system32\system32\drivers\ikfilesec.sys []
S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]

List of services

R2 ccEvtMgr;ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-09-30 271760]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-09-30 112016]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-13 49248]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-08-15 1251720]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-11-07 98840]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-23 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-08-15 306432]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Info.txt:

info.txt logfile of random's system information tool 2008-09-03 13:22:16

Uninstall list

-->"C:\Program Files\HP Games\3D Ultra Minigolf Adventures\Uninstall.exe"
-->"C:\Program Files\HP Games\7 Wonders of the Ancient World\Uninstall.exe"
-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest Solitaire\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Otto's Magic Blocks\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\Shooting Stars Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - Chapter 2 - The Lost Children\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
AIM 6-->C:\Program Files\AIM6\uninst.exe
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Broadcom 802.11 Wireless LAN Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IQh30CFza.INF
CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DIY DataRecovery DiskPatch 3-->"C:\Program Files\DIY DataRecovery DiskPatch\unins000.exe"
DVD Decrypter (Remove Only)-->"C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EA Link-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F5577101-33CC-4711-8235-3A95BCD49DB0} /l1033
ESU for Microsoft Vista-->MsiExec.exe /I{68471BF2-F1F7-4C89-BBBA-400B94996596}
GearDrvs-->MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)-->C:\PROGRA~1\WinTV\UNSftMCE.EXE C:\PROGRA~1\WinTV\softMCE.LOG
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -I*.INF
Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD0E2B92-3814-46F0-893B-4612EA010C7E}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /I{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.30 E1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP QuickPlay 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP QuickTouch 1.00 C4-->MsiExec.exe /I{7DC4A410-9986-4329-9E5D-687B2C42CA39}
HP Smart Web Printing-->msiexec /i{082F8ABA-84D5-4837-9DFC-F365D91A07D4}
HP Total Care Advisor-->MsiExec.exe /X{b02df929-29a7-4fd2-9a70-81a644b635f7}
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HP User Guides 0087-->MsiExec.exe /I{4D49757C-367A-4333-BDB3-68966162B14E}
HP Wireless Assistant-->MsiExec.exe /I{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
LogonStudio Vista-->C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\LOGONS~1\INSTALL.LOG
Matrix Screen Locker-->MsiExec.exe /X{34B426CD-5758-4309-AA64-3CAA49A55237}
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSCU for Microsoft Vista-->MsiExec.exe /I{F7F3B252-E772-48AA-93EB-7964BC326067}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{250E9609-E830-43EB-B379-DAB7546A2422}\muveesetup.exe -removeonly -runfromtemp
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
Nero 8-->MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Norton 360 (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X
Norton 360 Help-->MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}
Norton 360-->MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360-->MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360-->MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Authentification Component-->MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
QuickPlay SlingPlayer 0.4.4-->"C:\Program Files\HP\QuickPlay\unins000.exe"
ratDVD 0.78.1444-->C:\Program Files\ratDVD\uninst.exe
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
SuppSoft-->MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}
Symantec Technical Support Controls-->MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Total Uninstall 4.9.1-->"C:\Program Files\Total Uninstall 4\unins000.exe"
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WeatherBug Gadget-->MsiExec.exe /I{209CDA54-D390-46A2-A97C-7BF61734418D}
Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{F1E17FB0-12BC-45D0-ABA3-287F2A1E3A1E}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Vista Upgrade Advisor-->MsiExec.exe /I{C6AA3FB7-804F-4808-AD91-B62D6ED9B788}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
X-Lite 3.0-->"C:\Program Files\CounterPath\X-Lite\unins000.exe"

Security center information

AV: Norton 360
FW: Kaspersky Anti-Hacker
FW: Norton 360
AS: Spyware Doctor (disabled)
AS: Windows Defender (disabled)
AS: Norton 360

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6802
"NUMBER_OF_PROCESSORS"=2
"PLATFORM"=MCD
"PCBRAND"=Pavilion
"OnlineServices"=Online Services
"USERPART"=E:

-----------------EOF-----------------


Thank you
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby Shaba » September 4th, 2008, 3:42 am

No, LimeWire is not uninstalled according to logs.

I find it pretty interesting that you claim you have uninstalled it because it is running at the time log is taken :roll:

If you think that you can fool me by just removing corresponding entry from uninstall list, you are very wrong.

Anyway, this is the next step:

Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code: Select all
    C:\Program Files\uTorrent
    C:\Users\RBrassea\AppData\Roaming\uTorrent
    C:\Users\RBrassea\AppData\Roaming\LimeWire
    C:\Program Files\LimeWire
    

  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Post:

- rsit logs
- otmoveit2 log
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby rbrassea13 » September 5th, 2008, 7:16 pm

I am sorry "Teacher", but you are the very wrong person here, I really appreciate your help and thank you, but before saying things and trying to be smart, please, ASK first. I DID ininstall it as soon as you told me to. I did, but for some reason, I can still find the folder in the start menu, but with blank icons, when I click on the uninstall blank icon, it says that the PC cannot find the uninstall. Ohh, I did NOT remove or configured the corresponding entry/entries.
Thank you anyways for the help...here are the logs:

OTMoveit2 Log:
C:\Program Files\uTorrent moved successfully.
C:\Users\RBrassea\AppData\Roaming\uTorrent moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\xml\schemas moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\xml\misc moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\xml\data moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\xml moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\themes\limewirePro_theme moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\themes moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\promotion moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\certificate moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\.NetworkShare moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire\.AppSpecialShare moved successfully.
C:\Users\RBrassea\AppData\Roaming\LimeWire moved successfully.
C:\Program Files\LimeWire\lib moved successfully.
C:\Program Files\LimeWire moved successfully.
File/Folder not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09052008_160458



RSIT log:


Logfile of random's system information tool (written by random/random)
Run by RBrassea at 2008-09-05 16:07:24
Microsoft® Windows Vista™ Home Premium
System drive C: has 91 GB (40%) free of 226 GB
Total RAM: 1982 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:07:40 PM, on 9/5/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\taskeng.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\RBrassea\Desktop\OTMoveIt2.exe
C:\WINDOWS\System32\notepad.exe
C:\Users\RBrassea\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\RBrassea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11712 bytes

Scheduled tasks folder

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\ParetoLogic Registration.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-02-19 97960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]
HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-02-19 609424]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-19 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-19 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-19 81920]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-17 218408]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-12-05 1006264]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-10 115816]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2006-11-02 2159104]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-03-31 507904]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-11-07 3739672]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

List of files/folders created in the last three months

2008-09-05 16:04:58 ----D---- C:\_OTMoveIt
2008-09-04 10:09:26 ----A---- C:\Windows\system32\imageres.dll
2008-09-03 11:04:51 ----D---- C:\rsit
2008-08-31 09:44:16 ----D---- C:\Program Files\Trend Micro
2008-08-30 10:12:33 ----D---- C:\Program Files\GPLGS
2008-08-28 14:08:46 ----A---- C:\Windows\system32\BASSMOD.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wups2.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wucltux.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuaueng.dll
2008-08-27 15:11:29 ----A---- C:\Windows\system32\wuauclt.exe
2008-08-27 15:11:01 ----A---- C:\Windows\system32\wups.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wudriver.dll
2008-08-27 15:11:00 ----A---- C:\Windows\system32\wuapi.dll
2008-08-27 15:10:35 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-27 15:10:34 ----A---- C:\Windows\system32\wuapp.exe
2008-08-26 20:12:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-08-26 20:09:57 ----SHD---- C:\Config.Msi
2008-08-26 20:02:52 ----D---- C:\ProgramData\Martau
2008-08-26 20:02:18 ----D---- C:\Program Files\Total Uninstall 4
2008-08-26 13:24:21 ----AD---- C:\ProgramData\TEMP
2008-08-26 13:24:12 ----D---- C:\Users\RBrassea\AppData\Roaming\PC Tools
2008-08-26 13:24:12 ----D---- C:\Program Files\Spyware Doctor
2008-08-26 10:23:58 ----A---- C:\rollback.ini
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic Anti-Virus PLUS
2008-08-26 10:19:42 ----D---- C:\ProgramData\ParetoLogic
2008-08-26 10:19:42 ----D---- C:\Program Files\Common Files\ParetoLogic
2008-08-26 10:13:30 ----D---- C:\ProgramData\Downloaded Installations
2008-08-25 15:12:23 ----D---- C:\Users\RBrassea\AppData\Roaming\FFSJ
2008-08-24 20:26:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Player Classic
2008-08-24 20:09:42 ----D---- C:\Program Files\ratDVD
2008-08-21 18:32:29 ----D---- C:\ProgramData\Messenger Plus!
2008-08-21 18:30:25 ----D---- C:\Program Files\Messenger Plus! Live
2008-08-20 09:36:34 ----D---- C:\Program Files\SystemRequirementsLab
2008-08-20 09:36:30 ----D---- C:\Users\RBrassea\AppData\Roaming\SystemRequirementsLab
2008-08-20 09:28:42 ----D---- C:\ProgramData\Microsoft Corporation
2008-08-20 09:27:22 ----D---- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-08-19 13:18:44 ----A---- C:\Windows\system32\javaws.exe
2008-08-19 13:18:38 ----A---- C:\Windows\system32\javaw.exe
2008-08-19 13:18:29 ----A---- C:\Windows\system32\java.exe
2008-08-19 10:19:42 ----D---- C:\Users\RBrassea\AppData\Roaming\DivX
2008-08-19 10:19:03 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-08-19 10:18:45 ----D---- C:\Program Files\DivX
2008-08-18 18:19:09 ----D---- C:\Users\RBrassea\AppData\Roaming\Ahead
2008-08-18 17:18:34 ----D---- C:\Program Files\DVD Decrypter
2008-08-18 13:54:49 ----D---- C:\Program Files\AC3Filter
2008-08-18 11:29:13 ----D---- C:\Users\RBrassea\AppData\Roaming\HP
2008-08-18 09:45:45 ----D---- C:\ProgramData\LightScribe
2008-08-18 01:38:07 ----D---- C:\ProgramData\Stardock
2008-08-18 01:38:04 ----A---- C:\Windows\system32\wbhelp2.dll
2008-08-18 01:38:03 ----D---- C:\Program Files\Stardock
2008-08-17 10:34:10 ----A---- C:\Windows\system32\es.dll
2008-08-17 02:03:20 ----A---- C:\Windows\ntbtlog.txt
2008-08-16 21:59:36 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-16 21:59:36 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-16 21:56:46 ----D---- C:\Program Files\Microsoft.NET
2008-08-16 21:48:29 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-08-16 21:40:52 ----RHD---- C:\MSOCache
2008-08-16 11:01:47 ----D---- C:\Program Files\BaroufaSoft
2008-08-16 08:00:05 ----D---- C:\Program Files\DIY DataRecovery DiskPatch
2008-08-16 03:54:22 ----A---- C:\Windows\system32\winipsec.dll
2008-08-16 03:54:22 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\polstore.dll
2008-08-16 03:54:21 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-08-16 03:52:59 ----A---- C:\Windows\system32\wtsapi32.dll
2008-08-16 03:52:55 ----A---- C:\Windows\explorer.exe
2008-08-16 03:52:54 ----A---- C:\Windows\system32\sysmain.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanhlp.dll
2008-08-16 03:52:50 ----A---- C:\Windows\system32\wlanapi.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansvc.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlansec.dll
2008-08-16 03:52:49 ----A---- C:\Windows\system32\wlanmsm.dll
2008-08-16 03:51:39 ----A---- C:\Windows\system32\WebClnt.dll
2008-08-16 03:48:14 ----A---- C:\Windows\system32\shell32.dll
2008-08-16 03:45:32 ----A---- C:\Windows\system32\tzres.dll
2008-08-16 03:37:19 ----A---- C:\Windows\system32\wmploc.DLL
2008-08-16 03:37:18 ----A---- C:\Windows\system32\wmp.dll
2008-08-16 03:37:17 ----A---- C:\Windows\system32\spwmp.dll
2008-08-16 03:37:15 ----A---- C:\Windows\system32\dxmasf.dll
2008-08-16 03:37:13 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-08-16 03:35:07 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hcrstco.dll
2008-08-16 03:34:13 ----A---- C:\Windows\system32\hccoin.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netiougc.exe
2008-08-16 03:33:23 ----A---- C:\Windows\system32\netcfg.exe
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-08-16 03:32:23 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-08-16 03:32:22 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-08-16 03:32:21 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-08-16 03:32:20 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-08-16 03:32:19 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-08-16 03:32:18 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-08-16 03:32:17 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-08-16 03:32:16 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-08-16 03:32:15 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-08-16 03:32:14 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-08-16 03:32:13 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-08-16 03:32:12 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-08-16 03:32:11 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-08-16 03:32:10 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-08-16 03:32:09 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-08-16 03:32:08 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-08-16 03:32:07 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-08-16 03:32:06 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-08-16 03:32:05 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-08-16 03:32:04 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-08-16 03:32:03 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-08-16 03:32:02 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0046.dll
2008-08-16 03:32:01 ----A---- C:\Windows\system32\NlsData0045.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0049.dll
2008-08-16 03:32:00 ----A---- C:\Windows\system32\NlsData0047.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0039.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0021.dll
2008-08-16 03:31:59 ----A---- C:\Windows\system32\NlsData0020.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0024.dll
2008-08-16 03:31:58 ----A---- C:\Windows\system32\NlsData0022.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0027.dll
2008-08-16 03:31:57 ----A---- C:\Windows\system32\NlsData0026.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0013.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0011.dll
2008-08-16 03:31:56 ----A---- C:\Windows\system32\NlsData0010.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0018.dll
2008-08-16 03:31:55 ----A---- C:\Windows\system32\NlsData0000.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0019.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0002.dll
2008-08-16 03:31:54 ----A---- C:\Windows\system32\NlsData0001.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0009.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0007.dll
2008-08-16 03:31:53 ----A---- C:\Windows\system32\NlsData0003.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004b.dll
2008-08-16 03:31:52 ----A---- C:\Windows\system32\NlsData004a.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004e.dll
2008-08-16 03:31:51 ----A---- C:\Windows\system32\NlsData004c.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData003e.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData002a.dll
2008-08-16 03:31:50 ----A---- C:\Windows\system32\NlsData001a.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001d.dll
2008-08-16 03:31:49 ----A---- C:\Windows\system32\NlsData001b.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000c.dll
2008-08-16 03:31:48 ----A---- C:\Windows\system32\NlsData000a.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000f.dll
2008-08-16 03:31:47 ----A---- C:\Windows\system32\NlsData000d.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0416.dll
2008-08-16 03:31:46 ----A---- C:\Windows\system32\NlsData0414.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NlsData0816.dll
2008-08-16 03:31:45 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-08-16 03:31:44 ----A---- C:\Windows\system32\NlsData081a.dll
2008-08-16 03:31:43 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-08-16 03:27:34 ----A---- C:\Windows\system32\advpack.dll
2008-08-16 03:27:33 ----A---- C:\Windows\system32\ieapfltr.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\wininet.dll
2008-08-16 03:27:32 ----A---- C:\Windows\system32\jsproxy.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtrans.dll
2008-08-16 03:27:30 ----A---- C:\Windows\system32\dxtmsft.dll
2008-08-16 03:27:28 ----A---- C:\Windows\system32\ieui.dll
2008-08-16 03:27:26 ----A---- C:\Windows\system32\ieframe.dll
2008-08-16 03:27:23 ----A---- C:\Windows\system32\mshtmled.dll
2008-08-16 03:27:21 ----A---- C:\Windows\system32\mshtml.dll
2008-08-16 03:27:17 ----A---- C:\Windows\system32\mstime.dll
2008-08-16 03:27:16 ----A---- C:\Windows\system32\icardie.dll
2008-08-16 03:27:12 ----A---- C:\Windows\system32\ieUnatt.exe
2008-08-16 03:27:10 ----A---- C:\Windows\system32\urlmon.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\pngfilt.dll
2008-08-16 03:27:09 ----A---- C:\Windows\system32\ie4uinit.exe
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iesetup.dll
2008-08-16 03:27:08 ----A---- C:\Windows\system32\iernonce.dll
2008-08-16 03:23:54 ----A---- C:\Windows\system32\setupapi.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srdelayed.exe
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srcore.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\srclient.dll
2008-08-16 03:23:05 ----A---- C:\Windows\system32\rstrui.exe
2008-08-16 03:23:04 ----A---- C:\Windows\system32\wpd_ci.dll
2008-08-16 03:23:04 ----A---- C:\Windows\system32\kd1394.dll
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winresume.exe
2008-08-16 03:23:03 ----A---- C:\Windows\system32\winload.exe
2008-08-16 03:23:02 ----A---- C:\Windows\system32\ci.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-08-16 03:23:01 ----A---- C:\Windows\system32\drvinst.exe
2008-08-16 03:23:01 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\oleaut32.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\nshhttp.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\kbd106n.dll
2008-08-16 03:23:00 ----A---- C:\Windows\system32\dpx.dll
2008-08-16 03:22:59 ----A---- C:\Windows\system32\unlodctr.exe
2008-08-16 03:22:59 ----A---- C:\Windows\system32\lodctr.exe
2008-08-16 03:22:58 ----A---- C:\Windows\system32\prflbmsg.dll
2008-08-16 03:22:58 ----A---- C:\Windows\system32\loadperf.dll
2008-08-16 03:22:57 ----A---- C:\Windows\system32\schedsvc.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\dispci.dll
2008-08-16 03:22:55 ----A---- C:\Windows\system32\batt.dll
2008-08-16 03:19:58 ----A---- C:\Windows\system32\WMASF.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\LAPRXY.DLL
2008-08-16 03:19:58 ----A---- C:\Windows\system32\asferror.dll
2008-08-16 03:19:40 ----A---- C:\Windows\system32\gdi32.dll
2008-08-16 03:18:44 ----A---- C:\Windows\system32\wshrm.dll
2008-08-16 03:18:12 ----A---- C:\Windows\system32\sbunattend.exe
2008-08-16 03:16:43 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-08-16 03:16:43 ----A---- C:\Windows\system32\gameux.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-08-16 03:16:07 ----A---- C:\Windows\system32\dnsapi.dll
2008-08-16 03:15:35 ----A---- C:\Windows\system32\rpcrt4.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\INETRES.dll
2008-08-16 03:15:16 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-16 03:14:48 ----A---- C:\Windows\system32\quartz.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\mcmde.dll
2008-08-16 03:14:06 ----A---- C:\Windows\system32\EncDec.dll
2008-08-16 03:14:04 ----A---- C:\Windows\system32\psisdecd.dll
2008-08-16 03:13:26 ----D---- C:\Program Files\MSXML 4.0
2008-08-15 19:11:33 ----D---- C:\cygdrive
2008-08-15 17:02:52 ----D---- C:\Users\RBrassea\AppData\Roaming\CyberLink
2008-08-15 16:59:20 ----D---- C:\Users\RBrassea\AppData\Roaming\dvdcss
2008-08-15 16:23:32 ----D---- C:\Program Files\Common Files\Intel
2008-08-15 16:23:30 ----D---- C:\Program Files\CounterPath
2008-08-15 14:49:14 ----D---- C:\Users\RBrassea\AppData\Roaming\Symantec
2008-08-15 11:40:37 ----D---- C:\ProgramData\OrbNetworks
2008-08-15 11:40:34 ----D---- C:\Program Files\Winamp Remote
2008-08-15 11:39:50 ----N---- C:\Windows\system32\pxcpya64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxinsa64.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxhpinst.exe
2008-08-15 11:39:49 ----N---- C:\Windows\system32\pxafs.dll
2008-08-15 11:39:46 ----N---- C:\Windows\system32\pxsfs.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\vxblock.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxwave.dll
2008-08-15 11:39:45 ----N---- C:\Windows\system32\pxdrv.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\pxmas.dll
2008-08-15 11:39:44 ----N---- C:\Windows\system32\px.dll
2008-08-15 11:39:41 ----D---- C:\Users\RBrassea\AppData\Roaming\Winamp
2008-08-15 11:39:41 ----D---- C:\Program Files\Winamp
2008-08-15 11:35:19 ----D---- C:\Users\RBrassea\AppData\Roaming\vlc
2008-08-15 11:34:32 ----D---- C:\Program Files\VideoLAN
2008-08-15 11:18:11 ----A---- C:\NBDBList.ini
2008-08-15 10:45:49 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-15 10:45:27 ----D---- C:\Program Files\Windows Live
2008-08-15 10:44:54 ----D---- C:\ProgramData\WLInstaller
2008-08-15 10:30:17 ----D---- C:\Program Files\NeroInstall.bak
2008-08-15 10:26:52 ----D---- C:\Users\RBrassea\AppData\Roaming\Nero
2008-08-15 10:26:18 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-08-15 10:21:31 ----D---- C:\ProgramData\Nero
2008-08-15 10:21:31 ----D---- C:\Program Files\Nero
2008-08-15 10:21:30 ----D---- C:\Program Files\Common Files\Nero
2008-08-15 10:10:24 ----A---- C:\Windows\system32\SymNPPWA.dll
2008-08-15 09:54:52 ----A---- C:\Windows\system32\cpwmon2k.dll
2008-08-15 09:54:51 ----D---- C:\Program Files\Acro Software
2008-08-15 09:52:13 ----D---- C:\Users\RBrassea\AppData\Roaming\TuneUp Software
2008-08-15 09:52:02 ----A---- C:\Windows\system32\TuneUpDefragService.exe
2008-08-15 09:51:54 ----A---- C:\Windows\system32\uxtuneup.dll
2008-08-15 09:51:39 ----D---- C:\ProgramData\TuneUp Software
2008-08-15 09:51:05 ----D---- C:\Program Files\TuneUp Utilities 2008
2008-08-15 09:50:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-15 09:37:24 ----D---- C:\Program Files\Norton 360
2008-08-15 09:35:35 ----D---- C:\Program Files\Symantec
2008-08-15 09:35:29 ----D---- C:\ProgramData\Symantec
2008-08-15 09:28:32 ----D---- C:\Users\RBrassea\AppData\Roaming\Mozilla
2008-08-15 09:27:54 ----D---- C:\Program Files\Mozilla Firefox
2008-08-14 23:20:53 ----D---- C:\Users\RBrassea\AppData\Roaming\Adobe
2008-08-14 23:03:11 ----D---- C:\Users\RBrassea\AppData\Roaming\Megaupload
2008-08-14 23:03:04 ----D---- C:\Users\RBrassea\AppData\Roaming\Yahoo!
2008-08-14 23:03:04 ----D---- C:\ProgramData\Megaupload
2008-08-14 23:03:03 ----D---- C:\Users\RBrassea\AppData\Roaming\MegauploadToolbar
2008-08-14 23:03:03 ----D---- C:\ProgramData\EmailNotifier
2008-08-14 23:03:03 ----D---- C:\Program Files\MegauploadToolbar
2008-08-14 23:02:53 ----D---- C:\Program Files\Megaupload
2008-08-14 22:46:57 ----D---- C:\Users\RBrassea\AppData\Roaming\WinRAR
2008-08-14 22:43:33 ----D---- C:\Program Files\WinRar
2008-08-14 22:14:04 ----D---- C:\Program Files\Alcohol Soft
2008-08-14 21:52:58 ----D---- C:\Users\RBrassea\AppData\Roaming\Identities
2008-08-14 21:50:28 ----D---- C:\Users\RBrassea\AppData\Roaming\Macromedia
2008-08-14 21:49:59 ----D---- C:\Users\RBrassea\AppData\Roaming\Hewlett-Packard
2008-08-14 21:48:18 ----D---- C:\ProgramData\Electronic Arts
2008-08-14 21:43:36 ----D---- C:\Program Files\Electronic Arts
2008-08-14 21:43:20 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-08-14 21:43:19 ----A---- C:\Windows\system32\xinput1_2.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xinput1_1.dll
2008-08-14 21:43:18 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-08-14 21:43:17 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-08-14 21:43:09 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-08-14 21:43:08 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-08-14 21:43:07 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-08-14 21:43:06 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-08-14 21:43:05 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-08-14 21:43:04 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-08-14 21:43:03 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-08-14 21:41:30 ----D---- C:\Program Files\Common Files\LightScribe
2008-08-14 21:39:31 ----D---- C:\Program Files\Broadcom
2008-08-14 21:39:15 ----D---- C:\Users\RBrassea\AppData\Roaming\InstallShield
2008-08-14 21:38:18 ----SD---- C:\Users\RBrassea\AppData\Roaming\Microsoft
2008-08-14 21:38:18 ----D---- C:\Users\RBrassea\AppData\Roaming\Media Center Programs
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Templates
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Start Menu
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Favorites
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Documents
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Desktop
2008-08-14 21:33:52 ----SHD---- C:\ProgramData\Application Data
2008-08-14 21:33:52 ----SHD---- C:\Documents and Settings
2008-08-14 21:31:46 ----SHD---- C:\System Volume Information
2008-07-25 01:36:00 ----A---- C:\Windows\system32\DivXsm.exe
2008-07-25 01:34:54 ----A---- C:\Windows\system32\dpl100.dll
2008-07-25 01:34:52 ----A---- C:\Windows\system32\dtu100.dll
2008-07-25 01:34:50 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpv11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpus11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu11.dll
2008-07-25 01:34:46 ----A---- C:\Windows\system32\dpu10.dll
2008-07-25 01:34:42 ----A---- C:\Windows\system32\divx_xx07.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx11.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-07-25 01:34:40 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-07-25 01:34:36 ----A---- C:\Windows\system32\DivX.dll
2008-07-25 01:34:30 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-07-23 09:50:52 ----A---- C:\Windows\system32\qt-dx331.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\ssldivx.dll
2008-07-23 09:48:40 ----A---- C:\Windows\system32\libdivx.dll
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-07-23 09:47:34 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-07-23 09:46:38 ----A---- C:\Windows\system32\DivXWMPExtType.dll

List of drivers

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-08-18 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080829.001\IDSvix86.sys [2008-07-16 261680]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2007-04-14 418104]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\system32\System32\Drivers\SYMTDI.SYS []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 8704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-08-16 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-02 99376]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-20 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-20 208896]
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVENG.SYS [2008-08-20 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080903.003\NAVEX15.SYS [2008-08-20 873552]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-19 7626400]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-12-05 82432]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\system32\System32\Drivers\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-08-15 123952]
R3 SYMFW;SYMFW; C:\Windows\system32\System32\Drivers\SYMFW.SYS []
R3 SYMIDS;SYMIDS; C:\Windows\system32\System32\Drivers\SYMIDS.SYS []
R3 SYMNDISV;SYMNDISV; C:\Windows\system32\System32\Drivers\SYMNDISV.SYS []
R3 SYMREDRV;SYMREDRV; C:\Windows\system32\System32\Drivers\SYMREDRV.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2007-12-05 132864]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-20 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-08-16 11264]
S3 a0kpnqyi;a0kpnqyi; C:\Windows\system32\drivers\a0kpnqyi.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-14 691192]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-18 1380864]
S3 IKFileSec;File Security Driver; C:\Windows\system32\system32\drivers\ikfilesec.sys []
S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]

List of services

R2 ccEvtMgr;ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-09-30 271760]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-09-30 112016]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-07-10 386560]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-08-15 1251720]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-11-07 98840]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-13 49248]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-23 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008]
S3 Symantec RemoteAssist;Symantec RemoteAssist; C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe [2008-01-29 394704]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-08-15 306432]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------
rbrassea13
Banned Member
 
Posts: 8
Joined: August 31st, 2008, 12:51 pm

Re: Hijack log, I may have Trojan, keylogger,etc. Please help.

Unread postby Shaba » September 6th, 2008, 4:41 am

Program can't be uninstalled if it's running.

Also all folders were there as well.

Due to disrespect shown against staff member this topic is closed.

If you feel that you still need help, please start a new topic.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 58 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware