http://malwareremoval.com/forum/viewtopic.php?f=12&t=34413&start=0&st=0&sk=t&sd=a
I have scanned my computer with blacklight,ESET and RSIT, the logs are below and I have also included some logs of my AVG scans which turned up two infections. I completed the Blacklight,ESET and RSIT scans after the second infection was discovered by AVG Anti-Virus 8.
I'm not sure how serious these infections are and what else I need to do as all the other scans turned up o.k I think, once again any feedback would be most appreciated.
f-secure Blacklight log:
09/28/08 09:50:59 [Info]: BlackLight Engine 1.0.70 initialized
09/28/08 09:50:59 [Info]: OS: 6.0 build 6000 ()
09/28/08 09:50:59 [Note]: 7019 4
09/28/08 09:50:59 [Note]: 7005 0
09/28/08 09:51:03 [Note]: 7006 0
09/28/08 09:51:03 [Note]: 7027 0
09/28/08 09:51:03 [Note]: 7035 0
09/28/08 09:51:03 [Note]: 7026 0
09/28/08 09:51:04 [Note]: 7026 0
09/28/08 09:51:08 [Note]: FSRAW library version 1.7.1024
09/28/08 09:57:46 [Note]: 7007 0
ESET log:
# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3477 (20080927)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=4aded9dd60125e45bdccc9e80fe88dd3
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2008-09-28 04:36:53
# local_time=2008-09-28 12:36:53 (+0800, W. Australia Standard Time)
# country="Australia"
# osver=6.0.6000 NT
# scanned=1006954
# found=0
# scan_time=8566
RSIT log:
Logfile of random's system information tool 1.02 (written by random/random)
Run by JB HIFI at 2008-09-28 13:13:40
Microsoft® Windows Vista™ Home Premium
System drive C: has 19 GB (29%) free of 66 GB
Total RAM: 1023 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:15:48 PM, on 28/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\EZVCR\Agent.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Users\JB HIFI\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\JB HIFI.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.live.com/login.srf?wa=wsig ... e&id=64855
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [EzAgent] C:\Program Files\ASUS\EZVCR\Agent.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\SetPoint.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: MultiFrame.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Fac ... oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resourc ... den-au.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
--
End of file - 10345 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{8175C67A-FD44-4BA9-881F-8087C2F75D66}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-09-17 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-08-14 1562448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-09-17 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-07-30 2193280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-07-30 2193280]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-09-17 2055960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-09-17 1006264]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-10-09 729088]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-03 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2005-01-12 32768]
"EzAgent"=C:\Program Files\ASUS\EZVCR\Agent.exe [2006-07-26 122880]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-10 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-10 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-10 81920]
"SetPoint"=C:\Program Files\Logitech\SetPoint\SetPoint.EXE [2005-03-31 434176]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-23 663552]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-09-17 1235736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-09-17 1232896]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
MultiFrame.lnk - C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{baf2d43c-62ba-11dd-9dc5-0018f33aeb68}]
shell\AutoRun\command - wd_windows_tools\WDSetup.exe
======File associations======
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 3 months======
2008-09-28 13:13:40 ----D---- C:\rsit
2008-09-28 10:11:46 ----D---- C:\Program Files\EsetOnlineScanner
2008-09-28 09:07:04 ----D---- C:\Program Files\Belarc
2008-09-18 19:12:55 ----SHD---- C:\Config.Msi
2008-09-18 08:05:11 ----HD---- C:\$AVG8.VAULT$
2008-09-17 17:23:34 ----A---- C:\Windows\system32\avgrsstx.dll
2008-09-17 17:22:59 ----D---- C:\Program Files\AVG
2008-09-17 17:22:58 ----D---- C:\ProgramData\avg8
2008-09-17 16:50:44 ----A---- C:\Windows\system32\winipsec.dll
2008-09-17 16:50:44 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-09-17 16:50:43 ----A---- C:\Windows\system32\polstore.dll
2008-09-17 16:50:43 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-09-17 16:49:02 ----A---- C:\Windows\system32\riched32.dll
2008-09-17 16:49:02 ----A---- C:\Windows\system32\riched20.dll
2008-09-17 16:48:57 ----A---- C:\Windows\system32\rasser.dll
2008-09-17 16:48:57 ----A---- C:\Windows\system32\rasdiag.dll
2008-09-17 16:48:57 ----A---- C:\Windows\system32\rascfg.dll
2008-09-17 16:48:56 ----A---- C:\Windows\system32\rasmxs.dll
2008-09-17 16:48:55 ----A---- C:\Windows\system32\netcfgx.dll
2008-09-17 16:48:55 ----A---- C:\Windows\system32\msftedit.dll
2008-09-17 16:48:53 ----A---- C:\Windows\system32\ipnathlp.dll
2008-09-17 16:48:53 ----A---- C:\Windows\system32\icsunattend.exe
2008-09-17 16:48:51 ----A---- C:\Windows\system32\wshqos.dll
2008-09-17 16:48:51 ----A---- C:\Windows\system32\traffic.dll
2008-09-17 16:48:50 ----A---- C:\Windows\system32\pacerprf.dll
2008-09-17 16:48:50 ----A---- C:\Windows\system32\localspl.dll
2008-09-17 16:48:49 ----A---- C:\Windows\system32\cdd.dll
2008-09-17 16:48:48 ----A---- C:\Windows\system32\dps.dll
2008-09-17 16:47:14 ----A---- C:\Windows\system32\wtsapi32.dll
2008-09-17 16:47:11 ----A---- C:\Windows\explorer.exe
2008-09-17 16:47:09 ----A---- C:\Windows\system32\sysmain.dll
2008-09-17 16:47:07 ----A---- C:\Windows\system32\wlansvc.dll
2008-09-17 16:47:07 ----A---- C:\Windows\system32\wlansec.dll
2008-09-17 16:47:07 ----A---- C:\Windows\system32\wlanmsm.dll
2008-09-17 16:47:07 ----A---- C:\Windows\system32\wlanhlp.dll
2008-09-17 16:47:07 ----A---- C:\Windows\system32\wlanapi.dll
2008-09-17 16:46:05 ----A---- C:\Windows\system32\WebClnt.dll
2008-09-17 16:43:43 ----A---- C:\Windows\system32\shell32.dll
2008-09-17 16:35:54 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-09-17 16:35:53 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-09-17 16:35:53 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-09-17 16:35:53 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-09-17 16:35:52 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-09-17 16:35:52 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-09-17 16:35:51 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-09-17 16:35:51 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-09-17 16:35:50 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-09-17 16:35:49 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-09-17 16:35:48 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-09-17 16:35:47 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-09-17 16:35:47 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-09-17 16:35:46 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-09-17 16:35:45 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-09-17 16:35:45 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-09-17 16:35:43 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-09-17 16:35:43 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-09-17 16:35:42 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-09-17 16:35:41 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-09-17 16:35:41 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-09-17 16:35:41 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-09-17 16:35:40 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-09-17 16:35:39 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-09-17 16:35:39 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-09-17 16:35:38 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-09-17 16:35:38 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-09-17 16:35:37 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-09-17 16:35:36 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-09-17 16:35:35 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-09-17 16:35:34 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-09-17 16:35:33 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-09-17 16:35:33 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-09-17 16:35:32 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-09-17 16:35:32 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-09-17 16:35:31 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-09-17 16:35:31 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-09-17 16:35:30 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-09-17 16:35:29 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-09-17 16:35:28 ----A---- C:\Windows\system32\NlsData0047.dll
2008-09-17 16:35:28 ----A---- C:\Windows\system32\NlsData0046.dll
2008-09-17 16:35:28 ----A---- C:\Windows\system32\NlsData0045.dll
2008-09-17 16:35:27 ----A---- C:\Windows\system32\NlsData0049.dll
2008-09-17 16:35:27 ----A---- C:\Windows\system32\NlsData0039.dll
2008-09-17 16:35:26 ----A---- C:\Windows\system32\NlsData0021.dll
2008-09-17 16:35:26 ----A---- C:\Windows\system32\NlsData0020.dll
2008-09-17 16:35:25 ----A---- C:\Windows\system32\NlsData0024.dll
2008-09-17 16:35:25 ----A---- C:\Windows\system32\NlsData0022.dll
2008-09-17 16:35:24 ----A---- C:\Windows\system32\NlsData0027.dll
2008-09-17 16:35:24 ----A---- C:\Windows\system32\NlsData0026.dll
2008-09-17 16:35:23 ----A---- C:\Windows\system32\NlsData0011.dll
2008-09-17 16:35:23 ----A---- C:\Windows\system32\NlsData0010.dll
2008-09-17 16:35:22 ----A---- C:\Windows\system32\NlsData0018.dll
2008-09-17 16:35:22 ----A---- C:\Windows\system32\NlsData0013.dll
2008-09-17 16:35:21 ----A---- C:\Windows\system32\NlsData0019.dll
2008-09-17 16:35:21 ----A---- C:\Windows\system32\NlsData0000.dll
2008-09-17 16:35:20 ----A---- C:\Windows\system32\NlsData0003.dll
2008-09-17 16:35:20 ----A---- C:\Windows\system32\NlsData0002.dll
2008-09-17 16:35:20 ----A---- C:\Windows\system32\NlsData0001.dll
2008-09-17 16:35:19 ----A---- C:\Windows\system32\NlsData0007.dll
2008-09-17 16:35:18 ----A---- C:\Windows\system32\NlsData004a.dll
2008-09-17 16:35:18 ----A---- C:\Windows\system32\NlsData0009.dll
2008-09-17 16:35:17 ----A---- C:\Windows\system32\NlsData004c.dll
2008-09-17 16:35:17 ----A---- C:\Windows\system32\NlsData004b.dll
2008-09-17 16:35:16 ----A---- C:\Windows\system32\NlsData004e.dll
2008-09-17 16:35:16 ----A---- C:\Windows\system32\NlsData003e.dll
2008-09-17 16:35:15 ----A---- C:\Windows\system32\NlsData002a.dll
2008-09-17 16:35:15 ----A---- C:\Windows\system32\NlsData001b.dll
2008-09-17 16:35:15 ----A---- C:\Windows\system32\NlsData001a.dll
2008-09-17 16:35:14 ----A---- C:\Windows\system32\NlsData001d.dll
2008-09-17 16:35:13 ----A---- C:\Windows\system32\NlsData000a.dll
2008-09-17 16:35:12 ----A---- C:\Windows\system32\NlsData000d.dll
2008-09-17 16:35:12 ----A---- C:\Windows\system32\NlsData000c.dll
2008-09-17 16:35:11 ----A---- C:\Windows\system32\NlsData0414.dll
2008-09-17 16:35:11 ----A---- C:\Windows\system32\NlsData000f.dll
2008-09-17 16:35:10 ----A---- C:\Windows\system32\NlsData0416.dll
2008-09-17 16:35:10 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-09-17 16:35:09 ----A---- C:\Windows\system32\NlsData081a.dll
2008-09-17 16:35:09 ----A---- C:\Windows\system32\NlsData0816.dll
2008-09-17 16:35:08 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-09-17 16:35:08 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-09-17 16:31:07 ----A---- C:\Windows\system32\ieapfltr.dll
2008-09-17 16:31:07 ----A---- C:\Windows\system32\advpack.dll
2008-09-17 16:31:06 ----A---- C:\Windows\system32\wininet.dll
2008-09-17 16:31:05 ----A---- C:\Windows\system32\jsproxy.dll
2008-09-17 16:31:04 ----A---- C:\Windows\system32\dxtrans.dll
2008-09-17 16:31:04 ----A---- C:\Windows\system32\dxtmsft.dll
2008-09-17 16:31:02 ----A---- C:\Windows\system32\ieui.dll
2008-09-17 16:31:01 ----A---- C:\Windows\system32\ieframe.dll
2008-09-17 16:30:57 ----A---- C:\Windows\system32\mshtmled.dll
2008-09-17 16:30:56 ----A---- C:\Windows\system32\mshtml.dll
2008-09-17 16:30:52 ----A---- C:\Windows\system32\mstime.dll
2008-09-17 16:30:52 ----A---- C:\Windows\system32\icardie.dll
2008-09-17 16:30:48 ----A---- C:\Windows\system32\ieUnatt.exe
2008-09-17 16:30:46 ----A---- C:\Windows\system32\urlmon.dll
2008-09-17 16:30:45 ----A---- C:\Windows\system32\pngfilt.dll
2008-09-17 16:30:45 ----A---- C:\Windows\system32\ie4uinit.exe
2008-09-17 16:30:44 ----A---- C:\Windows\system32\iesetup.dll
2008-09-17 16:30:44 ----A---- C:\Windows\system32\iernonce.dll
2008-09-17 16:29:11 ----A---- C:\Windows\system32\fsquirt.exe
2008-09-17 16:28:09 ----A---- C:\Windows\system32\setupapi.dll
2008-09-17 16:27:28 ----A---- C:\Windows\system32\srdelayed.exe
2008-09-17 16:27:28 ----A---- C:\Windows\system32\srcore.dll
2008-09-17 16:27:28 ----A---- C:\Windows\system32\srclient.dll
2008-09-17 16:27:28 ----A---- C:\Windows\system32\rstrui.exe
2008-09-17 16:27:26 ----A---- C:\Windows\system32\wpd_ci.dll
2008-09-17 16:27:25 ----A---- C:\Windows\system32\winresume.exe
2008-09-17 16:27:25 ----A---- C:\Windows\system32\winload.exe
2008-09-17 16:27:25 ----A---- C:\Windows\system32\kd1394.dll
2008-09-17 16:27:23 ----A---- C:\Windows\system32\ci.dll
2008-09-17 16:27:23 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-09-17 16:27:22 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-09-17 16:27:22 ----A---- C:\Windows\system32\drvinst.exe
2008-09-17 16:27:21 ----A---- C:\Windows\system32\nshhttp.dll
2008-09-17 16:27:21 ----A---- C:\Windows\system32\kbd106n.dll
2008-09-17 16:27:21 ----A---- C:\Windows\system32\dpx.dll
2008-09-17 16:27:20 ----A---- C:\Windows\system32\oleaut32.dll
2008-09-17 16:27:19 ----A---- C:\Windows\system32\unlodctr.exe
2008-09-17 16:27:19 ----A---- C:\Windows\system32\prflbmsg.dll
2008-09-17 16:27:19 ----A---- C:\Windows\system32\lodctr.exe
2008-09-17 16:27:19 ----A---- C:\Windows\system32\loadperf.dll
2008-09-17 16:27:16 ----A---- C:\Windows\system32\schedsvc.dll
2008-09-17 16:27:15 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-09-17 16:27:14 ----A---- C:\Windows\system32\dispci.dll
2008-09-17 16:27:14 ----A---- C:\Windows\system32\batt.dll
2008-09-17 16:22:43 ----A---- C:\Windows\system32\schannel.dll
2008-09-17 16:22:42 ----A---- C:\Windows\system32\ntprint.exe
2008-09-17 16:22:42 ----A---- C:\Windows\system32\ntprint.dll
2008-09-17 16:22:38 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2008-09-17 16:22:38 ----A---- C:\Windows\system32\dhcpcsvc.dll
2008-09-17 16:22:38 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2008-09-17 16:22:37 ----A---- C:\Windows\system32\authui.dll
2008-09-17 16:22:35 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-09-17 16:22:34 ----A---- C:\Windows\system32\msvfw32.dll
2008-09-17 16:22:34 ----A---- C:\Windows\system32\mciavi32.dll
2008-09-17 16:22:34 ----A---- C:\Windows\system32\avicap32.dll
2008-09-17 16:22:33 ----A---- C:\Windows\system32\msvidc32.dll
2008-09-17 16:22:33 ----A---- C:\Windows\system32\msrle32.dll
2008-09-17 16:22:33 ----A---- C:\Windows\system32\avifil32.dll
2008-09-17 16:22:32 ----A---- C:\Windows\system32\sendmail.dll
2008-09-17 15:59:36 ----A---- C:\Windows\system32\mcmde.dll
2008-09-17 15:59:35 ----A---- C:\Windows\system32\EncDec.dll
2008-09-17 15:59:34 ----A---- C:\Windows\system32\psisdecd.dll
2008-09-17 14:51:50 ----A---- C:\Windows\system32\tzres.dll
2008-09-17 14:48:15 ----A---- C:\Windows\system32\wmploc.DLL
2008-09-17 14:48:14 ----A---- C:\Windows\system32\wmp.dll
2008-09-17 14:48:13 ----A---- C:\Windows\system32\spwmp.dll
2008-09-17 14:48:12 ----A---- C:\Windows\system32\dxmasf.dll
2008-09-17 14:48:11 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-09-17 14:47:26 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-09-17 14:47:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-09-17 14:46:15 ----A---- C:\Windows\system32\netcfg.exe
2008-09-17 14:46:14 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-09-17 14:46:14 ----A---- C:\Windows\system32\netiougc.exe
2008-09-17 14:44:18 ----A---- C:\Windows\system32\SLC.dll
2008-09-17 14:44:17 ----A---- C:\Windows\system32\slwmi.dll
2008-09-17 14:44:17 ----A---- C:\Windows\system32\mcbuilder.exe
2008-09-17 14:44:15 ----A---- C:\Windows\system32\SLUI.exe
2008-09-17 14:44:15 ----A---- C:\Windows\system32\SLCommDlg.dll
2008-09-17 14:44:14 ----A---- C:\Windows\system32\SLUINotify.dll
2008-09-17 14:44:14 ----A---- C:\Windows\system32\SLLUA.exe
2008-09-17 14:44:13 ----A---- C:\Windows\system32\SLsvc.exe
2008-09-17 14:44:12 ----A---- C:\Windows\system32\slcinst.dll
2008-09-17 14:43:34 ----A---- C:\Windows\system32\sbunattend.exe
2008-09-16 20:06:12 ----A---- C:\Windows\system32\LAPRXY.DLL
2008-09-16 20:06:11 ----A---- C:\Windows\system32\WMASF.DLL
2008-09-16 20:06:11 ----A---- C:\Windows\system32\asferror.dll
2008-09-16 20:05:56 ----A---- C:\Windows\system32\gdi32.dll
2008-09-16 20:05:12 ----A---- C:\Windows\system32\wshrm.dll
2008-09-16 19:06:48 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-09-16 19:06:47 ----A---- C:\Windows\system32\gameux.dll
2008-09-16 19:06:18 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-09-16 19:06:18 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-09-16 19:06:18 ----A---- C:\Windows\system32\dnsapi.dll
2008-09-16 19:05:38 ----A---- C:\Windows\system32\rpcrt4.dll
2008-09-16 19:05:23 ----A---- C:\Windows\system32\INETRES.dll
2008-09-16 19:05:23 ----A---- C:\Windows\system32\inetcomm.dll
2008-09-16 19:05:02 ----A---- C:\Windows\system32\quartz.dll
2008-09-16 19:04:45 ----A---- C:\Windows\system32\crypt32.dll
2008-09-16 19:04:31 ----A---- C:\Windows\system32\poqexec.exe
2008-09-05 19:04:14 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-08-13 23:35:10 ----D---- C:\Users\JB HIFI\AppData\Roaming\uTorrent
2008-08-06 19:47:08 ----D---- C:\Users\JB HIFI\AppData\Roaming\ICAClient
2008-08-06 19:27:16 ----D---- C:\Windows\system32\Resource
2008-08-06 19:27:12 ----D---- C:\Program Files\Citrix
2008-08-06 14:50:00 ----RD---- C:\Users\JB HIFI\AppData\Roaming\Brother
2008-08-05 15:12:40 ----D---- C:\Program Files\Western Digital Technologies
2008-08-01 09:33:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-31 12:00:09 ----D---- C:\etax2008
2008-07-30 14:33:20 ----A---- C:\Windows\system32\javaws.exe
2008-07-30 14:33:20 ----A---- C:\Windows\system32\javaw.exe
2008-07-30 14:33:20 ----A---- C:\Windows\system32\java.exe
2008-07-07 09:49:06 ----D---- C:\Users\JB HIFI\AppData\Roaming\PC-FAX TX
2008-07-05 15:48:41 ----A---- C:\Windows\BRWMARK.INI
2008-07-05 15:48:41 ----A---- C:\Windows\BRPP2KA.INI
2008-07-05 15:43:58 ----A---- C:\Windows\Brpfx04a.ini
2008-07-05 15:43:58 ----A---- C:\Windows\brpcfx.ini
2008-07-05 15:41:52 ----A---- C:\Windows\system32\brinsstr.dll
2008-07-05 15:41:36 ----R---- C:\Windows\system32\BrDctF2S.dll
2008-07-05 15:41:36 ----R---- C:\Windows\system32\BrDctF2L.dll
2008-07-05 15:41:36 ----R---- C:\Windows\system32\BrDctF2.dll
2008-07-05 15:41:33 ----N---- C:\Windows\system32\BroSNMP.dll
2008-07-05 15:41:14 ----N---- C:\Windows\system32\BrWiaNCp.dll
2008-07-05 15:41:13 ----N---- C:\Windows\system32\Brnsplg.dll
2008-07-05 15:41:13 ----N---- C:\Windows\system32\BrNetSti.dll
2008-07-05 15:41:12 ----A---- C:\Windows\system32\BrWia07a.dll
2008-07-05 15:41:10 ----D---- C:\Brother
2008-07-05 15:41:08 ----A---- C:\Windows\Brfaxrx.ini
2008-07-05 15:41:06 ----N---- C:\Windows\system32\NSSearch.dll
2008-07-05 15:41:06 ----N---- C:\Windows\system32\BrMuSNMP.dll
2008-07-05 15:41:06 ----N---- C:\Windows\system32\BrMfNt.dll
2008-07-05 15:41:06 ----N---- C:\Windows\system32\BrfxD05a.dll
2008-07-05 15:41:06 ----N---- C:\Windows\system32\BRCrypt.dll
2008-07-05 15:41:05 ----N---- C:\Windows\brunin03.dll
2008-07-05 15:41:05 ----D---- C:\Program Files\Brother
2008-07-05 15:38:32 ----D---- C:\Program Files\Nuance
2008-07-05 15:37:07 ----A---- C:\Windows\maxlink.ini
2008-07-05 15:36:44 ----D---- C:\ProgramData\InstallShield
2008-07-05 15:35:19 ----D---- C:\Program Files\Common Files\ScanSoft Shared
2008-07-05 15:35:11 ----D---- C:\ProgramData\ScanSoft
2008-07-05 15:34:58 ----D---- C:\Program Files\ScanSoft
2008-07-05 14:56:14 ----D---- C:\ProgramData\Brother
======List of files/folders modified in the last 3 months======
2008-09-28 13:15:47 ----D---- C:\Windows\Temp
2008-09-28 10:11:46 ----RD---- C:\Program Files
2008-09-28 10:11:45 ----SD---- C:\Windows\Downloaded Program Files
2008-09-28 10:11:44 ----D---- C:\Windows\System32
2008-09-28 08:55:09 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-09-28 08:54:54 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-28 08:48:45 ----D---- C:\Windows\system32\drivers
2008-09-28 08:48:11 ----A---- C:\Windows\system32\acovcnt.exe
2008-09-26 18:28:35 ----D---- C:\Users\JB HIFI\AppData\Roaming\DNA
2008-09-26 18:23:30 ----D---- C:\Windows\Prefetch
2008-09-26 12:18:46 ----D---- C:\Program Files\BitTorrent
2008-09-25 22:39:26 ----SHD---- C:\System Volume Information
2008-09-23 11:50:55 ----D---- C:\Users\JB HIFI\AppData\Roaming\BitTorrent
2008-09-22 15:40:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-09-22 15:40:57 ----D---- C:\Windows\inf
2008-09-19 22:29:29 ----D---- C:\Windows\system32\catroot2
2008-09-18 19:21:52 ----D---- C:\Windows\winsxs
2008-09-18 19:20:47 ----SHD---- C:\Windows\Installer
2008-09-18 19:20:37 ----D---- C:\ProgramData\Microsoft Help
2008-09-18 19:19:26 ----A---- C:\Windows\win.ini
2008-09-18 19:18:08 ----RSD---- C:\Windows\assembly
2008-09-18 19:14:37 ----D---- C:\Program Files\Common Files\microsoft shared
2008-09-17 17:24:08 ----HD---- C:\ProgramData
2008-09-17 17:19:13 ----D---- C:\Windows
2008-09-17 17:03:43 ----D---- C:\Windows\Microsoft.NET
2008-09-17 17:01:31 ----ASH---- C:\Program Files\desktop.ini
2008-09-17 17:00:55 ----D---- C:\Windows\rescache
2008-09-17 16:55:32 ----D---- C:\Windows\system32\ras
2008-09-17 16:55:32 ----D---- C:\Windows\system32\icsxml
2008-09-17 16:55:32 ----D---- C:\Program Files\Windows Calendar
2008-09-17 16:55:30 ----D---- C:\Windows\system32\wbem
2008-09-17 16:55:29 ----D---- C:\Windows\ehome
2008-09-17 16:55:29 ----D---- C:\Program Files\Windows Defender
2008-09-17 16:55:24 ----D---- C:\Windows\system32\migration
2008-09-17 16:55:24 ----D---- C:\Windows\system32\en-US
2008-09-17 16:55:24 ----D---- C:\Windows\servicing
2008-09-17 16:55:24 ----D---- C:\Windows\AppPatch
2008-09-17 16:55:24 ----D---- C:\Program Files\Internet Explorer
2008-09-17 16:36:41 ----D---- C:\Windows\system32\catroot
2008-09-17 14:58:09 ----D---- C:\Windows\system32\XPSViewer
2008-09-17 14:58:09 ----D---- C:\Program Files\Windows Media Player
2008-09-17 14:58:07 ----D---- C:\Windows\system32\SLUI
2008-09-17 14:58:07 ----D---- C:\Program Files\Windows Mail
2008-09-17 14:58:06 ----D---- C:\Program Files\Windows Sidebar
2008-09-17 14:42:56 ----D---- C:\Windows\registration
2008-09-03 20:12:12 ----D---- C:\Program Files\JetAudio
2008-08-18 10:56:18 ----D---- C:\Users\JB HIFI\AppData\Roaming\Azureus
2008-08-18 10:47:45 ----D---- C:\Program Files\Azureus
2008-08-05 11:11:02 ----A---- C:\Windows\system32\mrt.exe
2008-08-01 09:34:32 ----D---- C:\Program Files\Lavasoft
2008-08-01 09:33:50 ----D---- C:\Program Files\Common Files
2008-08-01 09:31:50 ----D---- C:\ProgramData\Lavasoft
2008-07-31 11:59:39 ----D---- C:\etax2007-a
2008-07-30 14:33:51 ----D---- C:\Program Files\Google
2008-07-30 14:33:19 ----D---- C:\Program Files\Java
2008-07-15 12:07:34 ----SD---- C:\Users\JB HIFI\AppData\Roaming\Microsoft
2008-07-08 10:52:28 ----D---- C:\Users\JB HIFI\AppData\Roaming\Orbit
2008-07-08 10:52:21 ----D---- C:\Downloads
2008-07-05 15:41:52 ----D---- C:\Windows\twain_32
2008-07-05 15:41:03 ----HD---- C:\Program Files\InstallShield Installation Information
2008-07-05 15:35:19 ----D---- C:\Program Files\Common Files\InstallShield
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-09-17 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-09-17 26824]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2007-04-05 389432]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-08 25160]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2007-04-09 31548]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2004-11-05 670208]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2007-11-30 97216]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-09-17 19456]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-09-17 29184]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-09-17 14208]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2007-09-05 92544]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2006-11-02 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-12-19 1786880]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-10 4445120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-09-17 82432]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-10-09 981504]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2006-11-02 9216]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2006-12-22 1132544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-03 11120]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-09-17 220160]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2007-05-07 47360]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 u3kmini;ASUS My Cinema-U3000 Mini; C:\Windows\System32\Drivers\u3kmini.sys [2006-08-23 352000]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2006-12-21 90112]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-17 231704]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-08-14 809296]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-11 24576]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-08-17 85096]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2007-10-06 72704]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
-----------------EOF-----------------
RSIT Info txt:
info.txt logfile of random's system information tool 1.02 2008-09-28 13:16:01
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
ASUS EZVCR-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CE651735-FDDC-47EA-BFFD-3BF9472B8E85}
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
Asus MultiFrame-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
ASUS My Cinema-U3000 Mini-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D2A1A00-F630-49ED-8E6C-C199544DD3AB}\setup.exe" -l0x9
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUSDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
AutoCAD 2008 - English-->C:\Program Files\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-0409-0002-0060B0CE6BBA} /M ACAD
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
AutoUnpack 4.4.4-->"C:\Program Files\AutoUnpack\unins000.exe"
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Belarc Advisor 7.2-->C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG
Brother MFL-Pro Suite-->"C:\Program Files\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Setup.exe" -runfromtemp -l0x0009 Brunin03.dll -removeonly
Citrix Web Client-->C:\Windows\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
COSMOS Network License Manager-->MsiExec.exe /I{F241BC75-34C9-4915-9287-263E1CFA003D}
COSMOSWorks 2007 SP0-->MsiExec.exe /I{AF2D85EE-D6F9-4E7B-B9FA-BBB9BCA9A01E}
COWON Media Center - jetAudio Basic-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x9 -removeonly
DWGeditor-->MsiExec.exe /X{F5125699-C01A-4ED8-BD3A-265DF29859FE}
eDrawings 2007-->MsiExec.exe /I{75FEB085-179F-4C85-B0E4-B517D2160750}
ESET Online Scanner-->C:\Windows\system32\OnlineScannerUninstaller.exe
e-tax 2008-->C:\etax2008\e-tax 2008_uninstall.exe
Free Mp3 Wma Converter V 1.6.1-->"C:\Program Files\Free Audio Pack\unins000.exe"
FrostWire 4.13.1.5 BETA-->C:\Program Files\FrostWire\Uninstall.exe
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
ID3 renamer 2.15.15-->"C:\Program Files\ID3 renamer\unins000.exe"
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
Magic ISO Maker v5.3 (build 0221)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
MagicDisc 2.5.79-->C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Marketmaker CFD-FX Asia Pacific Client-->"D:\UninstallerData\Uninstall Marketmaker CFD-FX Asia Pacific Client.exe"
Media Jukebox 12-->C:\Program Files\J River\Media Jukebox 12\JRMediaUninstall.exe
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (2.0.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\setup.exe" -l0x9
Nero 7-->MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31033}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
PandoraRecovery (Remove Only)-->"C:\Program Files\Pandora Recovery\Uninstall.exe"
PaperPort Image Printer-->MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}
PeaZip 1.10-->"C:\Program Files\PeaZip\unins000.exe"
Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\SETUP.exe -runfromtemp -l0x0009 -removeonly
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PrivacyGuard Full-->MsiExec.exe /I{750DC9FA-2E2F-41FE-B0B6-AF206F2C7C29}
QuickTime-->MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x9 -removeonly
Recover Files 2.0-->"C:\Program Files\Recover Files\unins000.exe"
ResumeMaker Professional-->C:\PROGRA~1\RESUME~1\UNWISE.EXE C:\PROGRA~1\RESUME~1\INSTALL.LOG
ScanSoft PaperPort 11-->MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407}
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
SolidWorks 2007 SP0-->MsiExec.exe /I{95FCA50A-CF7D-457E-AF69-F058F8BC2844}
SolidWorks Explorer 2007 sp0-->MsiExec.exe /I{559FAB96-A0CD-4105-A02F-1C21DEBCEF89}
SolidWorks Installation Manager-->MsiExec.exe /X{26621E14-A45B-45CD-9ED9-7A0A9B585DB4}
Splittur 3.0-->"C:\Program Files\Splittur\Uninstall.exe" "C:\Program Files\Splittur\install.log"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Symantec Technical Support Web Controls-->MsiExec.exe /X{5FCDE341-328B-434B-9F21-AF5BADB57852}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}
USB2.0 1.3M WebCam-->C:\Windows\StkUnist.exe
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
WinRAR-->"C:\Windows\WinRAR\uninstall.exe" "/U:C:\Program Files\WinRAR\Uninstall\uninstall.xml"
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
WM Converter 2.0-->C:\Program Files\WM Converter\Uninstal.exe
Zultrax P2P-->C:\Program Files\Zultrax P2P\Uninstall.Exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AVG Anti-Virus Free
AS: AVG Anti-Virus Free (disabled)
AS: Spybot - Search and Destroy
AS: Windows Defender (outdated)
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
-----------------EOF-----------------
AVG Infection 1 details:
Scan "Scan specific files or folders" was finished.
Infections found:;"1"
Infected objects removed or healed:;"1"
Not removed or healed:;"0"
Spyware found:;"0"
Spyware removed:;"0"
Not removed:;"0"
Warnings count:;"0"
Information count:;"0"
Scan started:;"Wednesday, 17 September 2008, 8:22:32 PM"
Scan finished:;"Thursday, 18 September 2008, 12:43:59 AM (4 hour(s) 21 minute(s) 27 second(s))"
Total object scanned:;"987226"
User who launched the scan:;"JB HIFI"
Infections
File;"Infection";"Result"
F:\Azureus Downloads\Microsoft_Office_2007_Complete_Version_Incl_CD_Key\Launcher.exe;"Virus identified Worm/Autoit.CPT";"Moved to Virus Vault"
Warnings
File;"Infection";"Result"
C:\Users\JB HIFI\AppData\Local\Temp\Low\Cookies\jb_hifi@m.webtrends[2].txt;"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Local\Temp\Low\Cookies\jb_hifi@m.webtrends[2].txt:\m.webtrends.com.b4ca7df0;"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\jb_hifi@2o7[2].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\jb_hifi@2o7[2].txt:\2o7.net.e7e7d917;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt:\2o7.net.37c2c257;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt:\2o7.net.55c5154e;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt:\2o7.net.c5782a76;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt:\2o7.net.e7e7d917;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.17044b51;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.6d7740f7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.891542da;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.8b1bd7bc;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.fb764ef7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.ffe11db7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adtech[2].txt;"Found Tracking cookie.Adtech";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adtech[2].txt:\adtech.de.6157efde;"Found Tracking cookie.Adtech";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adtech[2].txt:\adtech.de.a9245469;"Found Tracking cookie.Adtech";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@atdmt[2].txt;"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@atdmt[2].txt:\atdmt.com.b3e33b5f;"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@bs.serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@bs.serving-sys[1].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@doubleclick[2].txt;"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@doubleclick[2].txt:\doubleclick.net.bf396750;"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@media.adrevolver[1].txt;"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@media.adrevolver[1].txt:\media.adrevolver.com.5fed601d;"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@mediaplex[1].txt;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@mediaplex[1].txt:\mediaplex.com.dc30fb3c;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@mediaplex[1].txt:\mediaplex.com.f652b123;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@questionmarket[2].txt;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@questionmarket[2].txt:\questionmarket.com.3eb5a9f1;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@questionmarket[2].txt:\questionmarket.com.4dd5e426;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.2df99d79;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.44927ec;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.55564293;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.80ab30e9;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.e9dbeb91;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.255d6f2f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.400f83f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.4b416ef8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.606c3d3b;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.6a1cf9e8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.c9034af6;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@zedo[1].txt;"Found Tracking cookie.Zedo";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@zedo[1].txt:\zedo.com.775ee79c;"Found Tracking cookie.Zedo";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Mozilla\Firefox\Profiles\20q72r6n.default\cookies.txt;"Found Tracking cookie.Yadro";"Healed"
C:\Users\JB HIFI\AppData\Roaming\Mozilla\Firefox\Profiles\20q72r6n.default\cookies.txt:\yadro.ru.c77afad5;"Found Tracking cookie.Yadro";"Moved to Virus Vault"
AVG Infection 2 details:
Scan "Scheduled scan" was finished.
Infections found:;"1"
Infected objects removed or healed:;"1"
Not removed or healed:;"0"
Spyware found:;"0"
Spyware removed:;"0"
Not removed:;"0"
Warnings count:;"0"
Information count:;"0"
Scan started:;"Friday, 26 September 2008, 12:00:02 PM"
Scan finished:;"Friday, 26 September 2008, 6:11:06 PM (6 hour(s) 11 minute(s) 3 second(s))"
Total object scanned:;"1627118"
User who launched the scan:;"SYSTEM"
Infections
File;"Infection";"Result"
C:\Program Files\BitTorrent\uninst.exe;"Trojan horse BackDoor.Generic10.KJH";"Moved to Virus Vault"
Warnings
File;"Infection";"Result"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\jb_hifi@adbrite[1].txt;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\jb_hifi@adbrite[1].txt:\adbrite.com.44f92a69;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\jb_hifi@adbrite[1].txt:\adbrite.com.71beeff9;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\jb_hifi@adbrite[1].txt:\adbrite.com.d5e309c2;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt:\2o7.net.10010c8f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt:\2o7.net.37c2c257;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@2o7[1].txt:\2o7.net.55c5154e;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt:\ad.yieldmanager.com.539b0606;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt:\ad.yieldmanager.com.557bf2b0;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt:\ad.yieldmanager.com.830b6f08;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt:\ad.yieldmanager.com.8a47878;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt:\ad.yieldmanager.com.b68f2b7b;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt:\ad.yieldmanager.com.e762f029;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@ad.yieldmanager[2].txt:\ad.yieldmanager.com.ff92306;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.17044b51;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.6d7740f7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.891542da;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.8b1bd7bc;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.fb764ef7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adopt.euroclick[2].txt:\adopt.euroclick.com.ffe11db7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adtech[2].txt;"Found Tracking cookie.Adtech";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adtech[2].txt:\adtech.de.6157efde;"Found Tracking cookie.Adtech";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@adtech[2].txt:\adtech.de.a9245469;"Found Tracking cookie.Adtech";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@advertising[1].txt;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@advertising[1].txt:\advertising.com.203aa218;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@advertising[1].txt:\advertising.com.b624fa46;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@bs.serving-sys[2].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@bs.serving-sys[2].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@m.webtrends[2].txt;"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@m.webtrends[2].txt:\m.webtrends.com.b4ca7df0;"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@mediaplex[1].txt;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@mediaplex[1].txt:\mediaplex.com.f652b123;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@msnportal.112.2o7[1].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@msnportal.112.2o7[1].txt:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@questionmarket[2].txt;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@questionmarket[2].txt:\questionmarket.com.3eb5a9f1;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@questionmarket[2].txt:\questionmarket.com.4dd5e426;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@questionmarket[2].txt:\questionmarket.com.767e4302;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.2df99d79;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.44927ec;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.80ab30e9;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@revsci[1].txt:\revsci.net.e9dbeb91;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.255d6f2f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.400f83f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.4b416ef8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.4cd8c2e9;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.606c3d3b;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.6a1cf9e8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@serving-sys[1].txt:\serving-sys.com.c9034af6;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt:\tacoda.net.5935e89;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt:\tacoda.net.c4fe2ebb;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt:\tacoda.net.27341d57;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt:\tacoda.net.4366831a;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt:\tacoda.net.cd7ce44f;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt:\tacoda.net.e9f57f8;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@tacoda[1].txt:\tacoda.net.ed9c50d1;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@zedo[1].txt;"Found Tracking cookie.Zedo";"Moved to Virus Vault"
C:\Users\JB HIFI\AppData\Roaming\Microsoft\Windows\Cookies\Low\jb_hifi@zedo[1].txt:\zedo.com.ff8ec9c0;"Found Tracking cookie.Zedo";"Moved to Virus Vault"