Here are the reports you asked for
Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows XP Home Edition (5.1.2600) Service
Pack 3
[32_bits] - x86 Family 6 Model 15 Stepping 11,
GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[SharedAccess] RUNNING (state:4)
Windows Firewall -> Disabled !
.
Internet Explorer 8.0.6001.18702
Mozilla Firefox 3.0.13 (en-US)
.
A:\ [Removable]
C:\ [Fixed-NTFS] .. ( Total:465 Go - Free:122
Go )
D:\ [Fixed-FAT32] .. ( Total:465 Go -
Free:316 Go )
E:\ [CD_Rom]
F:\ [CD_Rom]
G:\ [Removable]
H:\ [Removable]
I:\ [Removable]
J:\ [Fixed-NTFS] .. ( Total:698 Go - Free:22
Go )
K:\ [Removable]
L:\ [Removable]
.
Scan : 12:58.13
Path : C:\Documents and
Settings\User\Desktop\Rooter.exe
User : User ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
______ System (4)
______ \SystemRoot\System32\smss.exe (936)
______ \??\C:\WINDOWS\system32\csrss.exe
(1156)
______ \??\C:\WINDOWS\system32\winlogon.exe
(1180)
______ C:\WINDOWS\system32\services.exe (1228)
______ C:\WINDOWS\system32\lsass.exe (1240)
______ C:\Program Files\Webroot\Spy
Sweeper\WRConsumerService.exe (1424)
______ C:\WINDOWS\system32\svchost.exe (1444)
______ C:\WINDOWS\system32\svchost.exe (1512)
______ C:\WINDOWS\System32\svchost.exe (1688)
______ C:\WINDOWS\system32\svchost.exe (1724)
______ C:\WINDOWS\system32\svchost.exe (1968)
______ C:\WINDOWS\system32\svchost.exe (2000)
______ C:\WINDOWS\system32\spoolsv.exe (220)
______ C:\WINDOWS\system32\svchost.exe (308)
______ C:\Program Files\Adobe\Photoshop
Elements 6.0\PhotoshopElementsFileAgent.exe
(352)
______ C:\Program Files\Common
Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe (396)
______ C:\Program
Files\Memeo\AutoBackup\MemeoService.exe (472)
______ C:\Program
Files\Bonjour\mDNSResponder.exe (520)
______ C:\WINDOWS\system32\svchost.exe (556)
______ C:\WINDOWS\system32\nvsvc32.exe (676)
______ C:\Program Files\CyberLink\Shared
Files\RichVideo.exe (736)
______ C:\Program Files\Common Files\Ulead
Systems\DVD\ULCDRSvr.exe (780)
______ C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe (812)
______ C:\WINDOWS\Explorer.EXE (1948)
______ C:\WINDOWS\System32\alg.exe (2740)
______ C:\WINDOWS\RTHDCPL.EXE (3260)
______ C:\WINDOWS\system32\RUNDLL32.EXE (3276)
Locked bdagent.exe (3288)
______ C:\WINDOWS\system32\rundll32.exe (3304)
______ C:\Program Files\Webroot\Spy
Sweeper\SpySweeperUI.exe (3312)
______ C:\WINDOWS\system32\ctfmon.exe (3348)
______ C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(3368)
______ C:\Program
Files\BitDefender\BitDefender
2009\seccenter.exe (3408)
______ C:\Program Files\Microsoft
ActiveSync\wcescomm.exe (3404)
______ C:\Program
Files\SpywareGuard\sgmain.exe (3508)
______ C:\PROGRA~1\MI3AA1~1\rapimgr.exe (3564)
______ C:\Program Files\SpywareGuard\sgbhp.exe
(3600)
______ C:\Program Files\Webroot\Spy
Sweeper\SSU.EXE (800)
______ C:\Program Files\VIRGIN
BROADBAND\VIRGIN BROADBAND.exe (1536)
______ C:\Program Files\Microsoft
Office\Office12\WINWORD.EXE (1620)
Locked vsserv.exe (1716)
Locked livesrv.exe (1816)
______ C:\Documents and
Settings\User\Desktop\Rooter.exe (928)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]--
(Start_Offset:32256 | Length:500096991744)
.
----------------------\\ Scheduled Tasks
.
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\Tasks\wrSpySweeper_LB564713FDF47452
68460C83B25B8BC4B.job
C:\WINDOWS\Tasks\wrSpySweeper_LE04E83C34647476
2855CCEBEEDDABDB1.job
C:\WINDOWS\Tasks\wrSpySweeper_LF80B1552B813499
48EB3AF9F8C6F0EDD.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
C:\DOCUME~1\User\Desktop\Programs\Garmin
Mobile XT for Windows Mobile v.5.00.20w\Garmin
Mobile XT for Windows Mobile v.5.00.20w +
Basemap + Support Files + City Navigator
Europe 2009 NT (No setup, just copy to
card)\garmin_keygen_v1.5.exe
C:\DOCUME~1\User\Desktop\Programs\Nero
9.2.5.0+Keygen[h33t]MasterUploader\Keygen\nero
9 keygen STR!D3R.exe
C:\DOCUME~1\User\Desktop\Programs\Tomtom
navigator V_7 Western Europe by
hackwarez-crew.com\Tomtom navigator V_7
Western Europe\activation\tt7_keygen.exe
C:\DOCUME~1\User\My Documents\Old PC\To Be
Moved\downloads\3Gp Video Converter\keygen.exe
==> Cracks & Keygens <==.
----------------------\\ Scan completed at
12:58.43
.
C:\Rooter$\Rooter_1.txt - (23/08/2009 |
12:58.43).c
Log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2009-08-23 12:59:14
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 126 GB (26%) free of 477 GB
Total RAM: 2046 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:21 PM, on 23/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Memeo\AutoBackup\MemeoService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\VIRGIN BROADBAND\VIRGIN BROADBAND.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Desktop\RSIT.exe
C:\Documents and Settings\User\Desktop\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigpond.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] "RTHDCPL.EXE"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] "C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe" -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [yejuporaje] Rundll32.exe "C:\WINDOWS\system32\zayuvosu.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO16 - DPF: {F1D54B0B-B6EA-43B5-BD26-A79D3DBF47E3} (Multidownx Control) -
http://bigpondmusic.com/activex/multidownx.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{A6AAB28E-500B-45F6-908F-3D9384E61BB4}: NameServer = 123.200.191.17 123.200.191.18
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements
6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L.
http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender
Arrakis Server\bin\Arrakis3.exe
O23 - Service: AutoBackup (BMUService) - Memeo - C:\Program Files\Memeo\AutoBackup\MemeoService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update
Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (
www.webroot.com) - C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
--
End of file - 8639 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\wrSpySweeper_LB564713FDF4745268460C83B25B8BC4B.job
C:\WINDOWS\tasks\wrSpySweeper_LE04E83C346474762855CCEBEEDDABDB1.job
C:\WINDOWS\tasks\wrSpySweeper_LF80B1552B81349948EB3AF9F8C6F0EDD.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-06-13 110652]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2009-04-02 95536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-12 16132608]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-04-28 778240]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2009-04-02 69632]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2009-04-06 6345840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-07-30 1830128]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2009-02-03 240544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-10 67488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-01-15 267048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OSSelectorReinstall]
C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2005-11-14 1544099]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-01-10 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StxTrayMenu]
C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe [2007-01-18 190008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\HOMERunner.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^AutoBackup
Launcher.lnk]
C:\PROGRA~1\Memeo\AUTOBA~1\MEMEOL~1.EXE [2007-02-08 211992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Picture Motion Browser
Media Check Tool.lnk]
C:\PROGRA~1\Sony\SONYPI~1\VOLUME~1\SPUVOL~1.EXE [2007-04-17 368640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^RollerCoaster Tycoon 3
Registration.lnk]
C:\Documents and Settings\User\Local Settings\Temp\{DFF19BC6-182E-45AB-A030-EE0C242D8483}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe /remind
/language=ENA /PRNM=RollerCoaster Tycoon 3/PRMP=RCT3/SKUN=PCXX/GTYP=STRY []
C:\Documents and Settings\User\Start Menu\Programs\Startup
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Telstra\Cable Login\bpcable.exe"="C:\Program Files\Telstra\Cable Login\bpcable.exe:*:Enabled:BigPond Cable Client"
"C:\Program Files\Telstra\Cable Login\bpcService.exe"="C:\Program Files\Telstra\Cable Login\bpcService.exe:*:Enabled:BigPond Cable Client (running as a
service)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI
Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync
Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync
Application"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe"="C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe:*:Enabled:SpySweeper"
"C:\Program Files\Memeo\AutoBackup\MemeoService.exe"="C:\Program Files\Memeo\AutoBackup\MemeoService.exe:*:Enabled:MemeoService"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe"="C:\Program Files\Adobe\Photoshop Elements
6.0\PhotoshopElementsFileAgent.exe:*:Enabled:PhotoshopElementsFileAgent"
"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"="C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI
Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync
Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync
Application"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{044710b9-2ae6-11dd-9f50-001a4d9b4919}]
shell\AutoRun\command - F:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3e1f279c-8344-11de-b7b4-001a4d9b4919}]
shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42898330-7779-11de-b79f-001a4d9b4919}]
shell\AutoRun\command - M:\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42898331-7779-11de-b79f-001a4d9b4919}]
shell\AutoRun\command - L:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42898334-7779-11de-b79f-001a4d9b4919}]
shell\AutoRun\command - F:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69c2bc33-1798-11de-b727-001a4d9b4919}]
shell\Auto\command - recycled\SVCH0ST.EXE
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL recycled\SVCH0ST.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b46e0a7-8088-11de-b7b2-001a4d9b4919}]
shell\AutoRun\command - L:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7b46e0a8-8088-11de-b7b2-001a4d9b4919}]
shell\AutoRun\command - L:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ca926cf-06ce-11dd-9f27-001a4d9b4919}]
shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ca926d1-06ce-11dd-9f27-001a4d9b4919}]
shell\AutoRun\command - F:\.pspware\PSPWareLauncher.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c850aa98-8d6d-11de-b7c7-001a4d9b4919}]
shell\AutoRun\command - F:\AutoRun.exe
======List of files/folders created in the last 1 months======
2009-08-23 12:59:14 ----D---- C:\rsit
2009-08-23 12:58:40 ----D---- C:\Rooter$
2009-08-22 15:44:43 ----D---- C:\WINDOWS\LastGood
2009-08-20 19:42:38 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2009-08-18 17:41:05 ----D---- C:\WINDOWS\ie8updates
2009-08-18 17:40:43 ----A---- C:\WINDOWS\imsins.BAK
2009-08-18 17:38:27 ----HDC---- C:\WINDOWS\ie8
2009-08-16 03:00:43 ----SHD---- C:\Config.Msi
2009-08-16 03:00:43 ----D---- C:\Program Files\MSXML 4.0
2009-08-15 17:07:57 ----D---- C:\Program Files\MSSOAP
2009-08-14 07:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-14 03:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-14 03:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-14 03:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-14 03:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-14 03:02:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-14 03:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-14 03:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-14 03:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-12 22:56:24 ----D---- C:\WINDOWS\Minidump
2009-08-04 20:26:22 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2009-08-03 18:03:42 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-08-03 18:03:42 ----A---- C:\WINDOWS\system32\irmon.dll
2009-08-03 18:03:42 ----A---- C:\WINDOWS\system32\irftp.exe
======List of files/folders modified in the last 1 months======
2009-08-23 12:59:21 ----D---- C:\WINDOWS\Prefetch
2009-08-23 12:52:23 ----D---- C:\Program Files\Mozilla Firefox
2009-08-23 12:52:19 ----D---- C:\WINDOWS\Temp
2009-08-23 12:47:22 ----D---- C:\WINDOWS\system32
2009-08-23 12:47:16 ----A---- C:\WINDOWS\bdagent.INI
2009-08-23 01:35:22 ----A---- C:\WINDOWS\NeroDigital.ini
2009-08-22 18:37:39 ----D---- C:\WINDOWS\system32\drivers
2009-08-22 15:44:47 ----HD---- C:\WINDOWS\inf
2009-08-22 15:44:43 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-22 15:44:43 ----D---- C:\WINDOWS
2009-08-20 06:00:46 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-08-19 18:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-18 18:37:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-18 18:37:59 ----D---- C:\WINDOWS\system32\en-US
2009-08-18 18:37:59 ----D---- C:\WINDOWS\Media
2009-08-18 18:37:59 ----D---- C:\WINDOWS\Help
2009-08-18 18:37:59 ----D---- C:\Program Files\Internet Explorer
2009-08-18 17:41:17 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-18 17:36:22 ----D---- C:\WINDOWS\Debug
2009-08-17 22:12:48 ----RD---- C:\Program Files
2009-08-16 21:59:28 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-08-16 21:58:48 ----D---- C:\Program Files\SpywareBlaster
2009-08-16 03:00:56 ----SHD---- C:\WINDOWS\Installer
2009-08-16 03:00:55 ----D---- C:\WINDOWS\WinSxS
2009-08-15 18:27:38 ----D---- C:\Program Files\LimeWire
2009-08-15 17:15:38 ----SD---- C:\WINDOWS\Tasks
2009-08-15 17:14:44 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2009-08-14 18:13:33 ----D---- C:\Program Files\SpywareGuard
2009-08-14 03:02:07 ----D---- C:\Program Files\Outlook Express
2009-08-13 22:18:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-13 18:58:24 ----SHD---- C:\System Volume Information
2009-08-13 18:58:24 ----D---- C:\WINDOWS\system32\Restore
2009-08-06 21:29:18 ----D---- C:\WinFast WorkArea
2009-08-05 19:01:48 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-03 18:04:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-03 18:03:37 ----D---- C:\WINDOWS\security
2009-07-31 22:59:19 ----A---- C:\WINDOWS\system32\Dvbpws.dll
2009-07-30 10:49:14 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-30 06:02:15 ----D---- C:\Program Files\SUPERAntiSpyware
2009-07-30 03:00:51 ----D---- C:\WINDOWS\ie7updates
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-03-17 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2006-03-17 22684]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-06-13 25724]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-06-13 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-06-13 86844]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-06-13 14716]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-06-13 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-06-13 88476]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-06-13 94460]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-03-17 40544]
R3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2009-08-22 104456]
R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2009-01-16 242184]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-23 4402176]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-03-01 90496]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WFSONORA;WinFast PxDVR3200 H; C:\WINDOWS\system32\drivers\wfsonora.sys [2007-07-31 313472]
S1 soqwx32;soqwx32; \??\C:\WINDOWS\system32\drivers\soqwx32.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\WINDOWS\System32\Drivers\sskbfd.sys [2008-01-04 23920]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-01-15 30464]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-01-15 110592]
R2 BMUService;AutoBackup; C:\Program Files\Memeo\AutoBackup\MemeoService.exe [2007-02-08 56344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-04-02 415024]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-07 167936]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-04-02 1626112]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2009-04-02 4048240]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2009-08-15 1181040]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-08-01 72704]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25
69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[2008-11-03 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29
46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-01-15 504104]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 scan;BitDefender Threat Scanner; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
-----------------EOF-----------------
INFO.txt
info.txt logfile of random's system
information tool 1.06 2009-08-23 12:59:25
======Uninstall list======
[Activation] v0.3 Beta 3-->"C:\Program
Files\TomTomActivation\Uninstall.exe"
-->C:\Program
Files\Ahead\nero\uninstall\UNNERO.exe
/UNINSTALL
-->C:\Program Files\InstallShield Installation
Information\{02FB2C63-5763-4CDD-99E6-566C57189
742}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{1CA432A0-DBC7-4C5D-A6B6-5DF0E2E44
BB0}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{28B97CAB-828F-49D8-A30A-675476F9B
A92}\setup.exe -runfromtemp -l0x0009/cont
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{3475FBEC-E0F5-4A3F-823E-6C1DEA10F
1AF}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{3881DD58-780F-4FCF-8A16-6E6800C2F
EE0}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{4067A0B5-FB0B-479C-8735-6F48F8E21
872}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{4E7DC12A-3597-4A94-9429-F6C698736
1B1}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{6813C983-427E-4511-8456-E98FCAA1A
125}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{7DADB304-AF20-48C3-A780-4B4133A08
817}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{9225EABF-4457-403B-A82B-91614C9DD
DF7}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7D
B13}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{ACE66099-E18E-4037-83C8-9D182E5B9
FA8}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{B34B6E67-FCDD-4E03-8742-B5701427F
AFB}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{C9EFF51A-C925-4F1A-9DEB-DB5F970DE
983}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{E8581ECC-8BEA-4E91-AB5E-587654EBB
2A7}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{E9CCEA28-3608-4078-8A07-997646E1A
357}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB98
69B}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\Program Files\InstallShield Installation
Information\{FD7FF74D-0AB5-48D6-929C-7E93A5162
521}\setup.exe -runfromtemp -l0x0009
-removeonly
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x
{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNNMP.exe /UNINSTALL
-->rundll32.exe
setupapi.dll,InstallHinfSection
DefaultUninstall 132
C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR
Application Installer.exe -uninstall
com.adobe.mauby
4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe
/I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Acronis Disk Director Suite-->MsiExec.exe
/X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
Adobe AIR-->C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR
Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe
/I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Bridge 1.0-->MsiExec.exe
/I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe
/I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10
Plugin-->C:\WINDOWS\system32\Macromed\Flash\un
install_plugin.exe
Adobe Flash Player
ActiveX-->C:\WINDOWS\system32\Macromed\Flash\u
ninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe
/I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I
{236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Photoshop Elements 6.0-->msiexec /I
{F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Reader 9.1-->MsiExec.exe
/I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Shockwave
Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UN
WISE.EXE
C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe
/I{786C5747-1033-0000-B58E-000000000001}
Apple Mobile Device Support-->MsiExec.exe
/I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
Apple Software Update-->MsiExec.exe
/I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AusLogics Disk Defrag-->"C:\Program
Files\Auslogics\AusLogics Disk
Defrag\unins000.exe"
BitDefender Internet Security
2009-->MsiExec.exe
/X{961CE74B-30C0-47D6-ACD9-0C887A5E23F5}
Bonjour-->MsiExec.exe
/I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Canon PhotoRecord-->MsiExec.exe
/X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA
iP1000-->C:\WINDOWS\system32\CNMCP6e.exe
"-PRINTERNAMECanon PIXMA iP1000"
"-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA
iP1000 Installer\Inst2\cnmis.dll"
"-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA
iP1000 Installer\Inst2\cnmi0409.dll"
Canon Utilities Easy-PhotoPrint-->C:\Program
Files\Canon\Easy-PhotoPrint\uninst.exe
C:\Program
Files\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities
Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
CCleaner (remove only)-->"C:\Program
Files\CCleaner\uninst.exe"
Codec Pack - All In 1
6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program
Files\Codec Pack - All In 1\irunin.ini"
DVD Decrypter (Remove Only)-->"C:\Program
Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD
Shrink\unins000.exe"
DVD Suite-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~
1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8
E79}\setup.exe" -uninstall
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe
-f"C:\Program
Files\Canon\Easy-WebPrint\Uninst.isu"
EVEREST Ultimate Edition v4.00-->"C:\Program
Files\Lavalys\EVEREST Ultimate
Edition\unins000.exe"
FreeAgent Pro Tools-->C:\Program
Files\InstallShield Installation
Information\{F5A83924-6A0A-40A2-9A9C-00D876B62
E7F}\setup.exe -runfromtemp -l0x0409
Google Earth-->MsiExec.exe
/I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
GpsGate-->C:\Program Files\Microsoft
ActiveSync\GpsGate\Uninstall.exe GpsGate
HijackThis 2.0.2-->"C:\Documents and
Settings\User\Desktop\HijackThis.exe"
/uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1
(KB953595)-->C:\WINDOWS\system32\msiexec.exe
/package
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
/uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1
(KB958484)-->C:\WINDOWS\system32\msiexec.exe
/package
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
/uninstall
{A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+
REBOOTPROMPT=""
Hotfix for Windows Internet Explorer 7
(KB947864)-->"C:\WINDOWS\ie7updates\KB947864-I
E7\spuninst\spuninst.exe"
ImTOO MPEG Encoder Platinum-->C:\Program
Files\ImTOO\MPEG Encoder
Platinum\Uninstall.exe
iTunes-->MsiExec.exe
/I{B85C4D19-6CEB-48CF-BD98-C887AC8C6F94}
Java(TM) 6 Update 3-->MsiExec.exe
/I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Malwarebytes' Anti-Malware-->"C:\Program
Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix
(KB928366)-->"C:\WINDOWS\Microsoft.NET\Framewo
rk\v1.1.4322\Updates\hotfix.exe"
"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\
Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe
/X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack
2-->MsiExec.exe
/I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack
2-->MsiExec.exe
/I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5
SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\
Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe
/I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe
/I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for
Windows
XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spu
ninst\spuninst.exe"
Microsoft Internationalized Domain Names
Mitigation
APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNM
itigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel
APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSD
ownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English)
2007-->MsiExec.exe
/X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI
(English) 2007-->MsiExec.exe
/X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English)
2007-->MsiExec.exe
/X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English)
2007-->MsiExec.exe
/X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English)
2007-->MsiExec.exe
/X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English)
2007-->MsiExec.exe
/X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Plus
2007-->"C:\Program Files\Common
Files\Microsoft Shared\OFFICE12\Office Setup
Controller\setup.exe" /uninstall PROPLUS /dll
OSETUP.DLL
Microsoft Office Professional Plus
2007-->MsiExec.exe
/X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English)
2007-->MsiExec.exe
/X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French)
2007-->MsiExec.exe
/X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish)
2007-->MsiExec.exe
/X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English)
2007-->MsiExec.exe
/X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English)
2007-->MsiExec.exe
/X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English)
2007-->MsiExec.exe
/X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI
(English) 2007-->MsiExec.exe
/X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English)
2007-->MsiExec.exe
/X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature
Pack
1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuni
nst\spuninst.exe"
Mozilla Firefox (3.0.13)-->C:\Program
Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe
/I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 and SOAP Toolkit
3.0-->MsiExec.exe
/I{32343DB6-9A52-40C9-87E4-5E7C79791C87}
Nero Suite-->C:\Program Files\Common
Files\Ahead\Uninstall\Setup.exe /uninstall
NVIDIA
Drivers-->C:\WINDOWS\system32\nvuninst.exe
UninstallGUI
PowerDVD-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~
1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{6811CAA0-BF12-11D4-9EA1-0050BAE31
7E1}\setup.exe" -uninstall
PSPWare-->"C:\Program
Files\PSPWare\uninstall.exe"
QuickTime-->MsiExec.exe
/I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
REALTEK GbE & FE Ethernet PCI-E NIC
Driver-->C:\Program Files\InstallShield
Installation
Information\{C9BED750-1211-4480-B1A5-718A3BE15
525}\SETUP.EXE -runfromtemp -l0x0009
-removeonly
Realtek High Definition Audio
Driver-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime
\11\50\Intel32\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7
DBC}\SETUP.EXE" -l0x9 -removeonly
RollerCoaster Tycoon 3 Platinum-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime
\11\00\Intel32\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{907B4640-266B-4A21-92FB-CD1A86CD0
F63}\SETUP.EXE" -l0x9 -removeonly
Security Update for Windows Internet Explorer
7
(KB929969)-->"C:\WINDOWS\ie7updates\KB929969\s
puninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB938127)-->"C:\WINDOWS\ie7updates\KB938127-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB942615)-->"C:\WINDOWS\ie7updates\KB942615-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB944533)-->"C:\WINDOWS\ie7updates\KB944533-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB950759)-->"C:\WINDOWS\ie7updates\KB950759-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB953838)-->"C:\WINDOWS\ie7updates\KB953838-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB956390)-->"C:\WINDOWS\ie7updates\KB956390-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB958215)-->"C:\WINDOWS\ie7updates\KB958215-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB961260)-->"C:\WINDOWS\ie7updates\KB961260-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB963027)-->"C:\WINDOWS\ie7updates\KB963027-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB969897)-->"C:\WINDOWS\ie7updates\KB969897-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
7
(KB972260)-->"C:\WINDOWS\ie7updates\KB972260-I
E7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer
8
(KB972260)-->"C:\WINDOWS\ie8updates\KB972260-I
E8\spuninst\spuninst.exe"
Security Update for Windows Media Player
(KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_
WM9$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB923789)-->C:\WINDOWS\system32\MacroMed\Flas
h\genuinst.exe
C:\WINDOWS\system32\MacroMed\Flash\KB923789.in
f
Security Update for Windows XP
(KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$
\spuninst\spuninst.exe"
Security Update for Windows XP
(KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$
\spuninst\spuninst.exe"
Sonic UDF Reader-->MsiExec.exe
/I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sony Picture Utility-->C:\Program
Files\InstallShield Installation
Information\{D5068583-D569-468B-9755-5FBF5848F
46F}\setup.exe -runfromtemp -l0x0009
/removeonly uninstall -removeonly
Sony USB Driver-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime
\10\01\Intel32\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{5C29CB8B-AC1E-4114-8D68-9CD080140
D4A}\setup.exe" -l0x9 UNINSTALL -removeonly
Spy Sweeper Core-->MsiExec.exe
/I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\Spy
Sweeper\unins000.exe"
/Log="C:\DOCUME~1\User\LOCALS~1\Temp\Uninstall
.txt"
SpywareBlaster 4.2-->"C:\Program
Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"C:\Program
Files\SpywareGuard\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe
/X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Microsoft .NET Framework 3.5 SP1
(KB963707)-->C:\WINDOWS\system32\msiexec.exe
/package
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
/uninstall
{B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+
REBOOTPROMPT=""
Update for Windows Internet Explorer 8
(KB972636)-->"C:\WINDOWS\ie8updates\KB972636-I
E8\spuninst\spuninst.exe"
Update for Windows XP
(KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$
\spuninst\spuninst.exe"
USB Drum V1.03-->"C:\Program Files\USB
Drum\unins000.exe"
VIRGIN BROADBAND-->C:\Program Files\VIRGIN
BROADBAND\uninst.exe
Windows Internet Explorer
8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program
Files\Windows Media Player\wmsetsdk.exe"
/UninstallAll
Windows Media Format 11
runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\s
puninst\spuninst.exe"
Windows Media Player 11-->"C:\Program
Files\Windows Media Player\Setup_wm.exe"
/Uninstall
Windows Media Player
11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\s
puninst.exe"
Windows Mobile® Device Handbook-->C:\Program
Files\Windows Mobile Device Handbook\Windows
Mobile Device Handbook\Bin\DHUninstall.exe
Windows XP Service Pack
3-->"C:\WINDOWS\$NtServicePackUninstall$\spuni
nst\spuninst.exe"
WinFast PVR2-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime
\10\00\Intel32\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{C92C584E-C781-475E-A8E2-C67D993A6
B95}\Setup.exe" -l0x9 -removeonly
WinFast PxDVR3200 H Driver -->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime
\10\00\Intel32\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{ADB1EEBA-43DD-40C5-B753-F476158EA
85E}\setup.exe" -l0x9 -removeonly
WinRAR archiver-->C:\Program
Files\WinRAR\uninstall.exe
=====HijackThis Backups=====
O2 - BHO: (no name) -
{46bb9dcf-c819-4ae7-bac8-38a6acbdeb6b} -
C:\WINDOWS\system32\kijafise.dll [2008-12-17]
O2 - BHO: (no name) -
{46bb9dcf-c819-4ae7-bac8-38a6acbdeb6b} -
C:\WINDOWS\system32\kijafise.dll [2008-12-17]
O2 - BHO: (no name) -
{46bb9dcf-c819-4ae7-bac8-38a6acbdeb6b} - (no
file) [2008-12-17]
O2 - BHO: (no name) -
{46bb9dcf-c819-4ae7-bac8-38a6acbdeb6b} -
C:\WINDOWS\system32\kijafise.dll [2008-12-17]
======Security center information======
AV: BitDefender Antivirus
FW: BitDefender Firewall
======System event log======
Computer Name: PAULLOLO-PC
Event Code: 7011
Message: Timeout (30000 milliseconds) waiting
for a transaction response from the NVSvc
service.
Record Number: 26501
Source Name: Service Control Manager
Time Written: 20090625095922.000000+600
Event Type: error
User:
Computer Name: PAULLOLO-PC
Event Code: 7000
Message: The SASDIFSV service failed to start
due to the following error:
Cannot create a file when that file already
exists.
Record Number: 26490
Source Name: Service Control Manager
Time Written: 20090624194652.000000+600
Event Type: error
User:
Computer Name: PAULLOLO-PC
Event Code: 1002
Message: The IP address lease 192.168.1.3 for
the Network Card with network address
001A4D9B4919 has been
denied by the DHCP server 0.0.0.0 (The DHCP
Server sent a DHCPNACK message).
Record Number: 26400
Source Name: Dhcp
Time Written: 20090621174100.000000+600
Event Type: error
User:
Computer Name: PAULLOLO-PC
Event Code: 1003
Message: Your computer was not able to renew
its address from the network (from the
DHCP Server) for the Network Card with network
address 001A4D9B4919. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain
an address on its own from
the network address (DHCP) server.
Record Number: 26396
Source Name: Dhcp
Time Written: 20090621001011.000000+600
Event Type: warning
User:
Computer Name: PAULLOLO-PC
Event Code: 8021
Message: The browser was unable to retrieve a
list of servers from the browser master
\\DARYL-9BBC7AD79 on the network
\Device\NetBT_Tcpip_{618F225C-A125-47A6-BB72-F
C0B13736369}.
The data is the error code.
Record Number: 26392
Source Name: BROWSER
Time Written: 20090620225916.000000+600
Event Type: warning
User:
=====Application event log=====
Computer Name: PAULLOLO-PC
Event Code: 2570
Message: Adobe Active File Monitor Service has
Started.
Record Number: 22
Source Name: Adobe Active File Monitor 6.0
Time Written: 20090702115613.000000+600
Event Type:
User:
Computer Name: PAULLOLO-PC
Event Code: 2570
Message: Adobe Active File Monitor Service has
Started.
Record Number: 17
Source Name: Adobe Active File Monitor 6.0
Time Written: 20090701214338.000000+600
Event Type:
User:
Computer Name: PAULLOLO-PC
Event Code: 2570
Message: Adobe Active File Monitor Service has
Started.
Record Number: 12
Source Name: Adobe Active File Monitor 6.0
Time Written: 20090701130402.000000+600
Event Type:
User:
Computer Name: PAULLOLO-PC
Event Code: 2570
Message: Adobe Active File Monitor Service has
Started.
Record Number: 6
Source Name: Adobe Active File Monitor 6.0
Time Written: 20090630212441.000000+600
Event Type:
User:
Computer Name: PAULLOLO-PC
Event Code: 2570
Message: Adobe Active File Monitor Service has
Started.
Record Number: 1
Source Name: Adobe Active File Monitor 6.0
Time Written: 20090629223236.000000+600
Event Type:
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%sys
temroot%\system32\wbem;C:\Program
Files\QuickTime\QTSystem;C:\Program
Files\Common Files\Adobe\AGL
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15
Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.J
SE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program
Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program
Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
-----------------EOF-----------------