Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help Forums Windows Startup Programs Database Spyware and Malware Removal Guides Computer Tutorials Uninstall Database File Database Computer Glossary Computer Resources
 

Welcome Guest ( Log In | Click here to Register a free account now! )



Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.
MalwareByte's Anti-Malware Download

Important Announcement: The winners of the BC Million Post contest have been announced. You can read who the winners are at this post.

- BleepingComputer Management

> Forum Guidelines

Read this topic before posting a log.


DO NOT post a ComboFix log unless requested to.


Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

 
Closed TopicStart new topic
> Infected With Vundo And Maybe More
tarnation
post Aug 30 2008, 08:28 AM
Post #1


New Member
*

Group: Members
Posts: 2
Joined: 30-August 08
Member No.: 234,586
Hi, this is not my computer's Hijackthis log, it is a friends, however the issues he is having are slowing down all internet browsers he has (firefox and IE) to t point where they will not load a site, thus I am posting his log for him.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:03 PM, on 8/29/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.103\ccSvcHst.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Users\AJO170\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {0CA34611-82A6-4146-8DF8-0CDA87FA1FAD} - C:\Users\AJO170\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB9WM8SH\3077htsbdjyf[1].dll
O2 - BHO: (no name) - {2643BE8D-FD3C-4283-A321-D202FC176F3D} - C:\Windows\system32\vtUnkkkH.dll
O2 - BHO: (no name) - {35CFE9B1-81C2-4D01-A350-A759292AD7FC} - C:\Windows\system32\wvUkIYoL.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {8C9FE254-BA2D-4893-8290-C4E72E1C6CA5} - C:\Windows\system32\rqRLcYSK.dll
O2 - BHO: {bf822187-7f32-ac99-f5d4-9a181e88058d} - {d85088e1-81a9-4d5f-99ca-23f7781228fb} - C:\Windows\system32\bnglyb.dll
O2 - BHO: (no name) - {FCE07C09-0DE8-4AB2-8F17-59C7528657Cc} - C:\Windows\system32\rvbbpkbg.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\coIEPlg.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\wvUkIYoL.dll,#1
O4 - HKLM\..\Run: [769d420e] rundll32.exe "C:\Windows\system32\irotylrw.dll",b
O4 - HKLM\..\Run: [BM75ae7192] Rundll32.exe "C:\Windows\system32\bekgcqqg.dll",s
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D43F928-AAE0-456E-9805-BD6B009CED03}: NameServer = 10.66.160.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11431 bytes

I also just want to say thanks guys, you do a great service here. Is there any way I can donate to this forum? I would love to help you guys in any way I can.
Go to the top of the page
 
+Quote Post
extremeboy
post Aug 30 2008, 12:31 PM
Post #2


Malware Eradicative Disintegrator Trainee
******

Group: HJT Senior Classmen
Posts: 1,750
Joined: 21-March 08
From: Canada
Member No.: 197,892
Hi Tarnation. smile.gif My name is Extremeboy and I will be helping you with your log.

I will need some time to look over your computer's log(s).

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic.
The topics you are tracking can be found here.

Please take note of a few guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it may not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.

Download and Run RSIT
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Important Note to Others: The instructions provided in this topic are for the original topic starter only. Even if you have similar problems or log entries to those given here, please do not follow the directions. Doing so can result in serious damage to your computer. Instead, please start your own topic. Feel free to link to any relevant topics as needed.

Thanks smile.gif

With Regards,
Extremeboy


--------------------
If I'm helping you and I don't reply within 48 hours please feel free to send me a PM, Thanks.
Go to the top of the page
 
+Quote Post
tarnation
post Sep 1 2008, 07:19 PM
Post #3


New Member
*

Group: Members
Posts: 2
Joined: 30-August 08
Member No.: 234,586
info.txt logfile of random's system information tool 2008-09-01 20:30:05

Uninstall list

-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
Age of Empires III-->C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\setup.exe -runfromtemp -l0x0409
AIM 6-->C:\Program Files\AIM6\uninst.exe
AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /X{7F362F06-A9A3-440F-8B19-6A01A72723C4}
AVI Movie Player-->C:\Program Files\AVI Movie Player\uninstall.exe
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWiSVHez.INF
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Diablo II-->C:\Program Files\Common Files\Blizzard Entertainment\Diablo II\Uninstall.exe
DigitalPersona Personal 3.0.0-->MsiExec.exe /I{C7AF7F33-9092-997E-2D29-DE8095863FE3}
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)-->C:\PROGRA~1\WinTV\UNSftMCE.EXE C:\PROGRA~1\WinTV\softMCE.LOG
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Users\AJO170\Downloads\HijackThis.exe" /uninstall
Hotspot Shield 1.05-->C:\Program Files\Hotspot Shield\Uninstall.exe
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD0E2B92-3814-46F0-893B-4612EA010C7E}\setup.exe" -l0x9 -removeonly
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet D1500 Printer Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}\setup\hpzscr01.exe -datfile hphscr26.dat -onestop
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /I{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Integrated Module with Bluetooth wireless technology 6.0.1.5500-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.30 E1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP QuickPlay 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP QuickTouch 1.00 C4-->MsiExec.exe /I{7DC4A410-9986-4329-9E5D-687B2C42CA39}
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Total Care Advisor-->MsiExec.exe /X{b02df929-29a7-4fd2-9a70-81a644b635f7}
HP Update-->MsiExec.exe /X{D063F201-FAC4-4D5C-B10B-615058ADE5A7}
HP User Guides 0090-->MsiExec.exe /I{B53620C0-3A83-4F50-A7AB-175DB64C1CE3}
HP Wireless Assistant-->MsiExec.exe /I{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java™ 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
mm.BOT-->"C:\Windows\mm.BOT\uninstall.exe" "/U:C:\Windows\mm.BOT\uninstall.xml"
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Nero 7 Essentials-->MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\3EAA38BF\16.0.0.103\InstallStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OpenSSL 0.9.6m-->C:\OpenSSL\unins000.exe
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}
VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Warcraft III-->C:\Program Files\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe
WeatherBug Gadget-->MsiExec.exe /I{209CDA54-D390-46A2-A97C-7BF61734418D}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->"C:\Windows\WinRAR\uninstall.exe" "/U:C:\Program Files\WinRAR\Uninstall\uninstall.xml"

Security center information

AS: Windows Defender

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"PLATFORM"=MCD
"PCBRAND"=Pavilion
"OnlineServices"=Online Services
"USERPART"=E:
"OPENSSL_CONF"=C:\OpenSSL\bin\openssl.cnf

-----------------EOF-----------------






















Logfile of random's system information tool (written by random/random)
Run by AJO170 at 2008-09-01 20:29:41
Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 1
System drive C: has 144 GB (49%) free of 293 GB
Total RAM: 3070 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:03 PM, on 9/1/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.103\ccSvcHst.exe
C:\Windows\system32\svchost.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.103\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\AJO170\Downloads\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\AJO170\Downloads\AJO170.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {0CA34611-82A6-4146-8DF8-0CDA87FA1FAD} - C:\Users\AJO170\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB9WM8SH\3077htsbdjyf[1].dll
O2 - BHO: (no name) - {2F9FD046-0B98-4A23-9C46-CA8A8AB4CAE6} - C:\Windows\system32\vtUnkkkH.dll (file missing)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\coIEPlg.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BM75ae7192] Rundll32.exe "C:\Windows\system32\iylelskn.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D43F928-AAE0-456E-9805-BD6B009CED03}: NameServer = 10.66.160.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13176 bytes

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CA34611-82A6-4146-8DF8-0CDA87FA1FAD}]
C:\Users\AJO170\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EB9WM8SH\3077htsbdjyf[1].dll [2008-08-27 91648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F9FD046-0B98-4A23-9C46-CA8A8AB4CAE6}]
C:\Windows\system32\vtUnkkkH.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\coIEPlg.dll [2008-08-26 341872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\IPSBHO.DLL [2008-08-26 103800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.0.0.103\coIEPlg.dll [2008-08-26 341872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-03-11 159744]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-07-25 174616]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-12-19 468264]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-17 218408]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2007-09-20 671744]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2008-07-16 1166216]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-09-19 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-09-19 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-09-19 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2007-10-01 1783136]
"Aim6"= []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-20 202240]
"BM75ae7192"=C:\Windows\system32\iylelskn.dll [2008-08-30 95232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM75ae7192]
C:\Windows\system32\iylelskn.dll [2008-08-30 95232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]
C:\Windows\system32\awtsRiih.dll []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\AJO170\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\Windows\system32\vtUnkkkH
"authentication packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4edbaa6a-5863-11dd-b5f3-001e37e972ed}]
shell\AutoRun\command - K:\LaunchU3.exe -a


List of files/folders created in the last three months

2008-09-01 20:29:41 ----D---- C:\rsit
2008-09-01 18:10:06 ----D---- C:\Program Files\Microsoft Silverlight
2008-09-01 16:54:54 ----D---- C:\Windows\system32\quicktime
2008-09-01 16:54:53 ----D---- C:\Program Files\AVI Movie Player
2008-08-30 15:37:43 ----D---- C:\ProgramData\PC Tools
2008-08-30 12:40:41 ----D---- C:\Program Files\Common Files\PC Tools
2008-08-30 11:55:23 ----A---- C:\Windows\system32\ptpgdosk.dll
2008-08-30 11:53:10 ----A---- C:\Windows\system32\dmhqxcpl.exe
2008-08-30 11:51:49 ----AD---- C:\ProgramData\TEMP
2008-08-30 11:51:45 ----A---- C:\Windows\system32\gygkbjtl.dll
2008-08-30 11:51:44 ----SH---- C:\Windows\system32\ayrkxotq.ini
2008-08-30 11:51:27 ----D---- C:\Users\AJO170\AppData\Roaming\PC Tools
2008-08-30 11:51:27 ----D---- C:\Program Files\Spyware Doctor
2008-08-30 11:49:23 ----A---- C:\Windows\system32\iylelskn.dll
2008-08-30 11:46:50 ----A---- C:\Windows\system32\wvwgsmlg.dll
2008-08-30 11:40:43 ----N---- C:\Windows\system32\efcBturO.dll
2008-08-30 11:32:38 ----SH---- C:\Windows\system32\vdaosiag.ini
2008-08-30 11:32:36 ----N---- C:\Windows\system32\gaisoadv.dll
2008-08-30 11:32:28 ----A---- C:\Windows\system32\cdrkohvu.dll
2008-08-30 11:29:27 ----ASH---- C:\Windows\system32\HkkknUtv.ini2
2008-08-30 02:36:43 ----A---- C:\Windows\system32\vgmsfhix.dll
2008-08-30 02:33:43 ----A---- C:\Windows\system32\kdgmjatw.dll
2008-08-30 02:30:46 ----A---- C:\Windows\system32\iabdig.dll
2008-08-30 02:30:44 ----A---- C:\Windows\system32\kblxuhsc.dll
2008-08-30 02:27:43 ----A---- C:\Windows\system32\fopvwwsc.dll
2008-08-30 02:24:44 ----A---- C:\Windows\system32\rwxwupge.exe
2008-08-30 02:21:46 ----SH---- C:\Windows\system32\yhvjyxld.ini
2008-08-30 02:18:43 ----A---- C:\Windows\system32\psxvwumn.dll
2008-08-30 02:15:44 ----A---- C:\Windows\system32\apsxbbxg.dll
2008-08-30 02:13:54 ----A---- C:\Windows\system32\mfdcutqn.dll
2008-08-30 02:09:43 ----ASH---- C:\Windows\system32\ehgMonnn.ini2
2008-08-30 02:09:43 ----ASH---- C:\Windows\system32\ehgMonnn.ini
2008-08-30 02:09:39 ----A---- C:\Windows\system32\nnnoMghe.dll
2008-08-29 22:58:50 ----ASH---- C:\Windows\system32\HkkknUtv.ini
2008-08-29 22:57:33 ----SH---- C:\Windows\system32\lognssgx.ini
2008-08-29 22:52:13 ----A---- C:\Windows\system32\nmkyfhmx.dll
2008-08-29 10:33:52 ----A---- C:\Windows\system32\bnglyb.dll
2008-08-29 10:33:50 ----A---- C:\Windows\system32\maobohiq.dll
2008-08-29 10:33:47 ----A---- C:\Windows\system32\rvbbpkbg.dll
2008-08-29 10:31:31 ----A---- C:\Windows\system32\rurysebk.dll
2008-08-29 10:28:44 ----SH---- C:\Windows\system32\wrlytori.ini
2008-08-29 10:28:41 ----A---- C:\Windows\system32\msidcfvk.exe
2008-08-29 10:26:53 ----A---- C:\Windows\system32\bekgcqqg.dll
2008-08-28 23:05:04 ----ASH---- C:\Windows\system32\jkkUtBeg.ini2
2008-08-28 23:05:04 ----ASH---- C:\Windows\system32\jkkUtBeg.ini
2008-08-28 23:04:54 ----A---- C:\Windows\system32\geBtUkkj.dll
2008-08-28 21:33:31 ----D---- C:\Program Files\Enigma Software Group
2008-08-28 03:24:41 ----D---- C:\Program Files\Lavasoft
2008-08-28 03:24:40 ----D---- C:\ProgramData\Lavasoft
2008-08-28 03:23:57 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-28 01:36:43 ----SH---- C:\Windows\system32\oabbinge.ini
2008-08-28 01:33:41 ----A---- C:\Windows\system32\buywmwvo.exe
2008-08-28 01:32:12 ----A---- C:\Windows\system32\dpnxgd.dll
2008-08-28 01:32:12 ----A---- C:\Windows\system32\abrpmmdr.dll
2008-08-27 23:44:43 ----A---- C:\Windows\system32\hwetqyct.dll
2008-08-27 23:31:49 ----SH---- C:\Windows\system32\runxfmoj.ini
2008-08-27 23:26:22 ----A---- C:\Windows\system32\jqkqnplq.dll
2008-08-27 23:25:38 ----ASH---- C:\Windows\system32\WGQsYyxx.ini2
2008-08-27 23:25:38 ----ASH---- C:\Windows\system32\WGQsYyxx.ini
2008-08-27 23:25:34 ----A---- C:\Windows\system32\xxyYsQGW.dll
2008-08-27 09:42:56 ----A---- C:\Windows\system32\mcrh.tmp
2008-08-26 23:46:34 ----A---- C:\Windows\system32\jrumsvbf.dll
2008-08-26 23:43:57 ----SH---- C:\Windows\system32\qgowpykd.ini
2008-08-26 23:43:20 ----A---- C:\Windows\system32\enipxjar.dll
2008-08-26 23:42:23----A----C:\ProgramData\pskt.ini
2008-08-26 23:42:23----A----C:\ProgramData\BM75ae7192.txt
2008-08-26 23:41:55 ----A---- C:\Windows\system32\7dbe8670-.txt
2008-08-26 20:02:09 ----D---- C:\Program Files\Symantec
2008-08-26 20:01:32 ----D---- C:\Program Files\Norton Internet Security
2008-08-26 19:47:24 ----D---- C:\ProgramData\PCSettings
2008-08-26 19:47:19 ----D---- C:\ProgramData\Norton
2008-08-26 19:47:05 ----D---- C:\ProgramData\NortonInstaller
2008-08-26 19:47:05 ----D---- C:\Program Files\NortonInstaller
2008-08-26 18:45:45 ----D---- C:\ProgramData\WEBREG
2008-08-26 18:30:18 ----D---- C:\ProgramData\HP Product Assistant
2008-08-26 18:23:47 ----A---- C:\Windows\system32\hpzids01.dll
2008-08-26 18:23:44 ----A---- C:\Windows\system32\hpzll5mu.dll
2008-08-24 13:23:12 ----ASH---- C:\Windows\system32\npWHNqru.ini2
2008-08-24 13:23:12 ----ASH---- C:\Windows\system32\npWHNqru.ini
2008-08-24 13:18:01 ----A---- C:\Windows\system32\nnnmmjJB.dll
2008-08-23 21:23:05 ----D---- C:\Program Files\Common Files\Adobe
2008-08-23 21:23:05 ----D---- C:\Program Files\Adobe
2008-08-14 00:51:02 ----A---- C:\Windows\system32\tzres.dll
2008-08-13 19:13:03 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-08-13 19:13:02 ----A---- C:\Windows\system32\es.dll
2008-08-13 19:12:57 ----A---- C:\Windows\system32\mshtml.dll
2008-08-13 19:12:56 ----A---- C:\Windows\system32\wininet.dll
2008-08-13 19:12:56 ----A---- C:\Windows\system32\urlmon.dll
2008-08-13 19:12:56 ----A---- C:\Windows\system32\mstime.dll
2008-08-13 19:12:56 ----A---- C:\Windows\system32\jsproxy.dll
2008-08-13 19:12:56 ----A---- C:\Windows\system32\ieframe.dll
2008-08-13 19:10:58 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-13 03:33:18 ----A---- C:\Windows\ntbtlog.txt
2008-08-08 09:15:32 ----D---- C:\Users\AJO170\AppData\Roaming\HP
2008-08-01 15:38:55 ----D---- C:\Program Files\mm.BOT
2008-08-01 15:38:12 ----D---- C:\Windows\mm.BOT
2008-07-31 03:00:49 ----A---- C:\Windows\system32\msshooks.dll
2008-07-31 03:00:48 ----A---- C:\Windows\system32\msscb.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\thawbrkr.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-07-31 03:00:43 ----A---- C:\Windows\system32\propsys.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\propdefs.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\msstrc.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\mssprxy.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\mssitlb.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\msshsq.dll
2008-07-31 03:00:43 ----A---- C:\Windows\system32\korwbrkr.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\xmlfilter.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\wsepno.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\srchadmin.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-07-31 03:00:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-07-31 03:00:42 ----A---- C:\Windows\system32\rtffilt.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\offfilt.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\nlhtml.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\msscntrs.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\mimefilt.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\chtbrkr.dll
2008-07-31 03:00:42 ----A---- C:\Windows\system32\chsbrkr.dll
2008-07-31 03:00:41 ----A---- C:\Windows\system32\tquery.dll
2008-07-31 03:00:41 ----A---- C:\Windows\system32\mssvp.dll
2008-07-31 03:00:41 ----A---- C:\Windows\system32\mssrch.dll
2008-07-31 03:00:41 ----A---- C:\Windows\system32\mssphtb.dll
2008-07-31 03:00:41 ----A---- C:\Windows\system32\mssph.dll
2008-07-25 17:57:40 ----D---- C:\Users\AJO170\AppData\Roaming\Download Manager
2008-07-20 10:32:07 ----A---- C:\wepkeys.txt
2008-07-17 11:17:17 ----A---- C:\Windows\system32\javaws.exe
2008-07-17 11:17:17 ----A---- C:\Windows\system32\javaw.exe
2008-07-17 11:17:17 ----A---- C:\Windows\system32\java.exe
2008-07-14 11:36:07 ----D---- C:\Users\AJO170\AppData\Roaming\teamspeak2
2008-07-14 11:35:52 ----D---- C:\Program Files\Teamspeak2_RC2
2008-07-11 22:26:08 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-07-11 22:25:38 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-07-11 22:25:35 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-07-09 23:10:48 ----D---- C:\Windows\Sun
2008-07-09 14:41:34 ----D---- C:\rapget
2008-07-09 08:20:11 ----A---- C:\Windows\system32\rpcrt4.dll
2008-07-09 08:20:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-07-09 08:20:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-07-09 08:20:08 ----A---- C:\Windows\system32\pacerprf.dll
2008-07-09 08:20:08 ----A---- C:\Windows\system32\emdmgmt.dll
2008-07-09 08:20:04 ----A---- C:\Windows\system32\shell32.dll
2008-07-09 08:19:58 ----A---- C:\Windows\system32\wshext.dll
2008-07-09 08:19:58 ----A---- C:\Windows\system32\wscript.exe
2008-07-09 08:19:58 ----A---- C:\Windows\system32\vbscript.dll
2008-07-09 08:19:58 ----A---- C:\Windows\system32\scrrun.dll
2008-07-09 08:19:58 ----A---- C:\Windows\system32\scrobj.dll
2008-07-09 08:19:58 ----A---- C:\Windows\system32\jscript.dll
2008-07-09 08:19:58 ----A---- C:\Windows\system32\cscript.exe
2008-07-08 02:35:18 ----D---- C:\download
2008-07-08 02:31:27 ----A---- C:\Windows\system32\libssl32.dll
2008-07-08 02:31:25 ----D---- C:\OpenSSL
2008-07-06 15:34:07 ----D---- C:\Program Files\Microsoft Visual Studio
2008-07-06 15:28:57 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-07-03 23:29:34 ----A---- C:\Windows\PhotoSnapViewer.INI
2008-07-02 22:28:04 ----D---- C:\Program Files\Hotspot Shield
2008-07-02 19:18:13 ----A---- C:\BnetLog.txt
2008-07-02 19:13:08 ----D---- C:\Program Files\Diablo II
2008-07-01 23:58:41 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2008-07-01 22:36:33 ----D---- C:\Program Files\EA GAMES
2008-07-01 22:36:32 ----RA---- C:\Windows\system32\vp6vfw.dll
2008-06-28 18:30:27 ----D---- C:\ProgramData\Age of Empires 3
2008-06-28 18:22:38 ----D---- C:\Program Files\Common Files\Microsoft Games
2008-06-27 13:29:03 ----D---- C:\Users\AJO170\AppData\Roaming\CyberLink
2008-06-27 11:39:59 ----D---- C:\Users\AJO170\AppData\Roaming\vlc
2008-06-27 11:38:52 ----D---- C:\Program Files\VideoLAN
2008-06-26 17:50:24 ----D---- C:\Program Files\Warcraft III
2008-06-26 17:49:08 ----A---- C:\Windows\NeroDigital.ini
2008-06-26 13:00:08 ----D---- C:\Users\AJO170\AppData\Roaming\Ahead
2008-06-26 02:01:31 ----D---- C:\Users\AJO170\AppData\Roaming\WinRAR
2008-06-26 01:37:18 ----D---- C:\Windows\WinRAR
2008-06-26 01:37:18 ----D---- C:\Program Files\WinRAR
2008-06-26 01:33:18 ----D---- C:\Program Files\PowerISO
2008-06-26 00:44:07 ----D---- C:\ProgramData\Nero
2008-06-26 00:44:07 ----D---- C:\Program Files\Nero
2008-06-26 00:44:07 ----D---- C:\Program Files\Common Files\Ahead
2008-06-25 21:17:45 ----D---- C:\ProgramData\Azureus
2008-06-25 21:17:40 ----D---- C:\Users\AJO170\AppData\Roaming\Azureus
2008-06-25 21:17:03 ----D---- C:\Program Files\Vuze
2008-06-25 18:35:20 ----D---- C:\Users\AJO170\AppData\Roaming\Adobe
2008-06-25 16:06:21 ----SHD---- C:\System Volume Information
2008-06-25 10:08:36 ----D---- C:\ProgramData\LightScribe
2008-06-25 09:38:28 ----D---- C:\Users\AJO170\AppData\Roaming\acccore
2008-06-25 09:37:51 ----D---- C:\ProgramData\acccore
2008-06-25 09:37:46 ----D---- C:\ProgramData\AOL OCP
2008-06-25 09:37:46 ----D---- C:\ProgramData\AOL
2008-06-25 09:36:11 ----D---- C:\Program Files\MSXML 4.0
2008-06-25 09:34:53 ----A---- C:\Windows\system32\EncDec.dll
2008-06-25 09:34:52 ----A---- C:\Windows\system32\psisdecd.dll
2008-06-25 09:34:42 ----A---- C:\Windows\system32\gameux.dll
2008-06-25 09:34:41 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-06-25 09:34:40 ----A---- C:\Windows\system32\gdi32.dll
2008-06-25 09:34:32 ----A---- C:\Windows\system32\winresume.exe
2008-06-25 09:34:32 ----A---- C:\Windows\system32\winload.exe
2008-06-25 09:34:32 ----A---- C:\Windows\system32\kd1394.dll
2008-06-25 09:34:32 ----A---- C:\Windows\system32\ci.dll
2008-06-25 09:34:31 ----A---- C:\Windows\system32\srdelayed.exe
2008-06-25 09:34:31 ----A---- C:\Windows\system32\srcore.dll
2008-06-25 09:34:31 ----A---- C:\Windows\system32\srclient.dll
2008-06-25 09:34:31 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-06-25 09:34:31 ----A---- C:\Windows\system32\rstrui.exe
2008-06-25 09:34:31 ----A---- C:\Windows\system32\kbd106n.dll
2008-06-25 09:34:23 ----A---- C:\Windows\system32\quartz.dll
2008-06-25 09:34:22 ----A---- C:\Windows\system32\fsquirt.exe
2008-06-25 09:33:54 ----D---- C:\Users\AJO170\AppData\Roaming\Mozilla
2008-06-25 09:33:48 ----D---- C:\Program Files\Mozilla Firefox
2008-06-25 09:28:50 ----D---- C:\Users\AJO170\AppData\Roaming\Symantec
2008-06-25 09:28:21 ----D---- C:\Users\AJO170\AppData\Roaming\DigitalPersona
2008-06-25 09:28:09 ----D---- C:\Users\AJO170\AppData\Roaming\Identities
2008-06-25 09:24:54 ----D---- C:\Users\AJO170\AppData\Roaming\Macromedia
2008-06-25 09:23:53 ----D---- C:\Users\AJO170\AppData\Roaming\Hewlett-Packard
2008-06-25 09:21:52 ----D---- C:\ProgramData\Electronic Arts
2008-06-25 09:18:44 ----D---- C:\Program Files\Electronic Arts
2008-06-25 09:18:35 ----A---- C:\Windows\system32\xinput1_2.dll
2008-06-25 09:18:35 ----A---- C:\Windows\system32\xactengine2_3.dll
2008-06-25 09:18:34 ----A---- C:\Windows\system32\xinput1_1.dll
2008-06-25 09:18:34 ----A---- C:\Windows\system32\xactengine2_2.dll
2008-06-25 09:18:34 ----A---- C:\Windows\system32\xactengine2_1.dll
2008-06-25 09:18:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2008-06-25 09:18:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2008-06-25 09:18:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2008-06-25 09:18:28 ----A---- C:\Windows\system32\d3dx9_29.dll
2008-06-25 09:18:28 ----A---- C:\Windows\system32\d3dx9_28.dll
2008-06-25 09:18:27 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-06-25 09:18:26 ----A---- C:\Windows\system32\d3dx9_26.dll
2008-06-25 09:18:26 ----A---- C:\Windows\system32\d3dx9_25.dll
2008-06-25 09:18:25 ----A---- C:\Windows\system32\d3dx9_24.dll
2008-06-25 09:17:47 ----D---- C:\Users\AJO170\AppData\Roaming\Macrovision
2008-06-25 09:17:38 ----D---- C:\Program Files\Common Files\LightScribe
2008-06-25 09:16:46 ----SD---- C:\Users\AJO170\AppData\Roaming\Microsoft
2008-06-25 09:16:46 ----D---- C:\Users\AJO170\AppData\Roaming\Media Center Programs
2008-06-19 19:42:03 ----D---- C:\ProgramData\NVIDIA
2008-06-19 19:39:48 ----D---- C:\Windows\system32\tr
2008-06-19 19:39:48 ----D---- C:\Windows\system32\ru
2008-06-19 19:39:47 ----D---- C:\Windows\system32\ko
2008-06-19 19:39:47 ----D---- C:\Windows\system32\ja
2008-06-19 19:39:47 ----D---- C:\Windows\system32\it
2008-06-19 19:39:47 ----D---- C:\Windows\system32\fr
2008-06-19 19:39:47 ----D---- C:\Windows\system32\es
2008-06-19 19:39:47 ----D---- C:\Windows\system32\de
2008-06-19 19:39:46 ----D---- C:\Windows\DPDrv
2008-06-19 19:39:30 ----D---- C:\ProgramData\Macrovision
2008-06-19 19:39:30 ----D---- C:\Program Files\DigitalPersona
2008-06-19 19:36:36 ----D---- C:\ProgramData\WildTangent
2008-06-19 19:32:37 ----D---- C:\Program Files\HPQ
2008-06-19 19:32:36 ----A---- C:\Windows\system32\BttnCmns_64.dll
2008-06-19 19:32:36 ----A---- C:\Windows\system32\BttnCmns.dll
2008-06-19 19:32:36 ----A---- C:\Windows\system32\BttnCmn.dll
2008-06-19 19:32:18 ----D---- C:\ProgramData\CyberLink
2008-06-19 19:32:01 ----A---- C:\Windows\system32\msxml4r.dll
2008-06-19 19:32:01 ----A---- C:\Windows\system32\msxml4a.dll
2008-06-19 19:31:28 ----N---- C:\Windows\system32\atl71.dll
2008-06-19 19:25:12 ----A---- C:\Windows\system32\BtwRSupport.dll
2008-06-19 19:25:07 ----D---- C:\Windows\system32\es-MX
2008-06-19 19:25:07 ----D---- C:\Windows\system32\es-AR
2008-06-19 19:25:03 ----D---- C:\Program Files\WIDCOMM
2008-06-19 19:24:00 ----D---- C:\Windows\system32\ENU
2008-06-19 19:23:59 ----D---- C:\Windows\system32\Lang
2008-06-19 19:23:59 ----D---- C:\Program Files\Intel
2008-06-19 19:23:59 ----A---- C:\Windows\system32\imsmudlg.exe
2008-06-19 19:23:59 ----A---- C:\Windows\system32\difxapi.dll
2008-06-19 19:23:53 ----D---- C:\Program Files\Marvell
2008-06-19 19:22:31 ----A---- C:\Windows\system32\rixdicon.dll
2008-06-19 19:22:30 ----A---- C:\Windows\system32\snymsico.dll
2008-06-19 19:22:16 ----D---- C:\Program Files\NetWaiting
2008-06-19 19:22:04 ----D---- C:\Program Files\CONEXANT
2008-06-19 19:21:26 ----D---- C:\Program Files\Apoint2K
2008-06-19 19:21:01 ----A---- C:\Windows\system32\nvexpbar.dll
2008-06-19 19:21:01 ----A---- C:\Windows\system32\nvcpluir.dll
2008-06-19 19:21:01 ----A---- C:\Windows\system32\nvcplui.exe
2008-06-19 19:20:01 ----D---- C:\Windows\system32\Hauppauge
2008-06-19 19:20:00 ----D---- C:\Program Files\WinTV
2008-06-19 19:20:00 ----A---- C:\Windows\system32\hcwpnp32.dll
2008-06-19 19:19:59 ----A---- C:\Windows\system32\hcwutl32_priv.dll
2008-06-19 19:19:59 ----A---- C:\Windows\system32\hcwutl32.dll
2008-06-19 19:19:59 ----A---- C:\Windows\system32\hcwi2c32.dll
2008-06-19 19:19:52 ----D---- C:\Intel
2008-06-19 19:19:21 ----A---- C:\Windows\system32\NETw4r32.dll
2008-06-19 19:19:21 ----A---- C:\Windows\system32\NETw4c32.dll
2008-06-19 19:19:06 ----D---- C:\Program Files\Fingerprint Sensor
2008-06-19 19:18:54 ----A---- C:\Windows\system32\nvwssr.dll
2008-06-19 19:18:54 ----A---- C:\Windows\system32\nvwss.dll
2008-06-19 19:18:54 ----A---- C:\Windows\system32\nvwgf2um.dll
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvvitvsr.dll
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvvitvs.dll
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvuninst.exe
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvudisp.exe
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvsvc.dll
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvoglv32.dll
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvmoblsr.dll
2008-06-19 19:18:53 ----A---- C:\Windows\system32\nvmobls.dll
2008-06-19 19:18:52 ----A---- C:\Windows\system32\nvmctray.dll
2008-06-19 19:18:52 ----A---- C:\Windows\system32\nvmccssr.dll
2008-06-19 19:18:52 ----A---- C:\Windows\system32\nvmccss.dll
2008-06-19 19:18:52 ----A---- C:\Windows\system32\nvmccsrs.dll
2008-06-19 19:18:52 ----A---- C:\Windows\system32\nvmccs.dll
2008-06-19 19:18:52 ----A---- C:\Windows\system32\nvgamesr.dll
2008-06-19 19:18:52 ----A---- C:\Windows\system32\nvgames.dll
2008-06-19 19:18:51 ----A---- C:\Windows\system32\nvdispsr.dll
2008-06-19 19:18:51 ----A---- C:\Windows\system32\nvdisps.dll
2008-06-19 19:18:50 ----A---- C:\Windows\system32\nvd3dum.dll
2008-06-19 19:18:50 ----A---- C:\Windows\system32\nvcpl.dll
2008-06-19 19:18:50 ----A---- C:\Windows\system32\nvcolor.exe
2008-06-19 19:18:50 ----A---- C:\Windows\system32\nvcod100.dll
2008-06-19 19:18:50 ----A---- C:\Windows\system32\nvcod.dll
2008-06-19 19:18:50 ----A---- C:\Windows\system32\nvapi.dll
2008-06-19 19:18:50 ----A---- C:\Windows\system32\dpinst.exe
2008-06-19 19:18:34 ----A---- C:\Windows\system32\WdfCoinstaller01005.dll
2008-06-19 19:18:34 ----A---- C:\Windows\system32\Vxdif.dll
2008-06-19 19:18:28 ----A---- C:\Windows\system32\UCI32M21.dll
2008-06-19 19:18:27 ----A---- C:\Windows\system32\mdmxsdk.dll
2008-06-19 19:18:18 ----A---- C:\Windows\system32\UCI32A22.dll
2008-06-19 19:18:18 ----A---- C:\Windows\system32\CnxtAp32.dll
2008-06-19 19:13:57 ----D---- C:\Windows\SoftwareDistribution
2008-06-19 19:10:07 ----D---- C:\Windows\Prefetch

List of drivers

R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\Windows\system32\drivers\NIS\1000000.067\BHDrvx86.sys [2008-08-26 249392]
R1 ccHP;Symantec Hash Provider; \??\C:\Windows\system32\drivers\NIS\1000000.067\ccHPx86.sys [2008-08-26 360808]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-08-29 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20080711.001\IDSVix86.sys [2008-08-26 287280]
R1 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952]
R1 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288]
R1 pctfw2;pctfw2; \??\C:\Windows\System32\drivers\pctfw2.sys [2008-08-30 160792]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2007-08-06 33052]
R1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.067\SRTSP.SYS [2008-08-26 305200]
R1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.067\SRTSPX.SYS [2008-08-26 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2008-08-26 25136]
R1 SYMTDI;SYMTDI; \??\C:\Windows\system32\drivers\NIS\1000000.067\SYMTDI.SYS [2008-08-26 197168]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-04-18 141312]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-20 19456]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-28 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-09-18 80424]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-09-18 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-09-18 16168]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-08-29 99376]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080828.050\NAVENG.SYS [2008-08-26 89104]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080828.050\NAVEX15.SYS [2008-08-26 873552]
R3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw