Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus-like behaviour | can't double-click, open, drag or play mp3 files


  • This topic is locked This topic is locked
3 replies to this topic

#1 bucklearbre

bucklearbre

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 15 December 2008 - 09:50 PM

Hi all,

I have had trouble with a set of mp3 files that are downloaded from Coast-to-Coast (a Highly Recommended radio talk show, by the way: <hxxp://www.coasttocoastam.com/)]. They are subscription files and I am a paying member -- so I can download the radio-show in MP3 format and listen to it when I want.

From about 30 folders of shows, a few folders contain MP3 files that are producing Very Strange Behaviour,... which makes me think something has infected the explorer shell, somehow. These are not playback issues, more like file I/O issues.

However, MalwareBytes, Adware 2008 & AVG 8 have reported nothing.

Concerning these files, I CANNOT:

- drag, copy or move the file somewhere else... because the 'drop' is not allowed, ie: I can drag the file to winamp, but when I drop, nothing happens. When I right-click drag it and click 'copy', nothing happens.
- double-click the file to open it in Winamp (which I know works, because I've already listened to these shows)
- right-click and get a standard context-menu. Most items have disappeared, including 'Play', 'Properties', 'Cut', 'Copy',... although I can click ''Play in Windows Media Player' -- but this does nothing.

In essence, I can't really do ANYTHING with these files.

Does anyone know if MP3 files can become corrupted over time, even though I haven't changed them since I downloaded them?

Attached below is my Hijack This v2.0.2 Report -- there is one entry with "no name" and "no file", which looks suspicious (?)- I also do not know what the "Narrator.exe" entry is about

Please can someone have a look at my HijackThis report and give me some advice? I'm a software developer, been sleeping with PC's for 20 years, but -- utterly puzzled by this one!

Thanks 4 help!! )
buckle


========================================================

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:17:19, on 16/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
E:\program files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
E:\program files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
E:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\RTHDCPL.EXE
E:\program files\DU Meter\DUMeter.exe
E:\PROGRA~1\AVG\AVG8\avgtray.exe
E:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
E:\program files\SpeedFan\speedfan.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
F:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\program files\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - E:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - E:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DU Meter] E:\program files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] E:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: SpeedFan.lnk = E:\program files\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C10EF60-933B-4B1D-9CF5-061477325F77}: NameServer = 192.168.1.254
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - E:\program files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: CachemanXP (CachemanXPService) - Outertech - E:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: FanSpeedNT Service - Unknown owner - e:\xfer\#dl\fan speed\fanspeedNT.exe (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\IPCheck Server Monitor 5\Firebird\bin\fbserver.exe
O23 - Service: ImDisk Virtual Disk Driver Helper (ImDskSvc) - Olof Lagerkvist - C:\WINDOWS\system32\imdsksvc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PRTG Service - Paessler Router Traffic Grapher (PRTGService) - Unknown owner - C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe (file missing)

--
End of file - 6574 bytes


===========================================
[running Windows XP, SP2, 2Gb RAM + plenty of disk space]

Edited by Orange Blossom, 11 February 2013 - 02:56 AM.
Deactivate link. ~ OB


BC AdBot (Login to Remove)

 


#2 bucklearbre

bucklearbre
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 17 December 2008 - 05:34 PM

Title was: Strange File behaviour / think I am infected?, Do not know how to remedy / remove if malware ~ OB

Hi,

I have a problem with a number of MP3 files -- which makes me think my system is infected, or something has gone seriously wrong with XP.

I posted once before, but without the RSIT reports as directed by the STICKY instructions on posting a New Topic. Maybe that's why nobody replied, but hopefully, someone out could be able to help this time,....?

With these MP3 files, I cannot:

- open them... either by double-clicking, or 'Sending To' or dragging onto an application.
- access the standard context-sensitive menu in an Explorer window. Key items are missing, like Properties, Cut, Copy, Paste, Delete, Enqueue. Although

I have shared these MP3 files across our home-network and they play perfectly well on another computer. I can see full context-sensitive menu, and have even managed to right-click | Copy these files, from my computer and put them on a USB stick.

From the USB stick, I can even access the copies of these MP3 files on my computer. But for some reason I can't do ANYTHING with the originals -- can't even delete them! (unless I delete their parent-folder)

In last 48 hours,
- my Location Bar (where you type in URL) and Google Search boxes went missing from FireFox3.
- ran Kaspersky webscan last night (but forgot to save the results) -- it detected NOTHING.
- scanned with AVG 8, Ad-Aware 2008, MalwareBytes and SpyBot 1.4 -- all detect NOTHING.
- removed a bad BHO, with help from online analysis tool for HijackThis log -- you can see this in the HT backups.
- found an unexpected entry for 'A-Squared' in my HT log -- even though I've never installed this software


The MP3 file behaviour is Really Peculiar! And, as tempting as it is to just re-install WinXP, I don't believe it;s XP at fault -- I'd really like to figure out what's going on.

Here are the RSIT & HT log reports,............ Any suggestions Most Welcome!



==============================================================

info.txt logfile of random's system information tool 1.05 2008-12-17 22:21:14

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->E:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->E:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Reader Japanese Fonts-->MsiExec.exe /I{AC76BA86-7AD7-5A76-5A64-7E8A45000001}
Advanced IP Scanner v1.5-->C:\Program Files\Advanced IP Scanner\uninstal.exe
Advanced LAN Scanner v1.0 BETA 1-->C:\Program Files\Advanced LAN Scanner\uninstal.exe
Apple Software Update-->MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
ARPCache Viewer-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ARPCACHZ.INF, DefaultUninstall.ntx86
AttributeMagic Pro-->"C:\Program Files\AM Pro\Uninstall.exe" "C:\Program Files\AM Pro\install.log"
Audacity 1.2.4-->"E:\Program Files\Audacity\unins000.exe"
AVG Free 8.0-->E:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVI Codec Pack-->E:\Program Files\AVI Codec Pack\uninstall.exe
AVS Cover Editor 1.3.1.81 (AVSMedia)-->"C:\Program Files\AVSMedia\CoverEditor\unins000.exe"
AVS DVD Copy version 1.4-->"E:\Program Files\AVSMedia\DVDCopy\unins000.exe"
AVS DVDMenu Editor 1.2.1.19-->"C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Tools 5.6-->"E:\Program Files\AVSMedia\VideoTools\unins000.exe"
BCL easyPDF Printer Driver 4.3-->MsiExec.exe /I{964361C3-15AB-4233-A6C7-4B277D73C949}
Belkin 54g USB Network Adapter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "E:\Program Files\Belkin\Belkin Wireless Network Utility\setup.exe" -l0x9
CCleaner (remove only)-->"E:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"E:\Program Files\CDBurnerXP\unins000.exe"
CDCheck-->"E:\Program Files\CDCheck\uninst.exe"
CloneCD-->C:\WINDOWS\IsUninst.exe -f"E:\Program Files\Elaborate Bytes\CloneCD\Uninst.isu" -c"E:\Program Files\Elaborate Bytes\CloneCD\InstallHelp.dll"
CloneDVD2-->"E:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="E:\Program Files\Elaborate Bytes\CloneDVD2"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
DeepBurner v1.5.1.192-->"E:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "E:\Program Files\Astonsoft\DeepBurner\install.log"
DeepBurner v1.9.0.228-->"E:\program files\Astonsoft\DeepBurner 1.9.0.228\Uninstall.exe" "E:\program files\Astonsoft\DeepBurner 1.9.0.228\install.log" -u
Disk Index-->MsiExec.exe /X{5AE0C8EF-DED5-11D7-9A3D-00104BB83147}
DivX Codec-->E:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->E:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->E:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->E:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DriverAgent Plugin for Netscape by TouchStone Software-->RunDll32.exe advpack.dll, LaunchINFSection driveragent_np.inf,TVICHW32Remove
DU Meter-->"E:\Program Files\DU Meter\unins000.exe"
Duplicate File Finder-->C:\PROGRA~1\DupFiles\UNWISE.EXE C:\PROGRA~1\DupFiles\INSTALL.LOG
DVD43 v4.0.0-->"C:\Program Files\dvd43\unins000.exe"
Ecuador's AVI Bitrate Calculator-->C:\WINDOWS\iun6002.exe "E:\Program Files\AVICalc2\irunin.ini"
eMule-->"E:\Program Files\eMule\Uninstall.exe"
EssentialPIM-->F:\Program Files\EssentialPIM\uninstall.exe
FastStone Image Viewer 2.6-->E:\Program Files\FastStone Image Viewer\uninst.exe
FastStone Photo Resizer 2.7-->E:\Program Files\FastStone Photo Resizer\uninst.exe
Firebird 2.0.1-->"C:\Program Files\IPCheck Server Monitor 5\Firebird\unins000.exe"
Free Mp3 Wma Converter V 1.5.1-->"E:\Program Files\Free Audio Pack\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB889527)-->"C:\WINDOWS\$NtUninstallKB889527$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB893357)-->"C:\WINDOWS\$NtUninstallKB893357$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB896344)-->"C:\WINDOWS\$NtUninstallKB896344$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB898900)-->"C:\WINDOWS\$NtUninstallKB898900$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB903234)-->"C:\WINDOWS\$NtUninstallKB903234$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB904412)-->"C:\WINDOWS\$NtUninstallKB904412$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB906569)-->"C:\WINDOWS\$NtUninstallKB906569$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB907865)-->"C:\WINDOWS\$NtUninstallKB907865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB908673)-->"C:\WINDOWS\$NtUninstallKB908673$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB910728)-->"C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB912475)-->"C:\WINDOWS\$NtUninstallKB912475$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB913538)-->"C:\WINDOWS\$NtUninstallKB913538$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lexmark Z600 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBCUN5C.EXE -dLexmark Z600 Series
Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress
Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}
Macromedia Dreamweaver MX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x9 mmUninstall
Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
Macromedia Fireworks MX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{930B2432-43D4-11D5-9871-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
Macromedia Flash MX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x9 UNINSTALL
Macromedia FreeHand 10-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D826618-59C6-11D4-976E-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
Malwarebytes' Anti-Malware-->"E:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft MPEG-4 VKI Video Codec V1/V2/V3-->rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\mpg4c32.inf
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.18)-->F:\Program Files\Mozilla Firefox-2\uninstall\helper.exe
Mozilla Firefox (3.0.5)-->F:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3nity 1.3.001-->"E:\Program Files\Mp3nity\unins000.exe"
MSN Backup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FE95990C-4DFA-4807-B490-A57588AFEC27}\Setup.exe"
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Opera 9.24-->MsiExec.exe /X{16913489-B5E3-403E-AFD3-2B19BBE464D4}
Paint Shop Pro 5.0 Evaluation-->E:\PROGRA~1\PAINTS~1\UNWISE.EXE E:\PROGRA~1\PAINTS~1\INSTALL.LOG
PC Inspector File Recovery-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x9
PerformanceTest v6.0-->"E:\Program Files\PerformanceTest\unins000.exe"
QuickTime-->MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Revo Uninstaller 1.75-->E:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900930)-->"C:\WINDOWS\$NtUninstallKB900930$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Security Update for Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Sony Noise Reduction Plug-In 2.0e-->MsiExec.exe /X{D533C9D4-ED96-4191-B9C3-279C0DD6BABA}
SoulSeek Client 156c-->"E:\Program Files\Soulseek\uninstall.exe"
SpeedFan (remove only)-->"E:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy 1.5.2.20-->"C:\WINDOWS\unins000.exe"
SUPER © Version 2008.bld.32 (July 8, 2008)-->E:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SyncBack-->"E:\Program Files\2BrightSparks\SyncBack\unins000.exe"
TextPad 4.7-->MsiExec.exe /X{B510A987-487E-4C66-9F4F-D386AC275715}
UltimateZip 2007-->"E:\Program Files\UltimateZip 2007\unins000.exe"
Ultra WinCleaner One Click! Version 8.0-->"E:\Program Files\blcorp\UWCSuite\UWC\unins000.exe"
Unlocker 1.8.5-->E:\Program Files\Unlocker\uninst.exe
Update for Windows XP (KB896427)-->"C:\WINDOWS\$NtUninstallKB896427$\spuninst\spuninst.exe"
Update for Windows XP (KB897663)-->"C:\WINDOWS\$NtUninstallKB897663$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB908521)-->"C:\WINDOWS\$NtUninstallKB908521$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Update for Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Winamp (remove only)-->"E:\Program Files\Winamp\UninstWA.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Hotfix - KB895181-->"C:\WINDOWS\$NtUninstallKB895181$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB888656-->"C:\WINDOWS\$NtUninstallKB888656$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Messenger 5.1 MUI Pack-->MsiExec.exe /I{F3CBA4E6-436E-4B51-9651-93830EE38616}
Windows XP Hotfix - KB883529-->C:\WINDOWS\$NtUninstallKB883529$\spuninst\spuninst.exe
Windows XP Hotfix - KB884018-->C:\WINDOWS\$NtUninstallKB884018$\spuninst\spuninst.exe
Windows XP Hotfix - KB884575-->C:\WINDOWS\$NtUninstallKB884575$\spuninst\spuninst.exe
Windows XP Hotfix - KB884868-->C:\WINDOWS\$NtUninstallKB884868$\spuninst\spuninst.exe
Windows XP Hotfix - KB884883-->"C:\WINDOWS\$NtUninstallKB884883$\spuninst\spuninst.exe"
Windows XP Hotfix - KB885523-->C:\WINDOWS\$NtUninstallKB885523$\spuninst\spuninst.exe
Windows XP Hotfix - KB885855-->C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe
Windows XP Hotfix - KB885894-->C:\WINDOWS\$NtUninstallKB885894$\spuninst\spuninst.exe
Windows XP Hotfix - KB885932-->C:\WINDOWS\$NtUninstallKB885932$\spuninst\spuninst.exe
Windows XP Hotfix - KB886677-->C:\WINDOWS\$NtUninstallKB886677$\spuninst\spuninst.exe
Windows XP Hotfix - KB886716-->"C:\WINDOWS\$NtUninstallKB886716$\spuninst\spuninst.exe"
Windows XP Hotfix - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB887797-->C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB888402-->C:\WINDOWS\$NtUninstallKB888402$\spuninst\spuninst.exe
Windows XP Hotfix - KB889016-->C:\WINDOWS\$NtUninstallKB889016$\spuninst\spuninst.exe
Windows XP Hotfix - KB889673-->C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe
Windows XP Hotfix - KB890831-->C:\WINDOWS\$NtUninstallKB890831$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891220-->C:\WINDOWS\$NtUninstallKB891220$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Hotfix - KB892627-->C:\WINDOWS\$NtUninstallKB892627$\spuninst\spuninst.exe
Windows XP Hotfix - KB893056-->C:\WINDOWS\$NtUninstallKB893056$\spuninst\spuninst.exe
Windows XP Hotfix - KB896626-->"C:\WINDOWS\$NtUninstallKB896626$\spuninst\spuninst.exe"
WinZip-->"E:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Xvid 1.1.3 final uninstall-->"E:\Program Files\Xvid\unins000.exe"
XviD MPEG-4 Video Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\WINDOWS\INF\xvid.inf

=====HijackThis Backups=====

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: AVG Anti-Virus Free (disabled)

System event log

Computer Name: CONKERAH
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 14226
Source Name: Cdrom
Time Written: 20081006224214.000000+060
Event Type: warning
User:

Computer Name: CONKERAH
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 14225
Source Name: Cdrom
Time Written: 20081006224214.000000+060
Event Type: warning
User:

Computer Name: CONKERAH
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 14224
Source Name: Cdrom
Time Written: 20081006224214.000000+060
Event Type: warning
User:

Computer Name: CONKERAH
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 14223
Source Name: Cdrom
Time Written: 20081006224214.000000+060
Event Type: warning
User:

Computer Name: CONKERAH
Event Code: 51
Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 14222
Source Name: Cdrom
Time Written: 20081006224214.000000+060
Event Type: warning
User:

Application event log

Computer Name: CONKERAH
Event Code: 11707
Message: Product: Ad-Aware -- Installation operation completed successfully.

Record Number: 2744
Source Name: MsiInstaller
Time Written: 20081007183825.000000+060
Event Type: information
User: CONKERAH\bukl

Computer Name: CONKERAH
Event Code: 11728
Message: Product: Ad-Aware -- Configuration completed successfully.

Record Number: 2743
Source Name: MsiInstaller
Time Written: 20081007183529.000000+060
Event Type: information
User: CONKERAH\bukl

Computer Name: CONKERAH
Event Code: 1001
Message: Fault bucket 931756807.

Record Number: 2742
Source Name: Application Error
Time Written: 20081007183426.000000+060
Event Type: error
User:

Computer Name: CONKERAH
Event Code: 1000
Message: Faulting application ad-aware.exe, version 7.1.0.11, faulting module ad-aware.exe, version 7.1.0.11, fault address 0x0014b4ec.

Record Number: 2741
Source Name: Application Error
Time Written: 20081007183424.000000+060
Event Type: error
User:

Computer Name: CONKERAH
Event Code: 1001
Message: Fault bucket 931766494.

Record Number: 2740
Source Name: Application Error
Time Written: 20081007183414.000000+060
Event Type: error
User:

======Environment variables======

"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\QUICKTIME\QTSYSTEM\;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\WINDOWS\SYSTEM32;
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0602
"QTJAVA"=C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%

-----------------EOF-----------------

==============================================================

HIJACK-THIS LOG begins here

Logfile of random's system information tool 1.05 (written by random/random)
Run by bukl at 2008-12-17 22:21:55
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 6 GB (39%) free of 15 GB
Total RAM: 2047 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:21:58, on 17/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
E:\program files\DU Meter\DUMeter.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
E:\program files\SpeedFan\speedfan.exe
E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
E:\program files\Belkin\Belkin Wireless Network Utility\WLService.exe
E:\program files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
E:\PROGRA~1\AVG\AVG8\avgrsx.exe
E:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wuauclt.exe
e:\xfer\#dl\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\bukl.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\program files\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - E:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - E:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DU Meter] E:\program files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] E:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: SpeedFan.lnk = E:\program files\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C10EF60-933B-4B1D-9CF5-061477325F77}: NameServer = 192.168.1.254
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - E:\program files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: FanSpeedNT Service - Unknown owner - e:\xfer\#dl\fan speed\fanspeedNT.exe (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\IPCheck Server Monitor 5\Firebird\bin\fbserver.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PRTG Service - Paessler Router Traffic Grapher (PRTGService) - Unknown owner - C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe (file missing)

--
End of file - 6238 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - E:\program files\rpbrowserrecordplugin.dll [2008-09-10 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - E:\Program Files\AVG\AVG8\avgssie.dll [2008-10-06 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - E:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-06 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - E:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-06 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\SYSTEM32\HDAShCut.exe [2004-10-27 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-01-05 7323648]
"nwiz"=nwiz.exe /install []
"DU Meter"=E:\program files\DU Meter\DUMeter.exe [2006-11-27 1582616]
"removecpl"=RemoveCpl.exe []
"AVG8_TRAY"=E:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-27 1261336]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

C:\Documents and Settings\bukl\Start Menu\Programs\Startup
SpeedFan.lnk - E:\program files\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\program files\Soulseek\slsk.exe"="E:\program files\Soulseek\slsk.exe:*:Enabled:SoulSeek"
"E:\program files\eMule\emule.exe"="E:\program files\eMule\emule.exe:*:Enabled:eMule"
"E:\program files\Winamp\winamp.exe"="E:\program files\Winamp\winamp.exe:*:Enabled:Winamp"
"E:\program files\Macromedia\Dreamweaver MX\Dreamweaver.exe"="E:\program files\Macromedia\Dreamweaver MX\Dreamweaver.exe:*:Enabled:Dreamweaver MX"
"F:\Program Files\Mozilla Firefox\firefox.exe"="F:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\program files\realplay.exe"="E:\program files\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger"
"E:\program files\Macromedia\Fireworks MX\Fireworks.exe"="E:\program files\Macromedia\Fireworks MX\Fireworks.exe:*:Enabled:Fireworks MX"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\program files\iTunes\iTunes.exe"="E:\program files\iTunes\iTunes.exe:*:Enabled:iTunes"
"F:\Program Files\Opera\Opera.exe"="F:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Kontiki\KService.exe"="C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service"
"C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe"="C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe:*:Enabled:PRTG_Traffic_Grapher_Webserver"
"C:\Program Files\IPCheck Server Monitor 5\IPCheckServer.exe"="C:\Program Files\IPCheck Server Monitor 5\IPCheckServer.exe:*:Enabled:IPCheck_Server_Monitor_Webserver"
"G:\Setup\UpgradeWizard\Win2KXPVista\STSetup.exe"="G:\Setup\UpgradeWizard\Win2KXPVista\STSetup.exe:*:Enabled:SpeedTouch Setup Wizard"
"E:\program files\AVG\AVG8\avgemc.exe"="E:\program files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"E:\program files\AVG\AVG8\avgupd.exe"="E:\program files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*

======List of files/folders created in the last 3 months======

2008-12-17 21:27:06 ----D---- C:\rsit
2008-12-17 21:17:50 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2008-12-17 21:17:31 ----D---- C:\WINDOWS\LastGood
2008-12-17 21:13:12 ----A---- C:\WINDOWS\system32\SET4F4.tmp
2008-12-16 15:01:40 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-16 14:30:13 ----D---- C:\Program Files\Common Files\Nero
2008-12-16 14:27:20 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2008-12-16 14:27:20 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2008-12-16 14:27:17 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2008-12-16 14:27:17 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2008-12-16 14:27:16 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2008-12-16 14:27:16 ----N---- C:\WINDOWS\system32\ImagX7.dll
2008-12-16 14:27:16 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2008-12-16 14:27:13 ----D---- C:\Program Files\Common Files\Ahead
2008-12-16 03:42:52 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-16 03:18:18 ----A---- C:\WINDOWS\Wininit.ini
2008-12-16 02:17:01 ----D---- C:\Program Files\Trend Micro
2008-12-15 20:59:05 ----A---- C:\WINDOWS\system32\W95Inf32.DLL
2008-12-15 20:59:05 ----A---- C:\WINDOWS\system32\W95Inf16.DLL
2008-12-15 04:53:54 ----D---- C:\Documents and Settings\bukl\Application Data\NCH Swift Sound
2008-12-14 20:19:26 ----A---- C:\WINDOWS\ae_mini.INI
2008-12-14 20:17:06 ----A---- C:\WINDOWS\ard.INI
2008-12-13 00:54:21 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-12-13 00:13:25 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-12-13 00:13:24 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2008-12-13 00:13:24 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-13 00:13:24 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2008-12-12 23:53:30 ----A---- C:\WINDOWS\MSNImport.exe
2008-12-12 23:53:30 ----A---- C:\WINDOWS\extract.exe
2008-12-12 23:53:30 ----A---- C:\WINDOWS\CABARC.EXE
2008-12-10 19:01:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-10 19:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-10 19:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-10 19:00:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-10 18:59:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-05 19:15:40 ----D---- C:\Documents and Settings\bukl\Application Data\Canneverbe_Limited
2008-11-27 01:53:26 ----D---- C:\Documents and Settings\bukl\Application Data\EssentialPIM
2008-11-21 21:47:56 ----A---- C:\WINDOWS\system32\DivXsm.exe
2008-11-21 21:47:52 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-11-21 21:46:10 ----A---- C:\WINDOWS\system32\ssldivx.dll
2008-11-21 21:46:10 ----A---- C:\WINDOWS\system32\libdivx.dll
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dtu100.dll.manifest
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dtu100.dll
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dpl100.dll.manifest
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpv11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpus11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpuGUI11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpuGUI10.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpu11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpu10.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2008-11-21 21:45:06 ----A---- C:\WINDOWS\system32\DivX.dll
2008-11-21 21:44:38 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-11-21 21:44:16 ----A---- C:\WINDOWS\system32\DivXWMPExtType.dll
2008-11-13 03:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-13 03:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-08 21:17:19 ----D---- C:\Program Files\Sun
2008-11-08 21:17:11 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-08 21:17:11 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-08 21:17:11 ----A---- C:\WINDOWS\system32\java.exe
2008-11-05 02:53:07 ----D---- C:\Documents and Settings\bukl\Application Data\Publish Providers
2008-11-05 02:51:10 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-10-27 09:58:30 ----A---- C:\WINDOWS\system32\ptpusb.dll
2008-10-27 09:58:28 ----A---- C:\WINDOWS\system32\ptpusd.dll
2008-10-25 17:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-15 00:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 00:45:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 00:45:30 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 00:45:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 00:45:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 00:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-08 22:13:22 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-10-08 22:12:27 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-10-08 21:44:57 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-10-08 21:44:55 ----D---- C:\Program Files\NOS
2008-10-08 01:36:26 ----D---- C:\Program Files\Adobe
2008-10-07 17:37:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-07 00:18:07 ----HD---- C:\$AVG8.VAULT$
2008-10-06 23:47:54 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-10-06 23:47:53 ----D---- C:\Documents and Settings\bukl\Application Data\AVGTOOLBAR
2008-10-06 23:47:46 ----D---- C:\Program Files\AVG
2008-10-06 23:47:46 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-04 03:25:01 ----A---- C:\WINDOWS\system32\lxbcpwr.dll
2008-10-04 03:25:01 ----A---- C:\WINDOWS\system32\LEXPPS.EXE
2008-10-04 03:25:01 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL
2008-10-04 03:25:01 ----A---- C:\WINDOWS\system32\lexlmpm.dll
2008-10-04 03:25:01 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL
2008-10-04 03:25:00 ----A---- C:\WINDOWS\system32\LEXBCES.EXE
2008-10-04 03:25:00 ----A---- C:\WINDOWS\system32\LEXBCE.DLL
2008-09-30 20:53:39 ----D---- C:\LXKZ600
2008-09-30 02:17:37 ----D---- C:\Documents and Settings\bukl\Application Data\Leadertech
2008-09-30 02:16:56 ----A---- C:\WINDOWS\system32\lvci11701193.dll
2008-09-30 02:11:52 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-09-30 02:11:14 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2008-09-30 02:11:14 ----A---- C:\WINDOWS\system32\LVUI2.dll
2008-09-30 02:11:14 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2008-09-30 02:11:14 ----A---- C:\WINDOWS\system32\LVCodec2.dll
2008-09-30 02:11:14 ----A---- C:\WINDOWS\system32\lvci1150.dll
2008-09-30 02:10:29 ----D---- C:\Documents and Settings\All Users\Application Data\Logishrd
2008-09-30 02:10:27 ----D---- C:\Program Files\Common Files\LogiShrd
2008-09-30 02:10:25 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2008-09-30 00:01:18 ----A---- C:\WINDOWS\_delis32.ini
2008-09-28 03:55:40 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-09-27 22:18:11 ----D---- C:\Program Files\Common Files\Logitech
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71u.dll
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL
2008-09-27 22:18:01 ----A---- C:\WINDOWS\system32\atl71.dll
2008-09-27 22:17:26 ----D---- C:\Program Files\Logitech
2008-09-27 16:39:54 ----D---- C:\Documents and Settings\bukl\Application Data\Ufasoft
2008-09-27 16:00:19 ----A---- C:\WINDOWS\system32\B11gUSB.dll
2008-09-27 16:00:18 ----A---- C:\WINDOWS\system32\GTW32N50.dll
2008-09-27 03:16:32 ----A---- C:\WINDOWS\LEXSTAT.INI
2008-09-27 03:13:58 ----A---- C:\WINDOWS\uninst.exe
2008-09-18 08:36:30 ----D---- C:\WINDOWS\system32\CatRoot_bak

======List of files/folders modified in the last 3 months======

2008-12-17 21:32:19 ----D---- C:\WINDOWS\Temp
2008-12-17 21:27:12 ----D---- C:\WINDOWS\Prefetch
2008-12-17 21:17:55 ----HD---- C:\WINDOWS\inf
2008-12-17 21:17:55 ----D---- C:\WINDOWS
2008-12-17 21:17:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-17 21:17:53 ----D---- C:\WINDOWS\system32
2008-12-17 21:17:32 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-17 21:17:31 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-17 21:17:31 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-17 17:47:53 ----SHD---- C:\WINDOWS\Installer
2008-12-17 17:47:53 ----SHD---- C:\Config.Msi
2008-12-16 20:05:29 ----D---- C:\WINDOWS\system32\Lang
2008-12-16 20:04:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-16 14:30:13 ----D---- C:\Program Files\Common Files
2008-12-16 03:18:17 ----D---- C:\WINDOWS\system32\drivers
2008-12-16 03:18:04 ----A---- C:\WINDOWS\system32\unVHDDrvExe.exe
2008-12-16 03:18:04 ----A---- C:\WINDOWS\system32\inVHDDrvExe.exe
2008-12-16 03:14:00 ----D---- C:\WINDOWS\Downloaded Installations
2008-12-16 03:13:59 ----RD---- C:\Program Files
2008-12-16 03:11:58 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-16 03:11:55 ----A---- C:\WINDOWS\adiras.ini
2008-12-14 06:17:33 ----D---- C:\Documents and Settings\bukl\Application Data\uTorrent
2008-12-13 00:12:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-11 18:04:50 ----D---- C:\WINDOWS\Debug
2008-12-10 19:01:02 ----D---- C:\Program Files\Internet Explorer
2008-12-09 23:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-05 19:08:10 ----D---- C:\Documents and Settings\bukl\Application Data\DeepBurner
2008-11-30 17:23:27 ----A---- C:\WINDOWS\win.ini
2008-11-22 23:01:56 ----D---- C:\Documents and Settings\bukl\Application Data\AVSMedia
2008-11-21 07:59:03 ----D---- C:\WINDOWS\Help
2008-11-09 17:00:13 ----D---- C:\Program Files\VSTplugins
2008-11-09 16:59:02 ----D---- C:\Program Files\Sony
2008-11-08 21:17:10 ----D---- C:\Program Files\Java
2008-11-07 17:34:54 ----D---- C:\Documents and Settings\bukl\Application Data\FastStone
2008-10-27 12:49:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-23 13:01:36 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-22 09:47:07 -------- C:\WINDOWS\system32\tzchange.exe
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-16 10:20:56 ----N---- C:\WINDOWS\system32\mshtml.dll
2008-10-16 10:20:53 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-16 10:20:52 ----A---- C:\WINDOWS\system32\browseui.dll
2008-10-16 10:20:51 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-10-16 10:20:50 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 10:20:50 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 10:20:49 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-16 10:20:48 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-10-16 10:20:46 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 10:20:46 ----A---- C:\WINDOWS\system32\mstime.dll
2008-10-16 10:20:46 ----A---- C:\WINDOWS\system32\msrating.dll
2008-10-16 10:20:46 ----A---- C:\WINDOWS\system32\inseng.dll
2008-10-16 10:20:46 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-10-16 10:20:46 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-10-16 10:20:45 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 10:20:45 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 10:20:45 ----A---- C:\WINDOWS\system32\danim.dll
2008-10-16 10:20:42 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-10-15 16:53:28 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 14:00:41 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-10-08 23:07:57 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-08 22:12:31 ----D---- C:\Program Files\Common Files\Adobe
2008-10-08 01:37:55 ----D---- C:\Documents and Settings\bukl\Application Data\AdobeUM
2008-10-07 00:18:07 ----D---- C:\Program Files\BySoft Network Monitor
2008-10-03 10:15:47 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-09-30 02:17:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-30 02:11:54 ----D---- C:\WINDOWS\twain_32
2008-09-24 00:24:55 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-23 00:39:14 ----D---- C:\#xemp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-10-06 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-10-06 26824]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-27 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-09-27 20747]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-10-06 76040]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 dvd43llh;dvd43llh; C:\WINDOWS\System32\DRIVERS\dvd43llh.sys [2008-01-18 18816]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2001-12-12 4608]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-01-05 3580416]
R3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2008-02-01 489624]
R3 ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2004-08-04 20736]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2005-10-25 27264]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-09-16 57856]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 BCM43XX;BCM 802.11g Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 fsRamDsk;RamDisk Drive Service; C:\WINDOWS\System32\Drivers\fsRamDsk.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 PCIUtil;PCI Utility; \??\C:\DOCUME~1\bukl\LOCALS~1\Temp\PCIUtil.sys []
S3 RT73;Belkin USB Network Adapter; C:\WINDOWS\system32\DRIVERS\rt73.sys [2005-08-02 232192]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 scrcap;scrcap; C:\WINDOWS\system32\DRIVERS\scrcap.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 UfasoftSnifDriver4;Ufasoft Snif Driver v4; \??\E:\Program Files\Ufasoft\Sniffer\usft_sn4.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-07 611664]
R2 avg8emc;AVG Free8 E-mail Scanner; E:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-06 875288]
R2 avg8wd;AVG Free8 WatchDog; E:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-06 231704]
R2 Belkin Wireless USB Network Adapter Service;Belkin Wireless USB Network Adapter; E:\program files\Belkin\Belkin Wireless Network Utility\WLService.exe [2004-03-29 49152]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NMSAccessU;NMSAccessU; E:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-01-05 143427]
S2 PRTGService;PRTG Service - Paessler Router Traffic Grapher; C:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FanSpeedNT Service;FanSpeedNT Service; e:\xfer\#dl\fan speed\fanspeedNT.exe []
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\IPCheck Server Monitor 5\Firebird\bin\fbserver.exe [2007-03-02 1994752]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2006-10-30 492608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------

Edited by Orange Blossom, 17 December 2008 - 08:14 PM.
Merged topics. ~ OB


#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:06 PM

Posted 23 December 2008 - 09:15 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:06 PM

Posted 28 December 2008 - 01:10 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please Start a new topic.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users