Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A bit of a malware problem


  • This topic is locked This topic is locked
2 replies to this topic

#1 Corey Miller

Corey Miller

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 17 December 2008 - 08:42 AM

Hey everyone,
I have been up all night (now 7 am my time) for about 10 hours now trying to rid my computer of some bad program I accidently downloaded. First of all the only thing I had installed at the time was Norton Internet Security 2009 and Spybot S&D. After I downloaded that bad program, norton complained of it and said it was fixed, dont remember what it was called,and I went on doin other stuff. Different notifications came up like spybots registry changer telling me something was beeing changed, i denied it. A little while later I noticed my floppy drive was beeing accessed every 5 mins or so, then I got worried. Came to find out norton wasnt updating anymore and my dns server was stuck on 85.xxx.xxx.xxx.

Yikes, I installed ThreatFire and Spyware Doctor 6 and rebooted. Uh OH, the malware was trying to disable those 2 I just installed and it did manage to disable norton. I did some searching on the net and found out I had at least these malware programs, boot.com / rescyled(yes thats spelled right) and the dns malware virus. I did some tinkering and got the boot.com one disabled. I found this sites combofix program and ran that twice, both times it said there was rootkit acitivity and it needed to reboot to fix. I did that and rebooted and it was better, I ran it a second time and it said there was rootkit acitivity and had to reboot, did that again and it kept saying access denied and when it let the desktop load THERE WAS NORTON INTERNET SECURITY AGAIN!! :thumbsup: I also could now change my dns server and update norton and all my antimalware programs.

Looking at the running process list I can see theres still malware on my computer. Finally to my question..lol.. I am wondering what is on there that needs to be gotten rid of. None of the installed programs I have installed will detect anything. Now I have PC Tools Spyware Doctor 6,PC Tools ThreatFire, Norton Internet Security 2009,Malwarebytes Anti-Malware(which I might add was the only one so far to detect my malware), and Spybot S&D, all fully updated. I will probly ending up doing full system scans with all those programs(ugh I got TONS of files to scan, around 500+GB). So what im wondering is what do I need to do to get rid of the rest of this bad stuff and is any of it a security risk(ie. did they take some of my personal data or files from my computer). Ill post my log files from random's system information tool like the intro post said to. I couldnt find my combofix logs, I guess im not suppose to post them unless someone asks. Sorry for the long post, I always try to describe my situations the best I can...lol :)

Here is my log.txt file

Logfile of random's system information tool 1.04 (written by random/random)
Run by CoReY MiLLeR at 2008-12-16 06:49:25
Microsoft Windows XP Professional Service Pack 3
System drive I: has 15 GB (30%) free of 50 GB
Total RAM: 2047 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:50, on 2008-12-16
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\csrss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Windows Defender\MsMpEng.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\Explorer.exe
I:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
I:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
I:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
I:\Program Files\CacheBoost\cbsrv.exe
I:\Program Files\PowerPanelPlus\upssrv.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\inetsrv\inetinfo.exe
I:\Program Files\PowerPanelPlus\upsio.exe
I:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
I:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
I:\Program Files\Norton Internet Security\Engine\16.1.0.33\ccSvcHst.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\Program Files\Spyware Doctor\pctsAuxs.exe
I:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
I:\Program Files\Spyware Doctor\pctsTray.exe
I:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
I:\WINDOWS\System32\svchost.exe
I:\Program Files\ThreatFire\TFService.exe
I:\Program Files\Norton Internet Security\Engine\16.1.0.33\ccSvcHst.exe
I:\Program Files\Viewpoint\Common\ViewpointService.exe
I:\Program Files\VMware\VMware Server\vmware-authd.exe
I:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
I:\WINDOWS\system32\vmnat.exe
I:\Program Files\RealVNC\VNC4\WinVNC4.exe
I:\WINDOWS\System32\MsPMSPSv.exe
I:\Program Files\Windows Media Player\WMPNetwk.exe
I:\WINDOWS\System32\Fast.exe
I:\WINDOWS\system32\vmnetdhcp.exe
I:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
I:\Program Files\VMware\VMware Server\vmserverdWin32.exe
I:\WINDOWS\System32\alg.exe
I:\WINDOWS\system32\wuauclt.exe
I:\WINDOWS\System32\fast.exe
I:\Program Files\CacheBoost\trayicon.exe
I:\Program Files\Analog Devices\SoundMAX\Smax4.exe
I:\Program Files\QuickTime\qttask.exe
I:\program files\powerstrip\pstrip.exe
I:\Program Files\ASUS\Ai Booster\OverClk.exe
I:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
I:\Program Files\DAEMON Tools\daemon.exe
I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
I:\Program Files\Windows Defender\MSASCui.exe
I:\Program Files\Acronis\TrueImageEnterpriseServer\TrueImageMonitor.exe
I:\Program Files\Acronis\TrueImageEnterpriseServer\TimounterMonitor.exe
I:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
I:\Program Files\Motherboard Monitor 5\MBM5.EXE
I:\Program Files\PowerISO\PWRISOVM.EXE
I:\WINDOWS\system32\LVCOMSX.EXE
I:\Program Files\Logitech\Video\LogiTray.exe
I:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
I:\Program Files\Lexmark 5000 Series\lxdmmon.exe
I:\Program Files\Lexmark 5000 Series\lxdmamon.exe
I:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
I:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe
I:\Program Files\ThreatFire\TFTray.exe
I:\WINDOWS\System32\taskswitch.exe
I:\WINDOWS\system32\CTHELPER.EXE
I:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
I:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
I:\Program Files\StartUp Organizer\so.exe
I:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
I:\Program Files\Serv-U\ServUTray.exe
I:\Program Files\Windows Media Player\WMPNSCFG.exe
I:\Program Files\Microsoft ActiveSync\wcescomm.exe
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
I:\Program Files\TGTSoft\StyleXP\StyleXP.exe
I:\PROGRA~1\MI3AA1~1\rapimgr.exe
I:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
I:\Program Files\Trayit\trayit!.exe
I:\Program Files\Logitech\Video\FxSvr2.exe
I:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
I:\Program Files\Intel\NCS\Sync\NetSvc.exe
I:\Program Files\Spyware Doctor\pctsSvc.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Documents and Settings\CoReY MiLLeR\Desktop\RSIT.exe
I:\WINDOWS\System32\wbem\wmiprvse.exe
I:\Program Files\trend micro\CoReY MiLLeR.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.cjb.net:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=I:\WINDOWS\Explorer.exe
F2 - REG:system.ini: UserInit=I:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - I:\Program Files\Common Files\ReGet Shared\Catcher.dll
O2 - BHO: (no name) - {3FD7FFAB-24BA-48BC-8D90-3636908F8CFA} - (no file)
O2 - BHO: (no name) - {52706EF7-D7A2-49AD-A615-E903858CF284} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - I:\Program Files\Norton Internet Security\Engine\16.1.0.33\coIEPlg.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - I:\Program Files\Norton Internet Security\Engine\16.1.0.33\IPSBHO.DLL
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\windows\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: IEPlugin Class - {CF7C3CF0-4B15-11D1-ABED-709549C10000} - I:\Program Files\Advanced System Optimizer\IEHelper.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - I:\Program Files\ReGetDx\iebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\windows\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - I:\Program Files\Norton Internet Security\Engine\16.1.0.33\coIEPlg.dll
O4 - HKLM\..\Run: [FastUser] I:\WINDOWS\System32\fast.exe
O4 - HKLM\..\Run: [UpdReg] I:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] I:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CacheBoost] I:\Program Files\CacheBoost\trayicon.exe
O4 - HKLM\..\Run: [CTStartup] I:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [SoundMax] "I:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PowerStrip] i:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Launch Ai Booster] "I:\Program Files\ASUS\Ai Booster\OverClk.exe" 1
O4 - HKLM\..\Run: [AnyDVD] I:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [DAEMON Tools] "I:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ISUSScheduler] "I:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [MMTray] "I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Windows Defender] "I:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [OSSelectorReinstall] "I:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "I:\Program Files\Acronis\TrueImageEnterpriseServer\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTimounterMonitor] "I:\Program Files\Acronis\TrueImageEnterpriseServer\TimounterMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "I:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [MBM 5] "I:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "I:\Program Files\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [LVCOMSX] I:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] "I:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] "I:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "I:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "I:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdmmon.exe] "I:\Program Files\Lexmark 5000 Series\lxdmmon.exe"
O4 - HKLM\..\Run: [lxdmamon] "I:\Program Files\Lexmark 5000 Series\lxdmamon.exe"
O4 - HKLM\..\Run: [Lexmark 5000 Series Fax Server] "I:\Program Files\Lexmark 5000 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "I:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [NSWosCheck] "I:\Program Files\Norton SystemWorks Premier Edition\osCheck.exe"
O4 - HKLM\..\Run: [NswUiTray] I:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe
O4 - HKLM\..\Run: [ThreatFire] I:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [ISTray] "I:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "I:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [CoolSwitch] I:\WINDOWS\System32\taskswitch.exe
O4 - HKCU\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKCU\..\Run: [gcasServ] "I:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [Home Theater SchSvr] "I:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKCU\..\Run: [MBM 5] "I:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKCU\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKCU\..\Run: [zBrowser Launcher] I:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKCU\..\Run: [WINCINEMAMGR] "I:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
O4 - HKCU\..\Run: [StartUp Organizer] "I:\Program Files\StartUp Organizer\so.exe"
O4 - HKCU\..\Run: [SoundMAXPnP] "I:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
O4 - HKCU\..\Run: [MMTray] "I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKCU\..\Run: [ServUTrayIcon] I:\Program Files\Serv-U\ServUTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] "I:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "I:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "I:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [STYLEXP] I:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: Amazon Unbox.lnk = ?
O4 - Startup: InterVideo WinCinema Manager.lnk = I:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Startup: Tray Monitor.lnk = I:\Program Files\Serv-U\ServUTray.exe
O4 - Startup: TrayIt!.lnk = I:\Program Files\Trayit\trayit!.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Convert link target to Adobe PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Display All Images with Full Quality - res://I:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://I:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - I:\Program Files\Common Files\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - I:\Program Files\Common Files\ReGet Shared\CC_All.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Spy - {16664849-0E00-11D2-8059-000000000000} - I:\Program Files\Common Files\ReGet Shared\Catcher.dll
O9 - Extra 'Tools' menuitem: MSIE &Spy - {16664849-0E00-11D2-8059-000000000000} - I:\Program Files\Common Files\ReGet Shared\Catcher.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - I:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - I:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - I:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Fill Id - {320AF880-6646-11D3-ABEE-C5DBF3571F47} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillIdent.html
O9 - Extra 'Tools' menuitem: Fill from Identity &; - {320AF880-6646-11D3-ABEE-C5DBF3571F47} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillIdent.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - I:\Program Files\Norton SystemWorks Premier Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - I:\Program Files\Norton SystemWorks Premier Edition\Norton Cleanup\WCQuick.lnk
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - I:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - I:\Program Files\ICQ\ICQ.exe
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Toolbar &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://I:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - I:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @I:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @I:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Play - {34F16BC0-FF5F-11D4-B08F-909356C10100} - I:\PROGRA~1\WINAMP~1\Links\play.lnk (HKCU)
O9 - Extra button: Stop - {3D5A6FA0-FF5F-11D4-B08F-909356C10100} - I:\PROGRA~1\WINAMP~1\Links\stop.lnk (HKCU)
O9 - Extra button: Previous - {49C350E0-FF5F-11D4-B08F-909356C10100} - I:\PROGRA~1\WINAMP~1\Links\prev.lnk (HKCU)
O9 - Extra button: Next - {59611E60-FF5F-11D4-B08F-909356C10100} - I:\PROGRA~1\WINAMP~1\Links\next.lnk (HKCU)
O9 - Extra button: Minimize/Restore Winamp - {86227B80-FF8F-11D4-B08F-90A456C10100} - I:\PROGRA~1\WINAMP~1\Links\minmax.lnk (HKCU)
O9 - Extra button: Pause - {8D2B7B00-FF5F-11D4-B08F-909356C10100} - I:\PROGRA~1\WINAMP~1\Links\pause.lnk (HKCU)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - I:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O9 - Extra button: Open/Close Winamp - {A144BE80-FF5F-11D4-B08F-909356C10100} - I:\PROGRA~1\WINAMP~1\Links\start.lnk (HKCU)
O10 - Unknown file in Winsock LSP: i:\windows\system32\nwprovau.dll
O10 - Broken Internet access because of LSP provider 'i:\program files\bonjour\mdnsnsp.dll' missing
O12 - Plugin for .mdz: I:\Program Files\Internet Explorer\Plugins\npmod32.dll
O12 - Plugin for .mid: I:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .spop: I:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} -
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - I:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-24-0.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://corey6969.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {52A5CD24-64C6-4BAF-A4EC-4D13F451763F} -
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://134.129.32.194/activex/AxisCamControl.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F6AAD9D-A0E6-4194-9CD1-E3CD920C4DC0}: NameServer = 85.255.114.43;85.255.112.165
O17 - HKLM\System\CCS\Services\Tcpip\..\{92A6B45B-E7F7-4D34-B965-134BAAEE6C19}: NameServer = 216.221.96.2,134.129.111.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{9FA10569-E658-49EF-8684-F803D0306147}: NameServer = 85.255.114.43;85.255.112.165
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF4FF44D-4A42-4F21-84B9-14DB4D5C53CE}: NameServer = 85.255.114.43;85.255.112.165
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.43;85.255.112.165
O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - I:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - I:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - I:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Amazon Unbox Video Service (ADVService) - Amazon.com - I:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - I:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak India - I:\Program Files\CacheBoost\cbsrv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - I:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: UPS Service (CyberPowerUPS) - Cyber Power Systems, Inc. - I:\Program Files\PowerPanelPlus\upssrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LiveUpdate - Symantec Corporation - I:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - I:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Qbik NetPatrol Engine (NetPatrol) - QBIK NZ Ltd - I:\Program Files\NetPatrol\NetPatrol.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - I:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NMap - Unknown owner - I:\Program Files\NMapWin\bin\nmapserv.exe
O23 - Service: Norton Internet Security - Symantec Corporation - I:\Program Files\Norton Internet Security\Engine\16.1.0.33\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RapApp - Internet Security Systems, Inc. - I:\Program Files\ISS\BlackICE\rapapp.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - I:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - I:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - I:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - I:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - I:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: StyleXPService - Unknown owner - I:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - I:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: ThreatFire - PC Tools - I:\Program Files\ThreatFire\TFService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - I:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - I:\Program Files\VMware\VMware Server\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - I:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - I:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - I:\Program Files\VMware\VMware Server\vmserverdWin32.exe
O23 - Service: VMware NAT Service - VMware, Inc. - I:\WINDOWS\system32\vmnat.exe
O23 - Service: Qbik WinGate Engine (WinGateEngine) - Qbik Software NZ Ltd - I:\Program Files\WinGate\WinGate.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - I:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: BullGuard XComm (XCOMM) - Softwin - I:\WINDOWS\system32\xcommsvr.exe

--
End of file - 27092 bytes

======Scheduled tasks folder======

I:\WINDOWS\tasks\MP Scheduled Scan.job
I:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16664845-0E00-11D2-8059-000000000000}]
ClickCatcher MSIE handler - I:\Program Files\Common Files\ReGet Shared\Catcher.dll [2004-04-08 287796]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3FD7FFAB-24BA-48BC-8D90-3636908F8CFA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52706EF7-D7A2-49AD-A615-E903858CF284}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - I:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - I:\Program Files\Norton Internet Security\Engine\16.1.0.33\coIEPlg.dll [2008-12-15 340848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{656EC4B7-072B-4698-B504-2A414C1F0037}]
IE_PopupBlocker Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - I:\Program Files\Norton Internet Security\Engine\16.1.0.33\IPSBHO.DLL [2008-12-15 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll [2004-05-23 2445312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - I:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - i:\windows\googletoolbar2.dll [2005-08-11 1157120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF7C3CF0-4B15-11D1-ABED-709549C10000}]
IEPlugin Class - I:\Program Files\Advanced System Optimizer\IEHelper.dll [2004-05-08 83456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - I:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll [2004-05-23 2445312]
{17939A30-18E2-471E-9D3A-56DD725F1215} - ReGet Bar - I:\Program Files\ReGetDx\iebar.dll [2004-04-08 92160]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - i:\windows\googletoolbar2.dll [2005-08-11 1157120]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - I:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - I:\Program Files\Norton Internet Security\Engine\16.1.0.33\coIEPlg.dll [2008-12-15 340848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"FastUser"=I:\WINDOWS\System32\fast.exe [2001-10-08 49216]
"UpdReg"=I:\WINDOWS\Updreg.exe [2000-05-11 90112]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"NeroFilterCheck"=I:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"MISAggregator"= []
"CacheBoost"=I:\Program Files\CacheBoost\trayicon.exe [2003-06-24 60928]
"CTStartup"=I:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-09-14 28672]
"SoundMax"=I:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2003-05-30 585728]
"QuickTime Task"=I:\Program Files\QuickTime\qttask.exe [2003-09-27 77824]
"nwiz"=nwiz.exe /install []
"PowerStrip"=i:\program files\powerstrip\pstrip.exe [2004-12-11 634880]
"Launch Ai Booster"=I:\Program Files\ASUS\Ai Booster\OverClk.exe [2004-11-30 1978368]
"AnyDVD"=I:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2006-02-14 460800]
"DAEMON Tools"=I:\Program Files\DAEMON Tools\daemon.exe [2005-12-10 133016]
"ISUSScheduler"=I:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"MMTray"=I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [2004-04-20 118784]
"Windows Defender"=I:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"OSSelectorReinstall"=I:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2006-04-12 1261475]
"TrueImageMonitor.exe"=I:\Program Files\Acronis\TrueImageEnterpriseServer\TrueImageMonitor.exe [2006-07-20 1106531]
"AcronisTimounterMonitor"=I:\Program Files\Acronis\TrueImageEnterpriseServer\TimounterMonitor.exe [2006-07-20 1848218]
"Acronis Scheduler2 Service"=I:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2006-07-20 126976]
"MBM 5"=I:\Program Files\Motherboard Monitor 5\MBM5.EXE [2004-06-12 594944]
"PWRISOVM.EXE"=I:\Program Files\PowerISO\PWRISOVM.EXE [2007-04-09 200704]
"LVCOMSX"=I:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=I:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=I:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"Symantec PIF AlertEng"=I:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-03-12 517768]
"PtiuPbmd"=I:\WINDOWS\system32\ptipbm.dll [2003-01-15 24576]
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"SunJavaUpdateSched"=I:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"lxdmmon.exe"=I:\Program Files\Lexmark 5000 Series\lxdmmon.exe [2007-07-06 455344]
"lxdmamon"=I:\Program Files\Lexmark 5000 Series\lxdmamon.exe [2007-06-01 20480]
"Lexmark 5000 Series Fax Server"=I:\Program Files\Lexmark 5000 Series\fm3032.exe [2007-07-06 307888]
"Acrobat Assistant 7.0"=I:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
"NSWosCheck"=I:\Program Files\Norton SystemWorks Premier Edition\osCheck.exe [2008-09-25 160112]
"NswUiTray"=I:\Program Files\Norton SystemWorks Premier Edition\NswUiTray.exe [2008-09-25 85360]
"ThreatFire"=I:\Program Files\ThreatFire\TFTray.exe [2008-11-17 263456]
"ISTray"=I:\Program Files\Spyware Doctor\pctsTray.exe [2008-08-25 1168264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"=I:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2006-11-30 4662776]
"CoolSwitch"=I:\WINDOWS\System32\taskswitch.exe [2001-10-08 45632]
"CTHelper"=I:\WINDOWS\system32\CTHELPER.EXE [2003-10-06 24576]
"gcasServ"=I:\Program Files\Microsoft AntiSpyware\gcasServ.exe []
"Home Theater SchSvr"=I:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe [2003-11-27 155648]
"MBM 5"=I:\Program Files\Motherboard Monitor 5\MBM5.EXE [2004-06-12 594944]
"Logitech Utility"=Logi_MwX.Exe []
"zBrowser Launcher"=I:\Program Files\Logitech\iTouch\iTouch.exe []
"WINCINEMAMGR"=I:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-06-04 212992]
"StartUp Organizer"=I:\Program Files\StartUp Organizer\so.exe [2005-01-01 675844]
"SoundMAXPnP"=I:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"MMTray"=I:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [2004-04-20 118784]
"ServUTrayIcon"=I:\Program Files\Serv-U\ServUTray.exe [2004-01-19 68608]
"WMPNSCFG"=I:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]
"LogitechSoftwareUpdate"=I:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"H/PC Connection Agent"=I:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-20 1207080]
"P2kAutostart"= []
"msnmsgr"=I:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"SpybotSD TeaTimer"=I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"STYLEXP"=I:\Program Files\TGTSoft\StyleXP\StyleXP.exe [2006-05-24 1372160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3dfx Task Manager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3dfx Tools]
3dfxCmn.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
I:\Program Files\AIM95\aim.exe [2004-04-27 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CashFiesta]
H:\download\Surf Bars\Cashfiesta.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameDrive]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncredimailDownloader]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
I:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MindSoft Firewall]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
I:\Program Files\MSN Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TaskTray]
I:\Program Files\Creative\TaskBar\CTLTray.exe [2001-06-29 163840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
I:\Program Files\Common Files\Real\Update_OB\realsched.exe [2004-05-31 180269]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trickler]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherCast]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Colleagues & Contacts Reminders.LNK]
I:\PROGRA~1\Corel\PRINTO~1\cffrem.exe [1998-06-10 666624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
I:\PROGRA~1\KODAK\KODAKE~1\bin\EASYSH~1.EXE [2002-09-16 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinGate Engine Monitor.lnk]
I:\PROGRA~1\WinGate\wgengmon.exe [2003-12-11 81980]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^CoReY MiLLeR^Start Menu^Programs^Startup^Event Reminder.lnk]
I:\PROGRA~1\pmw\PMREMIND.EXE [1998-05-18 255408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\I:^Documents and Settings^CoReY MiLLeR^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
I:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-06-04 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CyberPowerUPS"=2
"Automatic LiveUpdate Scheduler"=2
"XCOMM"=3
"WLSetupSvc"=3
"WinGateEngine"=3
"usnjsvc"=3
"Symantec Core LC"=3
"Speed Disk service"=2
"sdAuxService"=2
"rpcapd"=3
"RapApp"=3
"ose"=3
"NMap"=3
"NetSvc"=3
"NetPatrol"=3
"Macromedia Licensing Service"=3
"LiveUpdate Notice Ex"=2
"FLEXnet Licensing Service"=3
"Creative Service for CDROM Access"=3
"CacheBoost Service"=2
"ADVService"=2
"Adobe LM Service"=3
".norton2009Reset"=2
"WMPNetworkSvc"=2
"WinVNC4"=2
"WinDefend"=2
"VMware NAT Service"=2
"vmserverdWin32"=2
"vmount2"=2
"VMnetDHCP"=2
"VMAuthdService"=2
"Viewpoint Manager Service"=2
"StyleXPService"=2
"SoundMAX Agent Service (default)"=2
"NVSvc"=2
"MDM"=2
"LiveUpdate Notice Service"=2
"LiveUpdate"=3

I:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - I:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe

I:\Documents and Settings\CoReY MiLLeR\Start Menu\Programs\Startup
Amazon Unbox.lnk - I:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
InterVideo WinCinema Manager.lnk - I:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Tray Monitor.lnk - I:\Program Files\Serv-U\ServUTray.exe
TrayIt!.lnk - I:\Program Files\Trayit\trayit!.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
I:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - I:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{16664848-0E00-11D2-8059-000000000000}"=I:\Program Files\Common Files\ReGet Shared\CatchOp.dll [2004-04-08 74298]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=I:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoToolbarCustomize"=0
"NoWinKeys"=1
"NoDriveTypeAutoRun"=36
"NoDrives"=0
"NoViewOnDrive"=0
"NoDriveAutoRun"=FFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\Yahoo!\Messenger\YPager.exe"="I:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"I:\Program Files\Yahoo!\Messenger\YServer.exe"="I:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"I:\Program Files\Symantec\Ghost\GhostSrv.exe"="I:\Program Files\Symantec\Ghost\GhostSrv.exe:*:Enabled:Symantec GhostCast Server"
"I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="I:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"I:\Program Files\BitTorrent\bittorrent.exe"="I:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"I:\Program Files\Microsoft ActiveSync\rapimgr.exe"="I:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"I:\Program Files\Microsoft ActiveSync\wcescomm.exe"="I:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"I:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="I:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"I:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe"="I:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"I:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe"="I:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"I:\WINDOWS\system32\lxdmcoms.exe"="I:\WINDOWS\system32\lxdmcoms.exe:*:Enabled:Lexmark Communications System"
"I:\Program Files\Lexmark 5000 Series\lxdmamon.exe"="I:\Program Files\Lexmark 5000 Series\lxdmamon.exe:*:Enabled:Lexmark Device Monitor"
"I:\Program Files\Lexmark 5000 Series\frun.exe"="I:\Program Files\Lexmark 5000 Series\frun.exe:*:Enabled:Lexmark Productivity Studio"
"I:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe"="I:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader"
"I:\Program Files\Lexmark 5000 Series\lxdmmon.exe"="I:\Program Files\Lexmark 5000 Series\lxdmmon.exe:*:Enabled:Printer Device Monitor"
"I:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmpswx.exe"="I:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmpswx.exe:*:Enabled:Printer Status Window Interface"
"I:\Program Files\Lexmark 5000 Series\LXDMFax.exe"="I:\Program Files\Lexmark 5000 Series\LXDMFax.exe:*:Enabled:Fax Solutions Software"
"I:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmjswx.exe"="I:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmjswx.exe:*:Enabled:Job Status Window Interface"
"I:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmtime.exe"="I:\WINDOWS\system32\spool\drivers\w32x86\3\lxdmtime.exe:*:Enabled:Lexmark Connect Time Executable"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"I:\Program Files\Windows Live\Messenger\livecall.exe"="I:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"I:\Program Files\Bonjour\mDNSResponder.exe"="I:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\Symantec\Ghost\GhostSrv.exe"="I:\Program Files\Symantec\Ghost\GhostSrv.exe:*:Enabled:Symantec GhostCast Server"
"I:\Program Files\Microsoft ActiveSync\rapimgr.exe"="I:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"I:\Program Files\Microsoft ActiveSync\wcescomm.exe"="I:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"I:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="I:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\Windows Live\Messenger\msnmsgr.exe"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"I:\Program Files\Windows Live\Messenger\livecall.exe"="I:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\O]
shell\AutoRun\command - O:\install.exe


======File associations======

.js - open - "I:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"
.scr - open -

======List of files/folders created in the last 1 months======

2008-12-17 06:08:08 ----A---- I:\WINDOWS\zip.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\VFIND.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\SWXCACLS.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\SWSC.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\SWREG.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\sed.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\NIRCMD.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\grep.exe
2008-12-17 06:08:08 ----A---- I:\WINDOWS\fdsv.exe
2008-12-17 06:07:34 ----D---- I:\Qoobox
2008-12-17 05:26:02 ----RASHD---- I:\autorun.inf
2008-12-17 04:59:14 ----A---- I:\rapport.txt
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\WS2Fix.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\VCCLSID.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\VACFix.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\swsc.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\SrchSTS.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\Process.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\o4Patch.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\IEDFix.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\IEDFix.C.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\dumphive.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\Agent.OMZ.Fix.exe
2008-12-17 04:58:53 ----A---- I:\WINDOWS\system32\404Fix.exe
2008-12-17 01:54:49 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\Malwarebytes
2008-12-17 01:54:33 ----D---- I:\Program Files\Malwarebytes' Anti-Malware
2008-12-17 01:54:33 ----D---- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-17 01:44:44 ----D---- I:\Program Files\Spyware Doctor
2008-12-17 01:44:44 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\PC Tools
2008-12-17 00:55:22 ----D---- I:\WINDOWS\ERDNT
2008-12-17 00:55:18 ----A---- I:\WINDOWS\system32\CF22092.exe
2008-12-16 23:53:43 ----D---- I:\Program Files\ThreatFire
2008-12-16 23:53:43 ----D---- I:\Documents and Settings\All Users\Application Data\PC Tools
2008-12-16 23:35:54 ----AD---- I:\Documents and Settings\All Users\Application Data\TEMP
2008-12-16 22:59:21 ----D---- I:\Documents and Settings\All Users\Application Data\FLEXnet
2008-12-16 22:54:40 ----D---- I:\Program Files\Bonjour
2008-12-16 22:45:53 ----D---- I:\Program Files\Common Files\Macrovision Shared
2008-12-16 22:16:12 ----A---- I:\WINDOWS\system32\Swcomp32.dll
2008-12-16 22:16:12 ----A---- I:\WINDOWS\system32\Sbtrv32.dll
2008-12-16 22:16:12 ----A---- I:\WINDOWS\system32\Pedtconv.dll
2008-12-16 22:16:12 ----A---- I:\WINDOWS\system32\Pbtrvd32.dll
2008-12-16 22:16:10 ----A---- I:\WINDOWS\system32\W32mkde.exe
2008-12-16 22:16:10 ----A---- I:\WINDOWS\system32\Vamngr32.dll
2008-12-16 22:16:10 ----A---- I:\WINDOWS\system32\S2dtconv.dll
2008-12-16 22:16:09 ----A---- I:\WINDOWS\system32\Ole2prox.dll
2008-12-16 22:15:59 ----A---- I:\WINDOWS\system32\P2SODBC.DLL
2008-12-16 22:15:59 ----A---- I:\WINDOWS\system32\P2IRDAO.DLL
2008-12-16 22:15:59 ----A---- I:\WINDOWS\system32\P2CTDAO.DLL
2008-12-16 22:15:59 ----A---- I:\WINDOWS\system32\P2BDAO.DLL
2008-12-16 22:15:59 ----A---- I:\WINDOWS\system32\P2BBND.DLL
2008-12-16 22:15:58 ----A---- I:\WINDOWS\system32\PG32.DLL
2008-12-16 22:15:58 ----A---- I:\WINDOWS\system32\IMPLODE.DLL
2008-12-16 22:15:58 ----A---- I:\WINDOWS\system32\CO2C40EN.DLL
2008-12-16 22:15:57 ----A---- I:\WINDOWS\system32\VB5DB.dll
2008-12-16 22:10:22 ----A---- I:\WINDOWS\system32\msqpdxmtvdhrxx.dll
2008-12-16 20:16:12 ----A---- I:\WINDOWS\ReplacerUndo.txt
2008-12-16 06:49:30 ----D---- I:\Program Files\trend micro
2008-12-16 06:49:25 ----D---- I:\rsit
2008-12-16 00:36:02 ----D---- I:\logs
2008-12-16 00:20:05 ----D---- I:\123
2008-12-16 00:20:02 ----A---- I:\WINDOWS\system32\CF27899.exe
2008-12-16 00:18:40 ----A---- I:\WINDOWS\system32\CF27465.exe
2008-12-15 22:38:01 ----D---- I:\Virtual Machines
2008-12-15 21:55:14 ----D---- I:\Program Files\PerformanceTest
2008-12-15 21:54:36 ----D---- I:\Program Files\Smith Micro
2008-12-15 21:10:39 ----D---- I:\Documents and Settings\All Users\Application Data\NortonSystemWorks
2008-12-15 21:09:28 ----D---- I:\Program Files\Norton SystemWorks Premier Edition
2008-12-15 21:08:04 ----HDC---- I:\WINDOWS\$NtUninstallKB955839$
2008-12-15 21:07:02 ----HDC---- I:\WINDOWS\$NtUninstallKB958215$
2008-12-15 20:57:49 ----HDC---- I:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-15 20:56:22 ----HDC---- I:\WINDOWS\$NtUninstallKB954600$
2008-12-15 20:55:49 ----HDC---- I:\WINDOWS\$NtUninstallKB956802$
2008-12-15 19:08:20 ----A---- I:\WINDOWS\system32\S32EVNT1.DLL
2008-12-15 19:07:42 ----D---- I:\Program Files\Norton Internet Security
2008-12-15 19:07:41 ----D---- I:\Program Files\Windows Sidebar
2008-12-15 19:07:40 ----D---- I:\Documents and Settings\All Users\Application Data\Norton
2008-12-15 19:07:08 ----D---- I:\Program Files\NortonInstaller
2008-12-15 19:07:08 ----D---- I:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-12-15 03:20:22 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\FastSum
2008-12-15 03:20:00 ----D---- I:\Program Files\FastSum
2008-12-15 02:55:43 ----D---- I:\Program Files\Common Files\EZB Systems
2008-12-15 02:55:42 ----D---- I:\Program Files\UltraISO
2008-12-14 21:27:49 ----D---- I:\Program Files\BOOTP Desktop
2008-12-14 21:27:41 ----A---- I:\WINDOWS\BOOTP Desktop Setup Log.txt
2008-12-10 15:28:22 ----D---- I:\Program Files\Common Files\DirectX
2008-12-10 15:28:12 ----A---- I:\WINDOWS\system32\CmdLineExt03.dll
2008-12-08 21:59:44 ----D---- I:\WINDOWS\Farm Mania
2008-12-08 21:59:21 ----A---- I:\WINDOWS\Farm Mania Setup Log.txt
2008-11-28 19:06:51 ----HDC---- I:\WINDOWS\$NtUninstallKB957097$
2008-11-28 19:05:57 ----HDC---- I:\WINDOWS\$NtUninstallKB954459$
2008-11-28 19:04:44 ----HDC---- I:\WINDOWS\$NtUninstallKB955069$
2008-11-23 19:36:49 ----A---- I:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
2008-11-23 19:36:23 ----D---- I:\Program Files\USPS

======List of files/folders modified in the last 1 months======

2008-12-17 06:02:54 ----A---- I:\WINDOWS\win.ini
2008-12-17 06:02:54 ----A---- I:\WINDOWS\system.ini
2008-12-17 04:36:12 ----SHD---- I:\WINDOWS\Installer
2008-12-17 04:36:12 ----SHD---- I:\Config.Msi
2008-12-17 04:36:05 ----A---- I:\WINDOWS\OEWABLog.txt
2008-12-17 04:17:03 ----A---- I:\WINDOWS\ntbtlog.txt
2008-12-17 04:13:18 ----D---- I:\WINDOWS\security
2008-12-17 03:04:46 ----D---- I:\Program Files\Opera
2008-12-17 02:28:55 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2008-12-17 00:33:36 ----HD---- I:\WINDOWS\inf
2008-12-16 23:36:23 ----D---- I:\Program Files\Common Files
2008-12-16 22:59:25 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\Adobe
2008-12-16 22:55:31 ----D---- I:\Program Files\Adobe
2008-12-16 22:54:39 ----D---- I:\Program Files\Common Files\Adobe
2008-12-16 22:52:49 ----D---- I:\WINDOWS\WinSxS
2008-12-16 22:16:26 ----D---- I:\Program Files\MyApp
2008-12-16 22:16:01 ----D---- I:\WINDOWS\Crystal
2008-12-16 22:15:54 ----D---- I:\WINDOWS\system32\Fonts
2008-12-16 21:18:59 ----A---- I:\WINDOWS\system32\kernel1.exe
2008-12-16 20:07:08 ----D---- I:\WINDOWS\Resources
2008-12-16 18:42:49 ----D---- I:\WINDOWS\system32\FxsTmp
2008-12-16 06:49:55 ----D---- I:\WINDOWS\Temp
2008-12-16 06:49:30 ----AD---- I:\Program Files
2008-12-16 06:49:29 ----D---- I:\WINDOWS\Prefetch
2008-12-16 00:45:35 ----A---- I:\WINDOWS\IE4 Error Log.txt
2008-12-16 00:30:43 ----D---- I:\WINDOWS\system32\CatRoot2
2008-12-16 00:30:30 ----D---- I:\WINDOWS\system32\inetsrv
2008-12-16 00:28:44 ----A---- I:\WINDOWS\ModemLog_U.S. Robotics 56K Fax PCI #2.txt
2008-12-16 00:28:43 ----D---- I:\WINDOWS\system32\drivers
2008-12-16 00:28:22 ----SD---- I:\WINDOWS\Tasks
2008-12-16 00:28:21 ----D---- I:\Documents and Settings\All Users\Application Data\VMware
2008-12-16 00:22:24 ----D---- I:\WINDOWS
2008-12-16 00:22:13 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\VMware
2008-12-16 00:22:05 ----D---- I:\WINDOWS\system32
2008-12-15 22:16:04 ----D---- I:\Documents and Settings\All Users\Application Data\McAfee
2008-12-15 21:49:50 ----D---- I:\WINDOWS\pss
2008-12-15 21:44:37 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\Symantec
2008-12-15 21:44:35 ----D---- I:\Documents and Settings\All Users\Application Data\Symantec
2008-12-15 21:10:45 ----D---- I:\Program Files\Common Files\Symantec Shared
2008-12-15 21:09:22 ----D---- I:\Program Files\Symantec
2008-12-15 21:07:45 ----HD---- I:\WINDOWS\$hf_mig$
2008-12-15 21:07:29 ----A---- I:\WINDOWS\imsins.BAK
2008-12-15 21:07:20 ----RSHDC---- I:\WINDOWS\system32\dllcache
2008-12-15 21:06:02 ----D---- I:\Program Files\Common Files\Microsoft Shared
2008-12-15 20:15:51 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\FlashFXP
2008-12-15 19:09:02 ----SHD---- I:\System Volume Information
2008-12-15 18:55:59 ----D---- I:\Program Files\McAfee
2008-12-15 04:09:05 ----A---- I:\WINDOWS\NeroDigital.ini
2008-12-15 00:02:42 ----D---- I:\WINDOWS\system32\CatRoot
2008-12-14 23:56:52 ----D---- I:\WINDOWS\system32\config
2008-12-14 23:56:15 ----D---- I:\WINDOWS\system32\wbem
2008-12-14 23:56:14 ----D---- I:\WINDOWS\Registration
2008-12-14 23:54:28 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\Google
2008-12-14 23:54:28 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\.BitTornado
2008-12-14 23:54:27 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\AntiSpamFilter
2008-12-14 23:54:27 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\Aladdin Systems
2008-12-14 23:54:27 ----D---- I:\Documents and Settings\CoReY MiLLeR\Application Data\AdobeUM
2008-12-12 03:43:07 ----D---- I:\Program Files\Common Files\Acronis
2008-12-10 22:25:24 ----D---- I:\Program Files\Mozilla Firefox
2008-12-10 00:51:42 ----A---- I:\WINDOWS\powencfm.INI
2008-12-09 17:24:37 ----A---- I:\WINDOWS\system32\MRT.exe
2008-12-07 02:59:14 ----SD---- I:\WINDOWS\Downloaded Program Files
2008-11-19 20:28:48 ----A---- I:\WINDOWS\ModemLog_Motorola USB Modem.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aspi32;Aspi32; I:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R1 BHDrvx86;Symantec Heuristics Driver; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\ccHPx86.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\I:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\I:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20081212.001\IDSxpx86.sys []
R1 IKSysFlt;System Filter Driver; I:\WINDOWS\system32\drivers\iksysflt.sys [2008-08-25 66952]
R1 IKSysSec;System Security Driver; I:\WINDOWS\system32\drivers\iksyssec.sys [2008-08-25 81288]
R1 InCDPass;InCDPass; I:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-09-13 28672]
R1 intelppm;Intel Processor Driver; I:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; I:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 kid_sys;Kensington Input Devices Class filter driver; I:\WINDOWS\System32\drivers\KID_SYS.sys [2001-09-26 11920]
R1 mbmiodrvr;mbmiodrvr; \??\I:\WINDOWS\System32\mbmiodrvr.sys []
R1 oreans32;oreans32; \??\I:\WINDOWS\system32\drivers\oreans32.sys []
R1 PQNTDrv;PQNTDrv; I:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SCDEmu;SCDEmu; I:\WINDOWS\system32\drivers\SCDEmu.sys [2007-04-09 31548]
R1 SRTSP;Symantec Real Time Storage Protection; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SRTSP.SYS []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SRTSPX.SYS []
R1 StyleXPHelper;StyleXPHelper; \??\I:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe []
R1 SYMTDI;SYMTDI; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SYMTDI.SYS []
R1 Tcpip6;Microsoft IPv6 Protocol Driver; I:\WINDOWS\System32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 vmm;Virtual Machine Monitor; \??\I:\WINDOWS\System32\drivers\vmm.sys []
R2 aslm75;aslm75; \??\I:\WINDOWS\system32\drivers\aslm75.sys []
R2 AsusGIO;AsusGIO; \??\I:\Program Files\ASUS\Ai Booster\AsusGIO.sys []
R2 CDRPDACC;Arrowkey Device Access; \??\I:\Program Files\321Studios\Shared\CDRPDACC.SYS []
R2 ElbyCDIO;ElbyCDIO Driver; I:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 hcmon;VMware hcmon; \??\I:\WINDOWS\system32\Drivers\hcmon.sys []
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; I:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; I:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-08-23 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; I:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-08-23 55936]
R2 PfModNT;PfModNT; \??\I:\WINDOWS\system32\drivers\PfModNT.sys []
R2 PStrip;PStrip; I:\WINDOWS\system32\drivers\PStrip.sys [2004-11-09 21968]
R2 Sniffer;SNIFFER Protocol Driver; I:\WINDOWS\System32\DRIVERS\sniffer.sys [2002-02-08 549904]
R2 symlcbrd;symlcbrd; \??\I:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tifsfilter;Acronis True Image FS Filter; I:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-05-12 32288]
R2 VMnetBridge;VMware Bridge Protocol; I:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2008-03-04 23296]
R2 VMnetuserif;VMware Network Application Interface; \??\I:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\I:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\I:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\I:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R2 WIBUKEY;WIBU-KEY Kernel Driver; I:\WINDOWS\SYSTEM32\DRIVERS\Wibukey.sys [2001-12-27 67072]
R3 aeaudio;aeaudio; I:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 AnyDVD;AnyDVD; I:\WINDOWS\System32\Drivers\AnyDVD.sys [2006-02-15 19200]
R3 ctac32k;Creative AC3 Software Decoder; I:\WINDOWS\System32\drivers\ctac32k.sys [2004-02-23 645360]
R3 ctaud2k;Creative Audio Driver (WDM); I:\WINDOWS\system32\drivers\ctaud2k.sys [2004-02-23 366352]
R3 ctprxy2k;Creative Proxy Driver; I:\WINDOWS\System32\drivers\ctprxy2k.sys [2003-10-08 6096]
R3 ctsfm2k;Creative SoundFont Management Device Driver; I:\WINDOWS\System32\drivers\ctsfm2k.sys [2003-10-08 130288]
R3 dtscsi;dtscsi; I:\WINDOWS\System32\Drivers\dtscsi.sys [2006-07-03 223128]
R3 E1000;Intel® PRO/1000 Adapter Driver; I:\WINDOWS\System32\DRIVERS\e1000325.sys [2003-05-20 121856]
R3 ElbyCDFL;ElbyCDFL; I:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-08-31 26240]
R3 ElbyDelay;ElbyDelay; I:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-06-08 3968]
R3 emupia;E-mu Plug-in Architecture Driver; I:\WINDOWS\System32\drivers\emupia2k.sys [2003-10-13 145488]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\I:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); I:\WINDOWS\system32\drivers\es1371mp.sys [2001-08-17 40704]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; I:\WINDOWS\System32\drivers\ha10kx2k.sys [2004-02-24 904784]
R3 hidusb;Microsoft HID Class Driver; I:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; I:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MxlW2k;MxlW2k; I:\WINDOWS\system32\drivers\MxlW2k.sys [2004-07-10 28352]
R3 NAVENG;NAVENG; \??\I:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081216.039\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\I:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081216.039\NAVEX15.SYS []
R3 nv;nv; I:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 ossrv;Creative OS Services Driver; I:\WINDOWS\system32\drivers\ctoss2k.sys [2003-10-08 178672]
R3 Pcatip;Pcatip; I:\WINDOWS\System32\DRIVERS\PcAtip.sys [2004-12-19 68960]
R3 Pcouffin;Low level access layer for CD devices; I:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-03-25 39264]
R3 pfc;Padus ASPI Shell; I:\WINDOWS\system32\drivers\pfc.sys [2003-01-22 9856]
R3 smwdm;smwdm; I:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 SYMDNS;SYMDNS; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SYMDNS.SYS []
R3 SymEvent;SymEvent; \??\I:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SYMFW.SYS []
R3 SYMIDS;SYMIDS; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SYMIDS.SYS []
R3 SymIMMP;SymIMMP; I:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-15 35888]
R3 SYMNDIS;SYMNDIS; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SYMNDIS.SYS []
R3 SYMREDRV;SYMREDRV; \??\I:\WINDOWS\system32\drivers\NIS\1001000.021\SYMREDRV.SYS []
R3 TfNetMon;TfNetMon; \??\I:\WINDOWS\system32\drivers\TfNetMon.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; I:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; I:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; I:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; I:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; I:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2008-03-04 9600]
R4 InCDfs;InCD File System; I:\WINDOWS\system32\drivers\InCDfs.sys [2004-09-13 93440]
S1 P3;Intel PentiumIII Processor Driver; I:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
S2 Ca533av;Cam 3200, WDM Video Capture; I:\WINDOWS\System32\Drivers\Ca533av.sys [2002-10-21 515803]
S2 ramdisk;AR Soft RAM Disk Service; I:\WINDOWS\System32\DRIVERS\ramdisk.sys []
S3 3dfxvs;3dfxvs; I:\WINDOWS\System32\DRIVERS\3dfxvsm.sys [2001-10-03 148352]
S3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ATWPKT2;ATWPKT2; \??\I:\Program Files\America Online 8.0\ATWPKT2.SYS []
S3 catchme;catchme; \??\I:\DOCUME~1\COREYM~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; I:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctdvda2k;Creative DVD-Audio Device Driver; I:\WINDOWS\System32\drivers\ctdvda2k.sys [2003-10-14 332800]
S3 DCamUSBEMPIA;ConvertX AV100U A/V Capture; I:\WINDOWS\system32\DRIVERS\emDevice.sys []
S3 emAudio;ConvertX AV100U A/V Capture Audio; I:\WINDOWS\system32\drivers\emAudio.sys []
S3 FiltUSBEMPIA;USB Device Lower Filter; I:\WINDOWS\system32\DRIVERS\emFilter.sys []
S3 FTDIBUS;USB Serial Converter Driver; I:\WINDOWS\system32\drivers\ftdibus.sys [2003-05-22 19025]
S3 FTSER2K;USB Serial Port Driver; I:\WINDOWS\system32\drivers\ftser2k.sys [2003-05-22 55356]
S3 FVNETusb;Linksys Wireless-B USB Network Adapter v2.8 Driver; I:\WINDOWS\system32\DRIVERS\vnet58lx.sys [2004-03-26 122112]
S3 gtermddo;gtermddo; \??\I:\DOCUME~1\COREYM~1\LOCALS~1\Temp\gtermddo.sys []
S3 hap16v2k;Creative P16V HAL Driver; I:\WINDOWS\System32\drivers\hap16v2k.sys [2003-10-21 148432]
S3 LVUSBSta;Logitech USB Monitor Filter; I:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 LwAdiHid;Logitech WingMan Digital Devices(Auto-Detect); I:\WINDOWS\System32\DRIVERS\LwAdiHid.sys [2002-08-28 20864]
S3 MidiSyn;MidiSyn; I:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-19 235100]
S3 motccgp;Motorola USB Composite Device Driver; I:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-11-02 18176]
S3 motccgpfl;MotCcgpFlService; I:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-22 7680]
S3 MotDev;Motorola Inc. USB Device; I:\WINDOWS\system32\DRIVERS\motodrv.sys [2007-10-10 42112]
S3 motmodem;Motorola USB CDC ACM Driver; I:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 motport;Motorola USB Diagnostic Port; I:\WINDOWS\system32\DRIVERS\motport.sys [2007-06-18 23680]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; I:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; I:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; I:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; I:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; I:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; I:\WINDOWS\System32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; I:\WINDOWS\system32\drivers\npf.sys [2004-05-14 32896]
S3 ntgrip;Gravis GamePort device driver; I:\WINDOWS\system32\drivers\ntgrip.sys [2001-08-17 51552]
S3 ntxpgp;Gravis Xperience GamePort device driver; I:\WINDOWS\system32\drivers\ntxpgp.sys [2002-02-26 240188]
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\UNC\asswipe\c$\PROGRA~1\WUSB11~1\PCANDIS5.SYS []
S3 PCI_Ctrl;PCI_Ctrl; \??\I:\WINDOWS\system32\drivers\PCI_Ctrl.sys []
S3 PID_0920;Logitech QuickCam Express(PID_0920); I:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2005-01-31 163328]
S3 RapDrv;RapDrv; \??\I:\WINDOWS\system32\drivers\RapDrv.sys []
S3 RapFile;RapFile; \??\I:\WINDOWS\System32\drivers\RapFile.sys []
S3 RapNet;RapNet; \??\I:\WINDOWS\System32\drivers\RapNet.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; I:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; I:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 s3m;s3m; I:\WINDOWS\System32\DRIVERS\s3m.sys [2001-08-17 166720]
S3 ScanUSBEMPIA;USB Still Image Capture Device; I:\WINDOWS\system32\DRIVERS\emScan.sys []
S3 scsiscan;SCSI Scanner Driver; I:\WINDOWS\System32\DRIVERS\scsiscan.sys [2008-04-13 11520]
S3 SDdriver;SDdriver; \??\I:\WINDOWS\system32\Drivers\sddriver.sys []
S3 SLIP;BDA Slip De-Framer; I:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SmartCdx;SmartCdx; I:\WINDOWS\System32\Drivers\SmartCdx.sys []
S3 streamip;BDA IPSink; I:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\I:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20070607.001\SymIDSCo.sys []
S3 SymIM;Symantec Network Security Intermediate Filter Service; I:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-15 35888]
S3 usb_rndisx;USB RNDIS Adapter; I:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbaudio;USB Audio Driver (WDM); I:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBCamera;DSC Still Image Capture (CA100); I:\WINDOWS\System32\Drivers\Bulk533.sys [2002-12-04 11144]
S3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; I:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; I:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VPCNetS2;Virtual Machine Network Services Driver; I:\WINDOWS\System32\DRIVERS\VMNetSrv.sys [2003-10-22 45056]
S3 wanatw;WAN Miniport (ATW); I:\WINDOWS\System32\DRIVERS\wanatw4.sys []
S3 Wdf01000;Wdf01000; I:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []
S4 vsdatant;vsdatant; I:\WINDOWS\system32\drivers\vsdatant.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; I:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 AcrSch2Svc;Acronis Scheduler2 Service; I:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-07-20 204800]
R2 ADVService;Amazon Unbox Video Service; I:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [2007-07-11 25640]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; I:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-08-01 238968]
R2 CacheBoost Service;CacheBoost Performance Optimizer and Tuner Service; I:\Program Files\CacheBoost\cbsrv.exe [2003-06-24 78848]
R2 CyberPowerUPS;UPS Service; I:\Program Files\PowerPanelPlus\upssrv.exe [2004-12-17 348160]
R2 IISADMIN;IIS Admin; I:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 InteractiveLogon;InteractiveLogon; I:\WINDOWS\System32\Fast.exe [2001-10-08 49216]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; I:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-03-12 517768]
R2 MDM;Machine Debug Manager; I:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 Norton Internet Security;Norton Internet Security; I:\Program Files\Norton Internet Security\Engine\16.1.0.33\ccSvcHst.exe [2008-12-15 115560]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 sdAuxService;PC Tools Auxiliary Service; I:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
R2 sdCoreService;PC Tools Security Service; I:\Program Files\Spyware Doctor\pctsSvc.exe [2008-12-16 1079176]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); I:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; I:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 Speed Disk service;Speed Disk service; I:\PROGRA~1\NORTON~3\NORTON~1\SPEEDD~1\NOPDB.EXE [2008-09-25 181680]
R2 StyleXPService;StyleXPService; I:\Program Files\TGTSoft\StyleXP\StyleXPService.exe [2006-05-24 372736]
R2 ThreatFire;ThreatFire; I:\Program Files\ThreatFire\TFService.exe [2008-11-17 70944]
R2 Viewpoint Manager Service;Viewpoint Manager Service; I:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 VMAuthdService;VMware Authorization Service; I:\Program Files\VMware\VMware Server\vmware-authd.exe [2008-03-04 151643]
R2 VMnetDHCP;VMware DHCP Service; I:\WINDOWS\system32\vmnetdhcp.exe [2008-03-04 106496]
R2 vmount2;VMware Virtual Mount Manager Extended; I:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-05-01 269104]
R2 vmserverdWin32;VMware Registration Service; I:\Program Files\VMware\VMware Server\vmserverdWin32.exe [2008-03-04 1650781]
R2 VMware NAT Service;VMware NAT Service; I:\WINDOWS\system32\vmnat.exe [2008-03-04 135168]
R2 W3SVC;World Wide Web Publishing; I:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 WinDefend;Windows Defender; I:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 NetSvc;Intel NCS NetService; I:\Program Files\Intel\NCS\Sync\NetSvc.exe [2003-03-03 143360]
S2 .norton2009Reset;Norton 2009 Reset; I:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe [2008-12-15 281625]
S2 Fax;Fax; I:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Adobe LM Service;Adobe LM Service; I:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-05-12 72704]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Creative Service for CDROM Access;Creative Service for CDROM Access; I:\WINDOWS\System32\CTsvcCDA.EXE [1999-12-13 44032]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-16 654848]
S3 LiveUpdate;LiveUpdate; I:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-08-01 3220856]
S3 Macromedia Licensing Service;Macromedia Licensing Service; I:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2005-06-20 68096]
S3 NetPatrol;Qbik NetPatrol Engine; I:\Program Files\NetPatrol\NetPatrol.exe [2003-12-01 376832]
S3 NMap;NMap; I:\Program Files\NMapWin\bin\nmapserv.exe [2002-11-20 290816]
S3 ose;Office Source Engine; I:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RapApp;RapApp; I:\Program Files\ISS\BlackICE\rapapp.exe [2003-02-25 684032]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); I:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016]
S3 Symantec Core LC;Symantec Core LC; I:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-06-02 1174664]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; I:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WinGateEngine;Qbik WinGate Engine; I:\Program Files\WinGate\WinGate.exe [2003-12-11 2355325]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; I:\Program Files\Bonjour\mDNSResponder.exe []
S4 InCDsrv;InCD Helper; I:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-13 1192050]
S4 lxdm_device;lxdm_device; I:\WINDOWS\system32\lxdmcoms.exe [2007-06-08 598960]
S4 lxdmCATSCustConnectService;lxdmCATSCustConnectService; I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdmserv.exe [2007-06-08 99248]

-----------------EOF-----------------







Here is my info.txt file

info.txt logfile of random's system information tool 1.04 2008-12-16 06:51:26

======Uninstall list======

#1 Video Converter 3.4.12-->"I:\Program Files\NO1 Video Converter\unins000.exe"
-->"I:\Program Files\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
-->"I:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->I:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->I:\Program Files\Creative\SBAudigy\Program\Ctzapxx.EXE
-->I:\Program Files\Installshield Installation Information\{08082024-2a50-4196-8196-a6f86d6e8f12}\QBReplace.exe {08082024-2a50-4196-8196-a6f86d6e8f12}#{01288593-26bb-4b3a-a04e-0a4ed28cc937}
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\Demo\AUDIGYDEMO.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\Diagnose2.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\Midi.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\MiniDisc\MDC.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\Program\RDefault.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\QuickStart\QuickStart.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\Recorder\Recorder.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\Sound Blaster Audigy Manual\English\CTManual.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\SBAudigy\SoundFont.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Creative\Uninstall\Installer.isu"
-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\NAI\SnifferNT\Uninst.isu" -c"I:\Program Files\NAI\SnifferNT\Program\Win2K\snifcfg.dll"
-->MsiExec.exe /I{09715083-BF10-4834-9E28-B5D8820513CA}
-->MsiExec.exe /I{1E049668-AD90-4008-B213-E20CED2324DD}
-->MsiExec.exe /I{35103A8A-E9D8-40FA-AEC7-4D138952DB30}
-->MsiExec.exe /I{5FBCB03F-F72A-49BF-BA46-63B3515EE3A9}
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\Setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{89AD2814-AFA2-46AF-AE53-C27196D9FBE6}\setup.exe" REMOVEALL
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{AAA4CCCE-78DB-47B0-A651-68270D838BD4}\setup.exe" REMOVEALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 I:\WINDOWS\INF\PCHealth.inf
18 Wheels of Steel - Across America-->P:\18WHEE~1\UNWISE.EXE P:\18WHEE~1\INSTALL.LOG
18 Wheels of Steel Bundle (remove only)-->"p:\18 Wheels of Steel Bundle\Uninstall.exe"
18 Wheels of Steel Pedal to the Metal-->I:\Documents and Settings\CoReY MiLLeR\Appli
18 Wheels of Steel: American Long Haul -->I:\Documents and Settings\CoReY MiLLeR\Appli
2.2-->"I:\Program Files\Windows System Optimizer\unins000.exe"
3dfx Tools-->MsiExec.exe /X{719A79E8-B696-48BE-B691-7303F7991EF8}
7-Zip 4.57-->"I:\Program Files\7-Zip\Uninstall.exe"
AChartProDemo-->I:\WINDOWS\UNWISE.EXE I:\WINDOWS\INSTALL.LOG
Acronis True Image Enterprise Server-->MsiExec.exe /X{378F9A62-061E-4368-AA0A-1BA004772E98}
Acronis Disk Director Suite-->MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
Add/Remove Plus! 2004-->I:\PROGRA~1\ADDREM~1\UNWISE.EXE I:\PROGRA~1\ADDREM~1\INSTALL.LOG
Adobe Acrobat 7.0 Professional-->msiexec /I {AC76BA86-1033-0000-7760-000000000002}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{8BC84ECC-EA87-49C0-93C0-2B5DF62745CD}
Adobe Bridge CS3-->MsiExec.exe /I{68CF6DD2-8BA3-4A70-81D8-7CC5F24C9BA2}
Adobe Bridge Start Meeting-->MsiExec.exe /I{7F3A2319-79CF-4701-95FB-034E99281808}
Adobe Camera Raw 4.0-->MsiExec.exe /I{183B7569-90FB-4C56-9761-0EEB002CAB83}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Device Central CS3-->MsiExec.exe /I{20B83B31-09C4-4F0E-9774-EF8A12A0A527}
Adobe Dreamweaver CS3-->I:\Program Files\Common Files\Adobe\Installers\435a6af7459cb02a9c1138113a26e93\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{4DF98D0B-637E-42B4-B9D6-EB7693D2FBF8}
Adobe Extension Manager CS3-->MsiExec.exe /I{2A539CD9-0F75-4875-9A32-E06DD93C4114}
Adobe Flash Player ActiveX-->I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->I:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Viewer CS3-->MsiExec.exe /I{733D84D6-AAFD-4368-A1D0-F2734F6B9082}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Setup-->MsiExec.exe /I{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}
Adobe Shockwave Player-->I:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE I:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{41C3C974-EC5E-494C-AFE6-E31D92E2E6CB}
Advanced MP3 Catalog 1.02-->I:\WINDOWS\UnGins.exe "I:\Program Files\Advanced MP3 Catalog\install.log"
Advanced System Optimizer 2.01.2-->"I:\Program Files\Advanced System Optimizer\unins000.exe"
AI - Series-->"I:\Program Files\AI - Series\AI - Series.scr" /S /Uninstall
Ai Booster-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{74BF0A46-DF67-4D86-B038-BF0E51871B66}\Setup.exe" -l0x9
Amazon Unbox Video-->I:\Program Files\InstallShield Installation Information\{54A4839E-87F8-4BD1-9682-A349E9943F0A}\setup.exe -runfromtemp -l0x0409
Ambush Pack 1.00 for Pocket Tanks Deluxe-->"I:\Program Files\Pocket Tanks Deluxe\unins001.exe"
AMSN-Pack (remove only)-->I:\Program Files\AMSN\uninstall.exe
AnalogX PortBlocker-->I:\Program Files\AnalogX\PortBlocker\pblocku.exe
AnswerWorks 4.0 Runtime - English-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
AnyDVD-->"I:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="I:\Program Files\SlySoft\AnyDVD"
AOL Instant Messenger-->I:\Program Files\AIM95\uninstll.exe -LOG= I:\Program Files\AIM95\install.log -OEM=
APBench-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\MCSB Technology\APBench\Uninst.isu"
Apollo DVD Copy 4.6.12-->"I:\Program Files\Apollo DVD Copy\unins000.exe"
Application Verifier Database-->I:\WINDOWS\system32\sdbinst.exe -u "I:\WINDOWS\AppPatch\Custom\{448850f4-a5ea-4dd1-bf1b-d5fa285dc64b}.sdb"
Ares 1.9.0-->"I:\Program Files\Ares\uninstall.exe"
arniWORX awxDTools - Daemon-Tools ShellExtension - 1.0.6.0-->"I:\Program Files\DAEMON Tools\unins000.exe"
AsfTools 3.1 (remove only)-->I:\Program Files\AsfTools 3.1\Uninst.exe
ASUS Features-->"I:\Program Files\ASUS Features\ASUS Features.scr" /S /Uninstall
ASUS Probe V2.21.07-->I:\WINDOWS\uninst.exe -f"i:\Program Files\ASUS\Probe\DeIsL1.isu" -c"i:\Program Files\ASUS\Probe\probunis.dll"
AsusUpdate-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\ASUS\AsusUpdate\Uninst.isu"
Attribute Magic Pro-->I:\Program Files\ATM Pro\Uninstall.exe "I:\Program Files\ATM Pro\install.log"
Audio Lounge 2.103-->I:\WINDOWS\iun6002.exe "I:\Program Files\Audio Lounge\irunin.ini"
Audit Support Center 1.0-->I:\Program Files\Audit Support Center\uninst.exe
AutoPlay Menu Studio 2.0-->I:\WINDOWS\iun502.exe I:\Program Files\AutoPlay Menu Studio 2.0\irunin.ini
Avanquest update-->I:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
Avant Browser (remove only)-->"I:\Program Files\Avant Browser\uninst.exe"
AviSynth 2.5-->"I:\Program Files\AviSynth 2.5\Uninstall.exe"
AVOne Gold - DVD VCD SVCD MPG AVI ASF Converter(D)-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Mpgdvd\AVOne Gold - DVD VCD SVCD MPG AVI ASF Converter(D)\Uninst.isu"
AVS Audio Tools version 3.4-->"I:\Program Files\AVSMedia\AudioTools\unins000.exe"
AVS Disc Creator version 2.1-->"I:\Program Files\AVSMedia\DiscCreator\unins000.exe"
AVS Video Tools 5.1-->"I:\Program Files\AVSMedia\VideoTools\unins000.exe"
Backup DVD v8.4-->I:\PROGRA~1\BACKUP~1\UNWISE.EXE I:\PROGRA~1\BACKUP~1\INSTALL.LOG
Backup To CD-RW 5.0-->I:\WINDOWS\st6unst.exe -n "I:\Program Files\Willow Creek Software\ST6UNST.LOG"
BearShare-->I:\PROGRA~1\BEARSH~1\UNWISE.EXE I:\PROGRA~1\BEARSH~1\INSTALL.LOG
Bejeweled Deluxe 1.6z-->I:\Program Files\Bejeweled Deluxe\UnGins.exe "I:\Program Files\Bejeweled Deluxe\install.log"
BitTornado 0.3.17-->I:\Program Files\BitTornado\uninst.exe
BlindWrite suite-->"I:\Program Files\vso\blindwrite\unins001.exe"
BlindWrite5-->"I:\Program Files\VSO\BlindWrite5\unins000.exe"
Boilsoft ASF Converter 1.51-->"I:\Program Files\Boilsoft ASF Converter\unins000.exe"
Boldchat Operator Client .NET-->MsiExec.exe /I{13A0E53B-88E0-41C3-AE03-BA3E22FBEC26}
Boost XP (Shareware Release)-->"I:\Program Files\Boost XP\unins000.exe"
BPFTP Server (remove only)-->"I:\Program Files\BPFTP Server\Uninstall\unins000.exe"
BPFTP Server (remove only)-->"I:\Program Files\G6 FTP Server\uninstall-bpftpd.exe"
Bulk E-Mailer-->"I:\Program Files\Bulk E-Mailer\unins000.exe"
CamQuest6 Cam Selection.0408-->I:\WINDOWS\UNWISE.EXE I:\WINDOWS\CAMQUEST60408.INF
CCE SP Trial Version Version 2.64.01.02-->I:\PROGRA~1\CINEMA~1\uinst.exe
CD Data Rescue 2.2-->"I:\Program Files\cddr\unins000.exe"
ChainCast Proxy (remove only)-->rundll32 I:\WINDOWS\System32\ccmp392.dll,UninstallProxy
Chameleon Control-->RunDll32 setupapi.dll,InstallHinfSection RemoveCham 4 cham.inf
CheckIt Diagnostics-->MsiExec.exe /X{4B9B1B84-FEC0-46D5-BDB9-832565779422}
CloneCD-->"I:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="I:\Program Files\SlySoft\CloneCD"
CloneDVD 2.3-->"I:\Program Files\CloneDVD\unins000.exe"
CloneDVD-->"I:\Program Files\Elaborate Bytes\CloneDVD\CloneDVD-uninst.exe" /D="I:\Program Files\Elaborate Bytes\CloneDVD"
CloneDVD2-->"I:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="I:\Program Files\Elaborate Bytes\CloneDVD2"
Command & Conquer Generals-->I:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Comparator-->I:\PROGRA~1\COMPAR~1\UnInstall.exe I:\PROGRA~1\COMPAR~1\INSTALL.LOG
Connection Keep Alive-->MsiExec.exe /I{77364F85-6219-4CB8-AAA0-6D53368D683D}
Contact List Manager-->"I:\Program Files\Contact List Manager\unins000.exe"
Cool Page 2.72-->i:\Program Files\3Dize\Cool Page\uninstal.exe
CopyToDVD-->"I:\Program Files\vso\CopyToDVD\unins000.exe"
Corel Uninstaller-->I:\WINDOWS\Corel\uninst32.exe
coverXP (remove only)-->"I:\Program Files\coverXP\cxp-uninst.exe"
Creative AudioHQ-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\Setup.exe" -l0x9 /remove
Creative Surround Mixer-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\Setup.exe" -l0x9 /remove
Creative TaskBar-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{DDAC9206-D5CC-49C9-80D2-CDFA992E3DFA}\Setup.exe" -l0x9 /remove
Customizer XP-->"I:\Program Files\Customizer XP\unins000.exe"
DameWare Mini Remote Control-->MsiExec.exe /I{862396AB-81CA-4204-92C3-D104D6FEB96C}
DameWare NT Utilities-->MsiExec.exe /I{319D54B2-FA8C-408D-8B26-FD43BAACC41F}
Date & Time Shell Extension v1.41-->rundll32.exe syssetup.dll,SetupInfObjectInstallAction DefaultUninstall 4 I:\WINDOWS\System32\Shellext\shdate.inf
DawnOfWar-->I:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DC++ 0.667-->"I:\Program Files\DC++\uninstall.exe"
Demonic Seed 2.0-->I:\WINDOWS\iun506.exe I:\Program Files\Demonic Seed\irunin.ini
DialpadChameleon-->I:\WINDOWS\DialpadChameleon Uninstaller.exe
Dial-Up Magic-->I:\WINDOWS\uninst.exe -f"I:\Program Files\TechMagic LLC\Dial-Up Magic\DeIsL1.isu" -c"I:\Program Files\TechMagic LLC\Dial-Up Magic\_ISREG32.DLL"
DivX Converter-->I:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->I:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Pro Codec-->I:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DIY DataRecovery RepoMan (demo) 2.1-->"I:\Program Files\DIY DataRecovery RepoMan (demo)\uninstall.exe"
DowntimeWitness-->MsiExec.exe /I{37603FE7-05ED-4D10-A917-F14C11C8A9D7}
Dr.DivX-->I:\Program Files\DivX\DrDivXUninstall.exe /DRDIVX
DriverGuide Toolkit-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{71AA4525-52F2-4841-93B6-8DF58C0CC0DA}\setup.exe"
DTG Serials v1.0-->MsiExec.exe /I{08525AF9-2491-487C-AAC6-9D9FE3FB8863}
DVD Copy Plus-->MsiExec.exe /X{2679A53A-99D9-413F-B12B-056D019328B6}
DVD X Copy Platinum 4.0.3-->"I:\Program Files\321Studios\Platinum\uninstall.exe"
DVD X Rescue-->I:\PROGRA~1\321STU~1\DVDXRE~1\UNWISE.EXE I:\PROGRA~1\321STU~1\DVDXRE~1\INSTALL.LOG
DVD-CLONER V2.00-->"I:\Program Files\Dvd-cloner\unins000.exe"
DVD-TO-SVCD V1.9-->"I:\Program Files\Dvd-to-svcd\unins000.exe"
DVDx 2.2-->"I:\Program Files\DVDx\unins000.exe"
DVDx-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{2B834606-B0C6-4701-B4A8-CF33CDDE8F69}\Setup.exe"
Dyno2000 Version 3.08-->I:\WINDOWS\uninst.exe -f"i:\program files\Dyno2000\DeIsL1.isu" -c"i:\program files\Dyno2000\_ISREG32.DLL"
Easy Video Converter 3.8.13-->"I:\Program Files\Easy Video Converter\unins000.exe"
EtherDetect Packet Sniffer v1.2-->I:\PROGRA~1\ETHERD~1\UNWISE.EXE I:\PROGRA~1\ETHERD~1\INSTALL.LOG
Excursion 9.5-->I:\WINDOWS\unvise32.exe i:\skripts\Excursion9.5\uninstal.log
FairStars Audio Converter 1.31-->"I:\Program Files\FairStars Audio Converter\unins000.exe"
Family Lawyer 2000-->I:\PROGRA~1\PARSON~1\FAMILY~1\UNWISE.EXE I:\PROGRA~1\PARSON~1\FAMILY~1\INSTALL.LOG
Farm Mania-->"I:\WINDOWS\Farm Mania\uninstall.exe" "/U:p:\Farm Mania\Uninstall\uninstall.xml"
FastSum 1.6 Standard Edition and FastSum 1.9 Command-Line Editi-->"I:\Program Files\FastSum\unins000.exe"
ffdshow (remove only)-->"I:\Program Files\ffdshow\uninstall.exe"
FireDaemon-->"I:\Program Files\FireDaemon\unins000.exe"
Fizz Monitor-->I:\Program Files\Microsoft ActiveSync\Fizz Monitor\Uninstall.exe Fizz Monitor
FlashFXP-->I:\PROGRA~1\FlashFXP\UNWISE.EXE I:\PROGRA~1\FlashFXP\INSTALL.LOG
Floppy Image 2.4-->"I:\Program Files\Floppy Image\unins000.exe"
Formatta Designer 6.0-->I:\PROGRA~1\FORMAT~1\UNWISE.EXE I:\PROGRA~1\FORMAT~1\INSTALL.LOG
FtpXQ Server-->I:\PROGRA~1\FtpXQ\UNWISE.EXE I:\PROGRA~1\FtpXQ\INSTALL.LOG
Fx Scanner-->"I:\Program Files\Fx Scanner\Uninstall.exe" "I:\Program Files\Fx Scanner\install.log"
G6 Addon functions-->I:\PROGRA~1\G6ADDO~1\UNWISE.EXE I:\PROGRA~1\G6ADDO~1\INSTALL.LOG
GetRight-->I:\PROGRA~1\GetRight\GETRIGHT.EXE /UNINSTALL
GFI LANguard Network Security Scanner 3.1-->"I:\Program Files\GFI\LANguard Network Security Scanner 3\unins000.exe"
Google Earth-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer-->regsvr32 /u /s "i:\windows\googletoolbar2.dll"
Gordian Knot Rip Pack 0.33.1-->I:\Program Files\GordianKnot\uninst.exe
GrabIt 1.7.1 Beta (build 960)-->"I:\Program Files\GrabIt\unins000.exe"
Gravis Xperience 4.5-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{13599F5D-20A2-449A-BA81-A7D8B98A8DF1}\Setup.exe" -u
GSpot Codec Information Appliance-->I:\Program Files\GSpot\Uninstall.exe
GTAIII-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{92B94569-6683-4617-8C54-EB27A1B51B30}\Setup.exe" -l0x9
Handmark Pocket Express™ for Windows Mobile™ Smartphone-->I:\WINDOWS\unvise32.exe I:\Program Files\Handmark\Express for Smartphone\uninstal.log
Hard Truck 18 Wheels of Steel-->I:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1096C4FA-CC07-4BE1-B73F-77BDFF4916B8}
Heavy_K's Advanced Nick Changer v1.2-->I:\WINDOWS\st6unst.exe -n "I:\Program Files\AdvNickChanger\ST6UNST.LOG"
HijackThis 2.0.2-->"I:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"I:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"I:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"I:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HT Video Editor-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{68EA3F21-862F-47F5-8410-556FD3C2CA67}\Setup.exe" -l0x9
ICQ-->I:\PROGRA~1\ICQ\ICQUninstall.EXE
iHateSpam-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{5D7564B5-864C-4967-858D-8030E45A6C69}\Setup.exe" -l0x9
InCD-->I:\WINDOWS\NuNInst.exe /UNINSTALL
Intel® PRO Network Adapters and Drivers-->Prounstl.exe
Intel® PROSet-->MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
InterActual Player-->I:\Program Files\InterActual\InterActual Player\inuninst.exe
InterVideo WinDVD 6-->"I:\Program Files\InstallShield Installation Information\{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}\setup.exe" REMOVEALL
InterVideo WinDVD Creator-->"I:\Program Files\InstallShield Installation Information\{9933F0EE-DFCD-4829-B979-3C56C367CB1A}\setup.exe" REMOVEALL
InterVideo WinDVD Platinum-->"I:\Program Files\InstallShield Installation Information\{8DC9BEFF-07FC-4631-BBF4-8F00F74953C2}\setup.exe" REMOVEALL
InterVideo WinDVR 3-->"I:\Program Files\InstallShield Installation Information\{6BF4613C-0A46-43AA-8FA8-0CB9F2C1A548}\setup.exe" REMOVEALL
IP Scan Master 99-->I:\WINDOWS\st6unst.exe -n "I:\Program Files\IP Scan Master 99\ST6UNST.LOG"
ISO-->I:\WINDOWS\uninst.exe -f"I:\Program Files\elite\ISO\DeIsL1.isu" -c"I:\Program Files\elite\ISO\_ISREG32.DLL"
IsoBuster 1.8-->"I:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iSpeed for Windows-->"I:\Program Files\iSpeed\unins000.exe"
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java 2 Runtime Environment, SE v1.4.2_06-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142060}
Java Web Start-->"I:\Program Files\Java Web Start\uninst-javaws.exe"
Java™ 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Jewel Case Creator-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Adaptec\Shared\Jewel Case Creator\Uninst.isu"
Juno-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{92F36672-245D-11D5-AC74-00105A0CF83E}\setup.exe" Uninstall
Kali II-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Kali\Uninst.isu" -c"I:\Program Files\Kali\UnInst.DLL
Kaspersky AntiVirus for WinGate-->MsiExec.exe /X{394C31CB-D957-44A8-8C23-C7F4634E5F86}
Kodak EasyShare software-->MsiExec.exe /I{11DB853A-6966-4724-BEAD-793C48AC8C54}
KWC USB to K7 Cable Drivers-->I:\WINDOWS\system32\ftdiunin.exe I:\WINDOWS\system32\ftdiun2k.ini
Kyocera Phone Desktop-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{79F10078-ACEF-11D3-B622-00805FC13B9B}\setup.exe" -uninst
Lexmark 5000 Series-->I:\Program Files\Lexmark 5000 Series\Install\x86\Uninst.exe
ListMaker-->I:\WINDOWS\st6unst.exe -n "I:\Program Files\ListMaker\ST6UNST.LOG"
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "I:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
Logitech® Camera Driver-->"I:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Macromedia Dreamweaver MX 2004-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x9 mmUninstall
Macromedia Extension Manager-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
Macromedia Flash 5-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{4C93C363-414E-11D4-9756-00C04F8EEB39}\Setup.exe" UNINSTALL
Magellan POI File Editor-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{104A059B-CD20-4632-A8F6-D8C80E14782D}\Setup.exe" -l0x9
Magic ISO Maker v5.3 (build 0216)-->I:\PROGRA~1\MagicISO\UNWISE.EXE I:\PROGRA~1\MagicISO\INSTALL.LOG
Mall Of America Tycoon-->I:\WINDOWS\unvise32.exe p:\Mall Of America Tycoon\uninstal.log
Metabyte WickedGL-->I:\WINDOWS\uninst.exe -f"I:\Program Files\Metabyte\WickedGL\DeIsL1.isu" -c"I:\Program Files\Metabyte\WickedGL\_ISREG32.DLL"
MetaProducts StartUp Organizer-->I:\Program Files\StartUp Organizer\so.exe /UnInstall
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Age of Empires II-->"P:\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Compression Client Pack 1.0 for Windows XP-->"I:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"I:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Money 2007 Home & Business-->"I:\Program Files\Microsoft Money 2007\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Money Shared Libraries-->MsiExec.exe /X{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Report Viewer Redistributable 2005-->I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Report Viewer Redistributable 2005\install.exe
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"I:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Virtual PC 2004-->MsiExec.exe /X{4082365B-0985-499A-920D-E4D4414DC58F}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Windows Server Update Services 3.0 SP1 Console-->I:\Program Files\Update Services\Setup\WusSetup.exe /u
Minimizer-XP-->RunDll32 advpack.dll,LaunchINFSection I:\WINDOWS\INF\MINI-XP.INF, DefaultUninstall.ntx86
mIRC-->"I:\Downloader\mirc.exe" -uninstall
Morpheus 2.0-->I:\PROGRA~1\Morpheus\UNWISE.EXE /U I:\PROGRA~1\Morpheus\INSTALL.LOG
Motherboard Monitor 5-->"I:\Program Files\Motherboard Monitor 5\unins000.exe"
Motorola Driver Installation-->MsiExec.exe /I{3EE117D4-CD47-4985-B507-BEA2DACC43BD}
Motorola PST-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{8CC5BF82-4DD4-11D4-A39F-00C04F05E3F0}\Setup.exe" -l0x9 anything
Motorola Software Update-->MsiExec.exe /I{61DE738B-CA77-4B59-B9D3-67226BB7DCE3}
MotoTriage-->MsiExec.exe /I{74376B57-E824-4802-9485-902ED68FE80B}
Mozilla Firefox (3.0.1)-->I:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3Producer-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{844D7D19-0843-46FD-B2A9-8E1ED788765B}\Setup.exe"
Mpeg Layer3 Codec FHG-Radium v1.263-->I:\WINDOWS\UNWISE.EXE I:\PROGRA~1\L3CODE~1\INSTALL.LOG
MPEG4 Direct Maker v4.0.8.18-->I:\PROGRA~1\MPEG4D~1\UNWISE.EXE I:\PROGRA~1\MPEG4D~1\INSTALL.LOG
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mummy Maze Deluxe 1.1z-->I:\Program Files\PopCap Games\Mummy Maze Deluxe\UnGins.exe "I:\Program Files\PopCap Games\Mummy Maze Deluxe\install.log"
MUSICMATCH® Jukebox-->I:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.exe
My Drivers 3.00-->I:\PROGRA~1\MYDRIV~1\UNWISE.EXE I:\PROGRA~1\MYDRIV~1\INSTALL.LOG
MYIE2 Browser (remove only)-->I:\Program Files\MYIE2\MYIE2UINST.exe
NeoTrace Pro 3.2-->I:\PROGRA~1\NEOTRA~1\UNWISE.EXE I:\PROGRA~1\NEOTRA~1\INSTALL.LOG
Nero 6 Ultra Edition-->I:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Media Player-->I:\WINDOWS\UNNMP.exe /UNINSTALL
Nero PhotoShow Express-->"I:\Program Files\Ahead\Nero PhotoShow\data\Xtras\Uninstall.exe"
NeroMIX-->I:\WINDOWS\UNNMIX.exe /UNINSTALL
NeroVision Express 3-->I:\WINDOWS\UNNeroVision.exe /UNINSTALL
NetObjects Fusion 8 Trial-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{75D38EA5-B050-4CB6-B769-21011D3F7390}\setup.exe" -l0x9 anything -uninst
NetPatrol BETA-->MsiExec.exe /X{96DFDB22-C5FC-49C8-9643-8AA0ECFA0871}
NewsLeecher v3.95 Beta 3-->"I:\Program Files\NewsLeecher\unins000.exe"
NMapWin-->I:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EEF130E5-FC17-4EA8-8796-2F422AC7D7D8}
Norton Internet Security-->I:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.1.0.33\InstStub.exe /X
Norton SystemWorks (Symantec Corporation)-->"I:\Program Files\Common Files\Symantec Shared\SymSetup\{F0E8CB62-6A1C-4e55-BCD9-1A0F7527B64A}_12_0_0_52\SymSetup.exe" /X
Norton Utilities-->MsiExec.exe /I{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}
Nuke Pack 1.00 for Pocket Tanks Deluxe-->"I:\Program Files\Pocket Tanks Deluxe\unins002.exe"
NukeNabber 2.5-->I:\Program Files\NukeNabber\Setup\Setup.exe /u
NVIDIA Drivers-->I:\WINDOWS\system32\nvudisp.exe UninstallGUI
Opera 6.03 (Win32)-->I:\PROGRA~1\Opera\UnInst\UNWISE.EXE I:\PROGRA~1\Opera\UnInst\Install.log
Palace Uninstall-->i:\Program Files\Communities.com\ThePalace\Unwise32.exe i:\Program Files\Communities.com\ThePalace\Install.log
PayPal Payment Request Wizard for Outlook Express-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{29F46CDB-55A1-4FCA-AB22-1F3481097424}\Setup.exe" -l0x9
PDF Generator 1.37-->"I:\Program Files\PDF Generator\unins000.exe"
PeerGuardian 2.0-->"I:\Program Files\PeerGuardian2\unins000.exe"
PerformanceTest-->MsiExec.exe /X{849089CF-4988-49ED-A2DD-110CD5D9D7E8}
PHP 4.2.2-->I:\WINDOWS\system32\UNWISE.EXE I:\WINDOWS\system32\INSTALL.LOG
Pocket Tanks Deluxe 1.00a-->"I:\Program Files\Pocket Tanks Deluxe\unins000.exe"
PokerStars-->I:\Program Files\PokerStars\Uninstall.EXE /u:"PokerStars"
PowerDVD-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerISO-->"I:\Program Files\PowerISO\uninstall.exe"
PowerPanel Plus-->I:\Program Files\PowerPanelPlus\uninstal.exe -Remove
PowerQuest PartitionMagic 7.0-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}\Setup.exe"
PowerQuest PartitionMagic 8.0 Demo-->I:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
PowerStrip 3 (remove only)-->I:\Program Files\PowerStrip\uninstal.exe
Powertoys For Windows XP-->MsiExec.exe /I{6C31E111-96BB-4ADC-9C81-E6D3EEDDD8D3}
PrintMaster Gold 4.00-->i:\PROGRA~1\pmw\msrun.exe Unins
PTDD Partition Table Doctor 3.0-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{1CFF36CE-2A4C-4ABD-9251-284491A383D2}\Setup.exe" Uninstall
QPST-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{31228E31-2BFF-11D2-8866-00805F0D9D40}\Setup.exe" -uninst
Qtraxmax-->I:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{0104E6D2-BF02-46DA-BABD-1F1476C5B523}
QuickBooks Premier Edition 2004-->I:\Program Files\Installshield Installation Information\{2b02f824-a9b9-458c-80e5-3ea8c0de8471}\QBReplace.exe {2b02f824-a9b9-458c-80e5-3ea8c0de8471}#{2B02F82E-A9B9-458C-80E5-3EA8C0DE8471}
QuickLink Mobile-->I:\PROGRA~1\QUICKL~1\UNWISE.EXE I:\PROGRA~1\QUICKL~1\INSTALL.LOG
QuickTime-->I:\WINDOWS\unvise32qt.exe I:\WINDOWS\System32\QuickTime\Uninstall.log
QXDM-->MsiExec.exe /I{2AD4F22F-F271-4F7A-A2B1-0774A1D7A128}
RAR Password Cracker (remove only)-->I:\Program Files\RAR Password Cracker\uninstall.exe
RealPlayer-->I:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RealServer 8.0-->I:\Program Files\Real\RealServer\rnuninst.exe RealNetworks|RealMedia Server|8.0
ReGet Deluxe 4.0-->I:\Program Files\ReGetDx\regetdx.exe -uninstall
Registry Mechanic-->"I:\Program Files\Registry Mechanic\unins000.exe"
River Past Video Perspective-->I:\WINDOWS\Video Perspective Uninstaller.exe
RM to MP3 Converter 1.01-->"I:\Program Files\RM to MP3 Converter\unins000.exe"
RSD CDMA General 5.1.8-->MsiExec.exe /I{A4342E37-6D5A-4A8A-8187-9760AB6DD0F2}
R-Studio Agent Emergency v1.0-->"I:\Program Files\R-Studio Agent Emergency\unins000.exe"
R-Studio Demo v2.0-->"I:\Program Files\R-Studio Demo\unins000.exe"
RunAlyzer-->"I:\Program Files\Safer Networking\RunAlyzer\unins000.exe"
Santas Workshop Screen Saver-->I:\PROGRA~1\SCREEN~1.COM\SANTAS~1\UNINSTAL.EXE /U I:\PROGRA~1\SCREEN~1.COM\SANTAS~1\INSTALL.LOG
Security Update for Windows Media Player (KB952069)-->"I:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"I:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"I:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"I:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"I:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"I:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"I:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"I:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"I:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"I:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"I:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"I:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"I:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"I:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"I:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"I:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"I:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953155)-->"I:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"I:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"I:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"I:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"I:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"I:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"I:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"I:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"I:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"I:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"I:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"I:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"I:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"I:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"I:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"I:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Serials 2000-->"C:\corey\Serials 2000\uninst-s2k.exe"
Serv-U-->I:\PROGRA~1\Serv-U\UNWISE.EXE I:\PROGRA~1\Serv-U\SERVUI~1.LOG
Shipping Assistant 3.5-->MsiExec.exe /X{15C77FC3-8137-4A5E-8F81-F559045DD6B0}
SiSoftware Sandra Standard 2004.SP2 (Win32 x86)-->"I:\Program Files\SiSoftware\SiSoftware Sandra Standard 2004.SP2 (Win32 x86)\unins000.exe"
SKTools Lite-->I:\Program Files\Microsoft ActiveSync\SKTools Lite\Uninstall.exe SKTools Lite
SlimBrowser (remove only)-->"I:\Program Files\SlimBrowser\uninst.exe"
SmartFTP-->MsiExec.exe /I{11C762F9-95EA-486A-A8E7-683A50C231C1}
Snazzy Freeware Safe List Submitter V1.1-->"I:\Program Files\Snazzy Freeware Safe List Submitter\unins000.exe"
Sniffer Pro 4.7-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\NAI\SnifferNT\Uninst.isu" -c"I:\Program Files\NAI\SnifferNT\Program\Win2K\snifcfg.dll"
Snood for Windows version 3.0-W-->"I:\Program Files\Snood\unins000.exe"
Sound Blaster Audigy-->I:\Program Files\Creative\Uninstall\CTUNINST.EXE /U:UNINST1.INI
SpeedFan (remove only)-->"I:\Program Files\SpeedFan\uninstall.exe"
Spinner-->I:\WINDOWS\ISUNINST.EXE -f"I:\Program Files\Spinner\uninst.isu" -c"I:\Program Files\Spinner\program\uninst.dll"
Starcraft-->I:\WINDOWS\SCunin.exe I:\WINDOWS\SCunin.dat
StrokeIt (remove only)-->"I:\Program Files\Strokeit\uninstall.exe"
StuffIt Standard-->I:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{7D863662-0AB4-40BD-AD9F-A2ED548C3187}
StyleXP (remove only)-->"I:\Program Files\TGTSoft\StyleXP\StyleXP-uninstall.exe"
SubmitWolf v4.0-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\TRELLIAN\SubmitWolf\Uninst.isu"
System Requirements Lab-->I:\Program Files\SystemRequirementsLab\Uninstall.exe
Systweak Advanced Registry Optimizer (Shareware Release)-->"I:\Program Files\Advanced Registry Optimizer\unins000.exe"
Systweak Advanced Windows Cleaner (Shareware Release)-->"I:\Program Files\Advanced Windows Cleaner\unins000.exe"
Systweak CacheBoost Enterprise Edition (Registered Version)-->"I:\Program Files\CacheBoost\unins001.exe"
The Detector-->I:\WINDOWS\iun3405.exe I:\Program Files\The Detector
the MPEG Suite 2001-->I:\PROGRA~1\MPEGSU~1\UNWISE.EXE I:\PROGRA~1\MPEGSU~1\INSTALL.LOG
The PalaceServer for Windows-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\Communities.com\PalaceServer\Uninst.isu"
The Sims 2-->p:\The Sims 2\EAUninstall.exe
Tibia 7.81-->"I:\Program Files\Tibia\unins000.exe"
Total Commander (Remove or Repair)-->I:\program files\totalcmd\tcuninst.exe
Trillian-->I:\Program Files\Trillian\trillian.exe /uninstall
Turbo Lister 2-->I:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
TurboTax Deluxe 2007-->I:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "I:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
Tweak-XP Pro 4-->I:\WINDOWS\iun6002.exe "I:\Program Files\Tweak-XP Pro 4\irunin.ini"
UltraISO Premium V9.3-->"I:\Program Files\UltraISO\unins000.exe"
UnrealIRCd3.2-RC1-->"I:\Program Files\Unreal3.2\unins000.exe"
Update for Windows XP (KB951072-v2)-->"I:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"I:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"I:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
UseNeXT-->C:\corey\Snood
VCDEasy-->"I:\Program Files\VCDEasy\unins000.exe"
Video Server Wrapper Codec (remove only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 I:\WINDOWS\INF\aviwrap.inf
Viewpoint Manager (Remove Only)-->I:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player-->I:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VisualRoute 5.0-->I:\WINDOWS\IsUninst.exe -f"I:\Program Files\VisualRoute 5\Uninst.isu"
VNC Enterprise Edition 4.1.4-->"I:\Program Files\RealVNC\VNC4\unins000.exe"
VobSub v2.23 (Remove Only)-->"I:\Program Files\Gabest\VobSub\uninstall.exe"
War FTP Daemon-->I:\Program Files\War-ftpd\Uninstall.exe "I:\Program Files\War-ftpd\.UnInst.inf"
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
webcamXP 2007-->"I:\Program Files\webcamXP\wxp-uninst.exe"
WIBU-KEY Setup (WIBU-KEY Remove)-->I:\Program Files\WIBUKEY\Setup\SETUP32.EXE /R:{00060000-0000-1004-8002-0000C06B5161}
Winamp [Key]Controller v4.0 (remove only)-->"C:\corey\Winamp5\uninstwkc4.exe"
Winamp BrowserBar-->I:\PROGRA~1\WINAMP~1\UNWISE.EXE I:\PROGRA~1\WINAMP~1\INSTALL.LOG
Winamp-->"C:\corey\Winamp5\UninstWA.exe"
WinAVIVideoConverter-->"I:\Program Files\WinAVIVideoConverter\unins000.exe"
WinBot IRC Client (remove only)-->I:\Documents and Settings\CoReY MiLLeR\D
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Installer Clean Up-->MsiExec.exe /I{121634B0-2F4A-11D3-ADA3-00C04F52DD53}
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Media Format 11 runtime-->"I:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"I:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"I:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"I:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Messenger 5.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314B10138}
Windows Support Tools-->MsiExec.exe /I{8398B542-3CC4-44D9-83DF-696CCE70124B}
Windows XP Hotfix - KB888240-->I:\WINDOWS\$NtUninstallKB888240$\spuninst\spuninst.exe
Windows XP Service Pack 3-->"I:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinGate 5.2.2-->I:\Program Files\WinGate\unwise.exe I:\PROGRA~1\WinGate\install.log
WinISO 5.3-->"I:\Program Files\WinISO\unins000.exe"
WinMX-->I:\Program Files\WinMX\uninstall.exe
WinPcap 3.1 beta3-->"I:\Program Files\WinPcap\Uninstall.exe" "I:\Program Files\WinPcap\install.log"
WinRAR archiver-->I:\Program Files\WinRAR\uninstall.exe
WinTasks 4 Professional-->"I:\Program Files\WinTasks\unins000.exe"
XBOX-->"I:\WINDOWS\lsb_un20.exe" /C=UC /N=XBOX
XviD MPEG-4 Codec-->"I:\Program Files\XviD\UninstXviD.exe"
Yahoo! Messenger-->I:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U I:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Ten Pin Championship Bowling-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{6DE14135-AC19-459A-8A1F-C2AA0AD2D9F7}\Setup.exe" -l0x9 -uninst
zbattle.net 1.09 beta-->"I:\Program Files\zbattle.net\unins000.exe"
Zend Optimizer-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{8FBAFB22-217A-4F11-8869-A8D611BD87AA}\Setup.exe" -l0x9

======Hosts File======

127.0.0.1 localhost
127.0.0.1 i.i.com.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com

======Security center information======

AV: ThreatFire

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;I:\Program Files\NMapWin\\bin;I:\Program Files\Support Tools;I:\Program Files\Microsoft SQL Server\80\Tools\Binn;I:\Program Files\Common Files\Adobe\AGL;I:\Program Files\FastSum
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=0304
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"NMAPDIR"=I:\Program Files\NMapWin\
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 Corey Miller

Corey Miller
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:14 PM

Posted 18 December 2008 - 07:43 PM

Please delete or close this post, I have decided to reinstall my computer. It has had xp on it since the day it came out.....time for a reload.....by the way thanks for your amazing combofix program, thats one tool I will not loose track of.

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:03:14 PM

Posted 26 December 2008 - 04:36 PM

Thanks for letting us know. :thumbsup:

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users