Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus 2009 Popup/Automatic Updates can't be enabled/Other malware infection


  • This topic is locked This topic is locked
15 replies to this topic

#1 ValerieVendetta

ValerieVendetta

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 08 January 2009 - 10:29 AM

Hi,

I'm new to BC and i'm here because i desperately need help. Have been trolling around Google and other forums but to no avail. Hopefully i might receive some help that might fix the problems that i'm encountering. Thanks to all in advance.

I believe i have been infected some sort of virus. The first thing that i encountered was that my Windows Automatic Updates was turned off. The red symbol with an 'X' appeared in the taskbar and when i tried to go to Security Centre to turn it back on, it just doesn't register. It remains off. I ran services.msc to switch on BITS and AU (according to the Microsoft site). While i managed to turn on BITS, AU could not be started (Error 1058: The service cannot be started, Either because it is disabled or because it has no enabled devices associated with it.).

And throughout all this while, a separate web browser tab keeps opening up randomly prompting me to install 'Antivirus 2009' and warning me about detecting malicious malware and trojans on my computer. I closed all the associated windows and did not install any of the software that they prompted me to. I proceeded to use Spybot Search & Destroy to attempt to remove the virus. It did detect some viruses (a total of 26 problems on the first run and 9 on the second). I remembered that one of the viruses was Virtumonde or something along those lines and another Smith-something (sorry i did not take down the results). BitDefender Antivirus did not detect any viruses on its full system scans. I removed all these detected problems.

However, i am still unable to enable Automatic Updates. I chanced upon BleepingComputers and saw that someone managed to solve a similar problem at this page:
http://forums.techguy.org/windows-nt-2000-...-automatic.html

I have downloaded ComboFix but i have not ran it yet, advised by the tutorial i read. I have ran DDS though and i have attached the DDS.txt.

I have been wrecking my mind trying to fix this problem for many hours and hopefully someone might be of help. I would really appreciate it if anyone could shed some light on my problem and i sincerely thank you for taking time to give me a hand here. Never felt so lost as to what to do right now. I have stopped all internet banking and credit card transactions for fear of my machine being unsafe. Can anyone help me?

Best regards,
Aloysius Ang



DDS.txt


DDS (Ver_09-01-07.01) - NTFSx86
Run by aloysius at 23:12:46.16 on Thu 01/08/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3070.2138 [GMT 8:00]

AV: Bitdefender Antivirus *On-access scanning enabled* (Updated)
FW: Bitdefender Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Razer\Lycosa\razertra.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Documents and Settings\aloysius\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: {206332cb-8267-40ac-bbc6-2061e993bdf9} - c:\windows\system32\cbXRLeBR.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\wvUnOiJB.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {0594de13-29f7-8d7a-7344-86a9dde3e099}: {990e3edd-9a68-4437-a7d8-7f9231ed4950} - c:\windows\system32\qygwkb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [BDMCon] "c:\program files\softwin\bitdefender10\bdmcon.exe" /reg
mRun: [BDAgent] "c:\program files\softwin\bitdefender10\bdagent.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Lycosa] "c:\program files\razer\lycosa\razerhid.exe"
mRun: [Lachesis] c:\program files\razer\lachesis\razerhid.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: {4ADD4A0B-2C99-4D1E-9344-8E9545FAA59A} = 165.21.100.88,165.21.83.88
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: wvUnOiJB - wvUnOiJB.dll
AppInit_DLLs: sockspy.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\wvUnOiJB.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\cbXRLeBR

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\aloysius\applic~1\mozilla\firefox\profiles\kugh3k4w.default\
FF - prefs.js: browser.startup.homepage - www.google.com

============= SERVICES / DRIVERS ===============

R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [2008-12-9 12032]
R3 LycoFltr;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [2008-12-9 16896]
R4 LinksysUpdater;Linksys Updater;c:\program files\linksys\linksys updater\bin\LinksysUpdater.exe [2008-3-29 204800]

=============== Created Last 30 ================

2009-01-08 20:00 136,897 a--sh--- c:\windows\system32\RBeLRXbc.ini2
2009-01-08 19:18 95 a------- c:\windows\wininit.ini
2009-01-08 18:07 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-01-08 18:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-01-08 17:16 63,040 a------- c:\windows\system32\PnkBstrA.exe
2009-01-08 17:16 138,184 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-01-08 17:16 183,112 a------- c:\windows\system32\PnkBstrB.exe
2009-01-08 17:13 126,976 a------- c:\windows\system32\qygwkb.dll
2009-01-08 17:13 126,976 a------- c:\windows\system32\vfoqbtxx.dll
2009-01-08 17:12 139,141 a--sh--- c:\windows\system32\RBeLRXbc.ini
2009-01-08 17:12 303,104 a------- c:\windows\system32\cbXRLeBR.dll
2009-01-08 17:10 35,328 a------- c:\windows\system32\mlJAQgfc.dll
2009-01-08 17:09 35,328 a------- c:\windows\system32\hgGyaYqq.dll
2009-01-08 17:08 35,328 a------- c:\windows\system32\tuvTjGWp.dll
2009-01-08 17:07 35,328 a------- c:\windows\system32\wvUnOiJB.dll
2009-01-08 16:58 <DIR> --d----- c:\program files\EA Games
2008-12-22 15:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Tages
2008-12-22 15:42 <DIR> --d----- c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2008-12-22 15:42 278,984 a------- c:\windows\system32\drivers\atksgt.sys
2008-12-22 15:42 25,416 a------- c:\windows\system32\drivers\lirsgt.sys
2008-12-22 15:40 73,728 a------- c:\windows\system32\ISUSPM.cpl
2008-12-22 15:40 <DIR> --d----- c:\program files\The Adventure Company
2008-12-20 21:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SimCity Societies
2008-12-20 04:17 107,888 a------- c:\windows\system32\CmdLineExt.dll
2008-12-17 04:31 201,157 a------- c:\windows\system32\nvapps.nvb
2008-12-17 04:31 <DIR> --d----- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2008-12-17 04:30 195,368 a------- c:\windows\system32\nvapps.xml
2008-12-17 04:30 18,477 a------- c:\windows\system32\nvdisp.nvu
2008-12-17 04:23 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-17 04:21 <DIR> --d----- c:\program files\SystemRequirementsLab
2008-12-11 15:17 81,768 a------- c:\windows\system32\xinput1_3.dll
2008-12-11 15:17 261,480 a------- c:\windows\system32\xactengine2_7.dll
2008-12-11 15:17 443,752 a------- c:\windows\system32\d3dx10_33.dll
2008-12-11 15:17 1,123,696 a------- c:\windows\system32\D3DCompiler_33.dll
2008-12-11 15:16 3,495,784 a------- c:\windows\system32\d3dx9_33.dll
2008-12-11 15:16 255,848 a------- c:\windows\system32\xactengine2_6.dll
2008-12-11 15:16 251,672 a------- c:\windows\system32\xactengine2_5.dll
2008-12-11 15:15 3,426,072 a------- c:\windows\system32\d3dx9_32.dll
2008-12-11 15:15 237,848 a------- c:\windows\system32\xactengine2_4.dll
2008-12-11 15:15 15,128 a------- c:\windows\system32\x3daudio1_1.dll
2008-12-11 15:15 2,414,360 a------- c:\windows\system32\d3dx9_31.dll
2008-12-11 15:15 236,824 a------- c:\windows\system32\xactengine2_3.dll
2008-12-11 15:15 62,744 a------- c:\windows\system32\xinput1_2.dll
2008-12-11 15:10 2,297,552 a------- c:\windows\system32\d3dx9_26.dll
2008-12-10 19:11 <DIR> --d----- c:\program files\MONOGRAM AMR SplitterDecoder
2008-12-10 19:11 <DIR> --d----- c:\program files\CD Audio Reader Filter
2008-12-10 19:11 <DIR> --d----- c:\program files\DScaler5
2008-12-10 19:11 <DIR> --d----- c:\program files\OpenSource Flash Video Splitter
2008-12-10 19:10 <DIR> --d----- c:\program files\RealMedia
2008-12-10 19:09 <DIR> --d----- c:\program files\SHOUTcast Source
2008-12-10 19:09 <DIR> --d----- c:\program files\Haali
2008-12-10 19:09 <DIR> --d----- c:\program files\DSP-worx
2008-12-10 19:09 <DIR> --d----- c:\program files\VideoLAN
2008-12-10 19:08 7,680 a------- c:\windows\system32\ff_vfw.dll
2008-12-10 19:08 547 a------- c:\windows\system32\ff_vfw.dll.manifest
2008-12-10 19:08 60,273 a------- c:\windows\system32\pthreadGC2.dll
2008-12-10 19:08 <DIR> --d----- c:\program files\ffdshow
2008-12-10 19:07 <DIR> --d----- c:\program files\DirectVobSub
2008-12-10 19:06 <DIR> --d----- c:\program files\Zoom Player
2008-12-10 18:32 <DIR> --d----- c:\program files\uTorrent
2008-12-10 18:31 <DIR> --d----- c:\docume~1\aloysius\applic~1\uTorrent
2008-12-10 02:10 32,592 a------- c:\windows\system32\msonpmon.dll
2008-12-10 01:58 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
2008-12-10 01:57 <DIR> --d----- c:\windows\SHELLNEW
2008-12-09 23:16 729,088 a------- c:\windows\iun6002.exe

==================== Find3M ====================

2009-01-08 23:12 81,984 a------- c:\windows\system32\bdod.bin
2008-12-09 21:50 77,277 a------- c:\windows\War3Unin.dat
2008-12-09 19:45 2,829 a------- c:\windows\War3Unin.pif
2008-12-09 19:45 139,264 a------- c:\windows\War3Unin.exe
2008-12-09 18:49 716,272 a------- c:\windows\system32\drivers\sptd.sys
2008-12-09 18:40 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-12-09 16:44 141,148 a------- c:\windows\hpoins14.dat
2008-12-09 03:54 262,144 a------- c:\windows\system32\wrap_oal.dll
2008-12-09 03:54 86,016 a------- c:\windows\system32\OpenAL32.dll
2008-12-09 03:27 21,640 a------- c:\windows\system32\emptyregdb.dat
2008-11-12 14:54 801,312 a------- c:\windows\system32\nvcplui.exe
2008-11-12 14:54 453,152 a------- c:\windows\system32\nvudisp.exe
2008-11-12 13:45 453,152 a------- c:\windows\system32\NVUNINST.EXE
2008-10-23 21:01 283,648 a------- c:\windows\system32\gdi32.dll
2008-10-17 04:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:07 208,744 a------- c:\windows\system32\muweb.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-13 09:56 70,936 a------- c:\windows\system32\PhysXLoader.dll

============= FINISH: 23:13:19.24 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 12 January 2009 - 02:39 PM

Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.




NEXT


Please download RSIT by random/random and save it to your Desktop.
  • Double click on RSIT.exe to run RSIT
  • Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.



NEXT


Please download GMER and unzip it to your Desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.


Post me these logs in your next reply.. Post each log in separate post..

1. Malwarebytes'
2. RSIT log.txt
3. RSIT info.txt
4. Attach GMER result..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 13 January 2009 - 12:29 PM

Thanks so much for your reply. :thumbsup:
As requested, i've ran all the 3 programs. This is the MBAM one. I'm not sure if this is supposed to be the case, but my Automatic Updates are still disabled.

---

Malwarebytes' Anti-Malware 1.32
Database version: 1648
Windows 5.1.2600 Service Pack 2

1/14/2009 1:11:42 AM
mbam-log-2009-01-14 (01-11-42).txt

Scan type: Full Scan (C:\|D:\|G:\|)
Objects scanned: 167645
Time elapsed: 47 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 5
Registry Keys Infected: 17
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 30

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\cbXRLeBR.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hgeebyyc.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\wvUnOiJB.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ocarmymd.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\qygwkb.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvunoijb (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990e3edd-9a68-4437-a7d8-7f9231ed4950} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{990e3edd-9a68-4437-a7d8-7f9231ed4950} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c38bfc1e-15e2-446c-a4bc-52f2157b2936} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{c38bfc1e-15e2-446c-a4bc-52f2157b2936} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c38bfc1e-15e2-446c-a4bc-52f2157b2936} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{990e3edd-9a68-4437-a7d8-7f9231ed4950} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\cbxrlebr -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\cbxrlebr -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\wvUnOiJB.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\qygwkb.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\cbXRLeBR.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\RBeLRXbc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\RBeLRXbc.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\agpyyqxw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wxqyypga.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgeebyyc.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\cyybeegh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hkncvpvg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gvpvcnkh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ypepygdf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fdgypepy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ocarmymd.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\aloysius\Local Settings\Temporary Internet Files\Content.IE5\74Q5I6J0\divx[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\aloysius\Local Settings\Temporary Internet Files\Content.IE5\T1ZEQI2Q\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\aloysius\Local Settings\Temporary Internet Files\Content.IE5\TI918GXI\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gotskciq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jdskwy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mlJAQgfc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pxefmmfs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtpmff.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rxatnf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vfoqbtxx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\denjls.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGyaYqq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\loygvh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jmrnsbvv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\htpevaou.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tuvTjGWp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

Edited by ValerieVendetta, 13 January 2009 - 12:32 PM.


#4 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 13 January 2009 - 12:31 PM

Here's the RSIT info.

---


info.txt logfile of random's system information tool 1.05 2009-01-14 01:16:37

======Uninstall list======

-->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ASUSUpdate-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0x9
BitDefender Antivirus Plus v10-->MsiExec.exe /I{22524CA1-515C-4153-9807-52AE65F73B5F}
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CD Audio Reader Filter (remove only)-->"C:\Program Files\CD Audio Reader Filter\uninstall.exe"
DC-Bass Source 1.1.1-->"C:\Program Files\DSP-worx\DC-Bass Source\Uninstall.exe"
DirectVobSub (remove only)-->"C:\Program Files\DirectVobSub\uninstall.exe"
Dracula Origin-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35A0C956-ACF1-41AB-89DE-1772C8A27ACB}\setup.exe" -l0x9 -removeonly
DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe"
ffdshow [rev 1685] [2007-12-06]-->"C:\Program Files\ffdshow\unins000.exe"
Garena-->C:\Program Files\InstallShield Installation Information\{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}\setup.exe -runfromtemp -l0x0009 -removeonly
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
iTunes-->MsiExec.exe /I{9F70BF98-003C-491D-81FC-FF9792206AF0}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Linksys EasyLink Advisor-->"C:\Program Files\InstallShield Installation Information\{3B0819D0-501C-47A1-8122-84800ACD5F41}\setup.exe" -runfromtemp -l0x0409 -removeonly
Linksys EasyLink Advisor-->MsiExec.exe /I{3B0819D0-501C-47A1-8122-84800ACD5F41}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MONOGRAM AMR Splitter/Decoder (remove only)-->"C:\Program Files\MONOGRAM AMR SplitterDecoder\uninstall.exe"
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Need for Speed™ Undercover-->MsiExec.exe /X{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
OpenSource Flash Video Splitter (remove only)-->"C:\Program Files\OpenSource Flash Video Splitter\uninstall.exe"
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Razer Lachesis-->C:\Program Files\InstallShield Installation Information\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}\setup.exe -runfromtemp -l0x0009 -removeonly
Razer Lycosa-->C:\Program Files\InstallShield Installation Information\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}\setup.exe -runfromtemp -l0x0009 -removeonly
RealMedia (remove only)-->"C:\Program Files\RealMedia\uninstall.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SHOUTcast Source (remove only)-->"C:\Program Files\SHOUTcast Source\uninstall.exe"
SimCity™ Societies-->MsiExec.exe /X{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x9 -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WebEx Support Manager for Internet Explorer-->MsiExec.exe /I{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}
Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\usbicp_148F9D51ADD758FCD4B68B61FF903F813AA2083E\usbicp.inf
Windows Driver Package - Razer (HidUsb) HIDClass (01/11/2007 1.0)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\flter2k_8C64B007D7BCAA1DFE930B43B84F11E7B5B6D0F1\flter2k.inf
Windows Driver Package - Razer (HidUsb) HIDClass (05/10/2007 1.00)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\lachesis_5474F75C461E8F731AF2FF7FF70E79E8AC52C56D\lachesis.inf
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
YAWLE 0.5b-->C:\WINDOWS\iun6002.exe "C:\Program Files\Warcraft III\irunin.ini"
Zoom Player (remove only)-->"C:\Program Files\Zoom Player\uninstall.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Bitdefender Antivirus
FW: Bitdefender Firewall

System event log

Computer Name: VALERIEVENDETTA
Event Code: 7035
Message: The bdfdll service was successfully sent a start control.

Record Number: 5131
Source Name: Service Control Manager
Time Written: 20090102141407.000000+480
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: VALERIEVENDETTA
Event Code: 7036
Message: The BitDefender Virus Shield service entered the running state.

Record Number: 5130
Source Name: Service Control Manager
Time Written: 20090102141407.000000+480
Event Type: information
User:

Computer Name: VALERIEVENDETTA
Event Code: 7035
Message: The BitDefender Virus Shield service was successfully sent a start control.

Record Number: 5129
Source Name: Service Control Manager
Time Written: 20090102141407.000000+480
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: VALERIEVENDETTA
Event Code: 7036
Message: The BitDefender Scan Server service entered the running state.

Record Number: 5128
Source Name: Service Control Manager
Time Written: 20090102141405.000000+480
Event Type: information
User:

Computer Name: VALERIEVENDETTA
Event Code: 7035
Message: The BitDefender Scan Server service was successfully sent a start control.

Record Number: 5127
Source Name: Service Control Manager
Time Written: 20090102141404.000000+480
Event Type: information
User: NT AUTHORITY\SYSTEM

Application event log

Computer Name: VALERIEVENDETTA
Event Code: 700
Message: MsnMsgr (552) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\aloysius\Local Settings\Application Data\Microsoft\Messenger\zhikai@hotmail.com\SharingMetadata\Working\database_438_DB6_380D_A82E\dfsr.db'.

Record Number: 1053
Source Name: ESENT
Time Written: 20090102020001.000000+480
Event Type: information
User:

Computer Name: VALERIEVENDETTA
Event Code: 701
Message: MsnMsgr (552) Online defragmentation has completed a full pass on database '\\.\C:\Documents and Settings\aloysius\Local Settings\Application Data\Microsoft\Messenger\zhikai@hotmail.com\SharingMetadata\Working\database_438_DB6_380D_A82E\dfsr.db'.

Record Number: 1052
Source Name: ESENT
Time Written: 20090102010001.000000+480
Event Type: information
User:

Computer Name: VALERIEVENDETTA
Event Code: 700
Message: MsnMsgr (552) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\aloysius\Local Settings\Application Data\Microsoft\Messenger\zhikai@hotmail.com\SharingMetadata\Working\database_438_DB6_380D_A82E\dfsr.db'.

Record Number: 1051
Source Name: ESENT
Time Written: 20090102010001.000000+480
Event Type: information
User:

Computer Name: VALERIEVENDETTA
Event Code: 701
Message: MsnMsgr (552) Online defragmentation has completed a full pass on database '\\.\C:\Documents and Settings\aloysius\Local Settings\Application Data\Microsoft\Messenger\zhikai@hotmail.com\SharingMetadata\Working\database_438_DB6_380D_A82E\dfsr.db'.

Record Number: 1050
Source Name: ESENT
Time Written: 20090102000001.000000+480
Event Type: information
User:

Computer Name: VALERIEVENDETTA
Event Code: 700
Message: MsnMsgr (552) Online defragmentation is beginning a full pass on database '\\.\C:\Documents and Settings\aloysius\Local Settings\Application Data\Microsoft\Messenger\zhikai@hotmail.com\SharingMetadata\Working\database_438_DB6_380D_A82E\dfsr.db'.

Record Number: 1049
Source Name: ESENT
Time Written: 20090102000001.000000+480
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------

#5 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 13 January 2009 - 12:33 PM

Here's the RSIT log.

---


Logfile of random's system information tool 1.05 (written by random/random)
Run by aloysius at 2009-01-14 01:16:12
Microsoft Windows XP Professional Service Pack 2
System drive C: has 50 GB (66%) free of 76 GB
Total RAM: 3070 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:16:34 AM, on 1/14/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\java.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Razer\Lycosa\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\aloysius\Desktop\RSIT.exe
C:\Program Files\trend micro\aloysius.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C38BFC1E-15E2-446C-A4BC-52F2157B2936} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DE5E0A6C-784C-4F43-AA84-F5E15D5675E4} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228813994406
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{4ADD4A0B-2C99-4D1E-9344-8E9545FAA59A}: NameServer = 165.21.100.88,165.21.83.88
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 10457 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\uxwpybqb.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-17 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C38BFC1E-15E2-446C-A4BC-52F2157B2936}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-17 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE5E0A6C-784C-4F43-AA84-F5E15D5675E4}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-12-09 290816]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]
"Lycosa"=C:\Program Files\Razer\Lycosa\razerhid.exe [2008-10-16 147456]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2008-10-14 172032]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-17 136600]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-18 486856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-18 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Linksys EasyLink Advisor.lnk]
C:\PROGRA~1\Linksys\LINKSY~1\LINKSY~1.EXE [2008-03-29 110592]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="sockspy.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af478f7c-d133-11dd-b96b-001bfce15185}]
shell\AutoRun\command - WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8b6d84c-c6a5-11dd-b95a-001bfce15185}]
shell\AutoRun\command - WDSetup.exe


======List of files/folders created in the last 3 months======

2009-01-14 01:16:12 ----D---- C:\rsit
2009-01-14 01:16:12 ----D---- C:\Program Files\trend micro
2009-01-14 00:21:52 ----D---- C:\Documents and Settings\aloysius\Application Data\Malwarebytes
2009-01-14 00:21:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 00:21:45 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-09 23:59:34 ----D---- C:\Documents and Settings\aloysius\Application Data\Razer
2009-01-09 17:14:33 ----SH---- C:\WINDOWS\system32\xydoaqrl.ini
2009-01-09 17:07:18 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-09 17:00:24 ----D---- C:\Program Files\NOS
2009-01-09 17:00:24 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-08 19:18:00 ----A---- C:\WINDOWS\wininit.ini
2009-01-08 18:07:38 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-08 18:07:38 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-08 17:16:44 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-01-08 17:16:01 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-01-08 17:13:00 ----A---- C:\WINDOWS\system32\332e6cff-.txt
2009-01-08 17:05:57 ----D---- C:\Documents and Settings\aloysius\Application Data\Leadertech
2009-01-08 16:58:37 ----D---- C:\Program Files\EA Games
2009-01-08 16:58:35 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-01-08 16:58:35 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-01-08 16:58:34 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-01-08 16:58:33 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-01-08 16:58:33 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-01-08 16:58:32 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-01-08 16:58:31 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-01-08 16:58:30 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-01-08 16:58:29 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-01-08 16:58:28 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-08 16:58:28 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-01-08 16:58:26 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-08 16:58:26 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-08 16:58:25 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-08 16:58:24 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-08 16:58:24 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-01-08 16:58:23 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-08 16:58:23 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-08 16:58:22 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-12-22 15:53:47 ----D---- C:\Documents and Settings\aloysius\Application Data\Games
2008-12-22 15:45:28 ----D---- C:\Documents and Settings\All Users\Application Data\Tages
2008-12-22 15:44:51 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-12-22 15:44:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-22 15:43:56 ----D---- C:\Program Files\Common Files\Adobe
2008-12-22 15:42:51 ----D---- C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP
2008-12-22 15:40:06 ----D---- C:\Program Files\The Adventure Company
2008-12-22 04:46:37 ----D---- C:\Documents and Settings\aloysius\Application Data\dvdcss
2008-12-20 21:53:36 ----D---- C:\Documents and Settings\All Users\Application Data\SimCity Societies
2008-12-20 04:17:47 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-12-17 04:31:02 ----D---- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\java.exe
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-17 04:21:24 ----D---- C:\Program Files\SystemRequirementsLab
2008-12-17 04:21:22 ----D---- C:\Documents and Settings\aloysius\Application Data\SystemRequirementsLab
2008-12-17 04:21:14 ----D---- C:\WINDOWS\Sun
2008-12-15 17:34:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-15 17:33:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-15 17:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-15 17:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-11 21:01:34 ----D---- C:\Program Files\Windows Live
2008-12-11 15:18:02 ----D---- C:\Program Files\Electronic Arts
2008-12-11 15:17:43 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-12-11 15:17:31 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-12-11 15:17:08 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-12-11 15:17:07 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-11 15:16:30 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-12-11 15:16:19 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-12-11 15:16:08 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-12-11 15:15:55 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-11 15:15:45 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-12-11 15:15:45 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-12-11 15:15:33 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-12-11 15:15:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-11 15:15:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-11 15:15:08 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-11 15:14:56 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-11 15:14:36 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-11 15:11:43 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-11 15:11:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-11 15:11:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-11 15:11:27 ----D---- C:\Documents and Settings\aloysius\Application Data\Mozilla
2008-12-11 15:11:15 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-11 15:10:59 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-11 15:10:44 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-11 15:10:34 ----D---- C:\Program Files\Mozilla Firefox
2008-12-11 15:10:33 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-11 15:10:24 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-11 15:09:59 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-11 12:23:01 ----D---- C:\Documents and Settings\aloysius\Application Data\AdobeUM
2008-12-11 04:49:53 ----D---- C:\Documents and Settings\aloysius\Application Data\Adobe
2008-12-10 19:13:47 ----D---- C:\Documents and Settings\aloysius\Application Data\vlc
2008-12-10 19:11:52 ----D---- C:\Program Files\MONOGRAM AMR SplitterDecoder
2008-12-10 19:11:47 ----D---- C:\Program Files\CD Audio Reader Filter
2008-12-10 19:11:38 ----D---- C:\Program Files\DScaler5
2008-12-10 19:11:02 ----D---- C:\Program Files\OpenSource Flash Video Splitter
2008-12-10 19:10:32 ----D---- C:\Program Files\RealMedia
2008-12-10 19:09:50 ----D---- C:\Program Files\SHOUTcast Source
2008-12-10 19:09:34 ----D---- C:\Program Files\Haali
2008-12-10 19:09:13 ----D---- C:\Program Files\DSP-worx
2008-12-10 19:09:12 ----D---- C:\Program Files\VideoLAN
2008-12-10 19:08:29 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-12-10 19:08:29 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-12-10 19:08:26 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2008-12-10 19:08:14 ----D---- C:\Program Files\ffdshow
2008-12-10 19:07:23 ----D---- C:\Program Files\DirectVobSub
2008-12-10 19:06:48 ----D---- C:\Program Files\Zoom Player
2008-12-10 18:32:03 ----D---- C:\Program Files\uTorrent
2008-12-10 18:31:58 ----D---- C:\Documents and Settings\aloysius\Application Data\uTorrent
2008-12-10 02:10:42 ----A---- C:\WINDOWS\system32\msonpmon.dll
2008-12-10 02:03:49 ----D---- C:\Program Files\Microsoft Works
2008-12-10 02:02:48 ----D---- C:\Program Files\Microsoft Visual Studio
2008-12-10 02:02:48 ----D---- C:\Program Files\Common Files\DESIGNER
2008-12-10 02:01:06 ----D---- C:\Program Files\Microsoft.NET
2008-12-10 01:58:16 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-12-10 01:57:38 ----D---- C:\WINDOWS\SHELLNEW
2008-12-10 01:57:04 ----RHD---- C:\MSOCache
2008-12-10 01:04:42 ----D---- C:\Program Files\Microsoft Office
2008-12-10 01:04:41 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-09 23:16:05 ----A---- C:\WINDOWS\iun6002.exe
2008-12-09 23:15:45 ----A---- C:\WINDOWS\YAWLE Setup Log.txt
2008-12-09 22:29:07 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-12-09 22:26:53 ----D---- C:\WINDOWS\system32\AGEIA
2008-12-09 22:26:52 ----D---- C:\Program Files\AGEIA Technologies
2008-12-09 22:26:12 ----D---- C:\WINDOWS\pss
2008-12-09 22:05:27 ----D---- C:\Documents and Settings\aloysius\Application Data\skypePM
2008-12-09 22:04:45 ----D---- C:\Documents and Settings\aloysius\Application Data\Skype
2008-12-09 22:04:35 ----D---- C:\Program Files\Skype
2008-12-09 22:04:35 ----D---- C:\Program Files\Common Files\Skype
2008-12-09 22:04:32 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-12-09 21:57:15 ----D---- C:\Documents and Settings\All Users\Application Data\Razer
2008-12-09 21:57:10 ----D---- C:\Program Files\DIFX
2008-12-09 21:56:48 ----D---- C:\Program Files\Razer
2008-12-09 21:53:46 ----D---- C:\Documents and Settings\aloysius\Application Data\Apple Computer
2008-12-09 21:53:27 ----D---- C:\Program Files\iPod
2008-12-09 21:53:25 ----D---- C:\Program Files\iTunes
2008-12-09 21:53:19 ----D---- C:\Program Files\Bonjour
2008-12-09 21:52:45 ----D---- C:\Program Files\QuickTime
2008-12-09 21:52:45 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-09 21:52:36 ----D---- C:\Program Files\Apple Software Update
2008-12-09 21:52:21 ----D---- C:\Program Files\Common Files\Apple
2008-12-09 21:52:20 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-09 21:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2008-12-09 20:03:54 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-09 20:03:54 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-09 19:37:54 ----D---- C:\Program Files\Garena
2008-12-09 19:37:41 ----D---- C:\Documents and Settings\aloysius\Application Data\InstallShield
2008-12-09 19:37:02 ----A---- C:\WINDOWS\War3Unin.exe
2008-12-09 19:36:11 ----D---- C:\Program Files\Warcraft III
2008-12-09 19:29:57 ----D---- C:\Documents and Settings\aloysius\Application Data\DAEMON Tools
2008-12-09 19:29:56 ----D---- C:\Program Files\DAEMON Tools Lite
2008-12-09 18:57:44 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-12-09 18:57:43 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-12-09 18:57:42 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-12-09 18:57:40 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-12-09 18:57:04 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-12-09 18:57:01 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-12-09 18:56:44 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-12-09 18:56:43 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-12-09 18:56:43 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-12-09 18:56:43 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-12-09 18:56:41 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-12-09 18:56:41 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-12-09 18:56:40 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-12-09 18:56:39 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-12-09 18:56:39 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-12-09 18:56:39 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-12-09 18:56:12 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-12-09 18:56:02 ----A---- C:\WINDOWS\system32\uniime.dll
2008-12-09 18:55:45 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-12-09 18:51:24 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-12-09 18:51:16 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-12-09 18:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-09 18:35:55 ----D---- C:\Program Files\MSXML 4.0
2008-12-09 18:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-09 18:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-09 18:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-09 18:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-09 18:33:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-09 18:32:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-09 18:31:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-09 18:27:43 ----D---- C:\Program Files\MSXML 6.0
2008-12-09 18:23:15 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-09 18:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-09 18:22:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-09 18:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-09 18:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-09 18:20:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-09 18:20:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-09 18:20:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-09 18:20:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-09 18:19:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-09 18:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-09 18:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-09 18:15:08 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2008-12-09 18:14:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-12-09 18:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
2008-12-09 18:12:28 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2008-12-09 18:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2008-12-09 18:10:48 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2008-12-09 18:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2008-12-09 18:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2008-12-09 17:59:29 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-12-09 17:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2008-12-09 17:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2008-12-09 17:55:15 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2008-12-09 17:54:58 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2008-12-09 17:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2008-12-09 17:54:19 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2008-12-09 17:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2008-12-09 17:53:36 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2008-12-09 17:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2008-12-09 17:52:45 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2008-12-09 17:52:31 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2008-12-09 17:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2008-12-09 17:51:59 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2008-12-09 17:51:44 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2008-12-09 17:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2008-12-09 17:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2008-12-09 17:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2008-12-09 17:50:51 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2008-12-09 17:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2008-12-09 17:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2008-12-09 17:50:13 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2008-12-09 17:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2008-12-09 17:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2008-12-09 17:49:33 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2008-12-09 17:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2008-12-09 17:49:05 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2008-12-09 17:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2008-12-09 17:48:38 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2008-12-09 17:48:27 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2008-12-09 17:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2008-12-09 17:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2008-12-09 17:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2008-12-09 17:47:46 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2008-12-09 17:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2008-12-09 17:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2008-12-09 17:47:36 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2008-12-09 17:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2008-12-09 17:47:24 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2008-12-09 17:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2008-12-09 17:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2008-12-09 17:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2008-12-09 17:44:46 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2008-12-09 17:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2008-12-09 17:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2008-12-09 17:44:21 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-09 17:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2008-12-09 17:43:40 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2008-12-09 17:43:30 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2008-12-09 17:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2008-12-09 17:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2008-12-09 17:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2008-12-09 17:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2008-12-09 17:42:40 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2008-12-09 17:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2008-12-09 17:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2008-12-09 17:42:00 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2008-12-09 17:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2008-12-09 17:41:44 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2008-12-09 17:41:35 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2008-12-09 17:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2008-12-09 17:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2008-12-09 17:41:06 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2008-12-09 17:40:58 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2008-12-09 17:40:50 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2008-12-09 17:40:41 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2008-12-09 17:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2008-12-09 17:40:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2008-12-09 17:40:18 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2008-12-09 17:40:11 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2008-12-09 17:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2008-12-09 17:30:13 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-09 17:30:12 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-09 17:10:34 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-12-09 17:10:20 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-09 17:06:25 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-09 17:02:28 ----D---- C:\Documents and Settings\aloysius\Application Data\Macromedia
2008-12-09 16:50:31 ----D---- C:\WINDOWS\ie7updates
2008-12-09 16:49:58 ----D---- C:\WINDOWS\WBEM
2008-12-09 16:49:38 ----HDC---- C:\WINDOWS\ie7
2008-12-09 16:49:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-09 16:49:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-09 16:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-09 16:48:32 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-12-09 16:47:41 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 16:47:35 ----D---- C:\WINDOWS\network diagnostic
2008-12-09 16:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-12-09 16:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-12-09 16:47:12 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-09 16:46:40 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-12-09 16:44:27 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-12-09 16:43:03 ----D---- C:\Documents and Settings\aloysius\Application Data\HPAppData
2008-12-09 16:41:45 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-12-09 16:41:31 ----D---- C:\Program Files\Common Files\HP
2008-12-09 16:41:17 ----D---- C:\Program Files\Hewlett-Packard
2008-12-09 16:41:05 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-12-09 16:40:00 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-12-09 16:39:54 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2008-12-09 16:39:52 ----A---- C:\WINDOWS\system32\hpzll5ha.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hpowiax3.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hpovst10.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hpotscl3.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-12-09 16:36:51 ----D---- C:\Program Files\HP
2008-12-09 16:36:40 ----HD---- C:\Config.Msi
2008-12-09 16:14:41 ----D---- C:\Program Files\WebEx
2008-12-09 16:14:02 ----D---- C:\Program Files\MSBuild
2008-12-09 16:12:04 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-09 16:12:03 ----D---- C:\WINDOWS\system32\en-us
2008-12-09 16:11:43 ----D---- C:\Program Files\Reference Assemblies
2008-12-09 16:11:30 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-09 16:10:21 ----RSD---- C:\WINDOWS\assembly
2008-12-09 16:10:05 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-09 16:09:53 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-09 16:09:51 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-12-09 16:09:10 ----D---- C:\Documents and Settings\All Users\Application Data\Linksys
2008-12-09 16:05:55 ----D---- C:\Program Files\Java
2008-12-09 16:05:53 ----D---- C:\Program Files\Common Files\Java
2008-12-09 16:05:06 ----D---- C:\Documents and Settings\aloysius\Application Data\Sun
2008-12-09 16:04:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-09 16:04:05 ----D---- C:\Program Files\Common Files\Pure Networks Shared
2008-12-09 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks
2008-12-09 16:02:28 ----D---- C:\Program Files\Linksys
2008-12-09 15:55:09 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-09 15:44:26 ----D---- C:\Documents and Settings\aloysius\Application Data\Bitdefender
2008-12-09 15:44:16 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-12-09 15:17:55 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-09 15:02:47 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-09 15:01:59 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-12-09 15:01:48 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-09 15:00:15 ----D---- C:\Documents and Settings\aloysius\Application Data\WinRAR
2008-12-09 15:00:00 ----D---- C:\Program Files\WinRAR
2008-12-09 11:22:15 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-09 11:16:33 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-09 11:14:49 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-09 11:14:04 ----A---- C:\WINDOWS\imsins.BAK
2008-12-09 11:14:02 ----SHD---- C:\WINDOWS\Installer
2008-12-09 11:14:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-09 11:14:01 ----D---- C:\Program Files\Common Files\ODBC
2008-12-09 11:14:01 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-09 11:13:59 ----RD---- C:\Program Files
2008-12-09 11:13:59 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-09 11:13:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-09 11:13:59 ----D---- C:\Program Files\Common Files
2008-12-09 11:13:57 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-09 11:13:57 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-09 11:13:57 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-09 11:13:49 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-09 11:13:46 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-09 11:13:46 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-09 11:13:46 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-09 11:13:45 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-09 11:13:41 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-09 11:13:34 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-09 11:11:53 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-09 11:11:51 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-09 11:11:50 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-09 11:11:46 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-09 11:11:46 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-09 11:11:40 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-09 11:11:22 ----A---- C:\WINDOWS\setuplog.txt
2008-12-09 11:11:19 ----D---- C:\Documents and Settings
2008-12-09 11:11:18 ----SHD---- C:\System Volume Information
2008-12-09 11:10:08 ----ASH---- C:\boot.ini
2008-12-09 11:06:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-09 11:06:00 ----RSD---- C:\WINDOWS\Fonts
2008-12-09 11:06:00 ----RD---- C:\WINDOWS\Web
2008-12-09 11:06:00 ----HD---- C:\WINDOWS\inf
2008-12-09 11:06:00 ----D---- C:\WINDOWS\WinSxS
2008-12-09 11:06:00 ----D---- C:\WINDOWS\twain_32
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Temp
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\wins
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\wbem
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\usmt
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\spool
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\Setup
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\ras
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\oobe
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\npp
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\mui
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\IME
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\icsxml
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\ias
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\export
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\drivers
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\dhcp
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\config
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\3076
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\2052
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1054
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1042
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1041
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1037
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1033
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1031
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1028
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1025
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system
2008-12-09 11:06:00 ----D---- C:\WINDOWS\security
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Resources
2008-12-09 11:06:00 ----D---- C:\WINDOWS\repair
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Provisioning
2008-12-09 11:06:00 ----D---- C:\WINDOWS\PeerNet
2008-12-09 11:06:00 ----D---- C:\WINDOWS\pchealth
2008-12-09 11:06:00 ----D---- C:\WINDOWS\mui
2008-12-09 11:06:00 ----D---- C:\WINDOWS\msapps
2008-12-09 11:06:00 ----D---- C:\WINDOWS\msagent
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Media
2008-12-09 11:06:00 ----D---- C:\WINDOWS\java
2008-12-09 11:06:00 ----D---- C:\WINDOWS\ime
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Help
2008-12-09 11:06:00 ----D---- C:\WINDOWS\ehome
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Driver Cache
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Debug
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Cursors
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Connection Wizard
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Config
2008-12-09 11:06:00 ----D---- C:\WINDOWS\AppPatch
2008-12-09 11:06:00 ----D---- C:\WINDOWS\addins
2008-12-09 11:06:00 ----D---- C:\WINDOWS
2008-12-09 04:56:19 ----HD---- C:\WINDOWS\PIF
2008-12-09 04:46:49 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-09 04:07:12 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-09 04:05:22 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-09 04:03:24 ----D---- C:\WINDOWS\Minidump
2008-12-09 03:56:55 ----D---- C:\Program Files\Softwin
2008-12-09 03:56:40 ----D---- C:\Program Files\Common Files\Softwin
2008-12-09 03:55:10 ----SHD---- C:\RECYCLER
2008-12-09 03:54:33 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-12-09 03:54:33 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-12-09 03:54:18 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-09 03:54:09 ----D---- C:\WINDOWS\system32\Futuremark
2008-12-09 03:53:21 ----D---- C:\Program Files\Futuremark
2008-12-09 03:50:59 ----D---- C:\Program Files\Adobe
2008-12-09 03:50:26 ----RA---- C:\WINDOWS\system32\AsIO.dll
2008-12-09 03:50:24 ----D---- C:\Program Files\ASUS
2008-12-09 03:44:27 ----RA---- C:\WINDOWS\system32\PostProc.dll
2008-12-09 03:44:25 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\SMMedia.dll
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\DSndUp.exe
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\CleanUp.exe
2008-12-09 03:44:21 ----D---- C:\Program Files\Analog Devices
2008-12-09 03:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-12-09 03:43:53 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-09 03:42:22 ----D---- C:\WINDOWS\ASUSInstAll
2008-12-09 03:40:19 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-09 03:40:03 ----D---- C:\Program Files\NVIDIA Corporation
2008-12-09 03:39:40 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-12-09 03:39:32 ----RA---- C:\WINDOWS\system32\NVCOI.DLL
2008-12-09 03:39:32 ----RA---- C:\WINDOWS\system32\idecoiins.dll
2008-12-09 03:39:32 ----RA---- C:\WINDOWS\system32\idecoi.dll
2008-12-09 03:39:32 ----N---- C:\WINDOWS\system32\nvuide.exe
2008-12-09 03:39:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-09 03:39:19 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2008-12-09 03:39:19 ----A---- C:\WINDOWS\system32\fdco1.dll
2008-12-09 03:39:17 ----D---- C:\WINDOWS\NV15681556.TMP
2008-12-09 03:39:17 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-09 03:39:16 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2008-12-09 03:39:16 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2008-12-09 03:39:16 ----RA---- C:\WINDOWS\system32\bdco1.dll
2008-12-09 03:39:15 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2008-12-09 03:39:09 ----RA---- C:\WINDOWS\system32\raidmgmt.ini
2008-12-09 03:39:09 ----RA---- C:\WINDOWS\system32\AsusSetup.ini
2008-12-09 03:39:09 ----RA---- C:\WINDOWS\system32\AsusSetup.exe
2008-12-09 03:38:50 ----A---- C:\WINDOWS\Ascd_log.ini
2008-12-09 03:38:37 ----A---- C:\WINDOWS\AS_Debug.txt
2008-12-09 03:35:35 ----D---- C:\WINDOWS\nvidia icons
2008-12-09 03:35:18 ----D---- C:\WINDOWS\nview
2008-12-09 03:35:18 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-09 03:34:59 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-09 03:34:58 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-09 03:34:53 ----D---- C:\NVIDIA
2008-12-09 03:34:22 ----D---- C:\Documents and Settings\aloysius\Application Data\Identities
2008-12-09 03:34:21 ----HD---- C:\Program Files\Uninstall Information
2008-12-09 03:34:04 ----SD---- C:\Documents and Settings\aloysius\Application Data\Microsoft
2008-12-09 03:34:04 ----ASH---- C:\Documents and Settings\aloysius\Application Data\desktop.ini
2008-12-09 03:33:17 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-09 03:33:16 ----D---- C:\WINDOWS\Prefetch
2008-12-09 03:33:15 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-09 03:33:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-09 03:30:26 ----D---- C:\WINDOWS\system32\xircom
2008-12-09 03:30:26 ----D---- C:\Program Files\xerox
2008-12-09 03:30:26 ----D---- C:\Program Files\microsoft frontpage
2008-12-09 03:30:10 ----A---- C:\WINDOWS\control.ini
2008-12-09 03:30:10 ----A---- C:\AUTOEXEC.BAT
2008-12-09 03:30:01 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-09 03:29:22 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-09 03:29:22 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-09 03:29:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-09 03:29:18 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-09 03:29:14 ----HD---- C:\Program Files\WindowsUpdate
2008-12-09 03:29:00 ----D---- C:\WINDOWS\system32\DirectX
2008-12-09 03:28:44 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-09 03:28:42 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-09 03:28:42 ----A---- C:\WINDOWS\desktop.ini
2008-12-09 03:28:36 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-09 03:28:35 ----D---- C:\Program Files\Common Files\Services
2008-12-09 03:28:35 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-09 03:28:33 ----SD---- C:\WINDOWS\Tasks
2008-12-09 03:28:33 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-09 03:28:32 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-09 03:28:29 ----D---- C:\WINDOWS\srchasst
2008-12-09 03:28:28 ----D---- C:\WINDOWS\system32\Macromed
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-09 03:28:25 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-09 03:28:25 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-09 03:28:23 ----D---- C:\Program Files\Movie Maker
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-09 03:28:17 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-12-09 03:28:17 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-09 03:28:16 ----D---- C:\WINDOWS\system32\Restore
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-09 03:28:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-09 03:28:15 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-09 03:28:15 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-09 03:28:13 ----D---- C:\Program Files\NetMeeting
2008-12-09 03:28:13 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-09 03:28:13 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-09 03:28:12 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-09 03:28:12 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-09 03:28:11 ----D---- C:\Program Files\Outlook Express
2008-12-09 03:28:11 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-09 03:28:11 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-09 03:28:11 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-09 03:28:06 ----D---- C:\Program Files\Common Files\System
2008-12-09 03:28:01 ----D---- C:\Program Files\Internet Explorer
2008-12-09 03:27:37 ----D---- C:\Program Files\ComPlus Applications
2008-12-09 03:27:35 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-09 03:27:35 ----A---- C:\WINDOWS\vb.ini
2008-12-09 03:27:31 ----D---- C:\WINDOWS\Registration
2008-12-09 03:27:24 ----D---- C:\Program Files\Online Services
2008-12-09 03:27:23 ----D---- C:\Program Files\Windows Media Player
2008-12-09 03:27:19 ----D---- C:\Program Files\Messenger
2008-12-09 03:27:16 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-09 03:27:16 ----A---- C:\WINDOWS\system32\write.exe
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-09 03:26:59 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-09 03:26:55 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-09 03:26:48 ----D---- C:\Program Files\MSN
2008-12-09 03:26:47 ----D---- C:\Program Files\Windows NT
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-09 03:26:44 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-09 03:26:43 ----D---- C:\WINDOWS\system32\Com
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:07:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui

======List of files/folders modified in the last 3 months======

2008-12-20 21:51:32 ----A---- C:\WINDOWS\system.ini
2008-12-19 23:43:34 ----A---- C:\WINDOWS\win.ini
2008-12-13 14:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-11-12 14:54:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-11-07 18:32:20 ----A---- C:\WINDOWS\system32\WMVCore.dll
2008-10-23 21:01:36 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-22 17:47:07 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-17 04:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\occache.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\mstime.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-17 04:38:38 ----N---- C:\WINDOWS\system32\msrating.dll
2008-10-17 04:38:38 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-10-17 04:38:37 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-10-17 04:38:37 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-17 04:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-17 04:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-17 04:38:34 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-10-17 04:38:34 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-17 04:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 21:11:09 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-16 21:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 00:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 15:04:53 ----N---- C:\WINDOWS\system32\ieakui.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-08-08 110080]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-12-22 278984]
R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-12-22 25416]
R3 ADIDTSFiltService;ADI DTS Filter Service; C:\WINDOWS\system32\drivers\adidts.sys [2006-12-08 139776]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 LycoFltr;Lycosa Keyboard; C:\WINDOWS\System32\Drivers\Lycosa.sys [2008-05-22 16896]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-08-08 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-08-08 18944]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S3 a9030r3e;a9030r3e; C:\WINDOWS\system32\drivers\a9030r3e.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 bdss;BitDefender Scan Server; C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-09-08 172032]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-17 152984]
R2 LinksysUpdater;Linksys Updater; C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-03-29 204800]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe [2008-12-09 278528]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-09-08 172090]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-01-10 66872]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-12-09 462848]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-10 183112]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

And here's the GMER result.

Attached Files



#6 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 13 January 2009 - 12:36 PM

Hi, i think i have some good news! I tried to enable Automatic Updates and this time it worked! But is my computer clean from the malware yet? I still do not dare to perform internet banking or online credit card transactions as of yet.

Regards,
Aloysius

#7 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 13 January 2009 - 01:46 PM

Hi, i think i have some good news! I tried to enable Automatic Updates and this time it worked! But is my computer clean from the malware yet? I still do not dare to perform internet banking or online credit card transactions as of yet.

Regards,
Aloysius



Lets pause your online banking/password sensitive thingy first, until we get it all clear :thumbsup:


IMPORTANT!! Uninstall these programs first (if present..) so that they won't interfere with our fixes..

1. Lavasoft Ad-Aware
2. Spybot - Search & Destroy
3. Viewpoint (all of them..)





Please download the OTMoveIt3 by OldTimer
  • Save it to your Desktop.
  • Please double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
  • Let the Unregister Dll's and Ocx's remain ticked and Zip Files After Moves remain unticked..
  • Copy the codebox contents and paste it to the "Paste List of Files/Folders to Move" window (under the light Yellow bar)

    :processes
    explorer.exe
    
    :services
    
    :files
    C:\WINDOWS\tasks\uxwpybqb.job
    C:\WINDOWS\system32\xydoaqrl.ini
    C:\WINDOWS\system32\332e6cff-.txt
    
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=""
    
    :commands
    [purity]
    [emptytemp]
    [start explorer]
    [reboot]
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.




NEXT


Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Run RSIT again... Post these logs in your next reply..

1. OTMoveIt3
2. ESET Online Scanner
3. RSIT log.txt
4. Tell me, how's the computer now.. :)

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#8 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 15 January 2009 - 06:48 AM

Hey there, you have no idea how grateful i am for your help, thanks SO MUCH!

As requested, here's the RSIT log (this time, only log.txt came up, instead of the 2 Notepad files which opened the last time, is that correct?).

Logfile of random's system information tool 1.05 (written by random/random)
Run by aloysius at 2009-01-15 19:42:03
Microsoft Windows XP Professional Service Pack 2
System drive C: has 51 GB (67%) free of 76 GB
Total RAM: 3070 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:42:15 PM, on 1/15/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Razer Pro Solutions\ProType\razerhid.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\java.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer Pro Solutions\ProType\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\aloysius\Desktop\RSIT.exe
C:\Program Files\trend micro\aloysius.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C38BFC1E-15E2-446C-A4BC-52F2157B2936} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DE5E0A6C-784C-4F43-AA84-F5E15D5675E4} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ProType] "C:\Program Files\Razer Pro Solutions\ProType\razerhid.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228813994406
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{4ADD4A0B-2C99-4D1E-9344-8E9545FAA59A}: NameServer = 165.21.100.88,165.21.83.88
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 10310 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-17 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C38BFC1E-15E2-446C-A4BC-52F2157B2936}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-17 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE5E0A6C-784C-4F43-AA84-F5E15D5675E4}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"BDMCon"=C:\Program Files\Softwin\BitDefender10\bdmcon.exe [2008-12-09 290816]
"BDAgent"=C:\Program Files\Softwin\BitDefender10\bdagent.exe [2007-03-26 69632]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]
"Lycosa"=C:\Program Files\Razer\Lycosa\razerhid.exe [2008-10-16 147456]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2008-10-14 172032]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-17 136600]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"ProType"=C:\Program Files\Razer Pro Solutions\ProType\razerhid.exe [2007-02-07 479232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-18 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-01-18 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Linksys EasyLink Advisor.lnk]
C:\PROGRA~1\Linksys\LINKSY~1\LINKSY~1.EXE [2008-03-29 110592]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="sockspy.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af478f7c-d133-11dd-b96b-001bfce15185}]
shell\AutoRun\command - WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8b6d84c-c6a5-11dd-b95a-001bfce15185}]
shell\AutoRun\command - WDSetup.exe


======List of files/folders created in the last 3 months======

2009-01-15 03:20:24 ----D---- C:\WINDOWS\LastGood
2009-01-15 03:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-15 02:35:44 ----D---- C:\Program Files\EsetOnlineScanner
2009-01-15 02:24:59 ----D---- C:\_OTMoveIt
2009-01-14 22:14:03 ----D---- C:\Program Files\Razer Pro Solutions
2009-01-14 01:17:26 ----A---- C:\WINDOWS\gmer.ini
2009-01-14 01:17:25 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2009-01-14 01:17:25 ----A---- C:\WINDOWS\gmer.exe
2009-01-14 01:17:25 ----A---- C:\WINDOWS\gmer.dll
2009-01-14 01:16:12 ----D---- C:\rsit
2009-01-14 01:16:12 ----D---- C:\Program Files\trend micro
2009-01-14 00:21:52 ----D---- C:\Documents and Settings\aloysius\Application Data\Malwarebytes
2009-01-14 00:21:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 00:21:45 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-09 23:59:34 ----D---- C:\Documents and Settings\aloysius\Application Data\Razer
2009-01-09 17:07:18 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-09 17:00:24 ----D---- C:\Program Files\NOS
2009-01-09 17:00:24 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-08 19:18:00 ----A---- C:\WINDOWS\wininit.ini
2009-01-08 18:07:38 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-08 18:07:38 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-08 17:16:44 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-01-08 17:16:01 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-01-08 17:05:57 ----D---- C:\Documents and Settings\aloysius\Application Data\Leadertech
2009-01-08 16:58:37 ----D---- C:\Program Files\EA Games
2009-01-08 16:58:35 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-01-08 16:58:35 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-01-08 16:58:34 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-01-08 16:58:33 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-01-08 16:58:33 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-01-08 16:58:32 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-01-08 16:58:31 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-01-08 16:58:30 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-01-08 16:58:29 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-01-08 16:58:28 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-01-08 16:58:28 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-01-08 16:58:26 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-01-08 16:58:26 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-01-08 16:58:25 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-01-08 16:58:24 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-01-08 16:58:24 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-01-08 16:58:23 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-01-08 16:58:23 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-01-08 16:58:22 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-12-22 15:53:47 ----D---- C:\Documents and Settings\aloysius\Application Data\Games
2008-12-22 15:45:28 ----D---- C:\Documents and Settings\All Users\Application Data\Tages
2008-12-22 15:44:51 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-12-22 15:44:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-22 15:43:56 ----D---- C:\Program Files\Common Files\Adobe
2008-12-22 15:42:51 ----D---- C:\WINDOWS\45235788142C44BE8A4DDDE9A84492E5.TMP
2008-12-22 15:40:06 ----D---- C:\Program Files\The Adventure Company
2008-12-22 04:46:37 ----D---- C:\Documents and Settings\aloysius\Application Data\dvdcss
2008-12-20 21:53:36 ----D---- C:\Documents and Settings\All Users\Application Data\SimCity Societies
2008-12-20 04:17:47 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-12-17 04:31:02 ----D---- C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\java.exe
2008-12-17 04:23:09 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-17 04:21:24 ----D---- C:\Program Files\SystemRequirementsLab
2008-12-17 04:21:22 ----D---- C:\Documents and Settings\aloysius\Application Data\SystemRequirementsLab
2008-12-17 04:21:14 ----D---- C:\WINDOWS\Sun
2008-12-15 17:34:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-15 17:33:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-15 17:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-15 17:29:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-11 21:01:34 ----D---- C:\Program Files\Windows Live
2008-12-11 15:18:02 ----D---- C:\Program Files\Electronic Arts
2008-12-11 15:17:43 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-12-11 15:17:31 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-12-11 15:17:08 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-12-11 15:17:07 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-11 15:16:30 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-12-11 15:16:19 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-12-11 15:16:08 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-12-11 15:15:55 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-11 15:15:45 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-12-11 15:15:45 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-12-11 15:15:33 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-12-11 15:15:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-11 15:15:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-11 15:15:08 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-11 15:14:56 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-11 15:14:36 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-11 15:11:43 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-11 15:11:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-11 15:11:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-11 15:11:27 ----D---- C:\Documents and Settings\aloysius\Application Data\Mozilla
2008-12-11 15:11:15 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-11 15:10:59 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-11 15:10:44 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-11 15:10:34 ----D---- C:\Program Files\Mozilla Firefox
2008-12-11 15:10:33 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-11 15:10:24 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-11 15:09:59 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-11 12:23:01 ----D---- C:\Documents and Settings\aloysius\Application Data\AdobeUM
2008-12-11 04:49:53 ----D---- C:\Documents and Settings\aloysius\Application Data\Adobe
2008-12-10 19:13:47 ----D---- C:\Documents and Settings\aloysius\Application Data\vlc
2008-12-10 19:11:52 ----D---- C:\Program Files\MONOGRAM AMR SplitterDecoder
2008-12-10 19:11:47 ----D---- C:\Program Files\CD Audio Reader Filter
2008-12-10 19:11:38 ----D---- C:\Program Files\DScaler5
2008-12-10 19:11:02 ----D---- C:\Program Files\OpenSource Flash Video Splitter
2008-12-10 19:10:32 ----D---- C:\Program Files\RealMedia
2008-12-10 19:09:50 ----D---- C:\Program Files\SHOUTcast Source
2008-12-10 19:09:34 ----D---- C:\Program Files\Haali
2008-12-10 19:09:13 ----D---- C:\Program Files\DSP-worx
2008-12-10 19:09:12 ----D---- C:\Program Files\VideoLAN
2008-12-10 19:08:29 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-12-10 19:08:29 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-12-10 19:08:26 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2008-12-10 19:08:14 ----D---- C:\Program Files\ffdshow
2008-12-10 19:07:23 ----D---- C:\Program Files\DirectVobSub
2008-12-10 19:06:48 ----D---- C:\Program Files\Zoom Player
2008-12-10 18:32:03 ----D---- C:\Program Files\uTorrent
2008-12-10 18:31:58 ----D---- C:\Documents and Settings\aloysius\Application Data\uTorrent
2008-12-10 02:10:42 ----A---- C:\WINDOWS\system32\msonpmon.dll
2008-12-10 02:03:49 ----D---- C:\Program Files\Microsoft Works
2008-12-10 02:02:48 ----D---- C:\Program Files\Microsoft Visual Studio
2008-12-10 02:02:48 ----D---- C:\Program Files\Common Files\DESIGNER
2008-12-10 02:01:06 ----D---- C:\Program Files\Microsoft.NET
2008-12-10 01:58:16 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-12-10 01:57:38 ----D---- C:\WINDOWS\SHELLNEW
2008-12-10 01:57:04 ----RHD---- C:\MSOCache
2008-12-10 01:04:42 ----D---- C:\Program Files\Microsoft Office
2008-12-10 01:04:41 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-09 23:16:05 ----A---- C:\WINDOWS\iun6002.exe
2008-12-09 23:15:45 ----A---- C:\WINDOWS\YAWLE Setup Log.txt
2008-12-09 22:29:07 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-12-09 22:26:53 ----D---- C:\WINDOWS\system32\AGEIA
2008-12-09 22:26:52 ----D---- C:\Program Files\AGEIA Technologies
2008-12-09 22:26:12 ----D---- C:\WINDOWS\pss
2008-12-09 22:05:27 ----D---- C:\Documents and Settings\aloysius\Application Data\skypePM
2008-12-09 22:04:45 ----D---- C:\Documents and Settings\aloysius\Application Data\Skype
2008-12-09 22:04:35 ----D---- C:\Program Files\Skype
2008-12-09 22:04:35 ----D---- C:\Program Files\Common Files\Skype
2008-12-09 22:04:32 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-12-09 21:57:15 ----D---- C:\Documents and Settings\All Users\Application Data\Razer
2008-12-09 21:57:10 ----D---- C:\Program Files\DIFX
2008-12-09 21:56:48 ----D---- C:\Program Files\Razer
2008-12-09 21:53:46 ----D---- C:\Documents and Settings\aloysius\Application Data\Apple Computer
2008-12-09 21:53:27 ----D---- C:\Program Files\iPod
2008-12-09 21:53:25 ----D---- C:\Program Files\iTunes
2008-12-09 21:53:19 ----D---- C:\Program Files\Bonjour
2008-12-09 21:52:45 ----D---- C:\Program Files\QuickTime
2008-12-09 21:52:45 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-09 21:52:36 ----D---- C:\Program Files\Apple Software Update
2008-12-09 21:52:21 ----D---- C:\Program Files\Common Files\Apple
2008-12-09 21:52:20 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-09 21:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2008-12-09 20:03:54 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-09 20:03:54 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-09 19:37:54 ----D---- C:\Program Files\Garena
2008-12-09 19:37:41 ----D---- C:\Documents and Settings\aloysius\Application Data\InstallShield
2008-12-09 19:37:02 ----A---- C:\WINDOWS\War3Unin.exe
2008-12-09 19:36:11 ----D---- C:\Program Files\Warcraft III
2008-12-09 19:29:57 ----D---- C:\Documents and Settings\aloysius\Application Data\DAEMON Tools
2008-12-09 19:29:56 ----D---- C:\Program Files\DAEMON Tools Lite
2008-12-09 18:57:44 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-12-09 18:57:43 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-12-09 18:57:42 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-12-09 18:57:40 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-12-09 18:57:04 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-12-09 18:57:01 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-12-09 18:56:44 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-12-09 18:56:43 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-12-09 18:56:43 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-12-09 18:56:43 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-12-09 18:56:41 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-12-09 18:56:41 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-12-09 18:56:40 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-12-09 18:56:39 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-12-09 18:56:39 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-12-09 18:56:39 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-12-09 18:56:12 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-12-09 18:56:02 ----A---- C:\WINDOWS\system32\uniime.dll
2008-12-09 18:55:45 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-12-09 18:51:24 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-12-09 18:51:23 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-12-09 18:51:16 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-12-09 18:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-09 18:35:55 ----D---- C:\Program Files\MSXML 4.0
2008-12-09 18:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-09 18:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-09 18:34:53 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-09 18:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-09 18:33:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-09 18:32:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-09 18:31:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-09 18:27:43 ----D---- C:\Program Files\MSXML 6.0
2008-12-09 18:23:15 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-09 18:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-09 18:22:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-12-09 18:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-09 18:21:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-09 18:20:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-09 18:20:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-09 18:20:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-09 18:20:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-09 18:19:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-09 18:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-09 18:16:48 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-09 18:15:08 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2008-12-09 18:14:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-12-09 18:13:17 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
2008-12-09 18:12:28 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2008-12-09 18:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2008-12-09 18:10:48 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2008-12-09 18:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2008-12-09 18:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2008-12-09 17:59:29 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-12-09 17:55:39 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2008-12-09 17:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2008-12-09 17:55:15 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2008-12-09 17:54:58 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2008-12-09 17:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2008-12-09 17:54:19 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2008-12-09 17:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2008-12-09 17:53:36 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2008-12-09 17:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2008-12-09 17:52:45 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2008-12-09 17:52:31 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2008-12-09 17:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2008-12-09 17:51:59 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2008-12-09 17:51:44 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2008-12-09 17:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2008-12-09 17:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2008-12-09 17:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2008-12-09 17:50:51 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2008-12-09 17:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2008-12-09 17:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2008-12-09 17:50:13 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2008-12-09 17:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2008-12-09 17:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2008-12-09 17:49:33 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2008-12-09 17:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2008-12-09 17:49:05 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2008-12-09 17:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2008-12-09 17:48:38 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2008-12-09 17:48:27 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2008-12-09 17:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2008-12-09 17:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2008-12-09 17:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2008-12-09 17:47:46 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2008-12-09 17:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2008-12-09 17:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2008-12-09 17:47:36 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2008-12-09 17:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2008-12-09 17:47:24 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2008-12-09 17:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2008-12-09 17:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2008-12-09 17:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2008-12-09 17:44:46 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2008-12-09 17:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2008-12-09 17:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2008-12-09 17:44:21 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-09 17:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2008-12-09 17:43:40 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2008-12-09 17:43:30 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2008-12-09 17:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2008-12-09 17:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2008-12-09 17:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2008-12-09 17:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2008-12-09 17:42:40 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2008-12-09 17:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2008-12-09 17:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2008-12-09 17:42:00 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2008-12-09 17:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2008-12-09 17:41:44 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2008-12-09 17:41:35 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2008-12-09 17:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2008-12-09 17:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2008-12-09 17:41:06 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2008-12-09 17:40:58 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2008-12-09 17:40:50 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2008-12-09 17:40:41 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2008-12-09 17:40:33 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2008-12-09 17:40:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2008-12-09 17:40:18 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2008-12-09 17:40:11 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2008-12-09 17:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2008-12-09 17:30:13 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-09 17:30:12 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-09 17:10:34 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-12-09 17:10:20 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-09 17:06:25 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-09 17:02:28 ----D---- C:\Documents and Settings\aloysius\Application Data\Macromedia
2008-12-09 16:50:31 ----D---- C:\WINDOWS\ie7updates
2008-12-09 16:49:58 ----D---- C:\WINDOWS\WBEM
2008-12-09 16:49:38 ----HDC---- C:\WINDOWS\ie7
2008-12-09 16:49:25 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-09 16:49:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-09 16:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-09 16:48:32 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-12-09 16:47:41 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-09 16:47:35 ----D---- C:\WINDOWS\network diagnostic
2008-12-09 16:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-12-09 16:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-12-09 16:47:12 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-09 16:46:40 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-12-09 16:44:27 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-12-09 16:43:03 ----D---- C:\Documents and Settings\aloysius\Application Data\HPAppData
2008-12-09 16:41:45 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-12-09 16:41:31 ----D---- C:\Program Files\Common Files\HP
2008-12-09 16:41:17 ----D---- C:\Program Files\Hewlett-Packard
2008-12-09 16:41:05 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-12-09 16:40:00 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-12-09 16:39:54 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2008-12-09 16:39:52 ----A---- C:\WINDOWS\system32\hpzll5ha.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hpowiax3.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hpovst10.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\hpotscl3.dll
2008-12-09 16:39:30 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-12-09 16:36:51 ----D---- C:\Program Files\HP
2008-12-09 16:36:40 ----HD---- C:\Config.Msi
2008-12-09 16:14:41 ----D---- C:\Program Files\WebEx
2008-12-09 16:14:02 ----D---- C:\Program Files\MSBuild
2008-12-09 16:12:04 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-09 16:12:03 ----D---- C:\WINDOWS\system32\en-us
2008-12-09 16:11:43 ----D---- C:\Program Files\Reference Assemblies
2008-12-09 16:11:30 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-12-09 16:10:21 ----RSD---- C:\WINDOWS\assembly
2008-12-09 16:10:05 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-09 16:09:53 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-09 16:09:51 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-12-09 16:09:10 ----D---- C:\Documents and Settings\All Users\Application Data\Linksys
2008-12-09 16:05:55 ----D---- C:\Program Files\Java
2008-12-09 16:05:53 ----D---- C:\Program Files\Common Files\Java
2008-12-09 16:05:06 ----D---- C:\Documents and Settings\aloysius\Application Data\Sun
2008-12-09 16:04:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-09 16:04:05 ----D---- C:\Program Files\Common Files\Pure Networks Shared
2008-12-09 16:03:59 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks
2008-12-09 16:02:28 ----D---- C:\Program Files\Linksys
2008-12-09 15:55:09 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-09 15:44:26 ----D---- C:\Documents and Settings\aloysius\Application Data\Bitdefender
2008-12-09 15:44:16 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-12-09 15:17:55 ----A---- C:\WINDOWS\Ascd_tmp.ini
2008-12-09 15:02:47 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-09 15:01:59 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-12-09 15:01:48 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-09 15:00:15 ----D---- C:\Documents and Settings\aloysius\Application Data\WinRAR
2008-12-09 15:00:00 ----D---- C:\Program Files\WinRAR
2008-12-09 11:22:15 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-09 11:16:33 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-09 11:14:49 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-09 11:14:04 ----A---- C:\WINDOWS\imsins.BAK
2008-12-09 11:14:02 ----SHD---- C:\WINDOWS\Installer
2008-12-09 11:14:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-09 11:14:01 ----D---- C:\Program Files\Common Files\ODBC
2008-12-09 11:14:01 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-09 11:13:59 ----RD---- C:\Program Files
2008-12-09 11:13:59 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-09 11:13:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-09 11:13:59 ----D---- C:\Program Files\Common Files
2008-12-09 11:13:57 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-09 11:13:57 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-09 11:13:57 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-09 11:13:55 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-09 11:13:53 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-09 11:13:52 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-09 11:13:50 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-09 11:13:49 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-09 11:13:48 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-09 11:13:46 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-09 11:13:46 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-09 11:13:46 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-09 11:13:45 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-09 11:13:41 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-09 11:13:34 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-09 11:11:53 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-09 11:11:51 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-09 11:11:50 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-09 11:11:46 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-09 11:11:46 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-09 11:11:40 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-09 11:11:22 ----A---- C:\WINDOWS\setuplog.txt
2008-12-09 11:11:19 ----D---- C:\Documents and Settings
2008-12-09 11:11:18 ----SHD---- C:\System Volume Information
2008-12-09 11:10:08 ----ASH---- C:\boot.ini
2008-12-09 11:06:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-09 11:06:00 ----RSD---- C:\WINDOWS\Fonts
2008-12-09 11:06:00 ----RD---- C:\WINDOWS\Web
2008-12-09 11:06:00 ----HD---- C:\WINDOWS\inf
2008-12-09 11:06:00 ----D---- C:\WINDOWS\WinSxS
2008-12-09 11:06:00 ----D---- C:\WINDOWS\twain_32
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Temp
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\wins
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\wbem
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\usmt
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\spool
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\Setup
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\ras
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\oobe
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\npp
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\mui
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\IME
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\icsxml
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\ias
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\export
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\drivers
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\dhcp
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\config
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\3076
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\2052
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1054
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1042
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1041
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1037
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1033
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1031
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1028
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32\1025
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system32
2008-12-09 11:06:00 ----D---- C:\WINDOWS\system
2008-12-09 11:06:00 ----D---- C:\WINDOWS\security
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Resources
2008-12-09 11:06:00 ----D---- C:\WINDOWS\repair
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Provisioning
2008-12-09 11:06:00 ----D---- C:\WINDOWS\PeerNet
2008-12-09 11:06:00 ----D---- C:\WINDOWS\pchealth
2008-12-09 11:06:00 ----D---- C:\WINDOWS\mui
2008-12-09 11:06:00 ----D---- C:\WINDOWS\msapps
2008-12-09 11:06:00 ----D---- C:\WINDOWS\msagent
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Media
2008-12-09 11:06:00 ----D---- C:\WINDOWS\java
2008-12-09 11:06:00 ----D---- C:\WINDOWS\ime
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Help
2008-12-09 11:06:00 ----D---- C:\WINDOWS\ehome
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Driver Cache
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Debug
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Cursors
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Connection Wizard
2008-12-09 11:06:00 ----D---- C:\WINDOWS\Config
2008-12-09 11:06:00 ----D---- C:\WINDOWS\AppPatch
2008-12-09 11:06:00 ----D---- C:\WINDOWS\addins
2008-12-09 11:06:00 ----D---- C:\WINDOWS
2008-12-09 04:56:19 ----HD---- C:\WINDOWS\PIF
2008-12-09 04:46:49 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-09 04:07:12 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-09 04:05:22 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-09 04:03:24 ----D---- C:\WINDOWS\Minidump
2008-12-09 03:56:55 ----D---- C:\Program Files\Softwin
2008-12-09 03:56:40 ----D---- C:\Program Files\Common Files\Softwin
2008-12-09 03:55:10 ----SHD---- C:\RECYCLER
2008-12-09 03:54:33 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-12-09 03:54:33 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-12-09 03:54:18 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-09 03:54:09 ----D---- C:\WINDOWS\system32\Futuremark
2008-12-09 03:53:21 ----D---- C:\Program Files\Futuremark
2008-12-09 03:50:59 ----D---- C:\Program Files\Adobe
2008-12-09 03:50:26 ----RA---- C:\WINDOWS\system32\AsIO.dll
2008-12-09 03:50:24 ----D---- C:\Program Files\ASUS
2008-12-09 03:44:27 ----RA---- C:\WINDOWS\system32\PostProc.dll
2008-12-09 03:44:25 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\SMMedia.dll
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\DSndUp.exe
2008-12-09 03:44:21 ----N---- C:\WINDOWS\system32\CleanUp.exe
2008-12-09 03:44:21 ----D---- C:\Program Files\Analog Devices
2008-12-09 03:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-12-09 03:43:53 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-09 03:42:22 ----D---- C:\WINDOWS\ASUSInstAll
2008-12-09 03:40:19 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-09 03:40:03 ----D---- C:\Program Files\NVIDIA Corporation
2008-12-09 03:39:40 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-12-09 03:39:32 ----RA---- C:\WINDOWS\system32\NVCOI.DLL
2008-12-09 03:39:32 ----RA---- C:\WINDOWS\system32\idecoiins.dll
2008-12-09 03:39:32 ----RA---- C:\WINDOWS\system32\idecoi.dll
2008-12-09 03:39:32 ----N---- C:\WINDOWS\system32\nvuide.exe
2008-12-09 03:39:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-09 03:39:19 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2008-12-09 03:39:19 ----A---- C:\WINDOWS\system32\fdco1.dll
2008-12-09 03:39:17 ----D---- C:\WINDOWS\NV15681556.TMP
2008-12-09 03:39:17 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-09 03:39:16 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2008-12-09 03:39:16 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2008-12-09 03:39:16 ----RA---- C:\WINDOWS\system32\bdco1.dll
2008-12-09 03:39:15 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2008-12-09 03:39:09 ----RA---- C:\WINDOWS\system32\raidmgmt.ini
2008-12-09 03:39:09 ----RA---- C:\WINDOWS\system32\AsusSetup.ini
2008-12-09 03:39:09 ----RA---- C:\WINDOWS\system32\AsusSetup.exe
2008-12-09 03:38:50 ----A---- C:\WINDOWS\Ascd_log.ini
2008-12-09 03:38:37 ----A---- C:\WINDOWS\AS_Debug.txt
2008-12-09 03:35:35 ----D---- C:\WINDOWS\nvidia icons
2008-12-09 03:35:18 ----D---- C:\WINDOWS\nview
2008-12-09 03:35:18 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-09 03:34:59 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-09 03:34:58 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-09 03:34:53 ----D---- C:\NVIDIA
2008-12-09 03:34:22 ----D---- C:\Documents and Settings\aloysius\Application Data\Identities
2008-12-09 03:34:21 ----HD---- C:\Program Files\Uninstall Information
2008-12-09 03:34:04 ----SD---- C:\Documents and Settings\aloysius\Application Data\Microsoft
2008-12-09 03:34:04 ----ASH---- C:\Documents and Settings\aloysius\Application Data\desktop.ini
2008-12-09 03:33:17 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-09 03:33:16 ----D---- C:\WINDOWS\Prefetch
2008-12-09 03:33:15 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-09 03:33:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-09 03:30:26 ----D---- C:\WINDOWS\system32\xircom
2008-12-09 03:30:26 ----D---- C:\Program Files\xerox
2008-12-09 03:30:26 ----D---- C:\Program Files\microsoft frontpage
2008-12-09 03:30:10 ----A---- C:\WINDOWS\control.ini
2008-12-09 03:30:10 ----A---- C:\AUTOEXEC.BAT
2008-12-09 03:30:01 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-09 03:29:22 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-09 03:29:22 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-09 03:29:22 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-09 03:29:18 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-09 03:29:14 ----HD---- C:\Program Files\WindowsUpdate
2008-12-09 03:29:00 ----D---- C:\WINDOWS\system32\DirectX
2008-12-09 03:28:44 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-09 03:28:42 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-09 03:28:42 ----A---- C:\WINDOWS\desktop.ini
2008-12-09 03:28:36 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-09 03:28:35 ----D---- C:\Program Files\Common Files\Services
2008-12-09 03:28:35 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-09 03:28:33 ----SD---- C:\WINDOWS\Tasks
2008-12-09 03:28:33 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-09 03:28:32 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-09 03:28:29 ----D---- C:\WINDOWS\srchasst
2008-12-09 03:28:28 ----D---- C:\WINDOWS\system32\Macromed
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-09 03:28:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-09 03:28:25 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-09 03:28:25 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-09 03:28:23 ----D---- C:\Program Files\Movie Maker
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-09 03:28:19 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-09 03:28:17 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-12-09 03:28:17 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-09 03:28:16 ----D---- C:\WINDOWS\system32\Restore
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-09 03:28:16 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-09 03:28:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-09 03:28:15 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-09 03:28:15 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-09 03:28:13 ----D---- C:\Program Files\NetMeeting
2008-12-09 03:28:13 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-09 03:28:13 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-09 03:28:12 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-09 03:28:12 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-09 03:28:11 ----D---- C:\Program Files\Outlook Express
2008-12-09 03:28:11 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-09 03:28:11 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-09 03:28:11 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-09 03:28:10 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-09 03:28:06 ----D---- C:\Program Files\Common Files\System
2008-12-09 03:28:01 ----D---- C:\Program Files\Internet Explorer
2008-12-09 03:27:37 ----D---- C:\Program Files\ComPlus Applications
2008-12-09 03:27:35 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-09 03:27:35 ----A---- C:\WINDOWS\vb.ini
2008-12-09 03:27:31 ----D---- C:\WINDOWS\Registration
2008-12-09 03:27:24 ----D---- C:\Program Files\Online Services
2008-12-09 03:27:23 ----D---- C:\Program Files\Windows Media Player
2008-12-09 03:27:19 ----D---- C:\Program Files\Messenger
2008-12-09 03:27:16 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-09 03:27:16 ----A---- C:\WINDOWS\system32\write.exe
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-09 03:27:09 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-09 03:27:03 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-09 03:27:02 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-09 03:27:01 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-09 03:27:00 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-09 03:26:59 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-09 03:26:55 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-09 03:26:48 ----D---- C:\Program Files\MSN
2008-12-09 03:26:47 ----D---- C:\Program Files\Windows NT
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-09 03:26:47 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-09 03:26:46 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-09 03:26:45 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-09 03:26:44 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-09 03:26:44 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-09 03:26:43 ----D---- C:\WINDOWS\system32\Com
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-09 03:26:43 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-09 03:26:42 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-09 03:26:34 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:07:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui

======List of files/folders modified in the last 3 months======

2008-12-20 21:51:32 ----A---- C:\WINDOWS\system.ini
2008-12-19 23:43:34 ----A---- C:\WINDOWS\win.ini
2008-12-13 14:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-11-12 14:54:00 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-11-07 18:32:20 ----A---- C:\WINDOWS\system32\WMVCore.dll
2008-10-23 21:01:36 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-22 17:47:07 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-17 04:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\occache.dll
2008-10-17 04:38:39 ----N---- C:\WINDOWS\system32\mstime.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-17 04:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-17 04:38:38 ----N---- C:\WINDOWS\system32\msrating.dll
2008-10-17 04:38:38 ----N---- C:\WINDOWS\system32\mshtmled.dll
2008-10-17 04:38:37 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-10-17 04:38:37 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-17 04:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-10-17 04:38:35 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-17 04:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-17 04:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-17 04:38:34 ----N---- C:\WINDOWS\system32\dxtrans.dll
2008-10-17 04:38:34 ----N---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-17 04:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 21:11:09 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-16 21:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 00:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdpredir;bdpredir; \??\C:\Program Files\Softwin\BitDefender10\bdpredir.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-08-08 110080]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-12-22 278984]
R2 BDRSDRV;BDRSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-12-22 25416]
R3 ADIDTSFiltService;ADI DTS Filter Service; C:\WINDOWS\system32\drivers\adidts.sys [2006-12-08 139776]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
R3 BDFSDRV;BDFSDRV; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-08-08 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-08-08 18944]
R3 ProFltr;Razer ProType USB Keyboard; C:\WINDOWS\System32\Drivers\Protype.sys [2006-11-27 28416]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S3 a3negqxj;a3negqxj; C:\WINDOWS\system32\drivers\a3negqxj.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2009-01-14 85969]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 LycoFltr;Lycosa Keyboard; C:\WINDOWS\System32\Drivers\Lycosa.sys [2008-05-22 16896]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 bdss;BitDefender Scan Server; C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe [2007-01-19 81920]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-09-08 172032]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-17 152984]
R2 LinksysUpdater;Linksys Updater; C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe [2008-03-29 204800]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-09-08 172090]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-01-10 66872]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\Softwin\BitDefender10\vsserv.exe [2008-12-09 462848]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe [2006-11-09 86016]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]
S2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe [2008-12-09 278528]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-10 183112]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------


And here's the ESET log.

# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3766 (20090114)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=e4c0849a0c37174e9806c0f9c00e24a1
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2009-01-15 05:47:52
# local_time=2009-01-15 01:47:52 (+0800, Malay Peninsula Standard Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 2
# scanned=523597
# found=1
# scan_time=9187
C:\Program Files\Softwin\BitDefender10\zlib.dll Win32/Adware.SmartAntivirus application (unable to clean - deleted (after the next restart)) 00000000000000000000000000000000

And this is the OTMoveIt log.

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== FILES ==========
C:\WINDOWS\tasks\uxwpybqb.job moved successfully.
C:\WINDOWS\system32\xydoaqrl.ini moved successfully.
C:\WINDOWS\system32\332e6cff-.txt moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\aloysius\LOCALS~1\Temp\etilqs_smUxQDsXgtVMeMChfQzc scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF6E19.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF70E9.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF7C33.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF7D1C.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\hsperfdata_SYSTEM\1676 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_690.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01152009_022459

Files moved on Reboot...
File C:\DOCUME~1\aloysius\LOCALS~1\Temp\etilqs_smUxQDsXgtVMeMChfQzc not found!
File C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF6E19.tmp not found!
File C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF70E9.tmp not found!
File C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF7C33.tmp not found!
File C:\DOCUME~1\aloysius\LOCALS~1\Temp\~DF7D1C.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\hsperfdata_SYSTEM\1676 not found!
File C:\WINDOWS\temp\Perflib_Perfdata_690.dat not found!
C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\aloysius\Local Settings\Application Data\Mozilla\Firefox\Profiles\kugh3k4w.default\XUL.mfl moved successfully.

#9 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 15 January 2009 - 06:51 AM

Anyways, my computer feels much better. The pop-ups for AntiVirus 2009 have not appeared so far and i feel so much more at ease. I owe you a big big one, thanks a million man. :thumbsup:

I got a question though - i've uninstalled SpyBot S&D as per your instructions. Do i reinstall it back or is there not a need for SpyBot S&D anymore?

#10 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 15 January 2009 - 07:39 AM

Looks good to me.. About Spybot S&D, you can install it if you wish.. The reason I asked you to uninstall it is purely that the Tea-Timer function will interfere with our fixes.. That's all.. The program is good, but I prefer Malwarebytes' :thumbsup:


Lets do some cleanup...

Please download OTCleanIt and save it to Desktop.
  • Make sure you have internet connection..
  • Double-click OTCleanIt.exe
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes



Please read these excellent articles by miekiemoes :
Help! My computer is slow!
How to prevent Malware

Please reply to this thread once more and tell us about the computer behaviour before we can close this thread :)



Have a safe and happy computing day!


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#11 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 15 January 2009 - 12:19 PM

Hey fenzodahl, thanks for your help. :thumbsup: Finally everything seems back to normal. The OTCleanIt has deleted all the programs i downloaded earlier to solve the virus problem (it's supposed to right?).

The only thing amiss was that i found my BitDefender AntiVirus and Firewall were unable to start. I had this 'Virus Shield unable to start' error message. Could it be that a required BitDefender file was wiped off during the clean-up process?

#12 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 16 January 2009 - 12:02 AM

Perhaps.. Uninstall and re-install back your BitDefender.. Then tell me more about it :thumbsup:

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#13 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 16 January 2009 - 02:27 AM

Hmm i did a repair and i think that did the trick. Everything's seems pretty much back to normal now. I did reinstall SpyBot, together with BitDefender. I'll be using both Spybot and MBAM to regularly scan my computer. Is my rig all cleaned up then? :thumbsup:

Thanks so much for your reply. You're a lifesaver!

Perhaps.. Uninstall and re-install back your BitDefender.. Then tell me more about it :)



#14 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 16 January 2009 - 02:42 AM

From your last logs, you are good to go.. Anymore question? :thumbsup:

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#15 ValerieVendetta

ValerieVendetta
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:01 AM

Posted 16 January 2009 - 02:50 AM

None. Thanks! :thumbsup:

From your last logs, you are good to go.. Anymore question? :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users