I am currently using Windows XP SP3.

My problem began when opening an executable downloaded from usenet. I scanned the file with my AVG antivirus, but the file did not appear to contain any viruses. I opened the file and that is when all hell breaks loose. I don't look at my AVG interface regularly, so I clicked the Smart Antivirus 2009 dialogue boxes thinking it was AVG.

I found out that MBAM (MalwareBytes Anti-Malware) would help me, so I downloaded it and ran it. I restarted my computer, and for the most part, most of the damages have been fixed. These damages included my task manager being disabled, start menu items gone, the words VIRUS ALERT next to the time in my system tray, and my main HD hidden in the My Computer folder. However, Smart Antivirus 2009 was still there. Knowing full well that it was malware, I proceeded to exit any dialogue boxes through the task manager.

I repeated the MBAM FULL SYSTEM scan in safe-mode numerous times, and 2 trojans would repeatedly come up. Only until I located and deleted the Smart Antivirus 2009 folder in my program files did the MBAM scans come clean. I restart once again in normal mode to scan and make sure it is gone, and at this point, it seems all is well. I run Spybot and the results are clean. This is when I decide to run AVG antivirus, but can't get a full scan without my computer restarting on me.

I restart in safe-mode to AVG scan in command line and only a minute into the scan (the same point in the normal AVG GUI scan) my computer restarts. I reinstalled and updated AVG, but the problem persisted. This is when I found these forums.

I read the stickies and completed the MRP procedure. I don't have any of the P2P clients listed to I skipped that. Nothing out of the ordinary was in my Add or Remove Programs list. I disabled my Spybot Tea Timer, and AVG resident shield. I ran CCleaner and ATF Cleaner as instructed. I ran Spybot S&D and it came out clean. I ran the online scanner Housecall and it came out clean. I ran MBAB again but as instructed (fast scan), and it came out clean. I just tried running my AVG antivirus in normal mode, and it crashes my computer within 1 minute as usual. I don't know if this is related to the virus because I haven't done many scans prior.

You're Ready for cleaning.

At CastleCops we screen all HijackThis logs for errors, out-of-date versions, unupdated operating systems, omissions and P2P applications; getting you [READY] for cleaning by our 1st Responders and Security Experts.

Now you wait for one of them to come help you.

Note: Due to staff shortages, you may have to wait for sometime before you get help.

_________________

Microsoft MVP Consumer Security 2006, 2007 & 2008

Now that you've made an entry at the Unhandled Logs topic, you need to post a fresh log here (below this post).


**NOTE: You have a week to post the updated log. Do not post it as a new topic. If your new updated log is not posted, this topic will be locked and your post removed from the Unhandled Logs topic list.

_________________

Microsoft MVP Consumer Security 2006, 2007 & 2008

Hi beijingbear,

1. Please download random's system information tool (RSIT) and save it to your desktop.
   
2. Double click on RSIT.exe to run it. RSIT will start running.
   
3. Select 3 months from the drop-down list and click on Continue.
   
4. RSIT will start running. When done, 2 logs will be produced. The first one, log.txt, will be maximized, the second one, info.txt, will be minimized.
   
5. Please post both logs in your next reply. 1 log per reply please.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Alastaire at 2008-10-30 07:00:50
Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (4%) free of 238 GB
Total RAM: 2047 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:01:05 AM, on 10/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Ideazon\Reaper\Reaper_Settings.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Mozilla Firefox\firefox.exe
Y:\alastaire\Download\Firefox\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Alastaire.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [Reaper Gaming Mouse] C:\PROGRA~1\Ideazon\Reaper\Reaper_Settings.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Ventrilo.lnk = C:\Program Files\Ventrilo\Ventrilo.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - .DEFAULT Startup: Ventrilo.lnk = C:\Program Files\Ventrilo\Ventrilo.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Ventrilo.lnk = C:\Program Files\Ventrilo\Ventrilo.exe
O4 - Global Startup: aboded.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: maxxfs.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{DCE14B1C-A10C-446D-9771-2097DF42ED7A}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 8458 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-09-06 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-08-14 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-09-06 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-09-06 2055960]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-13 16239616]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"XboxStat"=c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-26 734264]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-09-29 1234712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2006-02-21 344064]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"P2kAutostart"= []
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe [2007-07-02 219008]
"Reaper Gaming Mouse"=C:\PROGRA~1\Ideazon\Reaper\Reaper_Settings.exe [2006-11-22 1507328]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-01 21898024]
"Simplify Media"=C:\Program Files\Simplify Media\SimplifyMedia.exe [2008-10-15 5613576]
"Steam"=C:\Program Files\Steam\Steam.exe [2008-10-28 1410296]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
aboded.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
maxxfs.exe

C:\Documents and Settings\Alastaire\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Ventrilo.lnk - C:\Program Files\Ventrilo\Ventrilo.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-12-04 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E07D22E1-CE3A-487F-B754-8044DBEDB049}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"NoDispCPL"=0
"NoDispSettingPage"=1
"NoDispScrSavPage"=0
"NoDispAppearancePage"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoStartMenuMorePrograms"=0
"StartMenuLogOff"=0
"NoToolbarCustomize"=0
"NoSetFolders"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"AllowLegacyWebView"=
"AllowUnhashedWebView"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe"="C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG Free\avgcc.exe"="C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Steam\steamapps\xx_clide_xx@hotmail.com\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\xx_clide_xx@hotmail.com\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\World of Warcraft\BackgroundDownloader.exe"="C:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\SoundSpectrum\G-Force\G-Force Standalone.exe"="C:\Program Files\SoundSpectrum\G-Force\G-Force Standalone.exe:*:Enabled:G-Force Standalone"
"C:\Program Files\SoundSpectrum\G-Force\G-Force V-Bar.exe"="C:\Program Files\SoundSpectrum\G-Force\G-Force V-Bar.exe:*:Enabled:G-Force V-Bar"
"C:\Program Files\Motorola\UID Extraction Tool 2.2\UIDExtraction.exe"="C:\Program Files\Motorola\UID Extraction Tool 2.2\UIDExtraction.exe:*:Enabled:UID Extraction Tool"
"C:\Program Files\Motorola\RSD Lite\SDL.exe"="C:\Program Files\Motorola\RSD Lite\SDL.exe:*:Disabled:SDL"
"C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.7.6383-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.7.6383-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Repair.exe"="C:\Program Files\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Documents and Settings\Alastaire\My Documents\Download\Firefox\WoW-2.0.8.6403-to-0.0.10.6422-enUS-downloader.exe"="C:\Documents and Settings\Alastaire\My Documents\Download\Firefox\WoW-2.0.8.6403-to-0.0.10.6422-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-2.0.10.6448-to-2.0.12.6546-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"C:\Program Files\Steam\steamapps\xx_clide_xx@hotmail.com\half-life 2 deathmatch\hl2.exe"="C:\Program Files\Steam\steamapps\xx_clide_xx@hotmail.com\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Program Files\FTP Commander\ftpcomm.exe"="C:\Program Files\FTP Commander\ftpcomm.exe:*:Enabled:ftpcomm"
"C:\Program Files\Steam\steamapps\xx_clide_xx@hotmail.com\day of defeat\hl.exe"="C:\Program Files\Steam\steamapps\xx_clide_xx@hotmail.com\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Steam\steamapps\common\lost planet demo\LostPlanetDX9.exe"="C:\Program Files\Steam\steamapps\common\lost planet demo\LostPlanetDX9.exe:*:Enabled:LostPlanetDX9"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\buddhaboy511@aol.com\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\bacunawa88\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\bacunawa88\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Documents and Settings\Alastaire\My Documents\My Programs\vlc\vlc.exe"="C:\Documents and Settings\Alastaire\My Documents\My Programs\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Steam\steamapps\bacunawa88\source sdk base\hl2.exe"="C:\Program Files\Steam\steamapps\bacunawa88\source sdk base\hl2.exe:*:Enabled:hl2"
"D:\Setup.exe"="D:\Setup.exe:*:Enabled:Setup"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Joost\xulrunner\tvprunner.exe"="C:\Program Files\Joost\xulrunner\tvprunner.exe:*:Enabled:tvprunner"
"C:\Program Files\Pidgin\pidgin.exe"="C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Simplify Media\SimplifyPeer.exe"="C:\Program Files\Simplify Media\SimplifyPeer.exe:*:Enabled:Simplify Media Peer"
"C:\Program Files\Steam\steamapps\againstme!\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\againstme!\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Steam\steamapps\bacunawa88\synergy\hl2.exe"="C:\Program Files\Steam\steamapps\bacunawa88\synergy\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Simplify Media\SimplifyMedia.exe"="C:\Program Files\Simplify Media\SimplifyMedia.exe:*:Enabled:Simplify Media"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*

======List of files/folders created in the last 3 months======

2008-10-30 07:00:50 ----D---- C:\rsit
2008-10-23 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-21 19:02:42 ----D---- C:\Program Files\Steam
2008-10-19 23:00:29 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2008-10-19 16:47:46 ----D---- C:\Program Files\Simplify Media
2008-10-15 23:39:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 23:39:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 23:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 23:39:48 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 23:39:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 23:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-12 17:07:19 ----A---- C:\WINDOWS\system32\CoreVorbis-uninstall.exe
2008-10-11 07:35:32 ----D---- C:\Documents and Settings\Alastaire\Application Data\SPORE
2008-10-11 07:30:49 ----D---- C:\Program Files\Electronic Arts
2008-10-10 02:54:20 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-10-03 20:19:51 ----D---- C:\Program Files\iPod
2008-10-03 20:19:50 ----D---- C:\Program Files\iTunes
2008-10-03 20:19:50 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-15 20:29:03 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-09-15 17:14:26 ----A---- C:\WINDOWS\system32\DivXsm.exe
2008-09-15 17:14:24 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-09-15 17:12:54 ----A---- C:\WINDOWS\system32\ssldivx.dll
2008-09-15 17:12:54 ----A---- C:\WINDOWS\system32\libdivx.dll
2008-09-15 17:12:02 ----A---- C:\WINDOWS\system32\dtu100.dll.manifest
2008-09-15 17:12:02 ----A---- C:\WINDOWS\system32\dtu100.dll
2008-09-15 17:12:02 ----A---- C:\WINDOWS\system32\dpl100.dll.manifest
2008-09-15 17:12:02 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-09-15 17:12:00 ----A---- C:\WINDOWS\system32\dpv11.dll
2008-09-15 17:12:00 ----A---- C:\WINDOWS\system32\dpus11.dll
2008-09-15 17:12:00 ----A---- C:\WINDOWS\system32\dpuGUI11.dll
2008-09-15 17:12:00 ----A---- C:\WINDOWS\system32\dpuGUI10.dll
2008-09-15 17:12:00 ----A---- C:\WINDOWS\system32\dpu11.dll
2008-09-15 17:12:00 ----A---- C:\WINDOWS\system32\dpu10.dll
2008-09-15 17:11:58 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2008-09-15 17:11:58 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2008-09-15 17:11:58 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2008-09-15 17:11:58 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2008-09-15 17:11:56 ----A---- C:\WINDOWS\system32\DivX.dll
2008-09-15 17:11:28 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-09-15 17:11:10 ----A---- C:\WINDOWS\system32\DivXWMPExtType.dll
2008-09-14 18:14:54 ----D---- C:\Documents and Settings\Alastaire\Application Data\atitray
2008-09-14 18:05:51 ----D---- C:\Program Files\MultiRes
2008-09-14 18:05:41 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atitvo32.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atipuixx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiptaxx.exe
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiprbxx.exe
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atippaxx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiphexx.exe
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atipdsxx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atioglxx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atioglx2.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atikvmag.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiiprxx.exe
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiicdxx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\aticds10.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\atiadaxx.exe
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2008-09-14 18:05:40 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2008-09-14 18:05:38 ----A---- C:\WINDOWS\system32\atiicdxx.ini
2008-09-14 18:05:26 ----D---- C:\Program Files\Radeon Omega Drivers
2008-09-14 18:05:26 ----A---- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
2008-09-14 17:39:50 ----D---- C:\Program Files\ATI Technologies
2008-09-14 17:39:03 ----D---- C:\ATI
2008-09-14 17:24:53 ----D---- C:\WINDOWS\SxsCaPendDel
2008-09-12 20:20:55 ----D---- C:\Program Files\Bonjour
2008-09-09 14:21:02 ----A---- C:\WINDOWS\imsins.BAK
2008-09-09 14:20:47 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-06 19:21:09 ----D---- C:\Program Files\CCleaner
2008-09-06 18:50:01 ----D---- C:\Program Files\Trend Micro
2008-09-06 18:35:56 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-09-06 18:35:50 ----D---- C:\Documents and Settings\Alastaire\Application Data\AVGTOOLBAR
2008-09-06 18:35:45 ----D---- C:\Program Files\AVG
2008-09-06 12:39:18 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-09-06 12:38:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-06 01:24:20 ----D---- C:\Documents and Settings\Alastaire\Application Data\Malwarebytes
2008-09-05 23:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-05 21:22:40 ----A---- C:\WINDOWS\system32\b339115f-.txt
2008-09-05 20:50:50 ----D---- C:\Documents and Settings\Alastaire\Application Data\TmpRecentIcons
2008-08-29 10:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-08-29 09:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll
2008-08-29 09:42:13 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-29 09:42:12 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-29 09:42:12 ----A---- C:\WINDOWS\system32\java.exe
2008-08-25 06:17:30 ----D---- C:\Documents and Settings\Alastaire\Application Data\gtk-2.0
2008-08-15 01:29:44 ----D---- C:\Program Files\Microsoft Silverlight
2008-08-01 22:03:14 ----D---- C:\WINDOWS\Prefetch
2008-08-01 17:51:10 ----D---- C:\WINDOWS\system32\scripting
2008-08-01 17:51:10 ----D---- C:\WINDOWS\system32\en-us
2008-08-01 17:51:10 ----D---- C:\WINDOWS\system32\en
2008-08-01 17:51:10 ----D---- C:\WINDOWS\l2schemas
2008-08-01 17:51:09 ----D---- C:\WINDOWS\system32\bits
2008-08-01 17:49:22 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-01 17:48:22 ----D---- C:\WINDOWS\network diagnostic
2008-08-01 17:46:45 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-01 13:39:58 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-08-01 13:39:57 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-01 13:39:57 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-01 13:39:56 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-01 13:39:56 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-01 13:39:53 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-01 13:39:53 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-01 13:39:52 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-08-01 13:39:52 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-08-01 13:39:50 ----N---- C:\WINDOWS\system32\slserv.exe
2008-08-01 13:39:50 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-08-01 13:39:50 ----N---- C:\WINDOWS\system32\slgen.dll
2008-08-01 13:39:50 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-08-01 13:39:50 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-08-01 13:39:50 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-01 13:39:50 ----N---- C:\WINDOWS\slrundll.exe
2008-08-01 13:39:49 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-08-01 13:39:49 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-01 13:39:49 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-01 13:39:48 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-01 13:39:48 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-01 13:39:48 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-01 13:39:48 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-01 13:39:48 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-01 13:39:47 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-01 13:39:46 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-08-01 13:39:45 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-01 13:39:45 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-01 13:39:45 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-01 13:39:45 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-08-01 13:39:44 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-01 13:39:44 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-01 13:39:44 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-01 13:39:44 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-01 13:39:40 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-01 13:39:40 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-01 13:39:40 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-01 13:39:40 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-01 13:39:39 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-08-01 13:39:37 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-01 13:39:31 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-01 13:39:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-01 13:39:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-01 13:39:30 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-01 13:39:30 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-01 13:39:20 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-08-01 13:39:20 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-08-01 13:39:19 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-08-01 13:39:18 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-01 13:39:16 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-01 13:39:16 ----A---- C:\WINDOWS\003147_.tmp
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-01 13:39:15 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-01 13:39:14 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-01 13:39:13 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-01 13:39:12 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-01 13:39:12 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-01 13:39:09 ----N---- C:\WINDOWS\system32\aaclient.dll

======List of files/folders modified in the last 3 months======

2008-10-30 06:58:04 ----D---- C:\Program Files\Mozilla Firefox
2008-10-30 06:00:26 ----D---- C:\Documents and Settings\Alastaire\Application Data\.purple
2008-10-29 17:57:45 ----D---- C:\WINDOWS\Temp
2008-10-28 17:10:33 ----D---- C:\Documents and Settings\Alastaire\Application Data\OpenOffice.org2
2008-10-28 03:14:32 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-28 03:08:49 ----SHD---- C:\WINDOWS\Installer
2008-10-28 03:08:49 ----D---- C:\WINDOWS
2008-10-28 03:04:57 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-28 03:03:49 ----D---- C:\Documents and Settings\Alastaire\Application Data\Skype
2008-10-28 03:03:48 ----D---- C:\Documents and Settings\Alastaire\Application Data\skypePM
2008-10-28 02:55:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-27 03:47:13 ----D---- C:\Documents and Settings\Alastaire\Application Data\uTorrent
2008-10-23 23:28:12 ----D---- C:\Program Files\HLSW
2008-10-23 20:39:58 ----D---- C:\WINDOWS\system32
2008-10-23 20:00:27 ----HD---- C:\WINDOWS\inf
2008-10-23 20:00:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-23 20:00:15 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-21 19:02:42 ----RD---- C:\Program Files
2008-10-20 03:32:17 ----SHD---- C:\WINDOWS\CSC
2008-10-19 23:54:05 ----D---- C:\Documents and Settings\Alastaire\Application Data\Apple Computer
2008-10-19 21:41:31 ----D---- C:\Program Files\World of Warcraft
2008-10-18 05:39:59 ----D---- C:\Program Files\DivX
2008-10-17 22:29:36 ----D---- C:\Documents and Settings\Alastaire\Application Data\dvdcss
2008-10-15 23:40:00 ----D---- C:\WINDOWS\system32\drivers
2008-10-15 09:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-14 19:58:14 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-07 12:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-03 20:18:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-29 09:19:33 ----A---- C:\WINDOWS\BRWMARK.INI
2008-09-26 05:39:23 ----A---- C:\WINDOWS\win.ini
2008-09-19 20:32:20 ----D---- C:\WINDOWS\WinSxS
2008-09-18 15:17:16 ----D---- C:\Program Files\Pidgin
2008-09-15 20:23:53 ----A---- C:\WINDOWS\wininit.ini
2008-09-14 18:42:57 ----RSD---- C:\WINDOWS\assembly
2008-09-14 18:42:57 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-14 18:10:36 ----D---- C:\WINDOWS\Minidump
2008-09-14 17:42:49 ----D---- C:\Documents and Settings\Alastaire\Application Data\ATI
2008-09-14 17:40:49 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-14 17:35:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-14 17:31:12 ----D---- C:\Program Files\Internet Explorer
2008-09-14 17:18:05 ----ASH---- C:\boot.ini
2008-09-14 17:18:05 ----A---- C:\WINDOWS\system.ini
2008-09-14 16:35:35 ----D---- C:\WINDOWS\Registration
2008-09-14 16:28:30 ----D---- C:\WINDOWS\system32\config
2008-09-12 20:20:34 ----D---- C:\Program Files\QuickTime
2008-09-12 20:20:17 ----D---- C:\Program Files\Common Files\Apple
2008-09-09 14:21:14 ----D---- C:\WINDOWS\Debug
2008-09-08 08:12:26 ----D---- C:\Program Files\Apple Software Update
2008-09-07 09:46:35 ----D---- C:\Program Files\Winamp
2008-09-07 02:04:59 ----SD---- C:\WINDOWS\Tasks
2008-09-06 19:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-06 19:32:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-06 19:32:01 ----D---- C:\Documents and Settings\Alastaire\Application Data\Lavasoft
2008-09-06 19:26:19 ----D---- C:\Documents and Settings\Alastaire\Application Data\ImgBurn
2008-09-06 19:26:11 ----D---- C:\WINDOWS\system32\LogFiles
2008-09-06 19:21:19 ----D---- C:\Program Files\Yahoo!
2008-09-06 18:35:45 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-09-06 18:02:30 ----SD---- C:\Documents and Settings\Alastaire\Application Data\Microsoft
2008-09-06 12:42:13 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-05 21:15:32 ----SHD---- C:\RECYCLER
2008-09-05 21:11:52 ----D---- C:\Documents and Settings
2008-08-31 06:56:40 ----D---- C:\Program Files\mIRC
2008-08-29 09:42:12 ----D---- C:\Program Files\Java
2008-08-29 08:55:49 ----D---- C:\Program Files\Mozilla Thunderbird
2008-08-26 03:52:08 ----D---- C:\Documents and Settings\Alastaire\Application Data\Mozilla
2008-08-21 18:01:35 ----D---- C:\WINDOWS\Help
2008-08-20 13:11:32 ----D---- C:\Documents and Settings\Alastaire\Application Data\Joost
2008-08-19 23:19:13 ----D---- C:\Program Files\Joost
2008-08-19 22:30:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-19 22:30:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-19 22:30:51 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-19 22:30:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-14 03:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 02:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-13 21:29:11 ----D---- C:\Program Files\Messenger
2008-08-03 04:34:25 ----D---- C:\Program Files\WinRAR
2008-08-01 22:02:37 ----D---- C:\WINDOWS\system32\Setup
2008-08-01 22:02:37 ----D---- C:\WINDOWS\AppPatch
2008-08-01 22:02:36 ----RSD---- C:\WINDOWS\Fonts
2008-08-01 22:02:36 ----D---- C:\WINDOWS\system32\wbem
2008-08-01 22:02:36 ----D---- C:\Program Files\Outlook Express
2008-08-01 22:01:51 ----D---- C:\WINDOWS\security
2008-08-01 17:51:14 ----D---- C:\WINDOWS\system32\inetsrv
2008-08-01 17:51:14 ----D---- C:\WINDOWS\ime
2008-08-01 17:51:10 ----D---- C:\WINDOWS\system32\usmt
2008-08-01 17:51:09 ----D---- C:\WINDOWS\PeerNet
2008-08-01 17:51:09 ----D---- C:\Program Files\Movie Maker
2008-08-01 17:49:17 ----D---- C:\WINDOWS\system32\Restore
2008-08-01 17:49:16 ----D---- C:\WINDOWS\system32\npp
2008-08-01 17:49:16 ----D---- C:\WINDOWS\msagent
2008-08-01 17:49:15 ----D---- C:\WINDOWS\srchasst
2008-08-01 17:49:14 ----D---- C:\Program Files\NetMeeting
2008-08-01 17:49:13 ----D---- C:\WINDOWS\system32\Com
2008-08-01 17:49:12 ----D---- C:\Program Files\Windows NT
2008-08-01 17:49:12 ----D---- C:\Program Files\Windows Media Player
2008-08-01 17:49:11 ----D---- C:\Program Files\Common Files\System
2008-08-01 17:49:03 ----D---- C:\WINDOWS\system32\oobe
2008-08-01 17:49:02 ----D---- C:\WINDOWS\system
2008-08-01 17:46:45 ----D---- C:\WINDOWS\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 atitray;atitray; \??\C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys []
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-09-06 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-09-06 26824]
R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2008-01-20 179584]
R1 IfsMount;IfsMount; C:\WINDOWS\system32\DRIVERS\ifsmount.sys [2007-12-29 49536]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-09-06 76040]
R2 TICalc;TICalc; C:\WINDOWS\system32\drivers\TICalc.sys [1999-08-30 9152]
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-04 2782208]
R3 ATIAVAIW;ATI T200 Unified AVStream service; C:\WINDOWS\system32\DRIVERS\atinavt2.sys [2008-05-14 171520]
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-13 4299264]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-11 41752]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-02-16 13056]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 ac6sdbyz;ac6sdbyz; C:\WINDOWS\system32\drivers\ac6sdbyz.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
S3 MotDev;Motorola Inc. USB Device; C:\WINDOWS\system32\DRIVERS\motodrv.sys []
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys []
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 P2k;Motorola USB Device; C:\WINDOWS\system32\DRIVERS\P2k.sys [2006-04-18 36608]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\WINDOWS\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s616mdfl.sys [2007-04-03 15112]
S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s616mdm.sys [2007-04-03 108680]
S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\WINDOWS\system32\DRIVERS\s616nd5.sys [2007-04-03 23176]
S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\WINDOWS\system32\DRIVERS\s616unic.sys [2007-04-03 99080]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WINFLASH;WINFLASH; \??\C:\Documents and Settings\Alastaire\My Documents\Download\Firefox\NF57625\NF57625\WinFlash.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-26 61984]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-04 495616]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-06 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-06 231704]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-10-22 69632]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2007-11-19 66872]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-09-28 593920]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-10-27 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.04 2008-10-30 07:01:08

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
-->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uninstall.exe"
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Aspell English Dictionary-0.50-2-->"C:\Program Files\Aspell\unins001.exe"
ATI Display Driver (Omega 3.8.442)-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cheat Engine 5.3-->"C:\Program Files\Cheat Engine\unins000.exe"
CoreVorbis Audio Decoder (remove only)-->"C:\WINDOWS\system32\CoreVorbis-uninstall.exe"
DH Driver Cleaner Professional Edition-->C:\Program Files\Driver Cleaner Pro\Uninstall.exe
DirectVobSub (remove only)-->"C:\Documents and Settings\Alastaire\My Documents\My Programs\DirectVobSub\uninstall.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DScaler 4.1.16-->"C:\Program Files\DScaler\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Easy CD-DA Extractor 11-->"C:\WINDOWS\Easy CD-DA Extractor 11.5.2\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 11\irunin.xml"
Ext2 IFS 1.11 for Windows XP-->RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall 130 Ext2Ifs_for_NT501.inf
FLV Player 2.0, build 24-->C:\Program Files\FLV Player\uninst.exe
FTP Commander-->C:\Program Files\FTP Commander\uninstall.exe
Futuremark SystemInfo-->C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly
G-Force-->C:\Program Files\SoundSpectrum\G-Force\Uninstall.exe
GNU Aspell 0.50-3-->"C:\Program Files\Aspell\unins000.exe"
GoldWave v5.22-->"C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.22" "C:\Program Files\GoldWave\unstall.log"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
Google Video Uploader-->"C:\Program Files\Google Video\Uninstall.exe"
GrabIt 1.7.1 Beta (build 960)-->"C:\Program Files\GrabIt\unins000.exe"
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\SETUP.exe" -l0x9 -removeonly
GTK+ Runtime 2.12.8 rev a (remove only)-->C:\Program Files\Common Files\GTK\2.0\uninst.exe
Guifications Plugin (remove only)-->C:\Program Files\Pidgin\pidgin-guifications-uninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HLSW v1.1.6-->"C:\Program Files\HLSW\unins000.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
ImgBurn (Remove Only)-->"C:\Program Files\ImgBurn\uninstall.exe"
iPodCopy-->MsiExec.exe /I{0A5831B0-C6D1-4D9C-85EF-5956550B4AC2}
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Development Kit 6-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160000}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExe