Logfile of random's system information tool 1.06 (written by random/random)
Run by Ellary at 2009-05-30 16:34:31
Microsoft Windows XP Professional Service Pack 3, v.5657
System drive C: has 198 GB (83%) free of 238 GB
Total RAM: 2047 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:34:45 PM, on 5/30/2009
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe
C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnybbsvc.exe
C:\Documents and Settings\Ellary\Local Settings\Application Data\Skype\Phone\Skype.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Samurize\Client.exe
C:\Program Files\Karen's Power Tools\Replicator\PTReplicator.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Ellary\Local Settings\Application Data\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\Ellary\My Documents\Downloads\RSIT.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Ellary\Desktop\Ellary.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [MoneyInsights] "C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe"
O4 - HKCU\..\Run: [MoneyBackgoundBanking] "C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnybbsvc.exe"
O4 - HKCU\..\Run: [Skype] "C:\Documents and Settings\Ellary\Local Settings\Application Data\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKUS\S-1-5-18\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'Default user')
O4 - Startup: Client Default.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: Karen's Replicator.lnk = C:\Program Files\Karen's Power Tools\Replicator\PTReplicator.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Karen's Time Sync.lnk = C:\Program Files\PTSync\PTSync.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - C:\Program Files\Active Whois\ieshow.exe
O9 - Extra 'Tools' menuitem: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - C:\Program Files\Active Whois\ieshow.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) -
http://www.comcastsupport.com/Oneclickfix/tgctlsr.cabO16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -
https://support.microsoft.com/OAS/ActiveX/MSDcode.cabO16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) -
http://www.creative.com/su/ocx/15031/CTSUEng.cabO16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) -
http://www.trendsecure.com/framework/co ... mHcmsX.CABO16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} (Cisco AnyConnect VPN Client Web Control) -
https://tvremote.truevalue.com/CACHE/st ... vpnweb.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 9884566998O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 0068752140O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) -
file://C:\Documents and Settings\Ellary\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) -
http://games.myspace.com/Gameshell/Game ... meHost.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/f ... wflash.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) -
http://www.creative.com/su/ocx/15031/CTPID.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\DOCUME~1\Ellary\LOCALS~1\APPLIC~1\Skype\Shared\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
--
End of file - 12311 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\SyncToy.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{32004C26-5100-4096-B900-E99774483C4B}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-06 308832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-23 668656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"Jet Detection"=C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe [2001-11-29 28672]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"CTHelper"=C:\WINDOWS\CTHELPER.EXE [2006-08-11 17920]
"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-08-11 18944]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-12-20 2656528]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2009-03-31 995528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-02-12 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"MoneyInsights"=C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe [2008-02-19 502800]
"MoneyBackgoundBanking"=C:\Program Files\Microsoft Money Plus\MNYCoreFiles\mnybbsvc.exe [2008-02-19 53264]
"Skype"=C:\Documents and Settings\Ellary\Local Settings\Application Data\Skype\Phone\Skype.exe [2009-04-16 24264488]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"OE"=C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe [2009-04-25 492808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe [2007-06-14 149024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-04-28 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-06-07 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC1300]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-10-06 185872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NkvMon.exe.lnk]
C:\PROGRA~1\Nikon\NkView6\NkvMon.exe [2002-12-04 237568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ellary^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
C:\PROGRA~1\OPENOF~1.4\program\QUICKS~1.EXE []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HotSync Manager.lnk - C:\Palm\HOTSYNC.EXE
Karen's Time Sync.lnk - C:\Program Files\PTSync\PTSync.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Ellary\Start Menu\Programs\Startup
Client Default.lnk - C:\Program Files\Samurize\Client.exe
Karen's Replicator.lnk - C:\Program Files\Karen's Power Tools\Replicator\PTReplicator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-21 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-03-25 303616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Palm\PPLTReg.exe"="C:\Palm\PPLTReg.exe:*:Enabled:PPLT Reg"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe"="C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Documents and Settings\Ellary\Local Settings\Application Data\Skype\Phone\Skype.exe"="C:\Documents and Settings\Ellary\Local Settings\Application Data\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
======List of files/folders created in the last 1 months======
2009-05-30 16:34:31 ----D---- C:\rsit
2009-05-19 18:04:27 ----D---- C:\Documents and Settings\Ellary\Application Data\webex
2009-05-11 18:14:36 ----D---- C:\Program Files\DIFX
2009-05-11 18:14:34 ----D---- C:\Program Files\Garmin
2009-05-10 19:30:13 ----D---- C:\Program Files\JRE
2009-05-03 22:17:12 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-05-03 22:17:12 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-05-03 22:17:10 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-05-03 22:17:09 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-05-03 22:17:08 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-05-03 22:17:07 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-05-03 22:17:07 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-05-03 22:17:05 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-05-03 22:17:05 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-05-03 22:17:04 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-05-03 22:17:01 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-05-03 22:17:01 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-05-03 22:17:00 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-05-03 22:16:59 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-05-03 22:16:57 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-05-03 22:16:56 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-05-03 22:16:55 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-05-03 22:16:54 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-05-03 22:16:53 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-05-03 22:16:52 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-05-03 22:16:50 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-05-03 22:16:50 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-05-03 22:16:48 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-05-03 22:16:44 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-05-03 22:16:43 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-05-03 22:16:43 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-05-03 22:16:41 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-05-03 22:16:38 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-05-03 22:16:28 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-05-03 22:16:26 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-05-03 22:16:25 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-05-03 22:16:25 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-05-03 22:16:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-05-03 22:16:20 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-05-03 22:16:12 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-05-03 22:16:12 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-05-03 22:16:09 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-05-03 22:16:07 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-05-03 22:16:06 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-05-03 22:16:05 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-05-03 22:16:04 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-05-03 22:16:03 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-05-03 22:16:03 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-05-03 22:16:02 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-05-03 22:16:02 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-05-03 22:16:00 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-05-03 22:15:59 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-05-03 22:15:56 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-05-03 22:15:55 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-05-03 22:15:55 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-05-03 22:15:53 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-05-03 22:15:51 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-05-03 22:15:50 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-05-03 22:15:49 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-05-03 22:15:48 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-05-03 22:15:48 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-05-03 22:15:47 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-05-03 22:15:45 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-05-03 22:15:44 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-05-03 22:15:43 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-05-03 22:15:43 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-05-03 22:15:42 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-05-03 22:15:37 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-05-03 22:15:36 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-05-03 22:15:36 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-05-03 22:15:35 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-05-03 22:15:34 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-05-03 22:15:33 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-05-03 22:15:32 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-05-03 22:15:31 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-05-03 22:15:29 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-05-03 22:08:37 ----HD---- C:\WINDOWS\msdownld.tmp
2009-05-03 22:08:29 ----D---- C:\WINDOWS\Logs
======List of files/folders modified in the last 1 months======
2009-05-30 16:34:37 ----D---- C:\WINDOWS\Prefetch
2009-05-30 16:31:39 ----D---- C:\Documents and Settings\Ellary\Application Data\Skype
2009-05-30 14:50:53 ----D---- C:\Program Files\Mozilla Firefox 3.5 Beta 4
2009-05-30 14:12:10 ----SD---- C:\WINDOWS\Tasks
2009-05-30 12:25:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-30 08:24:24 ----D---- C:\Program Files\Mozilla Thunderbird
2009-05-30 08:23:45 ----D---- C:\WINDOWS\Temp
2009-05-30 08:23:25 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-30 08:22:52 ----D---- C:\Documents and Settings\Ellary\Application Data\skypePM
2009-05-30 00:55:14 ----A---- C:\WINDOWS\{00000003-00000000-00000002-00001102-00000004-00511102}.BAK
2009-05-29 21:11:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-05-29 08:15:41 ----D---- C:\WINDOWS\system32
2009-05-28 22:06:42 ----D---- C:\Documents and Settings\Ellary\Application Data\Move Networks
2009-05-27 20:00:13 ----A---- C:\WINDOWS\Cook'n99.ini
2009-05-27 20:00:13 ----A---- C:\WINDOWS\COOK'N5.INI
2009-05-27 17:59:58 ----SHD---- C:\WINDOWS\Installer
2009-05-27 17:12:22 ----D---- C:\Documents and Settings\Ellary\Application Data\Canon
2009-05-21 22:26:16 ----D---- C:\WINDOWS
2009-05-21 19:36:26 ----D---- C:\Program Files\a-squared Free
2009-05-21 07:04:35 ----D---- C:\WINDOWS\system32\Service
2009-05-20 23:07:30 ----D---- C:\Program Files\Common Files
2009-05-20 23:06:10 ----D---- C:\Program Files
2009-05-20 23:05:50 ----D---- C:\Program Files\Common Files\AOL
2009-05-20 23:05:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-12 15:37:06 ----A---- C:\WINDOWS\cdplayer.ini
2009-05-11 18:14:48 ----D---- C:\Garmin
2009-05-11 18:14:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-11 09:17:22 ----A---- C:\WINDOWS\CSTBox.INI
2009-05-10 21:37:12 ----D---- C:\Documents and Settings\All Users\Application Data\Trend Micro
2009-05-10 19:34:48 ----RSD---- C:\WINDOWS\assembly
2009-05-10 19:31:14 ----RSD---- C:\WINDOWS\Fonts
2009-05-10 19:30:00 ----D---- C:\Program Files\OpenOffice.org 3
2009-05-03 22:17:14 ----D---- C:\WINDOWS\system32\DirectX
2009-05-03 22:17:12 ----HD---- C:\WINDOWS\inf
2009-05-03 22:15:18 ----D---- C:\WINDOWS\Microsoft.NET
2009-05-02 00:53:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-02-11 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-02-11 14592]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-02-11 225664]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-04-25 80400]
R2 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2009-04-25 36368]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2009-04-25 205328]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2009-04-25 1195512]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-02-11 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
R3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-02-11 71552]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2006-08-11 502272]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-08-11 499584]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2006-08-11 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2006-08-11 143872]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2003-02-19 118784]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2006-08-11 78336]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2006-08-11 766976]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-02-11 10368]
R3 LVPr2Mon;LVPr2Mon Driver; C:\WINDOWS\system32\Drivers\LVPr2Mon.sys [2008-12-16 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-12-17 768024]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-12-17 41752]
R3 LVUVC;Logitech QuickCam Pro 9000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2008-12-17 6364440]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-06-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-02-11 61824]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-08-11 116224]
R3 SMBios;Intel (R) System Managment BIOS Service; C:\WINDOWS\System32\DRIVERS\SMBios.sys [2003-02-12 34978]
R3 tmcfw;Trend Micro Common Firewall Service; C:\WINDOWS\system32\DRIVERS\TM_CFW.sys [2009-04-25 335376]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-02-11 12288]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-02-11 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-02-11 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-02-11 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-02-11 59520]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-02-11 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-02-11 20608]
S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-02-11 71552]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-02-11 17024]
S3 CSVirtA;Cisco Systems SSL VPN Adapter; C:\WINDOWS\system32\DRIVERS\CSVirtA.sys []
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-11-10 340704]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2008-12-17 23832]
S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2006-08-11 154112]
S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2006-08-11 180224]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-10-11 1920920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-02-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-02-11 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-02-11 10880]
S3 phaudlwr;Philips Audio Filter; C:\WINDOWS\system32\DRIVERS\phaudlwr.sys [2007-07-16 88320]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-02-11 11136]
S3 SPC1300;USB2.0 PC Camera (SPC1300); C:\WINDOWS\system32\DRIVERS\spc1300.sys [2007-10-18 3033728]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-02-11 15232]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-02-11 12800]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-02-11 26368]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys [2008-03-28 15360]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-02-11 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-02-12 14336]
R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-05-13 717320]
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe [2007-06-14 411168]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-21 405504]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-06-07 942080]
R2 IntuitUpdateService;Intuit Update Service; C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2008-10-10 13088]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-12-16 150040]
R2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2009-03-31 711248]
R2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-04-25 341256]
R2 TmPfw;Trend Micro Personal Firewall; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2009-03-31 497008]
R2 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-03-31 677128]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2008-03-28 370360]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-03-25 440320]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-04-28 114775]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 p2pgasvc;Peer Networking Group Authentication; C:\WINDOWS\System32\svchost.exe [2008-02-12 14336]
S3 p2pimsvc;Peer Networking Identity Manager; C:\WINDOWS\System32\svchost.exe [2008-02-12 14336]
S3 p2psvc;Peer Networking; C:\WINDOWS\System32\svchost.exe [2008-02-12 14336]
S3 PNRPSvc;Peer Name Resolution Protocol; C:\WINDOWS\System32\svchost.exe [2008-02-12 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-02-12 14336]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-05-30 16:34:54
======Uninstall list======
-->"C:\Program Files\Creative\SBAudigy\Program\SETUP.EXE" /S /U /W
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\InstallShield Installation Information\{C7C368E6-0B79-45A9-A9A4-5D57639EDAA2}\setup.exe -runfromtemp -l0x0009
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Active Whois 3.0-->"C:\Program Files\Active Whois\unins000.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
AnswerWorks 4.0 Runtime - English-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
AnswerWorks 5.0 English Runtime-->MsiExec.exe /I{9E5A03E3-6246-4920-9630-0527D5DA9B07}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft Software Suite-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\Software Suite\Uninst.isu"
a-squared Free 3.0-->"C:\Program Files\a-squared Free\unins000.exe"
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HydraVision-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
Audit Support Center 1.0-->C:\Program Files\Audit Support Center\uninst.exe
Calculator Powertoy for Windows XP-->MsiExec.exe /I{B37C842A-B624-46B8-A727-654E72F1C91A}
Canon CanoScan Toolbox 4.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{143FB15C-0C48-41E3-9C30-F56FB69BF3D7}\Setup.exe" -l0x9 anything
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco AnyConnect VPN Client-->MsiExec.exe /I{68D47332-A69E-4B72-83B7-D34AE73B0CE8}
Combined Community Codec Pack 2007-07-22-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Cook'n Freezer Meals-->C:\PROGRA~1\DVO\COOK'N~1\UNWISE.EXE C:\PROGRA~1\DVO\COOK'N~1\INSTALL.LOG
Creative Audio Console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9 /remove
Data Lifeguard Tools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}\Setup.exe"
Diskeeper Home Edition-->MsiExec.exe /X{029878D4-EDF8-4AF1-94E5-97E5811333C4}
doPDF 5.2 printer-->"C:\Program Files\Softland\doPDF 5\unins000.exe"
Download Updater (AOL LLC)-->C:\Program Files\Common Files\Software Update Utility\uninstall.exe
DropMyRights-->MsiExec.exe /I{E5B72007-07C9-4E67-B29E-696073F45704}
Garmin City Navigator North America NT 2009 Update-->MsiExec.exe /X{DAFCC5EF-E4D0-47EF-8E4B-168B3644A1E3}
Garmin City Navigator North America NT v8-->MsiExec.exe /X{5301C483-40FB-4F94-B56E-D7D5A114D2F6}
Garmin Communicator Plugin-->MsiExec.exe /X{F6970FBD-809A-4C51-BAB3-D94A04C6C8E7}
Garmin MapSource-->MsiExec.exe /X{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497}
Garmin POI Loader-->MsiExec.exe /X{DFA1E2C8-A9DE-4B99-8B3C-866664B5F67C}
Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD}
Garmin WebUpdater-->MsiExec.exe /X{E0783143-EAE2-4047-A8D6-E155523C594C}
Gimp 2.6.1-->"C:\Program Files\Gimp-2.0\setup\unins000.exe"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GPL Ghostscript 8.60-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.60\uninstal.txt"
GPL Ghostscript Fonts-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt"
HijackThis 2.0.2-->"C:\Documents and Settings\Ellary\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Karen's Cookie Viewer-->C:\Program Files\Karen's Power Tools\Cookie Viewer\uninst.exe
Karen's 'Net Monitor-->C:\Program Files\Karen's Power Tools\'Net Monitor\uninst.exe
Karen's Replicator-->C:\Program Files\Karen's Power Tools\Replicator\uninst.exe
Karen's Show Stopper-->C:\Program Files\Karen's Power Tools\Show Stopper\uninst.exe
Karen's Time Sync-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\PTSync\ST6UNST.LOG"
Karen's Window Watcher (C:\Program Files\Karen's Power Tools\)-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Karen's Power Tools\ST6UNST.LOG"
Karen's Window Watcher-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\WinWatch\ST6UNST.LOG"
LifeJournal2-->"C:\Program Files\LifeJournal2\uninstall.exe" "C:\Program Files\LifeJournal2\install.log"
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.90.1262\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.90" /clone_wait /hide_progress
Logitech QuickCam-->MsiExec.exe /I{937B232D-9776-471E-92BD-D424E514EF14}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Calculator Plus-->MsiExec.exe /I{83073C45-3003-4671-9A86-243AAADD915A}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Money Plus-->"C:\Program Files\Microsoft Money Plus\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Money Shared Libraries-->MsiExec.exe /X{7F1B3341-A94E-4F5C-B587-CA0EB964221E}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Outlook 2002-->MsiExec.exe /I{911A0409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft XML Parser and SDK-->MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07}
MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Mozilla Firefox (3.5b4)-->C:\Program Files\Mozilla Firefox 3.5 Beta 4\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Nikon View 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}\setup.exe" UNINSTALL
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242}
Photohands 1.0E-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{544FB392-069D-4BA5-9DC7-FFD47230AEE5}\Setup.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RegCure 1.5.0.0-->C:\Program Files\RegCure\uninst.exe
Security Task Manager 1.7f-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Serif PagePlus X2 Resources-->MsiExec.exe /I{A84FB24E-FEB4-4C93-A5F5-DE3B40B2B73D}
Serif PagePlus X2-->MsiExec.exe /I{B00B1355-DD54-4314-90B1-161C6A7D3FD3}
Serif PhotoPlus 9.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7399656A-A683-41F9-8B81-B49A5138B76C}\Setup.exe" -l0x9
Serif PhotoPlus Association File Formats-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8650CB3-89F1-4AE0-81AC-917423C58DB8}\Setup.exe" -l0x9
Serious Samurize-->"C:\Program Files\Samurize\Uninstall.exe"
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Sound Blaster Audigy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9115E7DB-3B29-445A-802D-11E0AA945B7F}\SETUP.EXE" -l0x9
SyncToy 2.0 Beta-->MsiExec.exe /I{F3666943-0411-41D1-8015-8B572B6E91A7}
TBS WMP Plug-in-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{13515135-48BB-4184-8C1F-2FAE0138E200}
TeLL me More-->"C:\TELL ME MORE NV\BIN\unsetup.exe" -file "C:\TELL ME MORE NV\unsetup.aui"
Trend Micro Internet Security-->C:\Program Files\Trend Micro\Internet Security\remove.exe
Trend Micro Internet Security-->MsiExec.exe /X{40E12A55-C504-4223-AFAC-7672DBF1ACDE}
TurboTax 2008 WinPerFedFormset-->MsiExec.exe /I{7570F1CA-016D-46AC-B586-CD74645EFB52}
TurboTax 2008 WinPerProgramHelp-->MsiExec.exe /I{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}
TurboTax 2008 WinPerReleaseEngine-->MsiExec.exe /I{88214092-836F-4E22-A5AC-569AC9EE6A0F}
TurboTax 2008 WinPerTaxSupport-->MsiExec.exe /I{B23726CF-68BF-41A6-A4EB-72F12F87FE05}
TurboTax 2008 WinPerUserEducation-->MsiExec.exe /I{29521505-F489-4822-ADFA-32C6DEE4F114}
TurboTax 2008 wrapper-->MsiExec.exe /I{B1DB1AD8-C07E-4052-81A1-D2930232BA70}
TurboTax 2008-->C:\Program Files\TurboTax\Deluxe 2008\Installer\TurboTax 2008 Installer.exe /u /t /a
URGE-->MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\grmnusb_09F3E629557EBE4D2BA1A9469BDAE635AC0807AE\grmnusb.inf
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
======Security center information======
AV: Trend Micro Internet Security
FW: Trend Micro Personal Firewall
======System event log======
Computer Name: ELLARY-R1T4AMF1
Event Code: 10010
Message: The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register with DCOM within the required timeout.
Record Number: 31273
Source Name: DCOM
Time Written: 20090415174608.000000-300
Event Type: error
User: ELLARY-R1T4AMF1\Ellary
Computer Name: ELLARY-R1T4AMF1
Event Code: 10010
Message: The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register with DCOM within the required timeout.
Record Number: 31272
Source Name: DCOM
Time Written: 20090415174538.000000-300
Event Type: error
User: ELLARY-R1T4AMF1\Ellary
Computer Name: ELLARY-R1T4AMF1
Event Code: 10010
Message: The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register with DCOM within the required timeout.
Record Number: 31271
Source Name: DCOM
Time Written: 20090415174507.000000-300
Event Type: error
User: ELLARY-R1T4AMF1\Ellary
Computer Name: ELLARY-R1T4AMF1
Event Code: 10010
Message: The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register with DCOM within the required timeout.
Record Number: 31270
Source Name: DCOM
Time Written: 20090415174437.000000-300
Event Type: error
User: ELLARY-R1T4AMF1\Ellary
Computer Name: ELLARY-R1T4AMF1
Event Code: 10010
Message: The server {ED081F25-6A77-4C89-B689-C6E15C582EC1} did not register with DCOM within the required timeout.
Record Number: 31269
Source Name: DCOM
Time Written: 20090415174407.000000-300
Event Type: error
User: ELLARY-R1T4AMF1\Ellary
=====Application event log=====
Computer Name: ELLARY-R1T4AMF1
Event Code: 1517
Message: Windows saved user ELLARY-R1T4AMF1\Ellary registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 33662
Source Name: Userenv
Time Written: 20090307004244.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ELLARY-R1T4AMF1
Event Code: 1517
Message: Windows saved user ELLARY-R1T4AMF1\Ellary registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 33602
Source Name: Userenv
Time Written: 20090305222545.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ELLARY-R1T4AMF1
Event Code: 1517
Message: Windows saved user ELLARY-R1T4AMF1\Ellary registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 33542
Source Name: Userenv
Time Written: 20090304224248.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ELLARY-R1T4AMF1
Event Code: 1517
Message: Windows saved user ELLARY-R1T4AMF1\Ellary registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 33494
Source Name: Userenv
Time Written: 20090303224806.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: ELLARY-R1T4AMF1
Event Code: 1517
Message: Windows saved user ELLARY-R1T4AMF1\Ellary registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.
This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.
Record Number: 33438
Source Name: Userenv
Time Written: 20090302225313.000000-360
Event Type: warning
User: NT AUTHORITY\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Diskeeper Corporation\Diskeeper\;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"SamDir"=SINSTDIR
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
-----------------EOF-----------------