here is the result of the kapersky scan:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, December 2, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, December 02, 2008 07:27:47
Records in database: 1431269
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 184133
Threat name: 15
Infected objects: 19
Suspicious objects: 1
Duration of the scan: 03:12:35


File name / Threat name / Threats count
C:\WINDOWS\sowar.vbs Infected: Worm.VBS.Autorun.bi 1
C:\WINDOWS\system32\autorun.ini Infected: Virus.Win32.AutoIt.f 1
D:\Softwares\for windows\iNGEn_XPsp2.exe Infected: not-a-virus:PSWTool.Win32.RAS.g 1
F:\LORD VIE\Limewire Downloads\DAD Limewire Downloads\mp3 doctor serial.wm Infected: Trojan-Downloader.WMA.Wimad.m 1
F:\LORD VIE\Limewire Downloads\02 Track 2 (love).wma Infected: Trojan-Downloader.WMA.Wimad.l 1
F:\Softwares\Audio Convertion\acw.exe Suspicious: Packed.Win32.PePatch.dk 1
F:\Softwares\Ultravnc\Ultravnc_Setup_104RC1.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.p 1
F:\Softwares\Video Downloader\vdownloader.zip Infected: not-a-virus:Downloader.Win32.VDown.a 1
F:\Softwares\Video Downloader\vdownloader\VDownloader.exe Infected: not-a-virus:Downloader.Win32.VDown.a 1
F:\Softwares\Winsock Pocket Editor\wpepro09x.zip Infected: HackTool.Win32.Sniffer.WpePro.a 1
F:\Softwares\Winsock Pocket Editor\wpepro09x.zip Infected: HackTool.Win32.Sniffer.WpePro.w 1
F:\Application for Cell\ALL GAMES\n gage\N gage games\TONYHAWK\libs\ECom.dll Infected: Trojan.SymbOS.Blocker.a 1
F:\Application for Cell\ALL GAMES\n gage\N gage games\CALLOFDUTY\Call_Of_Duty_NGAGE-ENGAGE\Call_Of_Duty_NGAGE-ENGAGE\system\libs\ECOM.DLL Infected: Trojan.SymbOS.Blocker.a 1
F:\Application for Cell\ALL GAMES\NEW GAMES NOKIA TYPE\Mosquitos103\Mosquitos103.sis Infected: Trojan.SymbOS.Mosquit.c 1
F:\Application for Cell\ALL GAMES\NEW GAMES NOKIA TYPE\Mosquitos103\Mosquitos103.zip Infected: Trojan.SymbOS.Mosquit.c 1
F:\Application for Cell\ALL GAMES\NEW GAMES NOKIA TYPE\Mosquitos\Mosquitos103.sis Infected: Trojan.SymbOS.Mosquit.c 1
F:\Vista Pack\Transformation Pack.rar Infected: not-a-virus:RiskTool.Win32.CloseApp.a 2
F:\for burnin\LordVieFonts&Icons\Anime_CursorsInstaller.exe Infected: not-a-virus:AdWare.Win32.Comet.u 1
F:\for burnin\LordVieFonts&Icons\Anime_CursorsInstaller.exe Infected: not-a-virus:AdWare.Win32.Comet.d 1

The selected area was scanned.

for RSIT log:
Logfile of random's system information tool 1.04 (written by random/random)
Run by Lord Vie at 2008-12-02 22:26:21
Microsoft Windows XP Professional Service Pack 2
System drive C: has 49 GB (65%) free of 76 GB
Total RAM: 2046 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:26:31 PM, on 12/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wscript.exe
C:\Program Files\VDOTool\TBPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Documents and Settings\Lord Vie\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Lord Vie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.redtube.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.redtube.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = SoWar Browser
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RawOs] wscript.exe "C:\WINDOWS\sowar.vbs"
O4 - HKCU\..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1223290569687
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jd...ows-i586-jc.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

--
End of file - 9823 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{532E6AF1-5B8F-4E42-90A3-885F194A3348}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A263CF7-56A6-4D68-A8CF-345BE45BC911}]
Yahoo! IE Suggest - C:\Program Files\Yahoo!\SearchSuggest\YSearchSuggest.dll [2008-01-15 233472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-13 222448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2007-12-04 79224]
"BigDogPath"=C:\WINDOWS\VM_STI.EXE [2003-01-21 40960]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"RawOs"=wscript.exe C:\WINDOWS\sowar.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TBPanel"=C:\Program Files\VDOTool\TBPanel.exe [2008-06-04 2157096]
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2008-09-19 4347120]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"DownloadAccelerator"=C:\Program Files\DAP\DAP.EXE [2008-09-09 3057152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-10-09 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C43 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [2002-12-10 75776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Documents and Settings\Lord Vie\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=128
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\CSS\hl2.exe"="C:\Program Files\CSS\hl2.exe:*:Enabled:hl2"
"D:\games\C04\iw3mp.exe"="D:\games\C04\iw3mp.exe:*:Enabled:iw3mp"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"D:\Games\Garena\Garena.exe"="D:\Games\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"D:\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Level Up! Games\Grand Chase PH\main.exe"="C:\Level Up! Games\Grand Chase PH\main.exe:*:Enabled:GrandChase"
"D:\Games\e-Games\CABAL Online (PH)\launcher\update\ESTdnheadless.exe"="D:\Games\e-Games\CABAL Online (PH)\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e8aa8df-bafa-11dd-98ca-101111111111}]
shell\AutoRun\command - wscript.exe sowar.vbs
shell\Open\command - wscript.exe sowar.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7136abf0-b955-11dd-98c8-101111111111}]
shell\AutoRun\command - G:\wd_windows_tools\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc92c6f4-b6c5-11dd-98c2-101111111111}]
shell\AutoRun\command - no.com
shell\explore\command - no.com
shell\open\command - no.com


======List of files/folders created in the last 1 months======

2008-12-02 22:26:21 ----D---- C:\rsit
2008-12-01 21:35:21 ----D---- C:\Geekstogo
2008-11-23 19:55:10 ----D---- C:\Program Files\Western Digital Technologies
2008-11-21 21:59:28 ----D---- C:\Documents and Settings\Lord Vie\Application Data\dvdcss
2008-11-21 19:56:55 ----RASH---- C:\WINDOWS\sowar.vbs
2008-11-19 09:05:09 ----D---- C:\Documents and Settings\Lord Vie\Application Data\Help
2008-11-19 07:52:50 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-11-18 00:03:22 ----D---- C:\Documents and Settings\All Users\Application Data\Ascentive
2008-11-17 23:55:49 ----A---- C:\WINDOWS\system32\ascbalon.dll
2008-11-17 23:55:48 ----A---- C:\WINDOWS\system32\CreateLog.dll
2008-11-17 23:55:48 ----A---- C:\WINDOWS\system32\ConTest.dll

======List of files/folders modified in the last 1 months======

2008-12-02 22:26:19 ----D---- C:\WINDOWS\Prefetch
2008-12-02 21:25:09 ----D---- C:\Program Files\Mozilla Firefox
2008-12-02 18:39:26 ----D---- C:\WINDOWS\Temp
2008-12-02 18:35:57 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-02 18:35:55 ----SD---- C:\WINDOWS\Tasks
2008-12-02 18:32:51 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-02 17:51:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-02 17:51:41 ----D---- C:\Documents and Settings\Lord Vie\Application Data\LimeWire
2008-12-01 21:43:42 ----D---- C:\WINDOWS\system32\drivers
2008-12-01 21:43:42 ----D---- C:\WINDOWS\system32
2008-12-01 21:42:09 ----RD---- C:\Program Files
2008-11-30 09:02:40 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-23 21:04:05 ----SD---- C:\Documents and Settings\Lord Vie\Application Data\Microsoft
2008-11-23 21:04:05 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-11-23 19:55:10 ----SHD---- C:\WINDOWS\Installer
2008-11-21 19:56:55 ----D---- C:\WINDOWS
2008-11-18 17:22:33 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-11-17 23:55:47 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-17 22:47:55 ----HD---- C:\WINDOWS\inf
2008-11-14 22:14:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-14 22:14:33 ----D---- C:\Program Files\Common Files\Adobe
2008-11-14 22:14:33 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2007-12-04 26624]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2007-12-04 42912]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2007-12-04 94544]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2007-12-04 23152]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-01-13 12500]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-03-30 230400]
R3 ZSMC301b;ZSMC USB PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-01-07 90527]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2007-12-04 17272]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2007-12-04 140664]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-01-27 106496]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 EPSONStatusAgent2;EPSON Printer Status Agent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2002-07-17 94208]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2007-12-04 247160]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2007-12-04 345464]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-09-13 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------

for the RSIT info:

info.txt logfile of random's system information tool 1.04 2008-12-02 22:26:32

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{0F122737-72B2-4095-8B3E-7AAE753DFD3D}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assassin's Creed-->C:\Program Files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe -runfromtemp -l0x0009 -removeonly
avast! Antivirus-->rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
BlueSoleil-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\setup.exe" -l0x9
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
CABAL Online (PH) 1.0-->D:\Games\e-Games\CABAL Online (PH)\uninst.exe
Counter-Strike Source v1.0.0.22-->"C:\Program Files\CSS\unins000.exe"
Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
Driver: Parallel Lines-->C:\Program Files\InstallShield Installation Information\{31CB0D80-1866-462A-9455-88614410971F}\setup.exe -runfromtemp -l0x0009 -removeonly
EA SPORTS™ NBA LIVE 08-->MsiExec.exe /X{39C8EFBA-042B-11DC-A860-0EE955D89593}
EPSON PhotoQuicker3.4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A793FC6-6DF5-11DD-BB6A-00018021113F}\setup.exe" -l0x9 uninst
EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
ES C43 Problem Solver-->C:\WINDOWS\uninst.exe -f"C:\Program Files\EPSON\PSOLVER\ES C43\E\DeIsL1.isu"
Free PDF to Word Doc Converter v1.1-->"C:\Program Files\Free PDF to Word Doc Converter\unins000.exe"
Garena-->C:\Program Files\InstallShield Installation Information\{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}\setup.exe -runfromtemp -l0x0009 -removeonly
GrandChase-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1FD7E29-0710-40A7-B0D1-A821B89249A1}\Setup.exe"
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Japanese Fonts Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-800000000003}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Learning Essentials for Microsoft Office-->MsiExec.exe /X{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}
LimeWire PRO 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Geekstogo\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Math-->MsiExec.exe /I{07043840-959A-4B0D-8825-2C533F0DDB19}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Student 2007 for Learning Essentials-->RunDll32.exe advpack.dll, LaunchINFSectionEx C:\Program Files\Learning Essentials\1.0\en\US\Microsoft Student 2007\Uninstall\Uninstall.inf,Uninstall,,,N
Microsoft Student with Encarta Premium 2008-->MsiExec.exe /I{08041881-FCA5-44A7-B863-D66037A16AAF}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
Nero 7 Ultra Edition-->MsiExec.exe /I{F14B8ECC-BDA0-4987-9201-D7B7DBE11033}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia PC Connectivity Solution-->MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia PC Suite-->MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
ScanToWeb-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
VDOTool 6.4-->"C:\Program Files\VDOTool\unins000.exe"
VideoLAN VLC media player 0.8.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_62A340731F8930057B44B8864F236850B0D49D65\nokbtmdm.inf
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8 Beta 2-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Suggest Add-on for IE7-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Widgets-->C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe
ZSMC USB PC Camera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\Setup.exe" -l0x9

=====HijackThis Backups=====

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

======Hosts File======

127.0.0.1 mpa.one.microsoft.com

======Security center information======

AV: avast! antivirus 4.7.1098 [VPS 081106-0] (outdated)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------

Hello

Please download the OTMoveIt3 by OldTimer or from here.

• Save it to your desktop.
• Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  CODE
  :Processes
  explorer.exe
  
  :Services
  
  :Reg
  
  :Files
  C:\WINDOWS\sowar.vbs
  C:\WINDOWS\system32\autorun.ini
  D:\Softwares\for windows\iNGEn_XPsp2.exe
  F:\LORD VIE\Limewire Downloads\DAD Limewire Downloads\mp3 doctor serial.wm
  F:\LORD VIE\Limewire Downloads\02 Track 2 (love).wma
  F:\Softwares\Audio Convertion\acw.exe
  F:\Softwares\Ultravnc\Ultravnc_Setup_104RC1.exe
  F:\Softwares\Video Downloader\vdownloader.zip
  F:\Softwares\Video Downloader\vdownloader\VDownloader.exe
  F:\Softwares\Winsock Pocket Editor\wpepro09x.zip
  F:\Application for Cell\ALL GAMES\n gage\N gage games\TONYHAWK\libs\ECom.dll
  F:\Application for Cell\ALL GAMES\n gage\N gage games\CALLOFDUTY\Call_Of_Duty_NGAGE-ENGAGE\Call_Of_Duty_NGAGE-ENGAGE\system\libs\ECOM.DLL
  F:\Application for Cell\ALL GAMES\NEW GAMES NOKIA TYPE\Mosquitos103\Mosquitos103.sis
  F:\Application for Cell\ALL GAMES\NEW GAMES NOKIA TYPE\Mosquitos\Mosquitos103.sis
  F:\Vista Pack\Transformation Pack.rar
  F:\for burnin\LordVieFonts&Icons\Anime_CursorsInstaller.exe
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]
  
  
• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.




Disable resident protections (Antivirus...); you'll re-enable them after the scan

Download Lop S&D < here

Double-click Lop S&D.exe
Choose the language, then choose Option 1 (Search)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)

for OTMoveIt3

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\WINDOWS\sowar.vbs moved successfully.
C:\WINDOWS\system32\autorun.ini moved successfully.
D:\Softwares\for windows\iNGEn_XPsp2.exe moved successfully.
F:\LORD VIE\Limewire Downloads\DAD Limewire Downloads\mp3 doctor serial.wm moved successfully.
F:\LORD VIE\Limewire Downloads\02 Track 2 (love).wma moved successfully.
F:\Softwares\Audio Convertion\acw.exe moved successfully.
F:\Softwares\Ultravnc\Ultravnc_Setup_104RC1.exe moved successfully.
F:\Softwares\Video Downloader\vdownloader.zip moved successfully.
F:\Softwares\Video Downloader\vdownloader\VDownloader.exe moved successfully.
F:\Softwares\Winsock Pocket Editor\wpepro09x.zip moved successfully.
LoadLibrary failed for F:\Application for Cell\ALL GAMES\n gage\N gage games\TONYHAWK\libs\ECom.dll
F:\Application for Cell\ALL GAMES\n gage\N gage games\TONYHAWK\libs\ECom.dll NOT unregistered.
F:\Application for Cell\ALL GAMES\n gage\N gage games\TONYHAWK\libs\ECom.dll moved successfully.
LoadLibrary failed for F:\Application for Cell\ALL GAMES\n gage\N gage games\CALLOFDUTY\Call_Of_Duty_NGAGE-ENGAGE\Call_Of_Duty_NGAGE-ENGAGE\system\libs\ECOM.DLL
F:\Application for Cell\ALL GAMES\n gage\N gage games\CALLOFDUTY\Call_Of_Duty_NGAGE-ENGAGE\Call_Of_Duty_NGAGE-ENGAGE\system\libs\ECOM.DLL NOT unregistered.
F:\Application for Cell\ALL GAMES\n gage\N gage games\CALLOFDUTY\Call_Of_Duty_NGAGE-ENGAGE\Call_Of_Duty_NGAGE-ENGAGE\system\libs\ECOM.DLL moved successfully.
F:\Application for Cell\ALL GAMES\NEW GAMES NOKIA TYPE\Mosquitos103\Mosquitos103.sis moved successfully.
F:\Application for Cell\ALL GAMES\NEW GAMES NOKIA TYPE\Mosquitos\Mosquitos103.sis moved successfully.
F:\Vista Pack\Transformation Pack.rar moved successfully.
F:\for burnin\LordVieFonts&Icons\Anime_CursorsInstaller.exe moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\hsperfdata_Lord Vie\3196 scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\etilqs_bqrocUyodMnSPLvNrcsa scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\Perflib_Perfdata_8fc.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\~DF6CA4.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_684.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_848.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\TMP0000004C5FD53CD421A0CBAA scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 12022008_230810

Files moved on Reboot...
File C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\hsperfdata_Lord Vie\3196 not found!
File C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\etilqs_bqrocUyodMnSPLvNrcsa not found!
File C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\Perflib_Perfdata_8fc.dat not found!
C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp\~DF6CA4.tmp moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_684.dat moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_848.dat moved successfully.
File C:\WINDOWS\temp\TMP0000004C5FD53CD421A0CBAA not found!
C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Lord Vie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9qa1vp5p.default\XUL.mfl moved successfully.

for Lop S&D

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel Pentium III processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Lord Vie ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.7.1098 [VPS 081106-0] 4.7.1098 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:48 Go)
D:\ (Local Disk) - NTFS - Total:74 Go (Free:18 Go)
E:\ (CD or DVD)
F:\ (Local Disk) - FAT32 - Total:111 Go (Free:19 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( Tue 12/02/2008|23:18 )

--------------------\\ Listing folders in APPLIC~1

[10/07/2008|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[11/14/2008|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[09/13/2008|10:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe Systems
[09/08/2008|07:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[11/18/2008|05:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[11/18/2008|12:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ascentive
[10/26/2008|01:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Bluetooth
[10/20/2008|06:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[10/06/2008|07:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[11/23/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
[11/19/2008|07:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Office Genuine Advantage
[09/09/2008|01:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Suite
[09/09/2008|03:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SpeedBit
[12/02/2008|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[09/21/2008|08:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ubisoft
[09/08/2008|08:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[10/06/2008|07:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller
[10/14/2008|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!

[09/07/2008|04:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[09/15/2008|07:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Adobe
[09/15/2008|07:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Macromedia
[09/09/2008|06:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[10/14/2008|06:17] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Adobe
[09/24/2008|10:39] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Ahead
[09/08/2008|07:24] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Apple Computer
[09/09/2008|01:23] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Datalayer
[11/21/2008|09:59] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> dvdcss
[11/19/2008|09:05] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Help
[09/07/2008|04:45] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Identities
[09/07/2008|11:49] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> InstallShield
[12/02/2008|11:18] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> LimeWire
[09/08/2008|12:13] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Macromedia
[10/20/2008|06:31] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Malwarebytes
[11/23/2008|09:04] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Microsoft
[10/22/2008|06:55] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Mozilla
[09/09/2008|01:22] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Nokia
[09/20/2008|04:36] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Opera
[09/09/2008|01:21] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> PC Suite
[09/07/2008|06:58] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> SecuROM
[09/08/2008|07:59] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Sun
[09/27/2008|03:17] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> U3
[09/21/2008|08:42] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Ubisoft
[09/07/2008|05:40] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> vlc
[09/07/2008|11:21] C:\DOCUME~1\LORDVI~1\APPLIC~1\<DIR> Yahoo!

[09/09/2008|03:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[12/02/2008 03:50 PM][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{532E6AF1-5B8F-4E42-90A3-885F194A3348}.job
[12/02/2008 11:14 PM][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[10/07/2008 08:37 AM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/02/2008 11:11 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/23/2001 07:00 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[11/14/2008|10:14] C:\Program Files\<DIR> Adobe
[09/07/2008|05:52] C:\Program Files\<DIR> Alwil Software
[09/07/2008|04:54] C:\Program Files\<DIR> Analog Devices
[09/30/2008|02:05] C:\Program Files\<DIR> Apple Software Update
[09/30/2008|01:58] C:\Program Files\<DIR> Bonjour
[10/16/2008|08:25] C:\Program Files\<DIR> Common Files
[09/07/2008|04:37] C:\Program Files\<DIR> ComPlus Applications
[09/07/2008|06:50] C:\Program Files\<DIR> CSS
[09/09/2008|03:21] C:\Program Files\<DIR> DAP
[09/09/2008|01:21] C:\Program Files\<DIR> DIFX
[09/07/2008|06:59] C:\Program Files\<DIR> EA SPORTS
[09/07/2008|06:20] C:\Program Files\<DIR> EPSON
[10/22/2008|04:44] C:\Program Files\<DIR> ERUNT
[10/26/2008|03:13] C:\Program Files\<DIR> Free PDF to Word Doc Converter
[11/17/2008|11:55] C:\Program Files\<DIR> InstallShield Installation Information
[09/17/2008|05:25] C:\Program Files\<DIR> Internet Explorer
[10/07/2008|10:46] C:\Program Files\<DIR> iPod
[10/07/2008|10:46] C:\Program Files\<DIR> iTunes
[10/26/2008|01:52] C:\Program Files\<DIR> IVT Corporation
[09/08/2008|07:58] C:\Program Files\<DIR> Java
[09/07/2008|05:00] C:\Program Files\<DIR> Learning Essentials
[10/17/2008|10:07] C:\Program Files\<DIR> LimeWire
[10/22/2008|04:44] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[09/07/2008|04:55] C:\Program Files\<DIR> Marvell
[09/07/2008|04:37] C:\Program Files\<DIR> Messenger
[09/07/2008|04:40] C:\Program Files\<DIR> microsoft frontpage
[09/07/2008|05:27] C:\Program Files\<DIR> Microsoft Office
[09/09/2008|05:15] C:\Program Files\<DIR> Microsoft Silverlight
[09/07/2008|05:05] C:\Program Files\<DIR> Microsoft Student
[09/07/2008|05:27] C:\Program Files\<DIR> Microsoft Visual Studio
[09/07/2008|05:22] C:\Program Files\<DIR> Microsoft Visual Studio 8
[09/07/2008|05:28] C:\Program Files\<DIR> Microsoft Works
[09/07/2008|05:27] C:\Program Files\<DIR> Microsoft.NET
[09/07/2008|04:38] C:\Program Files\<DIR> Movie Maker
[12/02/2008|11:12] C:\Program Files\<DIR> Mozilla Firefox
[10/22/2008|04:44] C:\Program Files\<DIR> Mozilla Firefox(2)
[09/07/2008|05:27] C:\Program Files\<DIR> MSBuild
[09/07/2008|04:37] C:\Program Files\<DIR> MSN
[09/07/2008|04:37] C:\Program Files\<DIR> MSN Gaming Zone
[09/07/2008|05:45] C:\Program Files\<DIR> Nero
[09/07/2008|04:38] C:\Program Files\<DIR> NetMeeting
[09/09/2008|01:21] C:\Program Files\<DIR> Nokia
[09/07/2008|04:37] C:\Program Files\<DIR> Online Services
[09/07/2008|04:38] C:\Program Files\<DIR> Outlook Express
[09/30/2008|01:58] C:\Program Files\<DIR> QuickTime
[09/08/2008|07:59] C:\Program Files\<DIR> Sun
[10/20/2008|07:21] C:\Program Files\<DIR> Trend Micro
[09/07/2008|04:45] C:\Program Files\<DIR> Uninstall Information
[09/07/2008|04:51] C:\Program Files\<DIR> VDOTool
[09/07/2008|05:40] C:\Program Files\<DIR> VideoLAN
[09/07/2008|06:24] C:\Program Files\<DIR> Vimicro
[11/23/2008|07:55] C:\Program Files\<DIR> Western Digital Technologies
[09/08/2008|12:23] C:\Program Files\<DIR> Winamp
[09/09/2008|02:45] C:\Program Files\<DIR> Windows Defender
[10/06/2008|07:15] C:\Program Files\<DIR> Windows Live
[09/09/2008|06:08] C:\Program Files\<DIR> Windows Media Connect 2
[09/09/2008|06:08] C:\Program Files\<DIR> Windows Media Player
[09/07/2008|04:37] C:\Program Files\<DIR> Windows NT
[09/07/2008|04:39] C:\Program Files\<DIR> WindowsUpdate
[09/09/2008|03:28] C:\Program Files\<DIR> WinRAR
[09/07/2008|04:40] C:\Program Files\<DIR> xerox
[10/14/2008|02:18] C:\Program Files\<DIR> Yahoo!

--------------------\\ Listing Folders in C:\Program Files\Common Files

[11/14/2008|10:14] C:\Program Files\Common Files\<DIR> Adobe
[09/13/2008|10:13] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
[09/07/2008|05:47] C:\Program Files\Common Files\<DIR> Ahead
[09/30/2008|01:57] C:\Program Files\Common Files\<DIR> Apple
[09/07/2008|05:27] C:\Program Files\Common Files\<DIR> DESIGNER
[09/07/2008|06:19] C:\Program Files\Common Files\<DIR> EPSON
[10/16/2008|08:25] C:\Program Files\Common Files\<DIR> INCA Shared
[09/07/2008|06:20] C:\Program Files\Common Files\<DIR> InstallShield
[09/08/2008|07:47] C:\Program Files\Common Files\<DIR> Java
[10/06/2008|07:15] C:\Program Files\Common Files\<DIR> Microsoft Shared
[09/07/2008|04:38] C:\Program Files\Common Files\<DIR> MSSoap
[09/09/2008|01:21] C:\Program Files\Common Files\<DIR> Nokia
[09/08/2008|12:32] C:\Program Files\Common Files\<DIR> ODBC
[09/09/2008|01:21] C:\Program Files\Common Files\<DIR> PCSuite
[09/07/2008|04:38] C:\Program Files\Common Files\<DIR> Services
[09/08/2008|12:32] C:\Program Files\Common Files\<DIR> SpeechEngines
[09/07/2008|05:22] C:\Program Files\Common Files\<DIR> System
[10/06/2008|07:15] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller

--------------------\\ Process

( 48 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-02 23:19:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections


No other infections found !

[F:5][D:3]-> C:\DOCUME~1\LORDVI~1\LOCALS~1\Temp
[F:29][D:0]-> C:\DOCUME~1\LORDVI~1\Cookies
[F:1390][D:37]-> C:\DOCUME~1\LORDVI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Tue 12/02/2008|23:20 - Option : [1]

--------------------\\ Scan completed at 23:20:17

Hello

Please run the MGA Diagnostic Tool and post back the report it shall produce:

1. Download MGADiag to your desktop.
2. Double-click on MGADiag.exe to launch the program
3. Click "Continue"
4. Ensure that the "Windows" tab is selected (it should be by default).
5. Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
6. Paste the MGA Diagnostic Report back here in your next reply.

for MGAdiag

Diagnostic Report (1.7.0110.1):
-----------------------------------------
WGA Data-->
Validation Status: Genuine
Validation Code: 0
Online Validation Code: N/A
Cached Validation Code: N/A
Windows Product Key: *****-*****-HCTY4-BCMMQ-72R7G
Windows Product Key Hash: +f+Zez+bEP+nXIQr2/p8nzuJE5I=
Windows Product ID: 55274-640-0574381-23129
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.2.0.pro
ID: {3A5CBA1B-C58C-483E-BC9E-7F7A2226EB7E}(3)
Is Admin: Yes
TestCab: 0x0
WGA Version: Registered, 1.7.69.2
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-171-1_E2AD56EA-761-d003_E2AD56EA-762-0_E2AD56EA-134-80004005_E2AD56EA-761-8009_E2AD56EA-762-2efd_E2AD56EA-148-80004005_16E0B333-89-80004005
Resolution Status: N/A

WgaER Data-->
ThreatID(s): N/A
Version: N/A

WGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
WGATray.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-171-1_E2AD56EA-761-d003_E2AD56EA-762-0_E2AD56EA-134-80004005_E2AD56EA-761-8009_E2AD56EA-762-2efd_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1174-80004005_FA827CE6-153-8007007e_FA827CE6-180-8007007e

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{3A5CBA1B-C58C-483E-BC9E-7F7A2226EB7E}</UGUID><Version>1.7.0110.1</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-72R7G</PKey><PID>55274-640-0574381-23129</PID><PIDType>1</PIDType><SID>S-1-5-21-1202660629-562591055-839522115</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>ASUS P5NSLI ACPI BIOS Revision 1502</Version><SMBIOSVersion major="2" minor="4"/><Date>20071204000000.000000+000</Date></BIOS><HWID>847133770184C078</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>China Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><BRT/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>4A06E9BCBCDD586</Val><Hash>wExjrvFq84TK0om3drBViftDefo=</Hash><Pid>89388-707-4896951-65187</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: no
Marker string from BIOS: N/A
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A

You have a pirated Windows, we cant help you here as it is against the rules