I have downloaded and tried so many programs in the last few days I am currently at a loss as to what to do now. I have tried CCleaner both in and not in Safe Mode, ErrorSmart and its adaware program, RegCure, Spybot, SDFix, Malwarebyte's Anti-Malware, and HiJackThis. I have attached the log files from the last three mentioned. I generated this log files by downloading each program, running SDFix and following these instructions:

* Restart your computer
* After hearing your computer beep once during startup, but before the Windows
icon appears, tap the F8 key continually;
* Instead of Windows loading as normal, the Advanced Options Menu should appear;
* Select the first option, to run Windows in Safe Mode, then press Enter.
* Choose your usual account.

* Open the extracted SDFix folder and double click RunThis.cmd to start the script.
* Type Y to begin the cleanup process.
* It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
* Press any Key and it will restart the PC.
* When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load
your desktop icons.
* Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the
forum).
* Finally paste the contents of the SDFix Report.txt back on the forum with a new HijackThis log







NEXT**

Please download Malwarebytes' Anti-Malware to your desktop

Additional Link

* Double-click mbam-setup.exe and follow the prompts to install the program.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* You can also access the log by doing the following:

o Click on the Malwarebytes' Anti-Malware icon to launch the program.
o Click on the Logs tab.
o Click on the log at the bottom of those listed to highlight it.
o Click Open.

Tutorial if needed
http://thespykiller.co.uk/index.php/topic,5946.0.html

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



In your next reply post:
SDFix report.txt
Malwarebytes' Anti-Malware log
New HJT log

What do I do now?

Hello lysistrata7

welcome to geekstogo

firstly, unless i indicate otherwise, could you copy and paste all logs into your reply, dont attach them.

secondly:

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

and could you post a new hijackthis log.

andrewuk

I cannot get ComboFix to run correctly. It pulls up another program (GaussView) which keeps trying to open log files.

try this:

reboot your machine.

delete the version of combofix you have and then:

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3





--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.

• When finished, it will produce a report for you.
• Please post the C:\ComboFix.txt along with a HijackThis log so we can continue cleaning the system.

andrewuk

I rebooted and re-downloaded and re-named ComboFix.exe to Combo-Fix.exe. I had the same problem I mentioned before. Here is my Hijackthis.log file:

ogram Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Novell\ZENworks\nalntsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Novell\ZENworks\Asset Management\bin\CClientSvc.exe
C:\Program Files\Novell\ZENworks\Asset Management\bin\CClient.exe
C:\Program Files\Novell\ZENworks\wm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Novell\GroupWise\grpwise.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {c4bf8900-a18c-42a5-ad9a-fe8018bac0cd} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [dazomojeyi] Rundll32.exe "C:\WINDOWS\system32\wihuwere.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_10.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\TuneCab\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\TuneCab\YouTubeRipper.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} -
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} -
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} -
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} -
O16 - DPF: {A9FDC7FD-FE81-4910-8CF2-FA59EEFE11EC} -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {CAFECAFE-0013-0001-0009-ABCDEFABCDEF} -
O16 - DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} -
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} -
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - McAfee, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Program Files\Novell\ZENworks\nalntsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Novell ZENworks Remote Management Agent (Remote Management Agent) - Novell, Inc. - C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: ZENworks Asset Management - Collection Client (TSCensus Collection Client) - Novell, Inc. - C:\Program Files\Novell\ZENworks\Asset Management\bin\CClientSvc.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe
O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Program Files\Novell\ZENworks\wm.exe

--
End of file - 10439 bytes

ok, lets get a fuller scan and we will go in there in a more manual method:

• Download random's system information tool (RSIT) by random/random from here.
• It is important that is saved to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

The text from these files may exceed the maximum post length for this forum. Hence, you may need to post the information over 2 or more posts.

andrewuk

Here is log.txt:

Logfile of random's system information tool 1.04 (written by random/random)
Run by ALTomlinson at 2008-11-25 18:40:42
Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (18%) free of 49 GB
Total RAM: 2046 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:44 PM, on 11/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Novell\XTAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Novell\ZENworks\nalntsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Novell\ZENworks\Asset Management\bin\CClientSvc.exe
C:\Program Files\Novell\ZENworks\Asset Management\bin\CClient.exe
C:\Program Files\Novell\ZENworks\wm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NWTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Novell\GroupWise\grpwise.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Documents and Settings\ALTomlinson\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\ALTomlinson.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {c4bf8900-a18c-42a5-ad9a-fe8018bac0cd} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [dazomojeyi] Rundll32.exe "C:\WINDOWS\system32\wihuwere.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_10.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\TuneCab\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\TuneCab\YouTubeRipper.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} -
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} -
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} -
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} -
O16 - DPF: {A9FDC7FD-FE81-4910-8CF2-FA59EEFE11EC} -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {CAFECAFE-0013-0001-0009-ABCDEFABCDEF} -
O16 - DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} -
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} -
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Program Files\Novell\ZENworks\nalntsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Novell ZENworks Remote Management Agent (Remote Management Agent) - Novell, Inc. - C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: ZENworks Asset Management - Collection Client (TSCensus Collection Client) - Novell, Inc. - C:\Program Files\Novell\ZENworks\Asset Management\bin\CClientSvc.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe
O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Program Files\Novell\ZENworks\wm.exe

--
End of file - 10085 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Antispyware Scheduled Scan.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\BF6021879953DCF3.job
C:\WINDOWS\tasks\ErrorSmart Scheduled Scan.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-25 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c4bf8900-a18c-42a5-ad9a-fe8018bac0cd}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
SITEguard
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NWTRAY"=C:\WINDOWS\system32\NWTRAY.EXE [2002-03-12 28672]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-28 8429568]
"ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE /STANDALONE []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"AdwareAlert"=C:\Program Files\AdwareAlert\AdwareAlert.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ATI Smart"=2
"Ati HotKey Poller"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NetIdentity Notification]
C:\WINDOWS\system32\Novell\XtNotify.dll [2006-05-02 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{763370C4-268E-4308-A60C-D8DA0342BE32}"=C:\Program Files\Novell\ZENworks\NalShell.dll [2006-06-28 446464]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwv1_0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"CompatibleRUPSecurity"=1
"DontDisplayLastUserName"=0
"LegalNoticeText"=

?
"ShutdownWithoutLogon"=1
"UndockWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpmw32.exe"="C:\WINDOWS\system32\dpmw32.exe:*:Enabled:NDPS RPM & Notification Listener"
"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe"="C:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"C:\Novell\GroupWise\grpwise.exe"="C:\Novell\GroupWise\grpwise.exe:*:Enabled:Novell GroupWise"
"C:\Novell\GroupWise\notify.exe"="C:\Novell\GroupWise\notify.exe:*:Enabled:Novell Notify"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\Documents and Settings\All Users\Application Data\Spadester\spades.exe"="C:\Documents and Settings\All Users\Application Data\Spadester\spades.exe:*:Enabled:spades"
"C:\Program Files\Maple 10\jre\bin\maple.exe"="C:\Program Files\Maple 10\jre\bin\maple.exe:*:Enabled:maple"
"C:\WINDOWS\Temp\hp_webrelease\setup\HPZnet01.exe"="C:\WINDOWS\Temp\hp_webrelease\setup\HPZnet01.exe:*:Enabled:hpznet01.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Program"
"C:\Program Files\Xming\Xming.exe"="C:\Program Files\Xming\Xming.exe:*:Enabled:Xming X Server"
"C:\McGraw-Hill\MH_EZTest\mysql\bin\mysqld.exe"="C:\McGraw-Hill\MH_EZTest\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\McGraw-Hill\MH_EZTest\jre\bin\java.exe"="C:\McGraw-Hill\MH_EZTest\jre\bin\java.exe:*:Enabled:java"
"C:\Program Files\WinSCP\WinSCP.exe"="C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:Windows SFTP, FTP and SCP client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe"="C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe:*:Enabled:SZServer"
"C:\Program Files\Windows Defender\MsMpEng.exe"="C:\Program Files\Windows Defender\MsMpEng.exe:*:Enabled:MsMpEng"
"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe:*:Enabled:AppleMobileDeviceService"
"C:\Program Files\Network Associates\VirusScan\Mcshield.exe"="C:\Program Files\Network Associates\VirusScan\Mcshield.exe:*:Enabled:Mcshield"
"C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe"="C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe:*:Enabled:ZenRem32"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"="C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe:*:Enabled:sqlwriter"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:wuauclt"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.com - open -

======List of files/folders created in the last 1 months======

2008-11-25 18:40:42 ----D---- C:\rsit
2008-11-25 11:11:50 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-11-25 09:43:51 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\WinRAR
2008-11-25 09:31:43 ----D---- C:\WINDOWS\ERUNT
2008-11-25 09:24:05 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-25 09:18:45 ----D---- C:\SDFix
2008-11-25 07:49:25 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-25 07:49:25 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-25 07:49:25 ----A---- C:\WINDOWS\system32\java.exe
2008-11-25 07:49:25 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-25 07:45:08 ----D---- C:\VundoFix Backups
2008-11-25 07:45:08 ----A---- C:\VundoFix.txt
2008-11-25 07:33:01 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\Malwarebytes
2008-11-25 07:32:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-25 07:32:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-25 06:43:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-25 06:10:51 ----SH---- C:\WINDOWS\system32\zagubura.exe
2008-11-24 18:54:18 ----D---- C:\Program Files\Trend Micro
2008-11-24 18:50:28 ----D---- C:\Program Files\Yahoo!
2008-11-24 18:50:22 ----D---- C:\Program Files\CCleaner
2008-11-24 18:21:26 ----D---- C:\32788R22FWJFW
2008-11-24 16:51:54 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\Antispyware
2008-11-24 16:51:49 ----D---- C:\Program Files\Antispyware
2008-11-24 16:20:18 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\ErrorSmart
2008-11-24 07:23:49 ----A---- C:\WINDOWS\wininit.ini
2008-11-24 06:47:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-24 06:47:34 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-24 02:25:59 ----A---- C:\WINDOWS\system32\erumdqyg.exe
2008-11-23 17:26:46 ----D---- C:\Lavasoft Ad-Aware 2008 Pro v7.1.0.10
2008-11-23 13:09:21 ----SHD---- C:\Config.Msi
2008-11-23 12:25:01 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-11-23 12:24:20 ----D---- C:\Program Files\Common Files\iS3
2008-11-23 12:24:19 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-11-22 23:57:10 ----D---- C:\Documents and Settings\All Users\Application Data\Meow Intra Bait Face
2008-11-22 23:56:35 ----D---- C:\Program Files\bleh way
2008-11-22 08:52:53 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\dvdcss
2008-11-21 06:34:28 ----D---- C:\ConverterOutput
2008-11-21 06:34:23 ----A---- C:\avi_log.txt
2008-11-21 06:34:16 ----A---- C:\WINDOWS\system32\TomsMoComp_ff.dll
2008-11-21 06:34:16 ----A---- C:\WINDOWS\system32\libmplayer.dll
2008-11-21 06:34:16 ----A---- C:\WINDOWS\system32\libmpeg2_ff.dll
2008-11-21 06:34:16 ----A---- C:\WINDOWS\system32\libavcodec.dll
2008-11-21 06:34:15 ----D---- C:\Program Files\Cucusoft
2008-11-21 06:31:11 ----D---- C:\converter
2008-11-20 22:35:32 ----A---- C:\WINDOWS\Easy Avi Divx Xvid to DVD Burner.INI
2008-11-20 22:35:28 ----D---- C:\Program Files\Easy Avi Divx Xvid to DVD Burner
2008-11-16 13:39:55 ----A---- C:\Documents and Settings\All Users\Application Data\vlc-0.9.6-win32.exe
2008-11-10 21:31:41 ----D---- C:\Program Files\Microsoft Silverlight
2008-11-06 16:53:30 ----D---- C:\gwarchive
2008-10-28 17:36:00 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2008-10-28 17:36:00 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2008-10-28 17:35:58 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2008-10-28 17:35:58 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2008-10-28 17:35:56 ----A---- C:\WINDOWS\system32\DivX.dll
2008-10-27 20:13:12 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\vlc
2008-10-27 20:12:43 ----D---- C:\Program Files\VideoLAN
2008-10-26 16:09:49 ----D---- C:\Program Files\Microsoft Reader
2008-10-26 16:09:49 ----A---- C:\WINDOWS\DASShp.dll

======List of files/folders modified in the last 1 months======

2008-11-25 15:17:05 ----D---- C:\WINDOWS\Temp
2008-11-25 15:02:41 ----D---- C:\WINDOWS\system32
2008-11-25 15:02:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-25 15:01:35 ----SD---- C:\WINDOWS\Tasks
2008-11-25 15:01:34 ----D---- C:\WINDOWS\Prefetch
2008-11-25 15:00:21 ----A---- C:\WINDOWS\WPCMAPI.INI
2008-11-25 14:59:34 ----D---- C:\Program Files\Mozilla Firefox
2008-11-25 14:59:07 ----HD---- C:\NALCache
2008-11-25 14:58:48 ----D---- C:\WINDOWS
2008-11-25 14:58:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-25 14:58:40 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-11-25 14:58:39 ----D---- C:\WINDOWS\security
2008-11-25 14:58:37 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-25 14:12:19 ----SHD---- C:\WINDOWS\Installer
2008-11-25 14:12:18 ----D---- C:\Program Files\Network Associates
2008-11-25 14:12:18 ----D---- C:\Program Files\Common Files
2008-11-25 14:12:16 ----D---- C:\WINDOWS\system32\drivers
2008-11-25 14:09:06 ----SHD---- C:\System Volume Information
2008-11-25 14:09:06 ----D---- C:\WINDOWS\system32\Restore
2008-11-25 12:57:16 ----HD---- C:\WINDOWS\inf
2008-11-25 12:57:12 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-25 11:11:50 ----D---- C:\WINDOWS\Debug
2008-11-25 10:34:31 ----D---- C:\WINDOWS\Help
2008-11-25 07:51:55 ----RD---- C:\Program Files
2008-11-25 07:48:48 ----D---- C:\Program Files\Java
2008-11-25 07:04:48 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\Move Networks
2008-11-25 06:29:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-24 19:00:45 ----D---- C:\WINDOWS\Minidump
2008-11-24 12:09:11 ----ASH---- C:\WINDOWS\system32\pedisasa.dll
2008-11-24 06:50:59 ----D---- C:\Program Files\Lavasoft
2008-11-24 06:31:38 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\uTorrent
2008-11-23 20:29:59 ----D---- C:\Documents and Settings\All Users\Application Data\Thomson.ResearchSoft.Installers
2008-11-23 17:33:52 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-22 15:16:16 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\EndNote
2008-11-21 20:22:16 ----D---- C:\G03W
2008-11-21 06:58:01 ----D---- C:\Program Files\DivX
2008-11-21 06:57:26 ----RSD---- C:\WINDOWS\Fonts
2008-11-21 06:57:26 ----D---- C:\Program Files\Common Files\AVSMedia
2008-11-06 22:03:31 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\FileZilla
2008-11-06 21:52:26 ----A---- C:\WINDOWS\win.ini
2008-11-06 19:19:35 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\Adobe
2008-11-04 10:35:14 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\Real
2008-10-27 15:21:30 ----D---- C:\Documents and Settings\ALTomlinson\Application Data\U3
2008-10-26 16:11:12 ----SD---- C:\Documents and Settings\ALTomlinson\Application Data\Microsoft
2008-10-26 16:09:49 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-26 16:09:49 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2006-10-23 132736]
R1 IfsDrives;IfsDrives; C:\WINDOWS\system32\DRIVERS\IfsDrives.sys [2004-09-24 4608]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-03-26 36096]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-15 21425]
R2 BlankScr;HBDevice; C:\WINDOWS\system32\drivers\BlankScr.sys [2005-05-23 6899]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NetwareWorkstation;Novell Client for Windows; C:\WINDOWS\system32\NetWare\nwfs.sys [2006-11-09 506159]
R2 NWDHCP;Novell DHCP Inform Client; C:\WINDOWS\system32\NetWare\nwdhcp.sys [2005-11-22 18353]
R2 RESMGR;Novell NetWare Resource Manager; C:\WINDOWS\system32\NetWare\resmgr.sys [2004-06-01 27249]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R2 SRVLOC;Novell Service Location; C:\WINDOWS\system32\NetWare\srvloc.sys [2006-09-25 160209]
R2 WNTHW;WNTHW; \??\C:\WINDOWS\system32\DRIVERS\WNTHW.SYS []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-03-26 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 Darpan;Darpan; C:\WINDOWS\system32\DRIVERS\Darpan.sys [2005-05-23 2773]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [2007-02-23 56576]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-03-26 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-02 989696]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-11-02 209152]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-03-26 12160]
R3 NETw4x32;Intel® Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-02-25 2203520]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-03-26 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-28 6727136]
R3 NWDNS;Novell DNS Name Space Service Provider; C:\WINDOWS\system32\NetWare\nwdns.sys [2006-09-25 43280]
R3 NWHOST;Novell Host File Name Space Service Provider; C:\WINDOWS\system32\NetWare\NWHOST.sys [2005-10-12 9297]
R3 NWSLP;Novell SLP Name Space Service Provider; C:\WINDOWS\system32\NetWare\nwslp.sys [2005-01-03 20332]
R3 NWSNS;Novell Simple Naming Services; C:\WINDOWS\system32\NetWare\NWSNS.sys [2005-10-12 6128]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-02-19 1228296]
R3 TucbDriverV32;TucbDriverV32; C:\WINDOWS\system32\drivers\TucbDriverV32.sys [2008-06-04 508544]
R3 TucbVideo32;TucbVideo32; C:\WINDOWS\system32\DRIVERS\TucbVideo32.sys [2008-06-04 3768]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-10-23 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-02 730112]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S2 NWSIPX32;Novell NetWare IPX/SPX Transport Interface; C:\WINDOWS\system32\NetWare\nwsipx32.sys [2005-10-27 39731]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-07-05 241152]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; C:\WINDOWS\system32\drivers\Ad-Watch Real-Time Scanner.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; C:\WINDOWS\system32\drivers\Ad-Watch Registry Filter.sys []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
S3 catchme;catchme; \??\C:\DOCUME~1\ALTOML~1\LOCALS~1\Temp\catchme.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2007-03-26 145920]
S3 NWSAP;Novell SAP Name Space Provider; C:\WINDOWS\system32\NetWare\NWSAP.sys [2003-02-26 23232]
S3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
S3 usbbus;LGE CDMA Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2005-05-26 21344]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 UsbDiag;LGE CDMA USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2005-05-26 38144]
S3 USBModem;LGE CDMA USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2005-06-24 39036]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-25 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
R2 NALNTSERVICE;Novell Application Launcher; C:\Program Files\Novell\ZENworks\nalntsrv.exe [2006-06-13 113152]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-28 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 Remote Management Agent;Novell ZENworks Remote Management Agent; C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe [2006-05-09 167936]
R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [2007-02-19 90112]
R2 TSCensus Collection Client;ZENworks Asset Management - Collection Client; C:\Program Files\Novell\ZENworks\Asset Management\bin\CClientSvc.exe [2005-04-19 49152]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-02-21 294912]
R2 XTAgent;Novell XTier Agent Services; C:\WINDOWS\System32\Novell\XTAgent.exe [2006-05-02 61440]
R2 ZFDWM;Workstation Manager; C:\Program Files\Novell\ZENworks\wm.exe [2006-06-13 151104]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-08-16 654848]
S2 McAfeeFramework;McAfee Framework Service; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2007-03-27 104000]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 cusrvc;Client Update Service for Novell; C:\WINDOWS\system32\cusrvc.exe [2006-08-11 28672]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SoundMovieServer;SoundMovieServer; C:\WINDOWS\system32\snmvtsvc.exe [2008-06-04 184320]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-07-28 520192]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320]

-----------------EOF-----------------

info.txt:

info.txt logfile of random's system information tool 1.04 2008-11-25 18:40:46

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{329899E1-CBBA-49BC-9FFE-199E94316727}\setup.exe" -l0x9 -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Add or Remove Adobe Creative Suite 3 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\498b43b77cac072081a5692bfc52804\Setup.exe
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe BridgeTalk Plugin CS3-->MsiExec.exe /I{B7F560B3-6EFF-4026-A982-843895A41149}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Creative Suite 3 Design Premium-->MsiExec.exe /I{1BDC1AB0-2677-4593-8F94-329F7CA8F670}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->MsiExec.exe /I{F08E8D2E-F132-4742-9C87-D5FF223A016A}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}
Adobe Setup-->MsiExec.exe /I{C8BA6802-38DA-43F9-8ACB-73161C277C9A}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Version Cue CS3 Server {ko_KR} -->MsiExec.exe /I{1D58229F-C505-45CA-8223-F35F3A34B963}
Adobe WAS CS3-->MsiExec.exe /I{C5BD220A-EFE8-48A5-B70E-9503D535FACE}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AHV content for Acrobat and Flash-->MsiExec.exe /I{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}
Antispyware-->MsiExec.exe /X{02245E4B-7B31-4727-9814-DF760E0E76B1}
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->MsiExec.exe /I{2CA41BA1-9842-4819-8ABB-76FDC14AB9EA}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{7E369B27-13E2-41A5-9879-358EE1C8B5AD}
Canon CanoScan LiDE 600F User Registration-->C:\Program Files\Canon\IJEREG\CanoScan LiDE 600F\UNINST.EXE
Canon CanoScan Toolbox 5.0-->"C:\Program Files\Canon\CanoScan Toolbox Ver5.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\CanoScan Toolbox Ver5.0\uninst.ini
CanoScan LiDE 600F-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802 /L0x0009
Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000f5.inf
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07-->"C:\Program Files\Cucusoft\avi-dvd-pro\unins000.exe"
Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Eraser-->"C:\Program Files\Eraser\unins000.exe"
ffdshow (remove only)-->"C:\Program Files\ffdshow\uninstall.exe"
FileZilla Client 3.1.2-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Gaussian 03W-->C:\WINDOWS\IsUninst.exe -fC:\G03W\Uninst.isu
GaussView 4.1-->c:\g03w\gvw_uninst.exe
GroupWise Internet Browser Mail Integration-->C:\Novell\GroupWise\gwmailto.exe /uninstall
GroupWise Tip of the Day C3PO-->C:\Novell\GroupWise\gwtip.exe /uninstall
GroupWise-->MsiExec.exe /I{97A2FF67-1EB6-483C-A6E6-716D91298763}
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
InstantStorm 1.5-->"C:\Program Files\InstantStorm\unins000.exe"
Intel® Debugger for applications running on IA-32, Version 10.1-->MsiExec.exe /X{EA0735FC-B4FD-4B82-88FD-6779E52B4F87}
Intel® Fortran Compiler for IA-32 applications, Version 10.1.011-->MsiExec.exe /I{E3A70B42-A1F5-4FFE-B37B-99F5327ADCAF}
Intel® Fortran Compiler for Intel® 64 applications, Version 10.1.011-->MsiExec.exe /I{2BF2AE74-3633-481E-8D37-A5F1BA3C0AEA}
Intel® PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
Intel® Visual Fortran Compiler 10.1 Integrations in Microsoft Visual Studio*-->MsiExec.exe /I{023CA5A6-A550-4859-AF7E-723D63A7374D}
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
Java™ 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
LG USB Drivers-->C:\PROGRA~1\LGDRIV~1\LGUSBD~1\UNWISE.EXE C:\PROGRA~1\LGDRIV~1\LGUSBD~1\INSTALL.LOG
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Maple 10-->"C:\Program Files\Maple 10\Uninstall_Maple 10\Uninstall Maple 10.exe"
MathType 6-->"C:\Program Files\MathType\Setup.exe" -R
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
MDL ISIS Draw 2.5 Standalone-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MDL ISIS Draw 2.5\uninst.isu"
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Device Emulator version 1.0 - ENU-->MsiExec.exe /X{78B75C6D-E53C-424C-BF83-4B63BD4A6682}
Microsoft Document Explorer 2005-->C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Image Composer 1.5-->C:\Program Files\Microsoft Image Composer\setup\acmsetup.exe /t setup.stf
Microsoft Office FrontPage 2003-->MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Reader-->RunDll32 C:\PROGRA~1\COMMON~1&