1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive [InActive] Hard drive shrank - possible malware?

Discussion in 'Malware and Virus Removal Archive' started by LiTos456, 2008/11/20.

  1. 2008/11/20
    LiTos456

    LiTos456 Well-Known Member Thread Starter

    Joined:
    2008/02/25
    Messages:
    92
    Likes Received:
    0
    http://www.windowsbbs.com/windows-vista/78858-hard-drive-suddenly-shrinked.html

    That is the original thread about this problem.
    People suggested that I post my RSIT logs here.

    info.txt: http://1191adb.com/info.txt
    log.txt: http://1191adb.com/log.txt

    What basically happened is that my hard drive suddenly ran out of space and currently the free space keeps on varying from 1.16GB to 1.40GB - its strange but I freed up space and the maximum I got to was 1.42 GB but it keeps going back and forth. Go to the link above for more details.
     
    LiTos456,
    #1
  2. 2008/11/20
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    Hi,

    Read this post as indicated at the top of this forum.

     
    Admin.,
    #2


  3. to hide this advert.

  4. 2008/11/20
    LiTos456

    LiTos456 Well-Known Member Thread Starter

    Joined:
    2008/02/25
    Messages:
    92
    Likes Received:
    0
    Alright I'll repost them, i didnt notice the note there and i couldnt post because of the size limitation.
    Heres the info file:

    info.txt logfile of random's system information tool 1.04 2008-11-20 12:11:49

    ======Uninstall list======

    -->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    7-Zip 4.42--> "C:\Program Files\7-Zip\Uninstall.exe "
    Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
    Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
    Adobe After Effects CS3-->C:\Program Files\Common Files\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
    Adobe After Effects CS3-->MsiExec.exe /I{8AF3FB06-BDA3-42A3-995C-308812D2F094}
    Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
    Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge CS3-->MsiExec.exe /I{FABA59CC-347B-478B-B2A7-37BF0885CACB}
    Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe MotionPicture Color Files-->MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
    Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\8d0dc9390f2c596455e1446b5918a40\Setup.exe
    Adobe Photoshop CS3-->MsiExec.exe /I{F32F1F7C-322D-46B9-B69A-5C3EDC88B74C}
    Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
    Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
    Adobe Setup-->MsiExec.exe /I{CBF7A9A4-C0D4-4BA0-8991-C9B7D90A5298}
    Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
    Adobe Stock Photos CS3-->MsiExec.exe /I{73B79E83-490B-460D-B0D6-2C7B73980325}
    Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe Video Profiles-->MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
    Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{51DC4D9C-F729-48A7-9CE0-BC77529ECCA2}
    Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
    Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    AIM 6-->C:\Program Files\AIM6\uninst.exe
    AoA Audio Extractor 1.0--> "C:\Program Files\AoA Audio Extractor\unins000.exe "
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll ",RunSetup
    Call of Duty(R) - World at War(TM) Beta-->C:\Program Files\InstallShield Installation Information\{B7698C49-18E2-458F-87A0-65570B8E02DA}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
    Canon MP160--> "C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160 /L0x0009
    CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
    DeskScapes-->C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\INSTALL.LOG
    DreamMaker-->C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DREAMM~1\INSTALL.LOG
    Far Cry 2--> "C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0009 -removeonly
    FileZilla Client 3.1.5-->C:\Program Files\FileZilla FTP Client\uninstall.exe
    FLV Player 2.0 (build 25)-->C:\Program Files\FLV Player\uninst.exe
    GoldWave v5.25--> "C:\Program Files\GoldWave\unstall.exe" "GoldWave v5.25" "C:\Program Files\GoldWave\unstall.log "
    HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=" "
    ImgBurn (Remove Only)--> "C:\Program Files\ImgBurn\uninstall.exe "
    Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
    K-Lite Codec Pack 3.9.5 (Full)--> "C:\Program Files\K-Lite Codec Pack\unins000.exe "
    LimeWire 4.18.8--> "C:\Program Files\LimeWire\uninstall.exe "
    Messenger Plus! Live--> "C:\Program Files\Messenger Plus! Live\Uninstall.exe "
    Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Expression Web MUI (English)-->MsiExec.exe /X{90120000-0026-0409-0000-0000000FF1CE}
    Microsoft Expression Web Service Pack 1 (SP1)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {9037FDA8-8383-4B6F-859D-D49C3C625225}
    Microsoft Expression Web Service Pack 1 (SP1)-->msiexec /package {90120000-0026-0409-0000-0000000FF1CE} /uninstall {DA3B8FC6-8B1D-447A-A5EE-B226DCC10662}
    Microsoft Expression Web--> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WEBDESIGNER /dll OSETUP.DLL
    Microsoft Expression Web-->MsiExec.exe /X{90120000-0026-0000-0000-0000000FF1CE}
    Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
    Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007--> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mozilla Firefox (2.0.0.18)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
    PowerISO--> "C:\Program Files\PowerISO\uninstall.exe "
    PowerQuest PartitionMagic 8.0 Demo-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
    Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Sony Vegas Pro 8.0-->MsiExec.exe /X{7C9AD221-994C-45B2-B46D-26F5735158CF}
    Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Unity Web Player-->C:\Program Files\Unity\WebPlayer\Uninstall.exe
    Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {51864046-74C8-487B-97CD-6167A4B1DB56}
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
    Update for Microsoft Office PowerPoint 2007 Help (KB957247)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {B20E2C59-EEC5-4102-9E50-5DBB2093C37D}
    Update for Microsoft Office Publisher 2007 Help (KB957249)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4E140A5A-4A90-404A-B955-10C2D98CD3EE}
    Update for Microsoft Office Word 2007 Help (KB957252)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {54DF3345-0720-4224-9740-C7E00303F565}
    Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
    Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb957829)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {07A1F6B6-4F1C-418C-A605-755A121C4A16}
    Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
    Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
    Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
    Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
    Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Windows Mobile Device Center Driver Update-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
    Windows Mobile Device Center-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    Xfire (remove only)--> "C:\Program Files\Xfire\uninst.exe "

    ======Security center information======

    AV: avast! antivirus 4.8.1229 [VPS 081120-0]
    AS: Windows Defender
    AS: avast! antivirus 4.8.1229 [VPS 081120-0]

    ======Environment variables======

    "ComSpec "=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK "=NO
    "OS "=Windows_NT
    "Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
    "PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE "=x86
    "TEMP "=%SystemRoot%\TEMP
    "TMP "=%SystemRoot%\TEMP
    "USERNAME "=SYSTEM
    "windir "=%SystemRoot%
    "PROCESSOR_LEVEL "=6
    "PROCESSOR_IDENTIFIER "=x86 Family 6 Model 15 Stepping 11, GenuineIntel
    "PROCESSOR_REVISION "=0f0b
    "NUMBER_OF_PROCESSORS "=2
    "CLASSPATH "=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA "=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------
     
    LiTos456,
    #3
  5. 2008/11/20
    LiTos456

    LiTos456 Well-Known Member Thread Starter

    Joined:
    2008/02/25
    Messages:
    92
    Likes Received:
    0
    Here's the log file:

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by LiTos at 2008-11-20 12:11:36
    Microsoft® Windows Vista Black Edition™ 2009 Service Pack 1
    System drive C: has 1 GB (5%) free of 26 GB
    Total RAM: 2046 MB (54% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:11:46 PM, on 11/20/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\CtHelper.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Xfire\xfire.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    E:\LiTos\ED\ewido_micro.exe
    E:\LiTos\ED\RSIT.exe
    C:\Program Files\trend micro\LiTos.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [AsioReg] REGSVR32 /S CTASIO.DLL
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
    O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll
    O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

    --
    End of file - 7392 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-23 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-23 34816]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender "=C:\Program Files\Windows Defender\MSASCui.exe [2008-07-17 1008184]
    "AsioReg "=REGSVR32 /S CTASIO.DLL []
    "CTHelper "=C:\Windows\system32\CTHELPER.EXE [2007-04-09 19456]
    "CTxfiHlp "=C:\Windows\system32\CTXFIHLP.EXE [2007-04-09 19968]
    "PWRISOVM.EXE "=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-03-14 233472]
    "avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
    "RtHDVCpl "=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2008-10-13 6335008]
    "Skytel "=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2008-10-13 1833504]
    "SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-10-23 136600]
    "Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-10-07 13584928]
    "NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-10-07 92704]
    "Windows Mobile Device Center "=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
    "QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar "=C:\Program Files\Windows Sidebar\sidebar.exe [2008-07-17 1233920]
    "Aim6 "=C:\Program Files\AIM6\aim6.exe [2008-08-06 50472]
    "WindowsWelcomeCenter "=C:\Windows\system32\oobefldr.dll [2008-07-17 2153472]
    "MsnMsgr "=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
    "Steam "=C:\Program Files\Steam\Steam.exe -silent []
    "ehTray.exe "=C:\Windows\ehome\ehTray.exe [2008-07-17 125952]
    "WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-07-17 202240]

    C:\Users\LiTos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Xfire.lnk - C:\Program Files\Xfire\xfire.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
    Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-07-17 233888]
    Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll [2007-09-05 103848]
    Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopControlPanel.dll [2007-08-21 87488]
    StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [2007-08-21 492992]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1
    "EnableUIADesktopToggle "=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\setup\rsrc\Autorun.exe
    shell\dinstall\command - I:\Directx\dxsetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94a44743-a15c-11dd-b145-806e6f6e6963}]
    shell\AutoRun\command - G:\autorun.exe


    ======File associations======

    .js - open - "F:\Software\Adobe Dreamweaver CS3\Dreamweaver.exe ", "%1 "

    ======List of files/folders created in the last 3 months======

    2008-11-20 12:11:36 ----D---- C:\rsit
    2008-11-20 12:11:36 ----D---- C:\Program Files\trend micro
    2008-11-20 11:52:22 ----A---- C:\Windows\ntbtlog.txt
    2008-11-19 21:35:01 ----D---- C:\Program Files\PowerQuest
    2008-11-19 07:42:56 ----A---- C:\Windows\system32\wups.dll
    2008-11-19 07:42:56 ----A---- C:\Windows\system32\wudriver.dll
    2008-11-19 07:42:56 ----A---- C:\Windows\system32\wuapi.dll
    2008-11-18 07:46:58 ----A---- C:\Windows\system32\wups2.dll
    2008-11-18 07:46:58 ----A---- C:\Windows\system32\wucltux.dll
    2008-11-18 07:46:58 ----A---- C:\Windows\system32\wuaueng.dll
    2008-11-18 07:46:58 ----A---- C:\Windows\system32\wuauclt.exe
    2008-11-18 07:46:38 ----A---- C:\Windows\system32\wuwebv.dll
    2008-11-18 07:46:38 ----A---- C:\Windows\system32\wuapp.exe
    2008-11-17 14:45:57 ----D---- C:\Windows\Minidump
    2008-11-15 17:39:11 ----D---- C:\Users\LiTos\AppData\Roaming\InstallShield Installation Information
    2008-11-15 17:38:56 ----A---- C:\Windows\system32\XAudio2_1.dll
    2008-11-15 17:38:56 ----A---- C:\Windows\system32\XAPOFX1_0.dll
    2008-11-15 17:38:56 ----A---- C:\Windows\system32\xactengine3_1.dll
    2008-11-15 17:38:56 ----A---- C:\Windows\system32\X3DAudio1_4.dll
    2008-11-15 17:38:56 ----A---- C:\Windows\system32\d3dx10_38.dll
    2008-11-15 17:38:56 ----A---- C:\Windows\system32\D3DCompiler_38.dll
    2008-11-15 17:38:55 ----A---- C:\Windows\system32\XAudio2_0.dll
    2008-11-15 17:38:55 ----A---- C:\Windows\system32\xactengine3_0.dll
    2008-11-15 17:38:55 ----A---- C:\Windows\system32\X3DAudio1_3.dll
    2008-11-15 17:38:55 ----A---- C:\Windows\system32\D3DX9_38.dll
    2008-11-15 17:38:54 ----A---- C:\Windows\system32\D3DX9_37.dll
    2008-11-15 17:38:54 ----A---- C:\Windows\system32\d3dx10_37.dll
    2008-11-15 17:38:54 ----A---- C:\Windows\system32\D3DCompiler_37.dll
    2008-11-15 17:38:53 ----A---- C:\Windows\system32\xactengine2_10.dll
    2008-11-15 17:38:53 ----A---- C:\Windows\system32\d3dx10_36.dll
    2008-11-15 17:38:53 ----A---- C:\Windows\system32\D3DCompiler_36.dll
    2008-11-15 17:38:52 ----A---- C:\Windows\system32\d3dx9_36.dll
    2008-11-15 17:38:51 ----A---- C:\Windows\system32\xactengine2_9.dll
    2008-11-15 17:38:51 ----A---- C:\Windows\system32\d3dx10_35.dll
    2008-11-15 17:38:51 ----A---- C:\Windows\system32\D3DCompiler_35.dll
    2008-11-15 17:38:50 ----A---- C:\Windows\system32\xactengine2_8.dll
    2008-11-15 17:38:50 ----A---- C:\Windows\system32\X3DAudio1_2.dll
    2008-11-15 17:38:50 ----A---- C:\Windows\system32\d3dx9_35.dll
    2008-11-15 17:38:49 ----A---- C:\Windows\system32\d3dx9_34.dll
    2008-11-15 17:38:49 ----A---- C:\Windows\system32\d3dx10_34.dll
    2008-11-15 17:38:49 ----A---- C:\Windows\system32\D3DCompiler_34.dll
    2008-11-15 17:38:48 ----A---- C:\Windows\system32\xactengine2_7.dll
    2008-11-15 17:38:47 ----A---- C:\Windows\system32\xactengine2_6.dll
    2008-11-15 17:38:47 ----A---- C:\Windows\system32\xactengine2_5.dll
    2008-11-15 17:38:47 ----A---- C:\Windows\system32\d3dx10.dll
    2008-11-15 17:38:46 ----A---- C:\Windows\system32\xactengine2_4.dll
    2008-11-15 17:38:46 ----A---- C:\Windows\system32\x3daudio1_1.dll
    2008-11-15 17:38:46 ----A---- C:\Windows\system32\d3dx9_32.dll
    2008-11-15 17:38:46 ----A---- C:\Windows\system32\d3dx9_31.dll
    2008-11-15 17:38:45 ----A---- C:\Windows\system32\xinput1_2.dll
    2008-11-15 17:38:45 ----A---- C:\Windows\system32\xinput1_1.dll
    2008-11-15 17:38:45 ----A---- C:\Windows\system32\xactengine2_3.dll
    2008-11-15 17:38:45 ----A---- C:\Windows\system32\xactengine2_2.dll
    2008-11-15 17:38:44 ----A---- C:\Windows\system32\xactengine2_1.dll
    2008-11-15 17:38:38 ----A---- C:\Windows\system32\xactengine2_0.dll
    2008-11-15 17:38:38 ----A---- C:\Windows\system32\x3daudio1_0.dll
    2008-11-15 17:38:38 ----A---- C:\Windows\system32\d3dx9_30.dll
    2008-11-15 17:38:37 ----A---- C:\Windows\system32\d3dx9_29.dll
    2008-11-15 17:38:37 ----A---- C:\Windows\system32\d3dx9_28.dll
    2008-11-15 17:38:36 ----A---- C:\Windows\system32\d3dx9_27.dll
    2008-11-15 17:38:36 ----A---- C:\Windows\system32\d3dx9_26.dll
    2008-11-15 17:38:35 ----A---- C:\Windows\system32\d3dx9_25.dll
    2008-11-15 17:38:35 ----A---- C:\Windows\system32\d3dx9_24.dll
    2008-11-15 17:37:52 ----A---- C:\Windows\system32\xinput1_3.dll
    2008-11-15 17:37:51 ----A---- C:\Windows\system32\d3dx10_33.dll
    2008-11-15 17:37:51 ----A---- C:\Windows\system32\D3DCompiler_33.dll
    2008-11-15 17:37:50 ----A---- C:\Windows\system32\d3dx9_33.dll
    2008-11-15 17:37:28 ----D---- C:\Windows\system32\xlive
    2008-11-15 15:46:05 ----D---- C:\Program Files\Ventrilo
    2008-11-15 15:46:03 ----A---- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
    2008-11-14 19:43:02 ----D---- C:\Program Files\Bonjour
    2008-11-13 21:20:11 ----D---- C:\ProgramData\FLEXnet
    2008-11-13 21:15:16 ----D---- C:\Program Files\Common Files\Macrovision Shared
    2008-11-13 07:51:22 ----A---- C:\Windows\system32\msxml3.dll
    2008-11-13 07:51:19 ----A---- C:\Windows\system32\msxml6.dll
    2008-11-11 11:59:33 ----D---- C:\Program Files\Unity
    2008-11-10 22:11:40 ----D---- C:\Users\LiTos\AppData\Roaming\Toribash
    2008-11-10 22:11:27 ----D---- C:\Games
    2008-11-10 17:24:56 ----D---- C:\Users\LiTos\AppData\Roaming\Publish Providers
    2008-11-10 17:24:34 ----AD---- C:\ProgramData\TEMP
    2008-11-10 17:24:32 ----D---- C:\Users\LiTos\AppData\Roaming\Sony
    2008-11-10 17:17:07 ----D---- C:\Program Files\Vstplugins
    2008-11-10 17:17:00 ----D---- C:\ProgramData\Sony
    2008-11-09 13:42:58 ----D---- C:\ProgramData\Stardock
    2008-11-09 13:42:54 ----D---- C:\Program Files\Stardock
    2008-11-08 16:41:54 ----D---- C:\Users\LiTos\AppData\Roaming\LimeWire
    2008-11-08 16:41:40 ----D---- C:\Program Files\LimeWire
    2008-11-05 21:55:49 ----D---- C:\ProgramData\Messenger Plus!
    2008-11-04 18:37:38 ----D---- C:\Program Files\Common Files\Apple
    2008-11-04 18:37:35 ----D---- C:\ProgramData\Apple Computer
    2008-11-04 18:37:35 ----D---- C:\Program Files\QuickTime
    2008-11-04 18:37:06 ----D---- C:\ProgramData\Apple
    2008-11-04 18:37:06 ----D---- C:\Program Files\Apple Software Update
    2008-11-04 10:40:23 ----D---- C:\Program Files\Messenger Plus! Live
    2008-11-01 13:21:46 ----D---- C:\ProgramData\Windows Genuine Advantage
    2008-10-30 21:10:57 ----D---- C:\Program Files\Common Files\Steam
    2008-10-29 20:37:01 ----D---- C:\Users\LiTos\AppData\Roaming\Ventrilo
    2008-10-29 20:24:22 ----A---- C:\Windows\system32\xfcodec.dll
    2008-10-29 08:05:07 ----A---- C:\Windows\system32\win32spl.dll
    2008-10-28 20:28:59 ----HD---- C:\ProgramData\CanonBJ
    2008-10-28 20:28:47 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
    2008-10-28 20:27:47 ----A---- C:\Windows\system32\CNMLM83.DLL
    2008-10-28 20:27:43 ----A---- C:\Windows\system32\cnco160.dll
    2008-10-28 20:27:43 ----A---- C:\Windows\system32\CNCL160.DLL
    2008-10-28 20:27:43 ----A---- C:\Windows\system32\CNCI160.DLL
    2008-10-28 20:27:43 ----A---- C:\Windows\system32\CNCC160.DLL
    2008-10-28 20:27:38 ----HD---- C:\Program Files\CanonBJ
    2008-10-28 18:32:13 ----D---- C:\Users\LiTos\AppData\Roaming\FileZilla
    2008-10-28 13:43:47 ----A---- C:\Windows\system32\wersvc.dll
    2008-10-28 13:43:47 ----A---- C:\Windows\system32\Faultrep.dll
    2008-10-26 16:14:31 ----D---- C:\Users\LiTos\AppData\Roaming\WinRAR
    2008-10-26 15:42:12 ----A---- C:\Windows\game.ini
    2008-10-23 20:03:46 ----D---- C:\Windows\system32\AGEIA
    2008-10-23 20:03:46 ----D---- C:\Program Files\AGEIA Technologies
    2008-10-23 20:03:35 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-10-23 20:02:31 ----D---- C:\NVIDIA
    2008-10-23 19:44:25 ----D---- C:\Windows\Panther
    2008-10-23 19:44:11 ----RAS---- C:\BOOTSECT.BAK
    2008-10-23 19:44:10 ----SHD---- C:\Boot
    2008-10-23 19:43:47 ----D---- C:\Windows\system32\OEM
    2008-10-23 18:48:07 ----D---- C:\Windows\SoftwareDistribution
    2008-10-23 18:46:45 ----D---- C:\Windows\CSC
    2008-10-23 18:44:57 ----SHD---- C:\System Volume Information
    2008-10-23 18:27:07 ----RHD---- C:\Users\LiTos\AppData\Roaming\SecuROM
    2008-10-23 18:18:50 ----D---- C:\Program Files\Microsoft Expression
    2008-10-23 18:10:09 ----D---- C:\Program Files\Microsoft Works
    2008-10-23 18:09:40 ----D---- C:\Program Files\Microsoft Visual Studio
    2008-10-23 18:09:39 ----D---- C:\Program Files\Common Files\DESIGNER
    2008-10-23 18:08:59 ----D---- C:\Windows\PCHEALTH
    2008-10-23 18:08:59 ----D---- C:\Program Files\Microsoft.NET
    2008-10-23 18:07:10 ----D---- C:\Program Files\Microsoft Visual Studio 8
    2008-10-23 18:06:13 ----A---- C:\Windows\system32\infocardapi.dll
    2008-10-23 18:06:12 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2008-10-23 18:06:12 ----A---- C:\Windows\system32\icardres.dll
    2008-10-23 18:06:12 ----A---- C:\Windows\system32\icardagt.exe
    2008-10-23 18:06:11 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2008-10-23 18:06:06 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2008-10-23 18:06:03 ----A---- C:\Windows\system32\PresentationHost.exe
    2008-10-23 18:05:44 ----D---- C:\Program Files\Microsoft Office
    2008-10-23 18:05:43 ----D---- C:\ProgramData\Microsoft Help
    2008-10-23 18:04:33 ----RHD---- C:\MSOCache
    2008-10-23 18:03:36 ----A---- C:\Windows\MS Office 2007 Pro Plus & Expression Web.INI
    2008-10-23 17:58:28 ----D---- C:\Program Files\Common Files\Adobe AIR
    2008-10-23 17:57:52 ----A---- C:\Windows\system32\dfshim.dll
    2008-10-23 17:57:49 ----A---- C:\Windows\system32\netfxperf.dll
    2008-10-23 17:57:49 ----A---- C:\Windows\system32\mscoree.dll
    2008-10-23 17:57:42 ----A---- C:\Windows\system32\mscorier.dll
    2008-10-23 17:57:37 ----A---- C:\Windows\system32\mscories.dll
    2008-10-23 17:57:07 ----D---- C:\ProgramData\Adobe
    2008-10-23 17:56:52 ----D---- C:\Program Files\Common Files\Adobe
    2008-10-23 17:56:52 ----D---- C:\Program Files\Adobe
    2008-10-23 17:53:48 ----D---- C:\Program Files\WinRAR
    2008-10-23 17:53:03 ----D---- C:\Program Files\GoldWave
    2008-10-23 17:52:50 ----D---- C:\Program Files\FileZilla FTP Client
    2008-10-23 17:50:28 ----D---- C:\Program Files\FLV Player
    2008-10-23 17:50:11 ----D---- C:\Program Files\AoA Audio Extractor
    2008-10-23 17:47:01 ----D---- C:\Users\LiTos\AppData\Roaming\Xfire
    2008-10-23 17:47:00 ----D---- C:\ProgramData\Xfire
    2008-10-23 17:46:59 ----D---- C:\Program Files\Xfire
    2008-10-23 17:46:35 ----D---- C:\Program Files\uTorrent
    2008-10-23 17:46:31 ----D---- C:\Users\LiTos\AppData\Roaming\uTorrent
    2008-10-23 17:45:28 ----A---- C:\Windows\system32\javaws.exe
    2008-10-23 17:45:28 ----A---- C:\Windows\system32\javaw.exe
    2008-10-23 17:45:28 ----A---- C:\Windows\system32\java.exe
    2008-10-23 17:45:28 ----A---- C:\Windows\system32\deploytk.dll
    2008-10-23 17:45:12 ----D---- C:\Program Files\Java
    2008-10-23 17:44:13 ----A---- C:\Windows\system32\CmdLineExt.dll
    2008-10-23 17:43:34 ----D---- C:\Windows\system32\Adobe
    2008-10-23 17:41:51 ----A---- C:\Windows\system32\PnkBstrB.exe
    2008-10-23 17:41:49 ----A---- C:\Windows\system32\PnkBstrA.exe
    2008-10-23 17:41:48 ----A---- C:\Windows\system32\pbsvc.exe
    2008-10-23 17:23:01 ----D---- C:\Windows\system32\RTCOM
    2008-10-23 17:22:46 ----A---- C:\Windows\DIFxAPI.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\WavesLib.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\SRSWOW.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\SRSTSXT.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\SRSTSHD.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\SRSHP360.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\RtkPgExt.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\RtkCoInst.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\RtkApoApi.dll
    2008-10-23 17:22:45 ----A---- C:\Windows\system32\RtkAPO.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\ppChain.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\FMAPO.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\DaisyWrp.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\ctppld.dll
    2008-10-23 17:22:44 ----A---- C:\Windows\system32\AERTARen.dll
    2008-10-23 17:22:43 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-23 17:22:43 ----D---- C:\Program Files\Realtek
    2008-10-23 17:22:43 ----A---- C:\Windows\system32\AERTACap.dll
    2008-10-23 17:22:42 ----HD---- C:\Program Files\Temp
    2008-10-23 17:22:41 ----A---- C:\Windows\RtlExUpd.dll
    2008-10-23 17:22:39 ----D---- C:\Program Files\Common Files\InstallShield
    2008-10-23 17:12:03 ----A---- C:\Windows\system32\MSVCP71.dll
    2008-10-23 17:12:03 ----A---- C:\Windows\system32\MFC71.dll
    2008-10-23 17:12:03 ----A---- C:\Windows\system32\aswBoot.exe
    2008-10-23 17:11:59 ----D---- C:\Program Files\Alwil Software
    2008-10-23 16:52:52 ----A---- C:\Windows\system32\XAudio2_2.dll
    2008-10-23 16:52:52 ----A---- C:\Windows\system32\XAPOFX1_1.dll
    2008-10-23 16:52:52 ----A---- C:\Windows\system32\xactengine3_2.dll
    2008-10-23 16:52:52 ----A---- C:\Windows\system32\D3DCompiler_39.dll
    2008-10-23 16:52:51 ----A---- C:\Windows\system32\D3DX9_39.dll
    2008-10-23 16:52:51 ----A---- C:\Windows\system32\d3dx10_39.dll
    2008-10-23 16:51:20 ----D---- C:\Windows\system32\directx
    2008-10-23 16:41:09 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-10-23 16:40:57 ----D---- C:\Program Files\Windows Live
    2008-10-23 16:40:45 ----D---- C:\ProgramData\WLInstaller
    2008-10-23 16:40:26 ----D---- C:\Users\LiTos\AppData\Roaming\acccore
    2008-10-23 16:40:11 ----D---- C:\ProgramData\Viewpoint
    2008-10-23 16:40:11 ----D---- C:\ProgramData\acccore
    2008-10-23 16:40:11 ----D---- C:\Program Files\Viewpoint
    2008-10-23 16:40:07 ----D---- C:\ProgramData\AOL OCP
    2008-10-23 16:40:07 ----D---- C:\ProgramData\AOL
    2008-10-23 16:39:58 ----D---- C:\Program Files\Common Files\AOL
    2008-10-23 16:39:45 ----D---- C:\Program Files\AIM6
    2008-10-23 16:26:03 ----D---- C:\Users\LiTos\AppData\Roaming\Macromedia
    2008-10-23 16:26:03 ----D---- C:\Users\LiTos\AppData\Roaming\Adobe
    2008-10-23 16:16:59 ----SHD---- C:\Windows\Installer
    2008-10-23 16:15:57 ----D---- C:\Program Files\PowerISO
    2008-10-23 16:11:39 ----A---- C:\Windows\system32\tzres.dll
    2008-10-23 16:10:41 ----A---- C:\Windows\system32\msshooks.dll
    2008-10-23 16:10:41 ----A---- C:\Windows\system32\msscb.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\xmlfilter.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\wsepno.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\thawbrkr.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\srchadmin.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\rtffilt.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\propsys.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\propdefs.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\offfilt.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\nlhtml.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\msstrc.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\mssprxy.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\mssitlb.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\msshsq.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\msscntrs.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\mimefilt.dll
    2008-10-23 16:10:40 ----A---- C:\Windows\system32\korwbrkr.dll
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\tquery.dll
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\SearchIndexer.exe
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\mssvp.dll
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\mssrch.dll
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\mssphtb.dll
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\mssph.dll
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\chtbrkr.dll
    2008-10-23 16:10:39 ----A---- C:\Windows\system32\chsbrkr.dll
    2008-10-23 16:09:39 ----A---- C:\Windows\system32\wrap_oal.dll
    2008-10-23 16:09:39 ----A---- C:\Windows\system32\OpenAL32.dll
    2008-10-23 16:09:39 ----A---- C:\Windows\system32\cttele.dll
    2008-10-23 16:09:13 ----D---- C:\Windows\system32\data
    2008-10-23 16:07:52 ----D---- C:\Users\LiTos\AppData\Roaming\Mozilla
    2008-10-23 16:06:39 ----A---- C:\Windows\system32\NlsLexicons0007.dll
    2008-10-23 16:06:36 ----A---- C:\Windows\system32\NlsLexicons0009.dll
    2008-10-23 16:06:31 ----A---- C:\Windows\system32\NaturalLanguage6.dll
    2008-10-23 16:06:03 ----A---- C:\Windows\system32\kd1394.dll
    2008-10-23 16:06:02 ----A---- C:\Windows\system32\winresume.exe
    2008-10-23 16:06:02 ----A---- C:\Windows\system32\winload.exe
    2008-10-23 16:06:02 ----A---- C:\Windows\system32\ci.dll
    2008-10-23 16:06:01 ----A---- C:\Windows\system32\srdelayed.exe
    2008-10-23 16:06:01 ----A---- C:\Windows\system32\srcore.dll
    2008-10-23 16:06:01 ----A---- C:\Windows\system32\srclient.dll
    2008-10-23 16:06:01 ----A---- C:\Windows\system32\setbcdlocale.dll
    2008-10-23 16:06:01 ----A---- C:\Windows\system32\rstrui.exe
    2008-10-23 16:06:01 ----A---- C:\Windows\system32\kbd106n.dll
    2008-10-23 16:05:53 ----A---- C:\Windows\system32\EncDec.dll
    2008-10-23 16:05:52 ----A---- C:\Windows\system32\psisdecd.dll
    2008-10-23 16:05:48 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-10-23 16:05:48 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-10-23 16:05:17 ----A---- C:\Windows\system32\shell32.dll
    2008-10-23 16:05:11 ----A---- C:\Windows\system32\IPSECSVC.DLL
    2008-10-23 16:05:11 ----A---- C:\Windows\system32\es.dll
    2008-10-23 16:05:10 ----A---- C:\Windows\system32\wmpeffects.dll
    2008-10-23 16:04:45 ----D---- C:\ProgramData\NVIDIA
    2008-10-23 16:04:26 ----D---- C:\Users\LiTos\AppData\Roaming\Identities
    2008-10-23 16:04:17 ----D---- C:\Windows\system32\Macromed
    2008-10-23 16:04:17 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-23 16:03:56 ----A---- C:\Windows\system32\quartz.dll
    2008-10-23 16:03:29 ----A---- C:\Windows\system32\ntoskrnl.exe
    2008-10-23 16:03:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2008-10-23 16:03:28 ----A---- C:\Windows\system32\emdmgmt.dll
    2008-10-23 16:03:28 ----A---- C:\Windows\system32\dataclen.dll
    2008-10-23 16:03:28 ----A---- C:\Windows\system32\cdd.dll
    2008-10-23 16:03:26 ----A---- C:\Windows\system32\wshext.dll
    2008-10-23 16:03:26 ----A---- C:\Windows\system32\wscript.exe
    2008-10-23 16:03:26 ----A---- C:\Windows\system32\vbscript.dll
    2008-10-23 16:03:26 ----A---- C:\Windows\system32\scrrun.dll
    2008-10-23 16:03:26 ----A---- C:\Windows\system32\scrobj.dll
    2008-10-23 16:03:26 ----A---- C:\Windows\system32\jscript.dll
    2008-10-23 16:03:26 ----A---- C:\Windows\system32\cscript.exe
    2008-10-23 16:03:19 ----A---- C:\Windows\system32\inetcomm.dll
    2008-10-23 16:03:15 ----A---- C:\Windows\system32\gdi32.dll
    2008-10-23 16:03:14 ----A---- C:\Windows\system32\mshtml.dll
    2008-10-23 16:03:13 ----A---- C:\Windows\system32\wininet.dll
    2008-10-23 16:03:13 ----A---- C:\Windows\system32\urlmon.dll
    2008-10-23 16:03:13 ----A---- C:\Windows\system32\ieframe.dll
    2008-10-23 16:03:12 ----A---- C:\Windows\system32\mstime.dll
    2008-10-23 16:03:12 ----A---- C:\Windows\system32\jsproxy.dll
    2008-10-23 16:03:12 ----A---- C:\Windows\system32\iertutil.dll
    2008-10-23 16:00:16 ----A---- C:\Windows\system32\unrar.dll
    2008-10-23 16:00:16 ----A---- C:\Windows\system32\lameACM.acm.bak
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\yv12vfw.dll
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\xvidvfw.dll
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\xvidcore.dll
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\qt-dx331.dll
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\ff_vfw.dll
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\dpl100.dll
    2008-10-23 16:00:15 ----A---- C:\Windows\system32\divx.dll
    2008-10-23 16:00:14 ----A---- C:\Windows\system32\msvcr71.dll
    2008-10-23 16:00:13 ----D---- C:\Program Files\K-Lite Codec Pack
    2008-10-23 16:00:12 ----D---- C:\Program Files\Utilities
    2008-10-23 16:00:12 ----D---- C:\Program Files\CCleaner
    2008-10-23 16:00:11 ----D---- C:\Program Files\ImgBurn
    2008-10-23 16:00:11 ----D---- C:\Program Files\7-Zip
    2008-10-23 16:00:05 ----SD---- C:\Users\LiTos\AppData\Roaming\Microsoft
    2008-10-23 16:00:05 ----D---- C:\Users\LiTos\AppData\Roaming\Media Center Programs
    2008-10-23 15:58:05 ----A---- C:\Windows\system32\netapi32.dll
    2008-10-23 15:54:30 ----D---- C:\Windows\Debug
    2008-10-23 15:48:42 ----A---- C:\Windows\system32\nvuninst.exe
    2008-10-23 15:48:42 ----A---- C:\Windows\system32\nvexpbar.dll
    2008-10-23 15:48:42 ----A---- C:\Windows\system32\nvcplui.exe
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvwss.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvwgf2um.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvvsvc.exe
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvvitvs.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvudisp.exe
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvsvsr.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvsvs.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvoglv32.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvmobls.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvmccss.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvmccsrs.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvmccs.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvgames.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvdisps.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvcuda.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvcolor.exe
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvcodhins.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvcodh.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvcod134.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvcod.dll
    2008-09-04 08:31:16 ----A---- C:\Windows\system32\PhysXCplUI.exe
    2008-08-29 07:57:16 ----A---- C:\Windows\system32\PhysXLoader.dll

    ======List of files/folders modified in the last 3 months======

    2008-11-20 12:11:39 ----D---- C:\Windows\Temp
    2008-11-20 12:11:36 ----RD---- C:\Program Files
    2008-11-20 12:04:32 ----D---- C:\Windows\System32
    2008-11-20 12:04:32 ----D---- C:\Windows\inf
    2008-11-20 12:04:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-11-20 11:52:22 ----D---- C:\Windows
    2008-11-19 21:35:02 ----D---- C:\Windows\system32\drivers
    2008-11-19 21:24:12 ----D---- C:\Windows\Prefetch
    2008-11-19 21:23:59 ----SD---- C:\ProgramData\Microsoft
    2008-11-19 20:38:33 ----D---- C:\Windows\rescache
    2008-11-19 20:21:12 ----D---- C:\Windows\system32\en-US
    2008-11-19 20:19:59 ----D---- C:\Windows\winsxs
    2008-11-19 07:43:12 ----D---- C:\Windows\system32\catroot2
    2008-11-19 07:43:12 ----D---- C:\Windows\system32\catroot
    2008-11-18 07:47:24 ----D---- C:\Windows\PolicyDefinitions
    2008-11-15 17:38:44 ----RSD---- C:\Windows\assembly
    2008-11-14 19:40:30 ----RSD---- C:\Windows\Fonts
    2008-11-13 21:20:11 ----HD---- C:\ProgramData
    2008-11-13 21:15:16 ----D---- C:\Program Files\Common Files
    2008-11-08 14:18:20 ----D---- C:\Windows\system32\NDF
    2008-11-08 12:06:22 ----RD---- C:\Users
    2008-11-08 12:02:21 ----HD---- C:\Windows\system32\GroupPolicy
    2008-11-04 18:38:04 ----D---- C:\Program Files\Internet Explorer
    2008-11-03 19:10:25 ----A---- C:\Windows\system32\mrt.exe
    2008-11-01 13:26:08 ----D---- C:\Windows\system32\LogFiles
    2008-11-01 13:26:02 ----D---- C:\Windows\WindowsMobile
    2008-10-29 07:24:50 ----SHD---- C:\$Recycle.Bin
    2008-10-28 20:29:57 ----RSD---- C:\Windows\Media
    2008-10-28 20:29:44 ----D---- C:\Windows\system32\FxsTmp
    2008-10-28 20:28:47 ----D---- C:\Windows\twain_32
    2008-10-27 19:55:35 ----D---- C:\Windows\system32\WDI
    2008-10-27 15:14:41 ----D---- C:\Windows\Microsoft.NET
    2008-10-27 06:56:32 ----A---- C:\Windows\win.ini
    2008-10-27 06:55:40 ----D---- C:\Program Files\Common Files\microsoft shared
    2008-10-23 21:01:23 ----D---- C:\Windows\Logs
    2008-10-23 18:45:01 ----D---- C:\Windows\system32\config
    2008-10-23 18:21:32 ----D---- C:\Windows\system32\XPSViewer
    2008-10-23 18:21:32 ----D---- C:\Windows\system32\wbem
    2008-10-23 18:09:54 ----D---- C:\Program Files\MSBuild
    2008-10-23 18:09:36 ----D---- C:\Windows\ShellNew
    2008-10-23 18:06:50 ----D---- C:\Program Files\Common Files\System
    2008-10-23 17:24:10 ----D---- C:\Windows\system32\Boot
    2008-10-23 17:02:00 ----D---- C:\Windows\ehome
    2008-10-23 17:02:00 ----D---- C:\Windows\AppPatch
    2008-10-23 17:02:00 ----D---- C:\Program Files\Windows Mail
    2008-10-23 17:01:59 ----D---- C:\Windows\system32\migration
    2008-10-23 16:40:07 ----SD---- C:\Windows\Downloaded Program Files
    2008-10-23 16:17:11 ----D---- C:\Windows\system
    2008-10-23 16:09:33 ----D---- C:\Windows\system32\CodeIntegrity
    2008-10-23 16:06:45 ----D---- C:\Windows\system32\restore
    2008-10-23 16:00:12 ----SD---- C:\Windows\system32\Microsoft
    2008-10-23 15:51:57 ----ASH---- C:\Program Files\desktop.ini
    2008-10-23 15:48:41 ----D---- C:\Windows\Help
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvsvc.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvmctray.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvd3dum.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvcpl.dll
    2008-10-07 12:33:00 ----A---- C:\Windows\system32\nvapi.dll
    2008-09-10 16:39:20 ----A---- C:\Windows\system32\CTAPO32.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
    R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
    R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-07-17 350720]
    R1 PQNTDrv;PQNTDrv; C:\Windows\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 46652]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
    R3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-18 98600]
    R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 520488]
    R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 14632]
    R3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-12 560384]
    R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 157480]
    R3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2008-07-17 159744]
    R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 92968]
    R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-10-13 2176856]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-10-07 7380896]
    R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 126760]
    S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-12 164608]
    S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 511272]
    S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-12 546048]
    S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-12 168192]
    S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-12 280320]
    S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-12 128768]
    S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-12 323328]
    S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-12 94976]
    S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-12 1317632]
    S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-12 66816]
    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-07-17 5632]
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-07-17 8192]
    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-07-17 5888]
    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-07-17 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-07-17 6016]
    S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2008-07-17 7680]
    S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-07-17 35328]
    S3 WINUSB;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-07-17 31616]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-07-17 83328]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-07-17 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-07-17 386616]
    S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-07-17 11264]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
    R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-07-17 21504]
    R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-07-17 21504]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-07 203296]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-10-23 66872]
    R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-07-17 21504]
    R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
    R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-07-17 21504]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
    R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-07-17 21504]
    R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-07-17 21504]
    S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-07-17 523776]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-13 654848]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-11-16 104944]
    S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-07-17 917504]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
     
    LiTos456,
    #4
  6. 2008/11/20
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    Thanks. A Malware Analyst will take a look at your post in turn.
     
    Admin.,
    #5
  7. 2008/11/20
    LiTos456

    LiTos456 Well-Known Member Thread Starter

    Joined:
    2008/02/25
    Messages:
    92
    Likes Received:
    0
    Well this is funny but i turned off system restore and im back to 2 gb. it actually worked...all i needed it a little different google wording sequence...sorry guys. Check the logs though still, maybe theres somehting i need to know. i removed 2 viruses and 1 trojan and a lot of tracking cookies as it is today already!

    edit again: the memory did free up but it DOES slowly keep going down. IT was at 2.06 GB before now its at 2.02. So im still concerned...so this isnt a false alarm.
     
    Last edited: 2008/11/20
    LiTos456,
    #6
  8. 2008/11/20
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    That small amount of free space will fill up rather quickly ....... system restore points, temp files, temporary internet files, recent file shortcut, etc. The drive needs room to breathe ..... 15% of drive capacity recommended minimum. What is your drive configuration, eg; single partition or multiple partitions?
     
    noahdfear,
    #7
  9. 2008/11/21
    LiTos456

    LiTos456 Well-Known Member Thread Starter

    Joined:
    2008/02/25
    Messages:
    92
    Likes Received:
    0
    got 2 drives with 2 partitions each, the system partition is 25 gb total the other one is 200 something. it wont let me extend the system partition though.
     
    LiTos456,
    #8
  10. 2008/11/22
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    You need to try and free up more space on the partition you have Windows installed on. Move music, videos, documents, pictures, etc.
     
    noahdfear,
    #9
  11. 2008/11/22
    LiTos456

    LiTos456 Well-Known Member Thread Starter

    Joined:
    2008/02/25
    Messages:
    92
    Likes Received:
    0
    all i have there is windows itself and some programs. all my music and everything else is on another partition.
     
    LiTos456,
    #10
  12. 2008/11/22
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Windows takes approximately 8 GB, give or take a couple. The list of installed programs doesn't appear to be enough to use up another 14-17 GB either. Suggest you grab an app that shows where the space is being used. SpaceMonger is lightweight and should be helpful (check the FAQ before deciding which version to get).
     
    noahdfear,
    #11
  13. 2008/11/22
    LiTos456

    LiTos456 Well-Known Member Thread Starter

    Joined:
    2008/02/25
    Messages:
    92
    Likes Received:
    0
    Ok thanks, my windows is like more than 10 gb i think though.
     
    LiTos456,
    #12

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...