Ok Ken here it all is, I was very surprised to see so many viruses in my system.
OTMoveit2 log
C:\Program Files\Paltalk Messenger\ReceivedFiles moved successfully.
C:\Program Files\Paltalk Messenger moved successfully.
File/Folder C:\Program Files\gtfadkd not found.
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 10042008_165958
Malwarebytes' Anti-Malware 1.28
Database version: 1228
Windows 5.0.2195 Service Pack 4
10/4/2008 07:20:45 PM
mbam-log-2008-10-04 (19-20-45).txt
Scan type: Full Scan (C:\|)
Objects scanned: 130777
Time elapsed: 1 hour(s), 38 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 24
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 24
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINNT\system32\xxyyxvsq.dll (Trojan.Vundo.H) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ce911cd-d3b9-4bbd-80da-29c07b75af8f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{3ce911cd-d3b9-4bbd-80da-29c07b75af8f} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6AF517FA-FCCC-CF95-697F-06F3DF06BAFE} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerconfig.application (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0656a137-b161-cadd-9777-e37a75727e78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0b682cc1-fb40-4006-a5dd-99edd3c9095d} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{000000da-0786-4633-87c6-1aa7a4429ef1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54645654-2225-4455-44a1-9f4543d34545} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\sysadmapi (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\winnt\system32\xxyyxvsq -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\winnt\system32\xxyyxvsq -> Delete on reboot.
Folders Infected:
C:\Documents and Settings\All Users\Application Data\Starware322 (Adware.Starware) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\contexts (Adware.Starware) -> Quarantined and deleted successfully.
Files Infected:
C:\WINNT\system32\xxyyxvsq.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINNT\system32\qsvxyyxx.ini (Trojan.Vundo.H) -> Delete on reboot.
C:\WINNT\system32\qsvxyyxx.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Program Files\gtfadkd\SysAdmApi.dll (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\WINNT\system32\lqcxha.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINNT\system32\tynwmxfj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\WeatherHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\contexts\related.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Starware322\contexts\travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
C:\WINNT\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
Logfile of random's system information tool 1.04 (written by random/random)
Run by Administrator at 2008-10-04 23:20:42
Microsoft Windows 2000 Professional Service Pack 4
System drive C: has 37 GB (48%) free of 76 GB
Total RAM: 255 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:49 PM, on 10/4/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINNT\System32\cisvc.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINNT\System32\cidaemon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\AOL\1120192234\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\AOL 9.1\shellmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net./aR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: {d823e0e8-4ea3-0da9-09f4-c5b95817c460} - {064c7185-9b5c-4f90-9ad0-3ae48e0e328d} - (no file)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: QXK Olive - {5373F982-BD5C-4F9E-9484-424CA8587F73} - C:\WINNT\vmgspntbgns.dll (file missing)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1120192234\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer4_in_1] "C:\Program Files\Lexmark 4200 Series\Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.0\masqform.exe -UpdateCurrentUser
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O4 - HKUS\.DEFAULT\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} -
http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} -
http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} -
http://online.comcast.net/help/ (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O15 - Trusted Zone:
http://*.mcafee.comO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 8316102986O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://gamesoduser.comcast.net/classes/ExentCtl.ocxO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 5336649258O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://download.macromedia.com/pub/sho ... wflash.cabO23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
--
End of file - 9152 bytes
======Scheduled tasks folder======
C:\WINNT\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{064c7185-9b5c-4f90-9ad0-3ae48e0e328d}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{243B17DE-77C7-46BF-B94B-0B5F309A0E64}]
C:\Program Files\Microsoft Money\System\mnyside.dll [2002-07-17 163906]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5373F982-BD5C-4F9E-9484-424CA8587F73}]
QXK Olive - C:\WINNT\vmgspntbgns.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65D886A2-7CA7-479B-BB95-14D1EFB7946A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
UrlHelper Class - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINNT\System32\msdxm.ocx [2005-03-31 844560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=mobsync.exe /logon []
"NvCplDaemon"=C:\WINNT\system32\NvCpl.dll [2003-07-28 4841472]
"nwiz"=nwiz.exe /install []
"HostManager"=C:\Program Files\Common Files\AOL\1120192234\ee\AOLSoftware.exe [2007-05-25 42032]
"AOLDialer"=C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [2006-10-23 71216]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-06-30 98304]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"tgcmd"=C:\Program Files\Support.com\bin\tgcmd.exe [2007-03-07 1773568]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-05-18 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2005-01-12 241664]
"FaxCenterServer4_in_1"=C:\Program Files\Lexmark 4200 Series\Fax\fm3032.exe [2004-01-22 151552]
"McAfee Backup"=C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe [2007-01-16 4838952]
"MBkLogOnHook"=C:\Program Files\McAfee\MBK\LogOnHook.exe [2007-01-08 20480]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-02-18 185632]
"masqform.exe"=C:\Program Files\PureEdge\Viewer 6.0\masqform.exe -UpdateCurrentUser []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 []
"AOL Fast Start"=C:\Program Files\AOL 9.1\AOL.EXE [2007-10-27 50528]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"disablecad"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"poxy4.exe"="poxy4.exe:*:Enabled:LSIVS"
"C:\Program Files\Common Files\System\MAPI\1033\nt\poxy4.exe"="C:\Program Files\Common Files\System\MAPI\1033\nt\poxy4.exepoxy4.exe:*:Enabled:LSIVS"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.ini - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2008-10-04 23:20:42 ----D---- C:\rsit
2008-10-04 17:01:50 ----A---- C:\WINNT\system32\MoveIt.txt
2008-10-04 16:55:53 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-10-04 16:54:28 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-04 16:52:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-04 16:46:52 ----A---- C:\cleanup.txt
2008-10-04 16:45:54 ----D---- C:\_OTMoveIt
2008-10-04 16:16:27 ----A---- C:\WINNT\system32\malware3.txt
2008-10-03 19:51:44 ----ASHD---- C:\Config.Msi
2008-10-03 18:50:02 ----A---- C:\WINNT\system32\malware2.txt
2008-10-03 15:26:34 ----A---- C:\WINNT\system32\Smit.txt
2008-10-03 15:21:54 ----A---- C:\WINNT\system32\WS2Fix.exe
2008-10-03 15:21:54 ----A---- C:\WINNT\system32\VACFix.exe
2008-10-03 15:21:54 ----A---- C:\WINNT\system32\IEDFix.exe
2008-10-03 15:21:54 ----A---- C:\WINNT\system32\IEDFix.C.exe
2008-10-03 15:21:54 ----A---- C:\WINNT\system32\404Fix.exe
2008-10-03 15:21:53 ----A---- C:\WINNT\system32\VCCLSID.exe
2008-10-03 15:21:53 ----A---- C:\WINNT\system32\swxcacls.exe
2008-10-03 15:21:53 ----A---- C:\WINNT\system32\swsc.exe
2008-10-03 15:21:53 ----A---- C:\WINNT\system32\swreg.exe
2008-10-03 15:21:53 ----A---- C:\WINNT\system32\SrchSTS.exe
2008-10-03 15:21:53 ----A---- C:\WINNT\system32\Process.exe
2008-10-03 15:21:53 ----A---- C:\WINNT\system32\dumphive.exe
2008-10-03 14:58:37 ----A---- C:\WINNT\system32\tmp.txt
2008-10-03 14:58:26 ----A---- C:\rapport.txt
2008-10-03 14:44:00 ----D---- C:\Documents and Settings\Administrator\Application Data\Viewpoint
2008-10-03 08:58:29 ----A---- C:\WINNT\system32\malware removal.txt
2008-10-01 18:43:28 ----D---- C:\Program Files\Trend Micro
2008-09-29 10:49:49 ----D---- C:\WINNT\ERUNT
2008-09-29 10:37:05 ----D---- C:\SDFix
2008-09-28 20:47:20 ----A---- C:\WINNT\system32\vbajet32.dll
2008-09-28 20:47:19 ----A---- C:\WINNT\system32\expsrv.dll
2008-09-28 20:47:19 ----A---- C:\WINNT\system32\CRYPTDLG.DLL
2008-09-28 19:44:36 ----A---- C:\WINNT\system32\pdm.dll
2008-09-28 19:44:36 ----A---- C:\WINNT\system32\msdbg.dll
2008-09-28 19:44:35 ----A---- C:\WINNT\system32\mdm.exe
2008-09-28 19:44:33 ----D---- C:\Program Files\Microsoft Script Debugger
2008-09-23 16:18:07 ----A---- C:\WINNT\system32\2fe2e47a-.txt
2008-09-23 13:43:00 ----D---- C:\Documents and Settings\Administrator\Application Data\Real
2008-09-22 22:12:36 ----D---- C:\Documents and Settings\Administrator\Application Data\Paltalk
2008-09-21 17:50:47 ----D---- C:\WINNT\Windows Update Setup Files
2008-09-21 17:49:49 ----A---- C:\WINNT\Active Setup Log.txt
2008-09-21 17:49:49 ----A---- C:\WINNT\Active Setup Log.BAK
2008-09-21 12:50:30 ----D---- C:\Documents and Settings\Administrator\Application Data\Sun
2008-09-20 16:54:08 ----D---- C:\Program Files\Windows Live Safety Center
2008-09-20 12:00:48 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-09-20 09:53:04 ----ASH---- C:\WINNT\system32\lkossfhn.ini
2008-09-20 09:48:52 ----D---- C:\Documents and Settings\Administrator\Application Data\Nero
2008-09-19 12:32:22 ----D---- C:\Program Files\Panda Security
2008-09-19 03:41:29 ----ASH---- C:\WINNT\system32\huefijij.ini
2008-09-19 00:18:22 ----D---- C:\WINNT\ServicePackFiles
2008-09-19 00:17:40 ----D---- C:\WINNT\Microsoft.NET
2008-09-19 00:03:07 ----D---- C:\WINNT\Registration
2008-09-18 23:56:51 ----A---- C:\WINNT\system.ini
2008-09-18 03:03:08 ----A---- C:\RSMResult.txt
2008-09-17 15:28:17 ----ASH---- C:\WINNT\system32\ivjffqbn.ini
2008-09-15 18:13:18 ----D---- C:\Program Files\Common Files\Nero
2008-09-14 18:51:18 ----AD---- C:\finalburner
2008-09-14 18:49:32 ----D---- C:\Program Files\FinalBurner
2008-09-11 08:44:56 ----A---- C:\WINNT\system32\ShellManager310E2D762.dll
2008-09-09 22:29:21 ----A---- C:\WINNT\system32\kbdjpn.dll
2008-09-09 22:29:20 ----A---- C:\WINNT\system32\kbd106.dll
2008-09-09 18:33:11 ----HDC---- C:\WINNT\$NtUninstallKB954156_WM9L$
2008-09-09 18:32:32 ----HDC---- C:\WINNT\$NtUninstallKB938464-IE6SP1-20080429.120000$
======List of files/folders modified in the last 1 months======
2008-10-04 19:41:10 ----A---- C:\WINNT\win.ini
2008-10-04 19:40:25 ----D---- C:\WINNT
2008-10-04 19:34:45 ----AD---- C:\WINNT\system32
2008-10-04 19:33:04 ----AD---- C:\WINNT\Debug
2008-10-04 19:32:34 ----AD---- C:\WINNT\Temp
2008-10-04 19:31:48 ----AD---- C:\WINNT\system32\drivers
2008-10-04 19:30:37 ----A---- C:\WINNT\SchedLgU.Txt
2008-10-04 17:00:14 ----AD---- C:\Program Files
2008-10-04 15:31:55 ----D---- C:\Program Files\Internet Explorer
2008-10-04 15:13:38 ----AD---- C:\unzipped
2008-10-04 14:56:56 ----AD---- C:\WINNT\system32\NtmsData
2008-10-04 14:43:49 ----AD---- C:\WINNT\security
2008-10-03 22:33:41 ----A---- C:\WINNT\ntbtlog.txt
2008-10-03 19:48:05 ----A---- C:\WINNT\system32\MsiExec.exe.log
2008-10-03 19:33:57 ----SHD---- C:\WINNT\Installer
2008-10-03 18:03:03 ----AD---- C:\5100
2008-10-03 16:46:20 ----SD---- C:\WINNT\Downloaded Program Files
2008-10-03 15:08:57 ----D---- C:\Program Files\Viewpoint
2008-10-03 14:27:00 ----AD---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-10-03 00:19:23 ----D---- C:\Program Files\BearShare
2008-10-01 17:24:13 ----HD---- C:\WINNT\system32\GroupPolicy
2008-09-29 19:48:51 ----A---- C:\WINNT\NeroDigital.ini
2008-09-29 11:16:19 ----SHD---- C:\RECYCLER
2008-09-29 09:17:20 ----A---- C:\WINNT\system32\dfrg.msc
2008-09-28 22:03:46 ----D---- C:\Program Files\Resource Pro Kit
2008-09-28 21:20:54 ----A---- C:\WINNT\ODBC.INI
2008-09-28 20:48:48 ----HD---- C:\WINNT\inf
2008-09-28 20:47:24 ----AD---- C:\WINNT\Help
2008-09-28 20:47:23 ----SD---- C:\WINNT\Web
2008-09-28 20:47:22 ----D---- C:\Program Files\Outlook Express
2008-09-28 20:47:17 ----RASHDC---- C:\WINNT\system32\dllcache
2008-09-28 19:45:11 ----A---- C:\WINNT\system32\PerfStringBackup.INI
2008-09-28 19:44:30 ----AD---- C:\WINNT\system32\inetsrv
2008-09-28 16:29:52 ----ASD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-09-28 14:26:15 ----A---- C:\WINNT\OEWABLog.txt
2008-09-27 13:06:59 ----AD---- C:\My Downloads
2008-09-25 08:41:07 ----D---- C:\Program Files\McAfee
2008-09-23 13:13:17 ----A---- C:\WINNT\imsins.BAK
2008-09-23 10:43:24 ----AD---- C:\Documents and Settings\All Users\Application Data\BearShare Applications
2008-09-22 23:08:13 ----AD---- C:\Documents and Settings
2008-09-21 20:00:55 ----HD---- C:\WINNT\msdownld.tmp
2008-09-21 19:59:40 ----D---- C:\Program Files\Common Files\Services
2008-09-21 19:59:37 ----D---- C:\Program Files\Common Files\System
2008-09-21 19:59:01 ----AD---- C:\Program Files\Common Files\Microsoft Shared
2008-09-21 19:59:00 ----AD---- C:\Program Files\Common Files
2008-09-21 19:55:57 ----AD---- C:\WINNT\Cursors
2008-09-21 18:09:10 ----HD---- C:\Program Files\Uninstall Information
2008-09-21 12:55:45 ----AD---- C:\Documents and Settings\Administrator\Application Data\McAfee
2008-09-20 12:28:14 ----A---- C:\WINNT\ModemLog_LT Win Modem.txt
2008-09-19 12:30:13 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-19 03:56:21 ----D---- C:\WINNT\nview
2008-09-19 00:18:54 ----AD---- C:\WINNT\system
2008-09-19 00:18:25 ----AD---- C:\WINNT\Speech
2008-09-19 00:17:32 ----AD---- C:\WINNT\AppPatch
2008-09-19 00:16:33 ----AD---- C:\WINNT\msagent
2008-09-19 00:10:25 ----HDC---- C:\WINNT\$NtUninstallKB896422$
2008-09-19 00:10:25 ----D---- C:\WINNT\twain_32
2008-09-19 00:09:07 ----HDC---- C:\WINNT\$NtUninstallKB893066$
2008-09-09 22:29:24 ----RASD---- C:\WINNT\Fonts
2008-09-09 18:27:05 ----RSD---- C:\WINNT\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Cdr4_2K;Cdr4_2K; C:\WINNT\system32\drivers\Cdr4_2K.sys [2007-03-07 9336]
R1 Cdralw2k;Cdralw2k; C:\WINNT\system32\drivers\Cdralw2k.sys [2007-03-07 9464]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINNT\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\WINNT\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R2 EZUSB;NaturalPoint Tracker USB Driver (ezusb.sys); C:\WINNT\System32\Drivers\ezusb.sys [2000-09-05 132968]
R2 HidUsb;Microsoft HID Class Driver; C:\WINNT\System32\DRIVERS\hidusb.sys [1999-10-04 13904]
R2 tmcomm;tmcomm; \??\C:\WINNT\system32\drivers\tmcomm.sys []
R3 ltmodem5;LT Modem Driver; C:\WINNT\System32\DRIVERS\ltmdmnt.sys [1999-10-23 413712]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINNT\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINNT\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINNT\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINNT\system32\drivers\MODEMCSA.sys [1999-09-25 16144]
R3 mouhid;Mouse HID Driver; C:\WINNT\System32\DRIVERS\mouhid.sys [2003-06-19 11632]
R3 nv;nv; C:\WINNT\system32\DRIVERS\nv4_mini.sys [2003-07-28 1341339]
R3 openhci;Microsoft USB Open Host Controller Driver; C:\WINNT\System32\DRIVERS\openhci.sys [2003-06-19 24784]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINNT\system32\DRIVERS\Rtlnic.sys [2004-07-16 69632]
R3 uhcd;Microsoft USB Universal Host Controller Driver; C:\WINNT\System32\DRIVERS\uhcd.sys [2003-06-19 32848]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINNT\System32\DRIVERS\usbhub.sys [2003-06-19 40176]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINNT\system32\drivers\viaudio.sys [2003-08-19 73984]
R3 wanatw;WAN Miniport (ATW); C:\WINNT\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 MPFIREWL;MPFIREWL; C:\WINNT\System32\Drivers\MpFirewall.sys []
S3 Afc;PPdus ASPI Shell; C:\WINNT\system32\drivers\Afc.sys [2005-02-22 11776]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINNT\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CoachUsb;Digital Camera on USB; C:\WINNT\system32\DRIVERS\CoachUsb.sys []
S3 DSCVc;Video Capture; C:\WINNT\system32\DRIVERS\CoachVc.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINNT\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINNT\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINNT\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINNT\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINNT\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINNT\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINNT\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nv4;nv4; C:\WINNT\System32\DRIVERS\nv4.sys [1999-10-27 345040]
S3 rtl8139;Realtek RTL8139-based PCI Fast Ethernet Adapter NT Driver; C:\WINNT\System32\DRIVERS\RTL8139.SYS [1999-09-24 18704]
S3 SLIP;BDA Slip De-Framer; C:\WINNT\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 SPGT560xUSB;MS Card_Reader; C:\WINNT\system32\DRIVERS\SP560X2K.SYS [2000-09-15 20576]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINNT\System32\DRIVERS\serscan.sys [1999-09-25 6736]
S3 streamip;BDA IPSink; C:\WINNT\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINNT\System32\DRIVERS\usbprint.sys [2003-06-19 21872]
S3 usbscan;USB Scanner Driver; C:\WINNT\System32\DRIVERS\usbscan.sys [2003-06-19 12592]
S3 USBSTOR;USB Mass Storage Driver; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2003-06-19 21552]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINNT\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2006-10-23 46640]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\Program Files\McAfee\VirusScan\McShield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINNT\system32\nvsvc32.exe [2003-07-28 77824]
R2 StiSvc;Still Image Service; C:\WINNT\system32\stisvc.exe [2003-06-19 61712]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINNT\M [2005-11-03 20]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe []
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S3 WmdmPmSN;Portable Media Serial Number Service; C:\WINNT\System32\svchost.exe [1999-12-07 7952]
S4 aspnet_state;ASP.NET State Service; C:\WINNT\M [2005-11-03 20]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-10-04 23:20:55
======Uninstall list======
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINNT\IsUninst.exe -fC:\WINNT\system32\UninstIPP.isu
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader Chinese Traditional Fonts-->MsiExec.exe /I{AC76BA86-7AD7-2448-0000-705000000001}
Adobe Shockwave Player-->C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.log
AIM 6-->C:\Program Files\AIM6\uninst.exe
AnswerWorks 4.0 Runtime - English-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
AOL Coach Version 2.0(Build:20041026.5 en)-->C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP
AOL Uninstaller (Choose which Products to Remove)-->C:\Program Files\Common Files\AOL\uninstaller.exe
AOL You've Got Pictures Screensaver-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B755EF7-F860-4F72-9A2D-5216CB48BA7C}\setup.exe" -l0x9
ArcSoft VideoImpression 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66E0EB37-6024-4872-897A-8E83AF1C87CA}\setup.exe" -l0x9
Bible Software-->MsiExec.exe /I{A3F93070-1CE2-4077-8B5C-35B29D9F6E3B}
BiblePro-->MsiExec.exe /I{25EEC359-8639-4528-83F4-A5AC2DAD3B35}
CallWave-->C:\Program Files\CallWave\IAM.exe -remove
Comcast High-Speed Internet Install Wizard-->C:\Program Files\Support.com\uninstall\chsi_uninstaller.exe
Desktop Doctor-->"C:\Program Files\Support.com\providerComcast\Uninstall.exe" /c "Remove Desktop Doctor?"
Destiny Media Player-->"C:\Program Files\Destiny\Destiny Media Player\uninst.exe"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DynaVox Series 5 Software-->C:\WINNT\unvise32.exe C:\uninstalS5.log
e-Sword-->MsiExec.exe /I{97D86AAF-0473-4457-A35F-066C84E83CB0}
Family Lawyer 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{95C2FBF3-4462-41E3-89DC-0F784387BD53}\setup.exe" -l0x9
FinalBurner Free v2.3.0.135-->"C:\Program Files\FinalBurner\Uninstall.exe" "C:\Program Files\FinalBurner\install.log" -u
GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Guitar Guru Supplemental Guitar Skins-->"C:\Program Files\Musicnotes\GuitarGuru\data\unins000.exe"
Guitar Guru Version 2.2.0-->"C:\Program Files\Musicnotes\GuitarGuru\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for MDAC 2.80 (KB911562)-->"C:\WINNT\$SQLUninstallMDAC28-KB911562-x86-ENU$\spuninst\spuninst.exe"
Hotfix for MDAC 2.80 (KB927779)-->"C:\WINNT\$SQLUninstallMDAC28-KB927779-x86-ENU$\spuninst\spuninst.exe"
Hotfix for Microsoft .NET Framework 2.0 Service Pack 1 (KB947748)-->C:\WINNT\system32\msiexec.exe /package {B508B3F1-A24A-32C0-B310-85786919EF28} /uninstall {293258CB-8737-4DF9-AC7B-93B7997F1828} /qb+ REBOOTPROMPT=""
HP Image Zone 4.2-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
ICS Viewer 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0000600-0600-0600-0600-000000000600}\Setup.exe" -l0x9 -uninst
Imikimi Plugin-->"C:\Program Files\Imikimi\uninstall.exe"
Intel(R) Integrated Performance Primitives RTI 4.0-->MsiExec.exe /X{51C91B84-7B46-4FE7-8999-8228CFA75F89}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lexmark 4200 Series Fax Solutions-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{C439D065-5B64-4563-A6B9-1AA202633E13} /l1033 /z/U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Hotfix (KB947742)-->"C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M947742\M947742Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync 3.8-->"C:\WINNT\ISUNINST.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINNT\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Baseline Security Analyzer 2.0-->MsiExec.exe /I{8A8F4EF8-160C-4E0F-B32D-92E2313E039B}
Microsoft Money 2003 System Pack-->MsiExec.exe /I{02D5E8EE-0B08-4F2C-97D6-A400E77275FE}
Microsoft Money 2003-->MsiExec.exe /I{015A0855-1EF5-4C77-93DB-8E2FC6A495B5}
Microsoft Office 2000 Disc 2-->MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Converter Pack-->MsiExec.exe /X{6EECB283-E65F-40EF-86D3-D51BF02A8D43}
Microsoft Windows 2000 Professional Resource Kit-->MsiExec.exe /I{5037210E-66F6-4D7E-9B44-8724970498FF}
Microsoft XML Parser and SDK-->MsiExec.exe /I{3E908702-AF35-4611-9518-955DA24B7E07}
MidiNotate-->C:\WINNT\IsUninst.exe -f"C:\Program Files\Notation Software, Inc\MidiNotate\Uninst.isu"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Musicnotes Player V1.23.1-->"C:\Program Files\Musicnotes\Player\unins000.exe"
Nero - Burning Rom-->C:\WINNT\uninst.exe -f"C:\Program Files\ahead\Nero\DeIsL1.isu"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NokiaFREE Unlock Codes Calculator-->"C:\Program Files\NokiaFREE Unlock Codes Calculator\uninst.exe"
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINNT\system32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Paltalk Messenger-->C:\WINNT\iun6002.exe "C:\Program Files\Paltalk Messenger\irunin.ini"
PaltalkScene-->"C:\WINNT\Paltalk Messenger\uninstall.exe" "/U:C:\Program Files\Paltalk Messenger\irunin.xml"
Personal Student Tutor-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{721A5695-0D7A-11D7-BE83-ACC731000000}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime 3.0-->C:\WINNT\uninst.exe -f"C:\Program Files\QuickTime\DeIsL3.isu" -c"C:\WINNT\system32\QTUninst.dll
QuickTime-->C:\WINNT\unvise32qt.exe C:\WINNT\system32\QuickTime\Uninstall.log
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine-->MsiExec.exe /I{84F1DE76-C48C-4281-87A0-CC9548D1E7F9}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for DirectX 9 (KB941568)-->"C:\WINNT\$NtUninstallKB941568_DX9$\spuninst\spuninst.exe"
Security Update for DirectX 9 (KB951698)-->"C:\WINNT\$NtUninstallKB951698_DX9$\spuninst\spuninst.exe"
Security Update for Windows 2000 (KB904706)-->"C:\WINNT\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows 2000 (KB923689)-->"C:\WINNT\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows 2000 (KB941569)-->"C:\WINNT\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"C:\WINNT\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB911564)-->"C:\WINNT\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINNT\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB911565)-->"C:\WINNT\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB917734)-->"C:\WINNT\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB936782)-->"C:\WINNT\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Sibelius Scorch Plugin-->"C:\Program Files\Musicnotes\uninstsc.exe"
SmartNAV-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{356591FC-D6F2-4B97-8A3F-872B56C1065E}\setup.exe"
TBN Networks Media Player-->"C:\Program Files\TBN\unins000.exe"
TurboTax Deluxe 2005-->C:\Program Files\TurboTax\Deluxe 2005\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2005\Uninstall.log" -NoGui
TurboTax Deluxe 2007-->C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Deluxe Deduction Maximizer 2006-->C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2005-->MsiExec.exe /X{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}
TurboTax ItsDeductible 2006-->MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
TypingMaster Pro-->"C:\Program Files\TypingMaster\unins000.exe"
Update Rollup 1 for Windows 2000 SP4-->"C:\WINNT\$NtUpdateRollupPackUninstall$\spuninst\spuninst.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
WexTech AnswerWorks-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows 2000 Hotfix - KB842773-->C:\WINNT\$NtUninstallKB842773$\spuninst\spuninst.exe
Windows 2000 Hotfix - KB890046-->"C:\WINNT\$NtUninstallKB890046$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB893756-->"C:\WINNT\$NtUninstallKB893756$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB894320-->"C:\WINNT\$NtUninstallKB894320$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB896358-->"C:\WINNT\$NtUninstallKB896358$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB896422-->"C:\WINNT\$NtUninstallKB896422$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB896423-->"C:\WINNT\$NtUninstallKB896423$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB896424-->"C:\WINNT\$NtUninstallKB896424$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB896727-->"C:\WINNT\$NtUninstallKB896727-IE6SP1-20050719.165959$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB899587-->"C:\WINNT\$NtUninstallKB899587$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB899588-->"C:\WINNT\$NtUninstallKB899588$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB899589-->"C:\WINNT\$NtUninstallKB899589$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB900725-->"C:\WINNT\$NtUninstallKB900725$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB901017-->"C:\WINNT\$NtUninstallKB901017$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB901214-->"C:\WINNT\$NtUninstallKB901214$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB902400-->"C:\WINNT\$NtUninstallKB902400$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB904368-->"C:\WINNT\$NtUninstallKB904368$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB905414-->"C:\WINNT\$NtUninstallKB905414$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB905495-->"C:\WINNT\$NtUninstallKB905495-IE6SP1-20050805.184113$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB905749-->"C:\WINNT\$NtUninstallKB905749$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB905915-->"C:\WINNT\$NtUninstallKB905915-IE6SP1-20051122.175908$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB908519-->"C:\WINNT\$NtUninstallKB908519$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB908523-->"C:\WINNT\$NtUninstallKB908523$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB908531-->"C:\WINNT\$NtUninstallKB908531$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB911280-->"C:\WINNT\$NtUninstallKB911280$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB911567-->"C:\WINNT\$NtUninstallKB911567-OE6SP1-20060316.165634$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB912919-->"C:\WINNT\$NtUninstallKB912919$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB913580-->"C:\WINNT\$NtUninstallKB913580$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB914388-->"C:\WINNT\$NtUninstallKB914388$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB914389-->"C:\WINNT\$NtUninstallKB914389$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB916281-->"C:\WINNT\$NtUninstallKB916281-IE6SP1-20060526.162249$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB917008-->"C:\WINNT\$NtUninstallKB917008$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB917422-->"C:\WINNT\$NtUninstallKB917422$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB917537-->"C:\WINNT\$NtUninstallKB917537$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB917736-->"C:\WINNT\$NtUninstallKB917736$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB917953-->"C:\WINNT\$NtUninstallKB917953$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB918118-->"C:\WINNT\$NtUninstallKB918118$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB918439-->"C:\WINNT\$NtUninstallKB918439-IE6SP1-20060530.145346$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB918899-->"C:\WINNT\$NtUninstallKB918899-IE6SP1-20060725.123917$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB920213-->"C:\WINNT\$NtUninstallKB920213$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB920670-->"C:\WINNT\$NtUninstallKB920670$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB920683-->"C:\WINNT\$NtUninstallKB920683$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB920685-->"C:\WINNT\$NtUninstallKB920685$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB920958-->"C:\WINNT\$NtUninstallKB920958$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB921398-->"C:\WINNT\$NtUninstallKB921398$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB921503-->"C:\WINNT\$NtUninstallKB921503$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB921883-->"C:\WINNT\$NtUninstallKB921883$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB922582-->"C:\WINNT\$NtUninstallKB922582$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB922616-->"C:\WINNT\$NtUninstallKB922616$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB923191-->"C:\WINNT\$NtUninstallKB923191$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB923414-->"C:\WINNT\$NtUninstallKB923414$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB923694-->"C:\WINNT\$NtUninstallKB923694-OE6SP1-20061106.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB923810-->"C:\WINNT\$NtUninstallKB923810$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB923980-->"C:\WINNT\$NtUninstallKB923980$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB924191-->"C:\WINNT\$NtUninstallKB924191$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB924270-->"C:\WINNT\$NtUninstallKB924270$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB924667-->"C:\WINNT\$NtUninstallKB924667$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB925454-->"C:\WINNT\$NtUninstallKB925454-IE6SP1-20061116.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB925486-->"C:\WINNT\$NtUninstallKB925486-IE6SP1-20060918.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB925902-->"C:\WINNT\$NtUninstallKB925902$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB926122-->"C:\WINNT\$NtUninstallKB926122$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB926247-->"C:\WINNT\$NtUninstallKB926247$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB926436-->"C:\WINNT\$NtUninstallKB926436$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB927891-->"C:\WINNT\$NtUninstallKB927891$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB928090-->"C:\WINNT\$NtUninstallKB928090-IE6SP1-20070125.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB928843-->"C:\WINNT\$NtUninstallKB928843$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB929969-->"C:\WINNT\$NtUninstallKB929969-IE6SP1-20061220.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB930178-->"C:\WINNT\$NtUninstallKB930178$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB931768-->"C:\WINNT\$NtUninstallKB931768-IE6SP1-20070219.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB931784-->"C:\WINNT\$NtUninstallKB931784$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB932168-->"C:\WINNT\$NtUninstallKB932168$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB933566-->"C:\WINNT\$NtUninstallKB933566-IE6SP1-20070417.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB933729-->"C:\WINNT\$NtUninstallKB933729$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB935839-->"C:\WINNT\$NtUninstallKB935839$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB935840-->"C:\WINNT\$NtUninstallKB935840$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB936021-->"C:\WINNT\$NtUninstallKB936021$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB937143-->"C:\WINNT\$NtUninstallKB937143-IE6SP1-20070717.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB937894-->"C:\WINNT\$NtUninstallKB937894$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB938127-->"C:\WINNT\$NtUninstallKB938127-IE6SP1-20070626.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB938464-->"C:\WINNT\$NtUninstallKB938464-IE6SP1-20080429.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB938827-->"C:\WINNT\$NtUninstallKB938827$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB938829-->"C:\WINNT\$NtUninstallKB938829$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB939653-->"C:\WINNT\$NtUninstallKB939653-IE6SP1-20070817.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB941202-->"C:\WINNT\$NtUninstallKB941202-OE6SP1-20070820.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB941644-->"C:\WINNT\$NtUninstallKB941644$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB941693-->"C:\WINNT\$NtUninstallKB941693$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB942615-->"C:\WINNT\$NtUninstallKB942615-IE6SP1-20071029.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB943055-->"C:\WINNT\$NtUninstallKB943055$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB943485-->"C:\WINNT\$NtUninstallKB943485$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB944338-->"C:\WINNT\$NtUninstallKB944338$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB944533-->"C:\WINNT\$NtUninstallKB944533-IE6SP1-20071210.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB945553-->"C:\WINNT\$NtUninstallKB945553$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB947864-->"C:\WINNT\$NtUninstallKB947864-IE6SP1-20080215.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB948590-->"C:\WINNT\$NtUninstallKB948590$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB948881-->"C:\WINNT\$NtUninstallKB948881-IE6SP1-20080313.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB950749-->"C:\WINNT\$NtUninstallKB950749$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB950759-->"C:\WINNT\$NtUninstallKB950759-IE6SP1-20080418.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB950760-->"C:\WINNT\$NtUninstallKB950760$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB950974-->"C:\WINNT\$NtUninstallKB950974$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB951066-->"C:\WINNT\$NtUninstallKB951066-OE6SP1-20080625.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB951748-->"C:\WINNT\$NtUninstallKB951748$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB952954-->"C:\WINNT\$NtUninstallKB952954$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB953838-->"C:\WINNT\$NtUninstallKB953838-IE6SP1-20080620.120000$\spuninst\spuninst.exe"
Windows 2000 Hotfix - KB953839-->"C:\WINNT\$NtUninstallKB953839$\spuninst\spuninst.exe"
Windows 2000 Service Pack 4-->C:\WINNT\$NtServicePackUninstall$\spuninst\spuninst.exe
Windows Installer 3.1 (KB893803)-->"C:\WINNT\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format SDK Hotfix - KB891122-->"C:\WINNT\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 9 Hotfix [See KB885492 for more information]-->C:\WINNT\$NtUninstallKB885492$\spuninst\spuninst.exe
Windows Media Player system update (9 Series)-->C:\PROGRA~1\WINDOW~2\setup_wm.exe /Uninstall
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo! extras-->C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Internet Mail-->C:\WINNT\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI~1.DLL
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
=====HijackThis Backups=====
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (file missing)
O3 - Toolbar: (no name) - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - (no file)
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll (file missing)
O3 - Toolbar: (no name) - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
======Hosts File======
127.0.0.1 localhost
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"NUMBER_OF_PROCESSORS"=1
"OS"=Windows_NT
"Os2LibPath"=%SystemRoot%\system32\os2\dll
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 4 Stepping 2, AuthenticAMD
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0402
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
-----------------EOF-----------------