Hope this worked!
SDFix Log
SDFix: Version 1.237 Run by A-02843 on Wed 10/22/2008 at 11:12 AM
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Name :
vloinyedyiibvy
uoteuyihau
Path :
C:\WINDOWS\system32\jousouqui.exe
C:\WINDOWS\system32\dassi.exe
vloinyedyiibvy - Deleted
uoteuyihau - Deleted
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\WINDOWS\system32\jousouqui.exe - Deleted
C:\WINDOWS\system32\dassi.exe - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-10-22 11:17:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\setup\\hppniprint01.exe"="D:\\setup\\hppniprint01.exe:*:Enabled:hppniprint01.exe"
"D:\\setup\\HPPNIPRINT64.EXE"="D:\\setup\\HPPNIPRINT64.EXE:*:Enabled:hppniprint64.exe"
"D:\\setup\\HPPNICIFS01.EXE"="D:\\setup\\HPPNICIFS01.EXE:*:Enabled:hppnicifs01.exe"
"D:\\setup\\LaunchApp.exe"="D:\\setup\\LaunchApp.exe:*:Enabled:launchapp.exe"
"C:\\Program Files\\HP\\hp laserjet m2727\\Fax Config utility0.exe"="C:\\Program Files\\HP\\hp laserjet m2727\\Fax Config utility0.exe:*:Enabled:HP Networked Printer Installer"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS983.tmp\\SymNRT.exe"="C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS983.tmp\\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS985.tmp\\SymNRT.exe"="C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS985.tmp\\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS986.tmp\\SymNRT.exe"="C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS986.tmp\\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS987.tmp\\SymNRT.exe"="C:\\Documents and Settings\\A-02843\\Local Settings\\Temp\\7zS987.tmp\\SymNRT.exe:*:Enabled:Norton Removal Tool"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Wed 13 Oct 2004 1,694,208 ..SH. --- "C:\Program Files\Messenger\msmsgs.exe"
Wed 4 Aug 2004 60,416 A.SH. --- "C:\Program Files\Outlook Express\msimn.exe"
Mon 22 Sep 2008 608 A.SH. --- "C:\WINDOWS\system32\winzvprt5.sys"
Tue 21 Oct 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\550d841de13098ccce98beef5ab9e667\BIT1C.tmp"
Finished!RSIT Logs
Logfile of random's system information tool 1.04 (written by random/random)
Run by A-02843 at 2008-10-22 11:21:31
Microsoft Windows XP Professional Service Pack 2
System drive C: has 105 GB (92%) free of 114 GB
Total RAM: 2038 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:35 AM, on 10/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\pyranaj.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Documents and Settings\A-02843\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\A-02843.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
https://intranet.aecon.com/en-CA/Pages/default.aspxR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.aecon.com/home.aspxR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
http://vs-mgm02/aecon-default.insO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [zicigy] C:\WINDOWS\system32\pyranaj.exe
O4 - HKLM\..\Run: [pocelet] C:\WINDOWS\system32\pyranaj.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunServices: [zicigy] C:\WINDOWS\system32\pyranaj.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKUS\S-1-5-21-343818398-884357618-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'mistest')
O4 - HKUS\S-1-5-21-343818398-884357618-839522115-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://helpdesk.aecon.comO15 - Trusted Zone:
http://support.aecon.comO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w3/pr01/re ... NPUpld.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 0927746203O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 0928151656O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: BsHelpCS (uoteuyihau) - Unknown owner - C:\WINDOWS\system32\dassi.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 9198 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-05-16 138008]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-05-16 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-05-16 138008]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2007-02-20 1191936]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-01-25 159744]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2007-02-19 303104]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ToolBoxFX"=C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [2008-01-10 53248]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"zicigy"=C:\WINDOWS\system32\pyranaj.exe [2008-10-16 231424]
"pocelet"=C:\WINDOWS\system32\pyranaj.exe [2008-10-16 231424]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-07-19 52896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RegMech.exe [2008-07-08 2828184]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2006-09-27 43760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\setup\hppniprint01.exe"="D:\setup\hppniprint01.exe:*:Enabled:hppniprint01.exe"
"D:\setup\HPPNIPRINT64.EXE"="D:\setup\HPPNIPRINT64.EXE:*:Enabled:hppniprint64.exe"
"D:\setup\HPPNICIFS01.EXE"="D:\setup\HPPNICIFS01.EXE:*:Enabled:hppnicifs01.exe"
"D:\setup\LaunchApp.exe"="D:\setup\LaunchApp.exe:*:Enabled:launchapp.exe"
"C:\Program Files\HP\hp laserjet m2727\Fax Config utility0.exe"="C:\Program Files\HP\hp laserjet m2727\Fax Config utility0.exe:*:Enabled:HP Networked Printer Installer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\A-02843\Local Settings\Temp\7zS983.tmp\SymNRT.exe"="C:\Documents and Settings\A-02843\Local Settings\Temp\7zS983.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Documents and Settings\A-02843\Local Settings\Temp\7zS985.tmp\SymNRT.exe"="C:\Documents and Settings\A-02843\Local Settings\Temp\7zS985.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Documents and Settings\A-02843\Local Settings\Temp\7zS986.tmp\SymNRT.exe"="C:\Documents and Settings\A-02843\Local Settings\Temp\7zS986.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"C:\Documents and Settings\A-02843\Local Settings\Temp\7zS987.tmp\SymNRT.exe"="C:\Documents and Settings\A-02843\Local Settings\Temp\7zS987.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 3 months======
2008-10-22 11:21:31 ----D---- C:\rsit
2008-10-22 11:19:45 ----A---- C:\WINDOWS\system32\dassi.exe
2008-10-22 11:09:10 ----D---- C:\WINDOWS\ERUNT
2008-10-22 11:03:16 ----D---- C:\SDFix
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\ltimg13n.dll
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\ltfil13n.dll
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\ltefx13n.dll
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\ltdis13n.dll
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\lfgif13n.dll
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\lfcmp13n.dll
2008-10-21 15:56:05 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
2008-10-21 08:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-21 08:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-21 08:03:20 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-21 08:02:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-21 08:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-21 08:02:20 ----D---- C:\1b6ce486b9f3f07f5198b56f
2008-10-21 08:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-20 15:39:06 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-10-20 15:31:46 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-20 15:31:45 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-20 12:02:30 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-20 10:02:04 ----D---- C:\Program Files\Trend Micro
2008-10-20 09:56:55 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-20 09:56:36 ----A---- C:\WINDOWS\system32\STKIT432.DLL
2008-10-20 09:56:34 ----D---- C:\Program Files\Registry Mechanic
2008-10-20 09:53:16 ----D---- C:\Program Files\Lavasoft
2008-10-20 09:53:16 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-10-20 09:52:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-18 22:24:16 ----A---- C:\WINDOWS\system32\ptpusb.dll
2008-10-18 22:24:15 ----A---- C:\WINDOWS\system32\ptpusd.dll
2008-10-17 10:54:23 ----D---- C:\Program Files\Windows Live Favorites
2008-10-17 10:45:33 ----D---- C:\Program Files\Windows Live
2008-10-17 07:37:00 ----D---- C:\Documents and Settings\A-02843\Application Data\Yahoo!
2008-10-17 07:24:59 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-10-17 07:24:19 ----A---- C:\WINDOWS\system32\YCRWin32.dll
2008-10-17 07:24:15 ----A---- C:\WINDOWS\system32\msvcr70.dll
2008-10-17 07:24:15 ----A---- C:\WINDOWS\system32\ATL70.DLL
2008-10-17 07:21:21 ----D---- C:\Program Files\Yahoo!
2008-10-16 09:20:27 ----A---- C:\WINDOWS\system32\fehoovoojoo.exe
2008-10-16 09:19:16 ----A---- C:\WINDOWS\system32\pyranaj.exe
2008-10-08 10:48:41 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-10-08 10:46:29 ----RA---- C:\WINDOWS\system32\InstMed.exe
2008-10-08 10:46:25 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2008-10-08 10:46:25 ----A---- C:\WINDOWS\system32\LVUI2.dll
2008-10-08 10:46:25 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2008-10-08 10:46:25 ----A---- C:\WINDOWS\system32\lvcoinst.dll
2008-10-08 10:46:25 ----A---- C:\WINDOWS\system32\lvcodec2.dll
2008-10-08 10:46:21 ----D---- C:\Program Files\Common Files\Logitech
2008-10-08 10:46:18 ----A---- C:\WINDOWS\system32\Lvkrn12n.dll
2008-10-08 10:46:18 ----A---- C:\WINDOWS\system32\LCamCpl.dll
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL
2008-10-08 10:46:16 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\QCUI2.dll
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\Ltwvc12n.dll
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\ltkrn12n.dll
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\ltimg12n.dll
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\ltfil12n.DLL
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\ltefx12n.dll
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\LTDIS12n.dll
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\lftif12n.dll
2008-10-08 10:46:15 ----A---- C:\WINDOWS\system32\lffax12n.dll
2008-10-08 10:46:14 ----A---- C:\WINDOWS\system32\LQCUI2.dll
2008-10-08 10:46:14 ----A---- C:\WINDOWS\system32\LFCMP12n.DLL
2008-10-08 10:46:14 ----A---- C:\WINDOWS\system32\lfbmp12n.dll
2008-10-08 10:45:49 ----D---- C:\Program Files\Logitech
2008-09-22 11:23:14 ----D---- C:\MDT
2008-09-22 11:22:43 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-09-22 11:22:43 ----D---- C:\Documents and Settings\A-02843\Application Data\CyberLink
2008-09-22 09:44:52 ----D---- C:\Documents and Settings\A-02843\Application Data\HP
2008-09-22 09:44:25 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-09-22 09:43:52 ----D---- C:\Program Files\Common Files\HP
2008-09-22 09:43:51 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-09-22 09:43:17 ----D---- C:\Documents and Settings\All Users\Application Data\zvprt50
2008-09-22 09:43:09 ----N---- C:\WINDOWS\system32\hppfaxprintermonui5.dll
2008-09-22 09:43:09 ----N---- C:\WINDOWS\system32\hppfaxprintermon5.dll
2008-09-22 09:40:56 ----RSD---- C:\WINDOWS\assembly
2008-09-22 09:40:37 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-22 09:38:57 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-09-22 09:38:11 ----RA---- C:\WINDOWS\system32\hpptsp02.dll
2008-09-22 09:38:10 ----RA---- C:\WINDOWS\system32\hpxp2727.dll
2008-09-22 09:38:10 ----RA---- C:\WINDOWS\system32\hppasc07.dll
2008-09-22 09:37:44 ----RA---- C:\WINDOWS\system32\hppcpr07.dll
2008-09-22 09:37:28 ----A---- C:\WINDOWS\system32\AddPort.ini
2008-09-22 09:36:56 ----A---- C:\WINDOWS\hpntwksetup.ini
2008-09-22 09:33:22 ----D---- C:\Program Files\HP
2008-09-22 09:33:03 ----HD---- C:\Config.Msi
2008-09-18 13:48:32 ----D---- C:\WINDOWS\Sun
2008-09-18 13:48:32 ----D---- C:\Documents and Settings\A-02843\Application Data\Sun
2008-09-18 10:07:07 ----D---- C:\Documents and Settings\A-02843\Application Data\AdobeUM
2008-09-18 09:26:18 ----D---- C:\Documents and Settings\A-02843\Application Data\Macromedia
2008-09-17 12:19:36 ----D---- C:\Program Files\Windows Live Toolbar
2008-09-17 12:12:22 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-09-17 12:11:55 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-17 12:11:43 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-17 11:54:18 ----D---- C:\Program Files\Hewlett-Packard
2008-09-17 11:54:17 ----A---- C:\WINDOWS\HPMProp.INI
2008-09-17 11:54:00 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-09-17 11:53:51 ----A---- C:\WINDOWS\system32\hpmtp081.dll
2008-09-17 11:53:50 ----A---- C:\WINDOWS\system32\hpmpw081.dll
2008-09-17 11:53:50 ----A---- C:\WINDOWS\system32\hpmpm081.dll
2008-09-17 11:53:50 ----A---- C:\WINDOWS\system32\hpmml081.dll
2008-09-17 11:53:50 ----A---- C:\WINDOWS\system32\hpmja081.dll
2008-09-17 11:53:50 ----A---- C:\WINDOWS\system32\hpcpn081.dll
2008-09-17 11:53:49 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
2008-09-17 11:53:49 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
2008-09-17 11:53:49 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
2008-09-17 11:52:58 ----D---- C:\HP-UPD4_5-PCL6-32
2008-09-17 11:24:08 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-09-16 15:19:28 ----D---- C:\Documents and Settings\A-02843\Application Data\ICAClient
2008-09-16 15:17:25 ----D---- C:\Program Files\Citrix
2008-09-16 15:08:32 ----D---- C:\Documents and Settings\A-02843\Application Data\Adobe
2008-09-16 15:08:30 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-16 15:08:29 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-16 15:08:29 ----A---- C:\WINDOWS\system32\java.exe
2008-09-16 15:01:05 ----D---- C:\Documents and Settings\A-02843\Application Data\Dell
2008-09-16 15:00:55 ----D---- C:\Documents and Settings\A-02843\Application Data\Identities
2008-09-16 15:00:50 ----ASH---- C:\Documents and Settings\A-02843\Application Data\desktop.ini
2008-09-16 15:00:49 ----SD---- C:\Documents and Settings\A-02843\Application Data\Microsoft
2008-09-16 15:00:49 ----D---- C:\Documents and Settings\A-02843\Application Data\Intel
2008-09-16 14:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-16 14:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-16 14:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-09-16 14:32:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-16 14:32:44 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-09-16 14:32:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-16 14:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-16 14:32:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-16 14:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-09-16 14:32:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-16 14:31:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-09-16 14:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-16 14:31:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-09-16 14:31:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-09-16 12:25:39 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-09-16 12:25:18 ----D---- C:\Program Files\Symantec AntiVirus
======List of files/folders modified in the last 3 months======
2008-10-22 11:20:50 ----D---- C:\WINDOWS\system32
2008-10-22 11:20:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-22 11:19:39 ----D---- C:\WINDOWS\Temp
2008-10-22 11:16:51 ----D---- C:\WINDOWS
2008-10-22 11:06:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-22 09:40:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-22 09:40:33 ----HD---- C:\WINDOWS\inf
2008-10-22 09:40:30 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-21 08:41:02 ----SHD---- C:\WINDOWS\Installer
2008-10-21 08:28:39 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-21 08:28:39 ----D---- C:\WINDOWS\pchealth
2008-10-21 08:27:42 ----SHD---- C:\System Volume Information
2008-10-21 08:27:42 ----D---- C:\WINDOWS\system32\Restore
2008-10-21 08:03:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-21 08:03:32 ----D---- C:\WINDOWS\system32\drivers
2008-10-21 08:03:30 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-21 08:03:28 ----A---- C:\WINDOWS\imsins.BAK
2008-10-21 08:02:01 ----D---- C:\Program Files\Internet Explorer
2008-10-20 15:49:47 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-20 15:39:47 ----D---- C:\WINDOWS\Prefetch
2008-10-20 15:39:06 ----D---- C:\WINDOWS\Debug
2008-10-20 10:02:04 ----RD---- C:\Program Files
2008-10-20 09:52:50 ----D---- C:\Program Files\Common Files
2008-10-17 10:54:50 ----SD---- C:\WINDOWS\Tasks
2008-10-17 10:53:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-17 10:51:04 ----D---- C:\WINDOWS\WinSxS
2008-10-17 09:04:08 ----D---- C:\WINDOWS\system32\appmgmt
2008-10-17 07:25:00 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-17 07:25:00 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-10-16 10:20:40 ----D---- C:\WINDOWS\Registration
2008-10-08 10:46:32 ----D---- C:\WINDOWS\twain_32
2008-10-08 10:46:13 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-07 15:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-09-23 14:34:40 ----D---- C:\Documents and Settings
2008-09-22 09:44:35 ----A---- C:\WINDOWS\win.ini
2008-09-22 09:42:49 ----RSD---- C:\WINDOWS\Fonts
2008-09-22 09:35:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-19 06:48:43 ----D---- C:\WINDOWS\system32\Macromed
2008-09-17 12:14:38 ----D---- C:\WINDOWS\system32\wbem
2008-09-16 15:13:23 ----SHD---- C:\RECYCLER
2008-09-16 15:10:47 ----A---- C:\WINDOWS\OEWABLog.txt
2008-09-16 15:08:58 ----A---- C:\WINDOWS\ODBC.INI
2008-09-16 15:08:29 ----D---- C:\Program Files\Java
2008-09-16 14:37:00 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-16 14:32:37 ----D---- C:\Program Files\Messenger
2008-09-16 13:13:28 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-16 12:25:44 ----D---- C:\Program Files\Symantec
2008-08-20 01:33:20 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 01:33:19 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 01:33:19 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 01:33:19 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-08-20 01:33:19 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-20 01:33:19 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-20 01:33:19 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-20 01:33:19 ----A---- C:\WINDOWS\system32\browseui.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\inseng.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-20 01:33:18 ----A---- C:\WINDOWS\system32\danim.dll
2008-08-20 01:33:17 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-08-19 05:20:32 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-14 05:58:27 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 05:22:14 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-08-07 195776]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-09-25 21425]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2007-02-17 132608]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 catchme;catchme; \??\C:\DOCUME~1\A-02843\LOCALS~1\Temp\catchme.sys []
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [2007-02-23 56576]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-02 989696]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-11-02 209152]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-16 5707744]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081021.003\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081021.003\navex15.sys []
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-02-25 2203520]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-02-19 1228296]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-08-07 24768]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-02 730112]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-20 611664]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-07-19 192160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-07-19 169632]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-09-27 31472]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2007-02-20 475136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
R2 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-09-27 116464]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [2007-02-19 90112]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-09-27 1813232]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-02-21 294912]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S2 uoteuyihau;BsHelpCS; C:\WINDOWS\system32\dassi.exe [2008-10-16 231424]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-02 2528960]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-08-07 214720]
S3 SPBBCSvc;SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-10-22 11:21:37
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
Citrix Presentation Server Client - Web Only-->MsiExec.exe /X{E9459BCF-0982-498B-ABA7-26C34323493F}
Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000f5.inf
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Touchpad-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Highlight Viewer (Windows Live Toolbar)-->MsiExec.exe /X{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB896344)-->"C:\WINDOWS\$NtUninstallKB896344$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP LaserJet M2727 MFP Series 5.0-->C:\Program Files\HP\Digital Imaging\{3A915D43-FD4F-4e4f-BEF7-B75C160B0236}\setup\hpzscr01.exe -datfile hppscr07.dat -onestop -forcereboot
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
Logitech® Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Map Button (Windows Live Toolbar)-->MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
OZ776 SCR Driver V1.1.3.9-->C:\Program Files\InstallShield Installation Information\{343D8DE3-AE1F-431A-830C-B66352E8CA12}\setup.exe -runfromtemp -l0x0409
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x9 -cluninstall
QuickSet-->C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe -runfromtemp -l0x0009 APPDRVNT4 -removeonly
Registry Mechanic 8.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log
Remote Desktop Connection-->MsiExec.exe /X{35D027A4-57BA-4E59-94DB-DFB36FFFDC1E}
Security Status-->MsiExec.exe /I{FE9BA992-FCAE-49E7-97F4-EF9D97DB67A3}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Player (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows Media Player 9 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Security Update for Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Security Update for Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Security Update for Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Security Update for Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Security Update for Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Security Update for Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Security Update for Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Security Update for Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Security Update for Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Security Update for Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Security Update for Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Security Update for Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Security Update for Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Security Update for Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Security Update for Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
Symantec AntiVirus-->MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83}
Update for Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update for Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update for Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update for Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update for Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update for Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update for Windows XP (KB920342)-->"C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update for Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update for Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update for Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update for Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Update for Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update for Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Favorites for Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Toolbar Extension (Windows Live Toolbar)-->MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar-->MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows XP Hotfix - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP Hotfix - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
=====HijackThis Backups=====
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
======Hosts File======
127.0.0.1 localhost
======Security center information======
AV: Symantec AntiVirus Corporate Edition
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------