Logfile of random's system information tool 1.04 (written by random/random)
Run by bob at 2008-11-08 01:18:47
Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (70%) free of 38 GB
Total RAM: 1023 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:18:55 AM, on 11/8/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Documents and Settings\bob\Application Data\Facegame\Facegame.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\bob\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\bob.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://msn.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {1DE7301A-9114-4C3A-88FE-25B3393A2EDD} - C:\WINDOWS\system32\ssqNDVOE.dll
O2 - BHO: (no name) - {3EC9496F-8752-49CF-BC8A-E258C8286DAE} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {55A326C9-A153-486A-AB09-475C368EC82D} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {D7C7EC17-545F-4859-835C-7EE1BA9B6881} - C:\WINDOWS\system32\byXOiiFY.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {DF0657C8-C1C8-482A-AEAB-81B65FA549B8} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [Facegame] "C:\Documents and Settings\bob\Application Data\Facegame\Facegame.exe" 61A847B5BBF72813329B385772FF01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: rvaukj.dll saiwnz.dll ablrbv.dll wcrdjx.dll
O20 - Winlogon Notify: ssqNDVOE - C:\WINDOWS\SYSTEM32\ssqNDVOE.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
--
End of file - 5129 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DE7301A-9114-4C3A-88FE-25B3393A2EDD}]
C:\WINDOWS\system32\ssqNDVOE.dll [2008-11-02 33280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3EC9496F-8752-49CF-BC8A-E258C8286DAE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55A326C9-A153-486A-AB09-475C368EC82D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-31 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7C7EC17-545F-4859-835C-7EE1BA9B6881}]
C:\WINDOWS\system32\byXOiiFY.dll [2008-11-02 282112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-31 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF0657C8-C1C8-482A-AEAB-81B65FA549B8}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facegame"=C:\Documents and Settings\bob\Application Data\Facegame\Facegame.exe [2008-11-02 56832]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ExploreUpdSched]
C:\WINDOWS\system32\lcntmtdl.exe [2008-11-02 548928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ghfrxusueg]
C:\WINDOWS\System32\regsvr32.exe [2008-04-13 11776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Host Process]
C:\WINDOWS\Fonts\svchost.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X5100 Series]
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe [2003-03-04 86100]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-10-31 136600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{D8-8D-D0-07-DW}]
C:\windows\system32\rkwnw64s.exe [2008-11-02 200724]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"cmdService"=2
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="rvaukj.dll saiwnz.dll ablrbv.dll wcrdjx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-09-29 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqNDVOE]
C:\WINDOWS\system32\ssqNDVOE.dll [2008-11-02 33280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
"{1DE7301A-9114-4C3A-88FE-25B3393A2EDD}"=C:\WINDOWS\system32\ssqNDVOE.dll [2008-11-02 33280]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\byXOiiFY
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2008-11-08 01:17:07 ----SH---- C:\WINDOWS\system32\wqsapwpo.ini
2008-11-08 01:16:57 ----A---- C:\WINDOWS\system32\opwpasqw.dll
2008-11-08 01:16:48 ----A---- C:\WINDOWS\system32\wcrdjx.dll
2008-11-08 01:16:38 ----A---- C:\WINDOWS\system32\sgpcrcdr.dll
2008-11-07 05:41:26 ----D---- C:\rsit
2008-11-07 05:33:55 ----AH---- C:\aaw7boot.cmd
2008-11-06 21:31:26 ----D---- C:\Program Files\Lavasoft
2008-11-06 21:31:25 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-06 21:30:39 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-06 20:49:37 ----A---- C:\WINDOWS\system32\ablrbv.dll
2008-11-06 20:49:18 ----A---- C:\WINDOWS\system32\hkykrrau.dll
2008-11-06 20:46:28 ----SH---- C:\WINDOWS\system32\gwerowpf.ini
2008-11-06 20:46:21 ----A---- C:\WINDOWS\system32\fpworewg.dll
2008-11-05 19:21:13 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-05 19:17:30 ----D---- C:\Program Files\Windows Media Connect 2
2008-11-05 19:16:35 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-11-05 17:42:50 ----D---- C:\Documents and Settings\bob\Application Data\Mozilla
2008-11-05 17:16:42 ----SH---- C:\WINDOWS\system32\eqpcmoqn.ini
2008-11-05 17:16:27 ----A---- C:\WINDOWS\system32\nqomcpqe.dll
2008-11-05 17:13:21 ----A---- C:\WINDOWS\system32\saiwnz.dll
2008-11-05 17:13:18 ----A---- C:\WINDOWS\system32\tboolqqh.dll
2008-11-04 22:07:47 ----D---- C:\Program Files\Trend Micro
2008-11-04 21:57:18 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-11-04 21:57:18 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-11-04 21:57:18 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-11-04 21:57:18 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-11-04 21:57:00 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-11-04 21:56:59 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-11-04 21:49:55 ----A---- C:\WINDOWS\system32\mcrh.tmp
2008-11-04 21:45:18 ----D---- C:\Program Files\Mozilla Firefox
2008-11-03 21:57:42 ----SH---- C:\WINDOWS\system32\gdbochfv.ini
2008-11-03 21:57:36 ----A---- C:\WINDOWS\system32\vfhcobdg.dll
2008-11-03 21:57:23 ----A---- C:\WINDOWS\system32\rvaukj.dll
2008-11-03 21:57:20 ----A---- C:\WINDOWS\system32\cvfkjign.dll
2008-11-03 19:02:48 ----A---- C:\WINDOWS\wininit.ini
2008-11-03 18:59:20 ----D---- C:\WINDOWS\fiii
2008-11-03 18:41:59 ----D---- C:\Documents and Settings\bob\Application Data\Gool
2008-11-03 18:36:47 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-03 18:36:47 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-02 21:06:32 ----D---- C:\WINDOWS\Sun
2008-11-02 21:01:33 ----D---- C:\Documents and Settings\bob\Application Data\Macromedia
2008-11-02 20:59:30 ----A---- C:\WINDOWS\system32\gomejg.dll
2008-11-02 20:59:20 ----A---- C:\WINDOWS\system32\ctjvfgim.dll
2008-11-02 20:55:44 ----SH---- C:\WINDOWS\system32\jdkhpwaq.ini
2008-11-02 20:52:59 ----A---- C:\WINDOWS\system32\rkwnw64s.exe
2008-11-02 20:25:50 ----A---- C:\WINDOWS\system32\rhwkbn(2).dll
2008-11-02 18:38:29 ----A---- C:\Documents and Settings\All Users\Application Data\xml81.tmp
2008-11-02 18:38:26 ----A---- C:\Documents and Settings\All Users\Application Data\xml80.tmp
2008-11-02 18:38:18 ----A---- C:\Documents and Settings\All Users\Application Data\xml7F.tmp
2008-11-02 18:30:21 ----A---- C:\WINDOWS\system32\bbee49d6-.txt
2008-11-02 18:29:20 ----ASH---- C:\WINDOWS\system32\YFiiOXyb.ini2
2008-11-02 18:29:19 ----ASH---- C:\WINDOWS\system32\YFiiOXyb.ini
2008-11-02 18:28:50 ----A---- C:\WINDOWS\system32\byXOiiFY.dll
2008-11-02 18:27:02 ----A---- C:\WINDOWS\system32\vbzip10.dll
2008-11-02 18:26:33 ----SHD---- C:\WINDOWS\QnJlbmRhIElydmluZw
2008-11-02 18:25:49 ----A---- C:\WINDOWS\system32\lcntmtdl.exe
2008-11-02 18:25:24 ----D---- C:\Documents and Settings\bob\Application Data\Facegame
2008-11-02 18:25:21 ----A---- C:\WINDOWS\system32\g6.exe
2008-11-02 18:24:59 ----D---- C:\WINDOWS\system32\vb
2008-11-02 18:24:59 ----D---- C:\WINDOWS\system32\OT2
2008-11-02 18:24:59 ----D---- C:\WINDOWS\system32\im
2008-11-02 18:24:59 ----D---- C:\WINDOWS\system32\FPX
2008-11-02 18:24:21 ----D---- C:\WINDOWS\system32\QI02
2008-11-02 18:24:21 ----D---- C:\Temp
2008-11-02 18:23:35 ----A---- C:\WINDOWS\system32\ssqNDVOE.dll
2008-11-02 18:23:35 ----A---- C:\WINDOWS\system32\fccbXooo.dll
2008-11-02 18:03:39 ----D---- C:\Program Files\iPod
2008-11-02 18:03:34 ----D---- C:\Program Files\iTunes
2008-11-02 18:03:34 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-02 18:02:39 ----D---- C:\Program Files\Bonjour
2008-11-02 18:01:19 ----D---- C:\Program Files\QuickTime
2008-10-31 17:11:18 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-10-31 17:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-31 17:03:28 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-31 16:52:10 ----D---- C:\Documents and Settings\bob\Application Data\LimeWire
2008-10-31 16:51:36 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-31 16:51:36 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-31 16:51:36 ----A---- C:\WINDOWS\system32\java.exe
2008-10-31 16:51:36 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-10-31 16:50:53 ----D---- C:\Program Files\Java
2008-10-31 16:45:39 ----D---- C:\Documents and Settings\bob\Application Data\Sun
2008-10-31 16:41:41 ----D---- C:\Program Files\LimeWire
2008-10-31 16:12:00 ----A---- C:\Documents and Settings\All Users\Application Data\xml4.tmp
2008-10-31 16:12:00 ----A---- C:\Documents and Settings\All Users\Application Data\xml3.tmp
2008-10-31 16:12:00 ----A---- C:\Documents and Settings\All Users\Application Data\xml2.tmp
2008-10-31 16:12:00 ----A---- C:\Documents and Settings\All Users\Application Data\xml1.tmp
2008-10-31 16:10:15 ----D---- C:\Documents and Settings\bob\Application Data\Windows Search
2008-10-30 13:01:53 ----A---- C:\WINDOWS\RtlRack.ini
2008-10-30 12:11:00 ----D---- C:\Documents and Settings\bob\Application Data\Windows Desktop Search
2008-10-30 12:10:36 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-10-30 12:10:36 ----D---- C:\Program Files\Windows Desktop Search
2008-10-30 12:10:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2008-10-30 12:10:14 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-10-30 12:04:42 ----RSD---- C:\WINDOWS\assembly
2008-10-30 12:04:42 ----D---- C:\WINDOWS\Microsoft.NET
2008-10-30 12:04:39 ----D---- C:\WINDOWS\system32\URTTemp
2008-10-30 11:52:38 ----D---- C:\WINDOWS\ie7updates
2008-10-30 11:23:49 ----D---- C:\WINDOWS\Prefetch
2008-10-30 11:21:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-30 11:20:56 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-30 11:20:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-30 11:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-30 11:20:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-30 11:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-30 11:20:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-30 11:20:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-30 11:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-30 11:20:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-30 11:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-30 11:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-30 11:19:57 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-30 11:19:53 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-30 11:14:50 ----D---- C:\WINDOWS\system32\scripting
2008-10-30 11:14:50 ----D---- C:\WINDOWS\l2schemas
2008-10-30 11:14:49 ----D---- C:\WINDOWS\system32\en
2008-10-30 11:14:49 ----D---- C:\WINDOWS\system32\bits
2008-10-30 11:12:41 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-30 11:09:15 ----D---- C:\WINDOWS\network diagnostic
2008-10-30 11:02:31 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-30 10:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-30 10:30:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-30 10:30:00 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-30 10:29:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-10-30 10:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-30 10:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-30 10:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-30 10:28:49 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-30 10:28:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-10-30 10:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-10-30 10:28:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-10-30 10:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-30 10:28:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-10-30 10:28:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-10-30 10:28:02 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-10-30 10:27:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-10-30 10:27:52 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-10-30 10:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-10-30 10:27:26 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-10-30 10:27:06 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-10-30 10:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-10-30 10:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-10-30 10:26:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-10-30 10:26:35 ----D---- C:\WINDOWS\WBEM
2008-10-30 10:26:34 ----D---- C:\WINDOWS\system32\en-US
2008-10-30 10:25:10 ----HDC---- C:\WINDOWS\ie7
2008-10-30 10:25:02 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-10-30 10:24:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-10-30 10:24:39 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-30 10:24:39 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-10-30 10:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-10-30 10:14:12 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-10-30 10:09:08 ----D---- C:\WINDOWS\system32\PreInstall
2008-10-30 10:09:06 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-10-30 09:14:14 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-30 09:14:11 ----A---- C:\WINDOWS\avrack.ini
2008-10-30 09:13:55 ----D---- C:\Program Files\Realtek AC97
2008-10-30 08:44:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution
======List of files/folders modified in the last 1 months======
2008-11-08 01:17:31 ----D---- C:\WINDOWS\system32
2008-11-08 01:15:51 ----D---- C:\WINDOWS
2008-11-08 01:15:46 ----D---- C:\WINDOWS\Temp
2008-11-08 00:27:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-07 05:33:54 ----RSD---- C:\WINDOWS\Fonts
2008-11-06 21:32:43 ----SHD---- C:\WINDOWS\Installer
2008-11-06 21:31:26 ----RD---- C:\Program Files
2008-11-06 21:31:26 ----D---- C:\WINDOWS\system32\drivers
2008-11-06 21:30:39 ----D---- C:\Program Files\Common Files
2008-11-06 21:04:06 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-05 19:44:31 ----HD---- C:\WINDOWS\inf
2008-11-05 19:22:25 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-05 19:17:24 ----D---- C:\Program Files\Windows Media Player
2008-11-05 19:17:00 ----D---- C:\WINDOWS\Help
2008-11-05 19:16:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-04 07:12:32 ----SD---- C:\Documents and Settings\bob\Application Data\Microsoft
2008-11-03 20:36:32 ----SH---- C:\boot.ini
2008-11-03 20:36:32 ----A---- C:\WINDOWS\win.ini
2008-11-03 20:36:32 ----A---- C:\WINDOWS\system.ini
2008-11-03 20:36:20 ----D---- C:\WINDOWS\pss
2008-11-02 20:49:08 ----D---- C:\WINDOWS\system32\config
2008-11-02 20:48:55 ----D---- C:\WINDOWS\system32\wbem
2008-11-02 20:48:53 ----D---- C:\WINDOWS\Registration
2008-11-02 20:47:10 ----D---- C:\WINDOWS\system32\Restore
2008-11-02 18:04:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-02 18:01:34 ----D---- C:\Program Files\Common Files\Apple
2008-11-02 17:57:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-31 17:11:24 ----A---- C:\WINDOWS\imsins.BAK
2008-10-31 17:08:36 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-31 16:27:05 ----D---- C:\Program Files\Apple Software Update
2008-10-31 16:24:58 ----SD---- C:\WINDOWS\Tasks
2008-10-30 12:50:10 ----D---- C:\WINDOWS\WinSxS
2008-10-30 12:49:06 ----D---- C:\Program Files\Internet Explorer
2008-10-30 12:10:44 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-30 11:24:47 ----A---- C:\WINDOWS\OEWABLog.txt
2008-10-30 11:24:07 ----A---- C:\WINDOWS\setuplog.txt
2008-10-30 11:23:07 ----D---- C:\WINDOWS\system32\Setup
2008-10-30 11:23:07 ----D---- C:\WINDOWS\AppPatch
2008-10-30 11:19:58 ----D---- C:\Program Files\Messenger
2008-10-30 11:19:30 ----D---- C:\WINDOWS\security
2008-10-30 11:15:09 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-30 11:15:08 ----D---- C:\WINDOWS\ime
2008-10-30 11:14:51 ----D---- C:\WINDOWS\system32\usmt
2008-10-30 11:14:49 ----D---- C:\WINDOWS\PeerNet
2008-10-30 11:14:49 ----D---- C:\Program Files\Movie Maker
2008-10-30 11:12:25 ----D---- C:\WINDOWS\system32\npp
2008-10-30 11:12:25 ----D---- C:\WINDOWS\mui
2008-10-30 11:12:23 ----D---- C:\WINDOWS\msagent
2008-10-30 11:12:22 ----D---- C:\WINDOWS\srchasst
2008-10-30 11:12:21 ----D---- C:\Program Files\NetMeeting
2008-10-30 11:12:19 ----D---- C:\WINDOWS\system32\Com
2008-10-30 11:12:16 ----D---- C:\Program Files\Windows NT
2008-10-30 11:12:16 ----D---- C:\Program Files\Outlook Express
2008-10-30 11:12:11 ----D---- C:\Program Files\Common Files\System
2008-10-30 11:11:43 ----D---- C:\WINDOWS\system32\oobe
2008-10-30 11:11:41 ----D---- C:\WINDOWS\system
2008-10-30 11:02:30 ----D---- C:\WINDOWS\ehome
2008-10-30 10:40:52 ----D---- C:\WINDOWS\Debug
2008-10-30 10:39:46 ----D---- C:\Program Files\ATI Technologies
2008-10-30 10:26:27 ----D---- C:\WINDOWS\Media
2008-10-30 09:50:57 ----D---- C:\WINDOWS\SoftwareDistribution
2008-10-30 09:14:11 ----D---- C:\Program Files\AvRack
2008-10-15 10:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-13 225664]
R1 tosdvdd;tosdvdd; C:\WINDOWS\System32\drivers\tosdvdd.sys [2008-11-02 86144]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-09-29 2456064]
R3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcm42xx5.sys [2001-08-17 54271]
R3 BCMModem;BCM V.90 56K Modem; C:\WINDOWS\system32\DRIVERS\BCMDM.sys [2001-08-17 871388]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 RTL8023;NETGEAR GA311 Gigabit Adapter NDIS Driver; C:\WINDOWS\system32\DRIVERS\GA311ND5.SYS [2006-10-30 67456]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\nvmfdx32.sys [2007-01-15 1032104]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\Sandra.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-09-29 483328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-31 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-28 303104]
R2 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe [2008-04-23 98488]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-26 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-11-08 01:18:58
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{4468EF97-A253-4699-9E1C-88CAE2C6832D}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\setup.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Lexmark X5100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBAUN5C.EXE -dLexmark X5100 Series
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SiSoftware Sandra Lite XII.SP2c-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Test My Hardware 2.4-->"C:\Program Files\Test My Hardware\unins000.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
WildBlue Optimizer Ver 2008-05-01-->"C:\Program Files\WildBlue\unins000.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
======Hosts File======
127.0.0.1
www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com127.0.0.1 008k.com
127.0.0.1
www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com127.0.0.1 032439.com
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SAN_DIR"=C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------