Don't know what happened. Wife's daughter used my computer during a visit a few days ago. 1st time ever, for over 7 years, as I have been the only user. Long story short, downloaded Adaware & ran it. No help, but it did detect a few things. Next Spybot, a few more things. Then Windows One on demand for a scan, it cleaned a few more things. I'm using AVG pro. I don't know if it's all better or not, as I'm using my wife's computer to post this, as I disconnected mine from the router. Following find the RSIT files. Could someone please advise me, as many of the items in the log I am not familiar with?
Logfile of random's system information tool 1.05 (written by random/random)
Run by Sabo King at 2009-02-08 12:22:59
Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (27%) free of 25 GB
Total RAM: 3326 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23, on 2/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\bgsvcgen.exe
D:\Ahead\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Ahead\Nero 7\InCD\InCD.exe
D:\Western Digital Technologies\NetCenter EasyLink\WDEzLink.exe
C:\WINDOWS\StartupMonitor.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\System32\svchost.exe
d:\AVG\AVG8\avgtray.exe
d:\AVG\AVG8\avgwdsvc.exe
d:\AVG\AVG8\avgam.exe
d:\AVG\AVG8\avgrsx.exe
d:\AVG\AVG8\avgnsx.exe
d:\AVG\AVG8\avgemc.exe
d:\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Sabo King\Desktop\RSIT.exe
D:\Trend Micro\HijackThis\Sabo King.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: {09a26188-e8dc-a288-4c14-a7f57c59f1b1} - {1b1f95c7-5f7a-41c4-882a-cd8e88162a90} - C:\WINDOWS\system32\ktfifs.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - d:\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {85A64AB0-5867-48EC-BFAB-F86757B603D6} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - d:\AVG\AVG8\avgtoolbar.dll
O2 - BHO: (no name) - {D6CD6DF3-3E13-4EC1-8C10-B5379A4A991B} - C:\WINDOWS\system32\ljJARJBs.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - d:\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Ahead\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WD NetCenter EasyLink] D:\Western Digital Technologies\NetCenter EasyLink\WDEzLink.exe -s
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [AVG8_TRAY] d:\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Shortcut to portforward50779.lnk = C:\portforward50779.bat
O4 - Global Startup: Giganews Accelerator.lnk = C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6662.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 4058717328
O17 - HKLM\System\CCS\Services\Tcpip\..\{90201790-118C-4485-A7FB-D17F7501F430}: NameServer = 192.168.0.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - d:\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: ktfifs.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: efcYPGyx - efcYPGyx.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - d:\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - d:\AVG\AVG8\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Ahead\Nero 7\InCD\InCDsrv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 7200 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b1f95c7-5f7a-41c4-882a-cd8e88162a90}]
C:\WINDOWS\system32\ktfifs.dll [2009-02-07 102912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - d:\AVG\AVG8\avgssie.dll [2009-02-07 1078552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85A64AB0-5867-48EC-BFAB-F86757B603D6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - d:\AVG\AVG8\avgtoolbar.dll [2009-02-07 1968920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6CD6DF3-3E13-4EC1-8C10-B5379A4A991B}]
C:\WINDOWS\system32\ljJARJBs.dll [2009-02-07 236032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - d:\AVG\AVG8\avgtoolbar.dll [2009-02-07 1968920]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-09-29 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-03 16841216]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-09-14 2595480]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-09-14 905056]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-09-14 140568]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=D:\Ahead\Nero 7\InCD\InCD.exe [2006-07-25 1043968]
"Adobe Reader Speed Launcher"=D:\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"WD NetCenter EasyLink"=D:\Western Digital Technologies\NetCenter EasyLink\WDEzLink.exe [2005-10-12 1060864]
"Run StartupMonitor"=C:\WINDOWS\StartupMonitor.exe [2000-05-20 86016]
"AVG8_TRAY"=d:\AVG\AVG8\avgtray.exe [2009-02-07 1601304]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-02-07 509784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-07-31 139264]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Giganews Accelerator.lnk - C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe
C:\Documents and Settings\Sabo King\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
Shortcut to portforward50779.lnk - C:\portforward50779.bat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="ktfifs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-02-07 10520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcYPGyx]
efcYPGyx.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"=C:\Program Files\Qualcomm\Eudora\EuShlExt.dll [2005-08-09 86016]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
C:\WINDOWS\system32\ljJARJBs
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\AVG\AVG8\avgam.exe"="D:\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"D:\AVG\AVG8\avgemc.exe"="D:\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"D:\AVG\AVG8\avgupd.exe"="D:\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"D:\AVG\AVG8\avgnsx.exe"="D:\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-02-08 12:22:59 ----D---- C:\rsit
2009-02-07 23:29:02 ----D---- C:\WINDOWS\ERDNT
2009-02-07 23:29:02 ----D---- C:\Qoobox
2009-02-07 23:29:02 ----D---- C:\ComboFix
2009-02-07 23:02:56 ----ASH---- C:\WINDOWS\system32\sBJRAJjl.ini2
2009-02-07 19:41:44 ----D---- C:\Program Files\Windows Live Safety Center
2009-02-07 19:11:39 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-02-07 19:11:39 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-07 19:01:57 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-02-07 18:55:57 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-07 18:55:49 ----D---- C:\Program Files\Lavasoft
2009-02-07 18:55:49 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-07 16:40:22 ----A---- C:\WINDOWS\system32\ktfifs.dll
2009-02-07 16:39:54 ----ASH---- C:\WINDOWS\system32\sBJRAJjl.ini
2009-02-07 16:39:52 ----A---- C:\WINDOWS\system32\ljJARJBs.dll
2009-02-07 16:39:42 ----HD---- C:\$AVG8.VAULT$
2009-02-07 16:37:28 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-02-07 16:37:19 ----D---- C:\Documents and Settings\Sabo King\Application Data\AVGTOOLBAR
2009-02-07 16:37:11 ----D---- C:\Program Files\AVG
2009-02-07 16:37:11 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-01-31 23:33:46 ----A---- C:\WINDOWS\system32\AC2005DLL.dll
2009-01-31 23:33:39 ----D---- C:\Program Files\DIFX
2009-01-27 16:19:08 ----D---- C:\Documents and Settings\Sabo King\Application Data\OpenOffice.org
2009-01-27 16:18:15 ----D---- C:\Program Files\OpenOffice.org 3
2009-01-23 20:44:19 ----A---- C:\WINDOWS\system32\GenSvcInst.exe
2009-01-23 20:44:19 ----A---- C:\WINDOWS\system32\bgsvcgen.exe
2009-01-18 16:47:39 ----A---- C:\WINDOWS\system32\CNMVS3k.DLL
2009-01-18 16:47:39 ----A---- C:\WINDOWS\system32\CNMLM3k.DLL
2009-01-18 16:47:37 ----A---- C:\WINDOWS\system32\CNMCP3k.exe
2009-01-18 16:47:36 ----HD---- C:\BJPrinter
2009-01-17 22:30:38 ----A---- C:\GSpot.exe
2009-01-17 14:09:24 ----A---- C:\Steve.txt
2009-01-17 10:59:02 ----A---- C:\portforward50779.bat
2009-01-15 21:46:57 ----D---- C:\Program Files\Adobe
2009-01-15 21:46:51 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-15 21:46:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-15 21:46:27 ----D---- C:\Program Files\Common Files\Adobe
2009-01-15 03:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-01-15 03:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-01-14 22:05:05 ----D---- C:\Documents and Settings\Sabo King\Application Data\LEAPS
2009-01-14 22:02:58 ----D---- C:\Documents and Settings\Sabo King\Application Data\Pegasys Inc
2009-01-14 21:48:38 ----D---- C:\WINDOWS\system32\appmgmt
2009-01-13 22:51:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-13 22:46:27 ----A---- C:\WINDOWS\NeroDigital.ini
2009-01-13 22:41:51 ----N---- C:\WINDOWS\UNNeroSipps.exe
2009-01-13 22:41:04 ----D---- C:\Documents and Settings\Sabo King\Application Data\Ahead
2009-01-13 22:40:02 ----D---- C:\Program Files\Common Files\Ahead
2009-01-13 22:39:38 ----D---- C:\WINDOWS\RegisteredPackages
2009-01-13 22:24:43 ----D---- C:\Documents and Settings\Sabo King\Application Data\DivX
2009-01-13 22:22:45 ----A---- C:\WINDOWS\system32\pxinsi64.exe
2009-01-13 22:22:45 ----A---- C:\WINDOWS\system32\pxinsa64.exe
2009-01-13 22:22:45 ----A---- C:\WINDOWS\system32\pxcpyi64.exe
2009-01-13 22:22:45 ----A---- C:\WINDOWS\system32\pxcpya64.exe
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\vxblock.dll
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\pxwave.dll
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\pxsfs.dll
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\pxmas.dll
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\pxdrv.dll
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\pxafs.dll
2009-01-13 22:22:44 ----A---- C:\WINDOWS\system32\px.dll
2009-01-13 22:22:31 ----D---- C:\Program Files\DivX
2009-01-13 22:21:38 ----D---- C:\Documents and Settings\Sabo King\Application Data\WinRAR
2009-01-13 22:19:53 ----D---- C:\Program Files\WinRAR
2009-01-13 22:15:47 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-01-13 22:15:45 ----D---- C:\Program Files\WinZip
2009-01-13 21:55:44 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-01-13 21:55:44 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-01-12 22:33:38 ----D---- C:\WINDOWS\system32\NtmsData
2009-01-10 22:25:37 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-09 22:22:24 ----A---- C:\upnperr.txt
2009-01-09 22:21:49 ----A---- C:\BaUPnP.exe
2009-01-09 20:43:02 ----D---- C:\Documents and Settings\Sabo King\Application Data\uTorrent
======List of files/folders modified in the last 1 months======
2009-02-08 12:22:57 ----D---- C:\WINDOWS\Prefetch
2009-02-08 12:22:24 ----D---- C:\WINDOWS\Temp
2009-02-08 12:17:32 ----D---- C:\Program Files\Mozilla Firefox
2009-02-08 12:16:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-08 12:16:49 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-08 12:16:09 ----D---- C:\WINDOWS\system32\drivers
2009-02-08 12:14:21 ----D---- C:\WINDOWS
2009-02-07 23:40:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-07 23:33:04 ----D---- C:\WINDOWS\system32
2009-02-07 22:35:37 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-07 22:33:46 ----HD---- C:\WINDOWS\inf
2009-02-07 21:05:22 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-07 19:41:44 ----RD---- C:\Program Files
2009-02-07 19:25:42 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-07 19:24:33 ----SD---- C:\WINDOWS\Tasks
2009-02-07 18:57:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-07 18:55:56 ----SHD---- C:\WINDOWS\Installer
2009-02-07 18:55:42 ----D---- C:\WINDOWS\WinSxS
2009-02-07 16:45:12 ----D---- C:\Program Files\Mozilla Thunderbird
2009-02-07 16:30:36 ----SD---- C:\Documents and Settings\Sabo King\Application Data\Microsoft
2009-01-31 23:33:53 ----D---- C:\Program Files\U-ABIT
2009-01-31 23:33:46 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-27 16:18:48 ----RSD---- C:\WINDOWS\assembly
2009-01-27 16:18:24 ----RSD---- C:\WINDOWS\Fonts
2009-01-18 16:59:42 ----D---- C:\Documents and Settings\Sabo King\Application Data\Adobe
2009-01-18 13:54:05 ----D---- C:\Documents and Settings\Sabo King\Application Data\U3
2009-01-15 21:46:51 ----D---- C:\Program Files\Common Files
2009-01-15 03:00:34 ----A---- C:\WINDOWS\imsins.BAK
2009-01-13 22:51:23 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-13 22:42:23 ----D---- C:\WINDOWS\security
2009-01-13 22:39:54 ----D---- C:\Program Files\Windows Media Player
2009-01-09 20:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-02-08 325128]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-02-07 27656]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-02-07 107272]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2009-01-23 13567]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-07-25 31488]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-07-25 33792]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-01-02 44384]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2006-09-29 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-05 4611072]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-09-30 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-07-25 102912]
S3 ABIT-IO;ABIT-IO; \??\C:\Program Files\U-ABIT\abitEQ\ABIT-IO.sys []
S3 Memctl;Memctl; \??\C:\Program Files\U-ABIT\FlashMenu\Memctl.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-09-14 427288]
R2 avg8emc;AVG8 E-mail Scanner; d:\AVG\AVG8\avgemc.exe [2009-02-07 903960]
R2 avg8wd;AVG8 WatchDog; d:\AVG\AVG8\avgwdsvc.exe [2009-02-07 298264]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2009-01-23 145504]
R2 InCDsrv;InCD Helper; D:\Ahead\Nero 7\InCD\InCDsrv.exe [2006-07-25 849408]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-02-07 950096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-09-14 492600]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-02-08 12:23:12
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->D:\Ahead\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"d:\7-Zip\Uninstall.exe"
abitEQ V2.0.0.0-->C:\Program Files\InstallShield Installation Information\{A3DB6885-DDFA-442A-A2C2-EC1842CA4953}\setup.exe -runfromtemp -l0x0009 -removeonly
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Acronis True Image Home-->MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
AVG 8.0-->d:\AVG\AVG8\setup.exe /UNINSTALL
Canon S820-->C:\WINDOWS\system32\CNMCP3k.exe "-PRINTERNAMECanon S820" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon S820 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon S820 Installer\Inst2\cnmi0409.dll"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Eudora-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4FC1645F-F2D5-438D-90CB-01154828BECD}\setup.exe" -l0x9
FlashMenu-->C:\Program Files\InstallShield Installation Information\{047E5F60-5357-43FB-A080-1912EB0132A4}\setup.exe -runfromtemp -l0x0009 -removeonly
Giganews Accelerator-->MsiExec.exe /I{E7300AF3-DD5B-4E86-A291-7631BE0C62C7}
HijackThis 2.0.2-->"d:\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.19)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero 7 Premium-->MsiExec.exe /I{11439F51-B8D2-4736-9CDF-8889FEBE1033}
Nero Sipps-->C:\WINDOWS\UNNeroSipps.exe /UNINSTALL
NetCenter EasyLink-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA7B0159-CEA4-4BD2-BA71-CDEE6A08A183}\setup.exe" -l0x9 -removeonly
NewsBin for Giganews-->C:\Program Files\NewsBinGN\uninst.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{92B79901-C57D-409F-8D2F-4E5337383569}
QuickPar 0.9-->d:\QuickPar\uninst.exe
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StartupMonitor-->MsiExec.exe /I{76EFAC4F-1712-401F-B2AE-590B170C9BCE}
TMPGEnc 4.0 XPress-->MsiExec.exe /I{485C28E6-7E8C-40E4-BCFE-6E85B1F46D7A}
TMPGEnc Authoring Works 4-->MsiExec.exe /I{7448C481-9F9D-4F4F-88DB-FA5C5EA2E800}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VobSub v2.23 (Remove Only)-->"d:\Gabest\VobSub\uninstall.exe"
Windows Driver Package - ABIT (UGURU) System (3.0.2005.531 )-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\uguru_347F83755F38F1570B602823E659DC5335F5A948\uguru.inf
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WinZip 11.2-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}
Xvid 1.2.1 final uninstall-->"d:\Xvid\unins000.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AVG Anti-Virus
System event log
Computer Name: SAYANG1
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.
Record Number: 1285
Source Name: Disk
Time Written: 20090117144257.000000-300
Event Type: warning
User:
Computer Name: SAYANG1
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.
Record Number: 1284
Source Name: Disk
Time Written: 20090117144257.000000-300
Event Type: warning
User:
Computer Name: SAYANG1
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.
Record Number: 1283
Source Name: Disk
Time Written: 20090117144257.000000-300
Event Type: warning
User:
Computer Name: SAYANG1
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.
Record Number: 1282
Source Name: Disk
Time Written: 20090117144231.000000-300
Event Type: warning
User:
Computer Name: SAYANG1
Event Code: 51
Message: An error was detected on device \Device\Harddisk1\D during a paging operation.
Record Number: 1281
Source Name: Disk
Time Written: 20090117144159.000000-300
Event Type: warning
User:
Application event log
Computer Name: SAYANG1
Event Code: 1000
Message: Performance counters for the MSDTC (MSDTC) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.
Record Number: 5
Source Name: LoadPerf
Time Written: 20080516090335.000000-240
Event Type: information
User:
Computer Name: SAYANG1
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.
Record Number: 4
Source Name: LoadPerf
Time Written: 20080516090332.000000-240
Event Type: information
User:
Computer Name: SAYANG1
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.
Record Number: 3
Source Name: LoadPerf
Time Written: 20080516090243.000000-240
Event Type: information
User:
Computer Name: SAYANG1
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.
Record Number: 2
Source Name: LoadPerf
Time Written: 20080516090227.000000-240
Event Type: information
User:
Computer Name: SAYANG1
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.
Record Number: 1
Source Name: LoadPerf
Time Written: 20080516090216.000000-240
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------