info.txt logfile of random's system information tool 1.05 2008-12-29 00:58:41 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Bandwidth Monitor Pro-->C:\WINDOWS\unvise32.exe C:\Program Files\Bandwidth Monitor Pro\uninstal.log EVEREST Corporate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Corporate Edition\unins000.exe" Everything 1.1.4.301-->C:\Program Files\Everything\Uninstall.exe FlashGet(JetCar)-->C:\PROGRA~1\FLASHGET\UNWISE.EXE C:\PROGRA~1\FLASHGET\INSTALL.LOG FLVhosting Desktop FLV Player Ver 2.00-->"C:\Program Files\FLVHosting\Desktop FLV Player 2.00\unins000.exe" foobar2000 v0.9.5.4-->"C:\Program Files\foobar2000\uninstall.exe" Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe HijackThis 2.0.2-->"C:\Documents and Settings\Administrator.TYRANT.000\Desktop\whatever thing\HijackThis.exe" /uninstall IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} K-Lite Mega Codec Pack 1.40-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office Excel Viewer 2003-->MsiExec.exe /I{90840409-6000-11D3-8CFE-0150048383C9} Miranda IM 0.7.8-->C:\Program Files\Miranda IM\Uninstall.exe Mozilla Firefox (2.0.0.18)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Opera 9.63-->MsiExec.exe /X{2C0CD17D-0B06-4700-83FA-7344B868B0A2} Opera-->C:\PROGRA~1\OPERAA~1\uninst\unwise.exe C:\PROGRA~1\OPERAA~1\uninst\install.log PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed QuickSFV (Remove only)-->C:\Program Files\QuickSFV\QSFVUNST.EXE C:\Program Files\QuickSFV\ SiS 650_651_M650_M652_740-->RUNDLL32 setuplib.dll,UnInstall ,315&ISUNINST -f"C:\PROGRA~1\SISCOM~1.15\DeIsL1.isu"&P.U 4 xvga.in&-1 Sygate Personal Firewall Pro-->MsiExec.exe /I{10B446B3-4DF4-4489-A168-8A98F7CD807E} Trillian-->C:\Program Files\Trillian\trillian.exe /uninstall Trojan Remover 6.7.5-->"C:\Program Files\Trojan Remover\unins000.exe" TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B} VIA Platform Device Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe =====HijackThis Backups===== O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 ======Hosts File====== 127.0.0.1 localhost ======Security center information====== AV: Kaspersky Anti-Virus (disabled) (outdated) FW: Sygate Personal Firewall Pro (disabled) System event log Computer Name: TYRANT Event Code: 7036 Message: The Fast User Switching Compatibility service entered the running state. Record Number: 1057 Source Name: Service Control Manager Time Written: 20080912020614.000000+330 Event Type: information User: Computer Name: TYRANT Event Code: 7035 Message: The Fast User Switching Compatibility service was successfully sent a start control. Record Number: 1056 Source Name: Service Control Manager Time Written: 20080912020614.000000+330 Event Type: information User: NT AUTHORITY\SYSTEM Computer Name: TYRANT Event Code: 7036 Message: The Terminal Services service entered the running state. Record Number: 1055 Source Name: Service Control Manager Time Written: 20080912020614.000000+330 Event Type: information User: Computer Name: TYRANT Event Code: 26 Message: Application popup: : Machine Check: Regs Record Number: 1054 Source Name: Application Popup Time Written: 20080912020507.000000+330 Event Type: information User: Computer Name: TYRANT Event Code: 26 Message: Application popup: : Machine Check: Record Number: 1053 Source Name: Application Popup Time Written: 20080912020507.000000+330 Event Type: information User: Application event log Computer Name: TYRANT Event Code: 4097 Message: The application, C:\Program Files\Mozilla Firefox\firefox.exe, generated an application error The error occurred on 08/22/2008 @ 09:01:40.562 The exception generated was c0000005 at address 1003D502 (NPSWF32) Record Number: 102 Source Name: DrWatson Time Written: 20080822090140.000000+330 Event Type: information User: Computer Name: TYRANT Event Code: 1000 Message: Faulting application firefox.exe, version 1.8.20080.4669, faulting module npswf32.dll, version 10.0.2.26, fault address 0x0003d502. Record Number: 101 Source Name: Application Error Time Written: 20080822090135.000000+330 Event Type: error User: Computer Name: TYRANT Event Code: 4097 Message: The application, C:\Program Files\Opera\opera.exe, generated an application error The error occurred on 08/22/2008 @ 08:54:12.734 The exception generated was c0000005 at address 678F73DF (Opera) Record Number: 100 Source Name: DrWatson Time Written: 20080822085412.000000+330 Event Type: information User: Computer Name: TYRANT Event Code: 1000 Message: Faulting application opera.exe, version 9.52.10108.0, faulting module opera.dll, version 9.52.10108.0, fault address 0x000b73df. Record Number: 99 Source Name: Application Error Time Written: 20080822085405.000000+330 Event Type: error User: Computer Name: TYRANT Event Code: 11707 Message: Product: Opera 9.52 -- Installation operation completed successfully. Record Number: 98 Source Name: MsiInstaller Time Written: 20080822041805.000000+330 Event Type: information User: TYRANT\Administrator ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD "PROCESSOR_REVISION"=0801 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------