Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2:21:47 PM, on 6/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\wamp\apache2\bin\httpd.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\wamp\apache2\bin\httpd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Synergy\synergys.exe
C:\wamp\wampmanager.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Matt\Desktop\HiJackThis_v2.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 193.224.189.2:8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Synergy Server] "C:\Program Files\Synergy\synergys.exe" --no-daemon --debug WARNING --name MattLappy --address :24800
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1466282750
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D631086-5348-4120-8177-41889B8478AA}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D631086-5348-4120-8177-41889B8478AA}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{1D631086-5348-4120-8177-41889B8478AA}: NameServer = 208.67.222.222,208.67.220.220
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Apache Tomcat (Tomcat6) - Apache Software Foundation - C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
--
End of file - 4646 bytes
Also, I went ahead and ran the Dekkards System Scanner, here are the logs:
Deckard's System Scanner v20070603.47
Run by Matt on 2007-06-10 at 14:29:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
41: 2007-06-10 18:29:52 UTC - RP87 - Deckard's System Scanner Restore Point
40: 2007-06-10 18:16:37 UTC - RP86 - Removed SUPERAntiSpyware Professional
39: 2007-06-10 09:07:43 UTC - RP85 - Software Distribution Service 2.0
38: 2007-06-10 06:20:18 UTC - RP84 - Installed SUPERAntiSpyware Professional
37: 2007-06-10 06:17:34 UTC - RP83 - Removed Ad-Aware 2007
-- First Restore Point --
1: 2007-05-02 18:24:05 UTC - RP47 - Removed Java 2 Runtime Environment, SE v1.4.2_14
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-06-10 14:31:40
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.5730.11)
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\wamp\Apache2\bin\httpd.exe
C:\wamp\mysql\bin\mysqld-nt.exe
C:\wamp\Apache2\bin\httpd.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Synergy\synergys.exe
C:\wamp\wampmanager.exe
C:\Program Files\Apoint\ApntEx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Matt\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Synergy Server] "C:\Program Files\Synergy\synergys.exe" --no-daemon --debug WARNING --name MattLappy --address :24800
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1466282750
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{1D631086-5348-4120-8177-41889B8478AA}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Apache Tomcat (Tomcat6) - Apache Software Foundation - "C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe" //RS//Tomcat6
O23 - Service: wampapache - Apache Software Foundation - "c:\wamp\apache2\bin\httpd.exe" -k runservice
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 wampapache - "c:\wamp\apache2\bin\httpd.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>
R2 wampmysqld - c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
S3 Tomcat6 (Apache Tomcat) - "c:\program files\apache software foundation\tomcat 6.0\bin\tomcat6.exe" //rs//tomcat6 <Not Verified; Apache Software Foundation; Service Runner>
-- Files created between 2007-05-10 and 2007-06-10 -----------------------------
2007-06-10 05:20:26 0 d-------- C:\WINDOWS\network diagnostic
2007-06-10 04:28:22 0 d-------- C:\Documents and Settings\Matt\.housecall6.6
2007-06-10 02:20:23 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-06-10 02:20:18 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-06-08 21:35:31 0 d-------- C:\Program Files\Synergy
2007-06-08 21:30:31 0 d-------- C:\Documents and Settings\Matt\Application Data\.purple
2007-06-08 21:30:14 0 d-------- C:\Program Files\Pidgin
2007-06-08 14:41:44 0 d-------- C:\Documents and Settings\Matt\Application Data\MySQL
2007-06-08 14:41:07 0 d-------- C:\Program Files\MySQL
2007-06-08 04:47:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-06-08 04:37:16 0 d-------- C:\VundoFix Backups
2007-06-08 02:05:24 0 d-------- C:\WINDOWS\pss
2007-06-07 20:39:14 0 d-------- C:\wamp
2007-06-07 20:23:29 0 d-------- C:\Program Files\FlashDevelop
2007-06-06 21:23:09 0 d-------- C:\Program Files\TVUPlayer
2007-06-06 15:17:34 0 d-------- C:\Program Files\SharpDevelop
2007-06-06 01:11:46 0 d-------- C:\Documents and Settings\Matt\Application Data\PCTV4Me
2007-06-06 01:11:46 0 d-------- C:\Documents and Settings\All Users\Application Data\PCTV4Me
2007-05-31 18:51:31 0 d-------- C:\Documents and Settings\Matt\Application Data\gtk-2.0
2007-05-30 17:42:57 0 d-------- C:\Program Files\wxFormBuilder
2007-05-30 14:27:09 0 d-------- C:\sourceforge
2007-05-29 18:07:45 10 --a------ C:\WINDOWS\system32\deposit.dll
2007-05-29 18:07:14 0 d-------- C:\WINDOWS\Downloaded Installations
2007-05-27 21:36:45 0 d-------- C:\Program Files\OpenLaszlo Server 4.0.2
2007-05-27 21:26:20 0 d-------- C:\Program Files\Apache Software Foundation
2007-05-22 15:42:51 0 d-------- C:\Documents and Settings\Matt\Application Data\Joost
2007-05-22 15:42:26 0 d-------- C:\Program Files\Joost
2007-05-14 01:30:13 0 d-------- C:\Documents and Settings\Matt\Application Data\dvdcss
2007-05-10 22:19:26 0 d-------- C:\Program Files\Risk
-- Find3M Report ---------------------------------------------------------------
2007-06-10 14:17:03 0 d-------- C:\Program Files\Mozilla Thunderbird
2007-06-10 02:17:47 0 d-------- C:\Program Files\Lavasoft
2007-06-10 02:12:07 0 d-------- C:\Program Files\Free Download Manager
2007-06-09 17:09:33 0 d-------- C:\Documents and Settings\Matt\Application Data\OpenOffice.org2
2007-06-08 21:30:31 0 d-------- C:\Documents and Settings\Matt\Application Data\.gaim
2007-06-06 01:35:04 0 d-------- C:\Program Files\GuitarFX 3
2007-06-06 01:34:29 0 d-------- C:\Program Files\Practiline Source Code Line Counter
2007-05-31 15:43:02 0 d-------- C:\Program Files\GIMP-2.0
2007-05-02 14:27:41 0 d-------- C:\Program Files\Java
2007-05-02 13:47:09 0 d-------- C:\Program Files\netbeans-5.5
2007-05-02 01:18:02 0 d-------- C:\Program Files\Common Files\InstallShield
2007-04-21 17:10:31 0 d-------- C:\Documents and Settings\Matt\Application Data\TVU Networks
2007-04-19 01:56:29 4679 --a------ C:\WINDOWS\mozver.dat
2007-04-19 01:56:27 0 d-------- C:\Program Files\DivX
2007-04-18 23:25:46 0 d-------- C:\Documents and Settings\Matt\Application Data\Google
2007-04-18 23:25:25 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-04-18 23:25:25 0 d-------- C:\Program Files\Google
2007-04-16 06:12:05 0 d-------- C:\Documents and Settings\Matt\Application Data\Free Download Manager
2007-04-14 14:16:53 0 d-------- C:\Program Files\ISTool
2007-04-14 14:16:53 0 d-------- C:\Documents and Settings\Matt\Application Data\ISTool
2007-04-14 14:11:39 0 d-------- C:\Program Files\HiSoft
2007-04-14 14:11:39 0 d-------- C:\Documents and Settings\Matt\Application Data\HiSoft
2007-04-12 16:18:47 0 d-------- C:\Program Files\Inno Setup 5
2007-04-10 00:14:26 0 d-------- C:\Program Files\Dell 720
2007-03-31 21:14:27 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-31 21:02:31 0 -rahs---- C:\MSDOS.SYS
2007-03-31 21:02:31 0 -rahs---- C:\IO.SYS
2007-03-31 21:02:31 0 --a------ C:\CONFIG.SYS
2007-03-31 21:02:31 0 --a------ C:\AUTOEXEC.BAT
2007-03-31 20:57:54 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-03-31 15:46:00 62 --ahs---- C:\Documents and Settings\Matt\Application Data\desktop.ini
-- Registry Dump ---------------------------------------------------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"ofgmuueemd"="c:\\windows\\system32\\ofgmuueemd.exe ofgmuueemd"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Synergy Server"="\"C:\\Program Files\\Synergy\\synergys.exe\" --no-daemon --debug WARNING --name MattLappy --address :24800"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
-- End of Deckard's System Scanner: finished at 2007-06-10 at 14:32:11 ---------
Deckard's System Scanner v20070603.47
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) M processor 1.60GHz
Percentage of Memory in Use: 57%
Physical Memory (total/avail): 511.37 MiB / 217.7 MiB
Pagefile Memory (total/avail): 1502.49 MiB / 1203.54 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1949.25 MiB
C: is Fixed (NTFS) - 17.72 GiB total, 7.88 GiB free.
D: is CDROM (No Media)
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"="C:\\Program Files\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Java\\j2sdk1.4.2_14\\bin\\java.exe"="C:\\Program Files\\Java\\j2sdk1.4.2_14\\bin\\java.exe:*:Enabled:java"
"C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"="C:\\Program Files\\Joost\\xulrunner\\tvprunner.exe:*:Enabled:tvprunner"
"C:\\wamp\\Apache2\\bin\\httpd.exe"="C:\\wamp\\Apache2\\bin\\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\Synergy\\synergys.exe"="C:\\Program Files\\Synergy\\synergys.exe:*:Enabled:synergys"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Matt\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MATT-A6182FA0E7
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Matt
include=C:\Program Files\Microsoft Visual Studio\VC98\atl\include;C:\Program Files\Microsoft Visual Studio\VC98\mfc\include;C:\Program Files\Microsoft Visual Studio\VC98\include
JAVA_HOME="C:\Program Files\Java\jdk1.5.0_11"
lib=C:\Program Files\Microsoft Visual Studio\VC98\mfc\lib;C:\Program Files\Microsoft Visual Studio\VC98\lib
LOGONSERVER=\\MATT-A6182FA0E7
MSDevDir=C:\Program Files\Microsoft Visual Studio\Common\MSDev98
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\proj\MinGW\bin;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin;C:\Program Files\Microsoft Visual Studio\Common\Tools;C:\Program Files\Microsoft Visual Studio\VC98\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Matt\LOCALS~1\Temp
TMP=C:\DOCUME~1\Matt\LOCALS~1\Temp
USERDOMAIN=MATT-A6182FA0E7
USERNAME=Matt
USERPROFILE=C:\Documents and Settings\Matt
windir=C:\WINDOWS
WXWIN=c:/proj/environment/wxWidgets-2.8.3
-- User Profiles ---------------------------------------------------------------
Matt (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
"GNU make 3.80.0" --> C:\proj\mingw\uninstall\unins000.exe
7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 9 --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
ALPS Touch Pad Driver --> C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
Apache Tomcat 6.0 (remove only) --> "C:\Program Files\Apache Software Foundation\Tomcat 6.0\Uninstall.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
C++ Code Export 1.0 (Beta) --> "C:\Program Files\C++ Code Export\unins000.exe"
Conexant D110 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Dell Photo Printer 720 --> C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBCUN5C.EXE -dDell Photo Printer 720
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FlashDevelop 2.0.2 --> C:\Program Files\FlashDevelop\Uninstall.exe
Free Download Manager 2.1 --> "C:\Program Files\Free Download Manager\unins000.exe"
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GTK+ 2.10.6-1 runtime environment --> "C:\Program Files\Common Files\GTK\2.0\setup\unins000.exe"
HijackThis 2.0.0 --> "C:\DOCUME~1\Matt\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis_v2.zip\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Inno Script Generator version 1.0.2.5 --> "C:\Program Files\HiSoft\Inno Script Generator\Uninstall Information\unins000.exe"
Inno Setup version 5.1.11 --> "C:\Program Files\Inno Setup 5\unins000.exe"
ISTool 5.1.8.0 --> "C:\Program Files\ISTool\unins000.exe"
J2SE Development Kit 5.0 Update 11 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150110}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java 2 Runtime Environment, SE v1.4.2_14 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142140}
Java 2 SDK, SE v1.4.2_14 --> MsiExec.exe /I{35A3A4F4-B792-11D6-A78A-00B0D0142140}
Joost (tm) 0.10.1 --> C:\Program Files\Joost\uninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 6.0 Professional Edition --> "C:\Program Files\Microsoft Visual Studio\VC98\Setup\1033\Setup.exe"
Mozilla Firefox (2.0.0.3) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox (2.0.0.4) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (1.5.0.12) --> C:\PROGRA~1\MOZILL~2\uninstall\uninstall.exe /ua "1.5.0.12 (en-US)"
MySQL Tools for 5.0 --> MsiExec.exe /I{EC561602-C0B9-4FAA-A175-1B3273639AC3}
NetBeans IDE 5.5 --> C:\Program Files\netbeans-5.5\_uninst\uninstaller.exe
OpenOffice.org 2.2 --> MsiExec.exe /I{65A27B19-3398-4B23-837C-7A9EA6A39F03}
Pidgin 2.0.1 (remove only) --> C:\Program Files\Pidgin\pidgin-uninst.exe
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SharpDevelop 2.1 --> MsiExec.exe /I{91C56D33-EF7D-49DF-B168-6BCEB05F119F}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Sun Download Manager 2.0 (web) --> C:\WINDOWS\system32\javaws.exe -uninstall "http://javadl-esd.sun.com/update/sdm20/sdm20.jnlp"
Synergy --> "C:\Program Files\Synergy\uninstall.exe"
The GIMP 2.2.14 --> "C:\Program Files\GIMP-2.0\unins000.exe"
TVUPlayer 2.3.0.0 --> C:\Program Files\TVUPlayer\uninst.exe
VideoLAN VLC media player 0.8.6a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
WAMP5 1.7.2 --> c:\wamp\unins000.exe
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
wxFormBuilder 3.0.18 --> "C:\Program Files\wxFormBuilder\unins000.exe"
wxWidgets 2.8.3 --> "C:\proj\wxWidgets-2.8.3\unins000.exe"
-- End of Deckard's System Scanner: finished at 2007-06-10 at 14:32:11 ---------
Please help me find what I missed