Deckard's System Scanner v20070905.67
Run by Leander on 2007-10-13 20:54:08
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 3 Restore Point(s) --
3: 2007-10-13 18:54:16 UTC - RP31 - Deckard's System Scanner Restore Point
2: 2007-10-13 12:52:57 UTC - RP30 - Uniblue RegistryBooster
1: 2007-10-13 10:21:43 UTC - RP29 - Software Distribution Service 3.0
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 4.9 GiB (less than 15%) free.
-- HijackThis (run as Leander.exe) ---------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:23, on 13/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Leander.PC113802530822\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Leander.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.symantec.com/techsupp/servle ... PMCons_60D
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7EA70927-FE82-42ED-8480-A6AA73169F0A} - C:\WINDOWS\system32\pmnlm.dll
O2 - BHO: (no name) - {837B45D6-BF85-457D-AABF-6D2E7815F791} - C:\WINDOWS\system32\xxyyyvv.dll
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\system32\gpkipymg.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\aqkuqzdc.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Norton-werkbalk weergeven - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\aqkuqzdc.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\system32\fsqeuoks.dll",sitypnow
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Personal.lnk = C:\Program Files\Personal\bin\Personal.exe
O8 - Extra context menu item: E&kspordi Microsoft Excelisse -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O20 - Winlogon Notify: aqkuqzdc - C:\WINDOWS\SYSTEM32\aqkuqzdc.dll
O20 - Winlogon Notify: xxyyyvv - C:\WINDOWS\SYSTEM32\xxyyyvv.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
--
End of file - 8546 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>
S3 FirebirdServerMAGIXInstance (Firebird Server - MAGIX Instance) - c:\program files\magix\common\database\bin\fbserver.exe <Not Verified; MAGIX®; Firebird SQL Server - MAGIX Edition>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 UPnPService - c:\program files\common files\magix shared\upnpservice\upnpservice.exe <Not Verified; Magix AG; UPnPService Module>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-09-23 23:00:32 274 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2007-09-23 23:00:31 396 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
-- Files created between 2007-09-13 and 2007-10-13 -----------------------------
2007-10-13 20:26:08 84544 --a------ C:\WINDOWS\system32\fsqeuoks.dll
2007-10-13 20:21:33 339968 --a------ C:\WINDOWS\system32\aqkuqzdc.dll
2007-10-13 20:21:07 389184 --a------ C:\WINDOWS\system32\lnoimxxx.exe
2007-10-13 18:54:14 84544 -----n--- C:\WINDOWS\system32\rcjxfpxa.dll
2007-10-13 18:50:07 339968 --a------ C:\WINDOWS\system32\qdisnqpt.dll
2007-10-13 18:49:40 389184 --a------ C:\WINDOWS\system32\fcqlhaha.exe
2007-10-13 18:15:24 84544 --a------ C:\WINDOWS\system32\vnvjvpbe.dll
2007-10-13 18:12:56 339968 --a------ C:\WINDOWS\system32\qtxmmxjd.dll
2007-10-13 18:12:29 389184 --a------ C:\WINDOWS\system32\duxdsxio.exe
2007-10-13 18:02:17 0 d-------- C:\Program Files\ewido anti-malware
2007-10-13 17:51:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-13 17:42:45 84544 --a------ C:\WINDOWS\system32\dulchthv.dll
2007-10-13 17:37:27 339968 --a------ C:\WINDOWS\system32\ciansuyz.dll
2007-10-13 17:37:02 389184 --a------ C:\WINDOWS\system32\qdvqqhtu.exe
2007-10-13 16:49:30 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-10-13 16:49:29 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-10-13 16:49:29 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-10-13 16:49:29 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-10-13 16:49:29 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-10-13 16:49:29 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-10-13 16:49:29 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-10-13 16:49:29 0 dr------- C:\Documents and Settings\Administrator\My Documents
2007-10-13 16:49:29 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-10-13 16:49:29 0 dr------- C:\Documents and Settings\Administrator\Favorites
2007-10-13 16:49:29 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-10-13 16:49:29 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2007-10-13 16:49:29 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-10-13 16:49:29 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-10-13 16:49:29 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-10-13 16:49:27 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-10-13 16:28:12 3502 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-13 15:42:30 84544 --a------ C:\WINDOWS\system32\jlhmpide.dll
2007-10-13 15:35:06 339968 --a------ C:\WINDOWS\system32\jeriblbu.dll
2007-10-13 15:34:37 389184 --a------ C:\WINDOWS\system32\tpdjxgxw.exe
2007-10-13 15:06:45 84544 --a------ C:\WINDOWS\system32\aunufkax.dll
2007-10-13 15:04:09 339968 --a------ C:\WINDOWS\system32\gdlslaeo.dll
2007-10-13 15:03:42 389184 --a------ C:\WINDOWS\system32\tqbrxeun.exe
2007-10-13 14:36:20 0 d-------- C:\Program Files\Trend Micro
2007-10-13 14:07:40 84544 --a------ C:\WINDOWS\system32\yrblgpyn.dll
2007-10-13 14:04:58 339968 --a------ C:\WINDOWS\system32\whpxevbv.dll
2007-10-13 14:04:34 389184 --a------ C:\WINDOWS\system32\wkbipcyp.exe
2007-10-13 12:44:25 169788 ---hs---- C:\WINDOWS\system32\mlnmp.ini2
2007-10-13 11:36:46 389184 --a------ C:\WINDOWS\system32\fdbskwxr.exe
2007-10-13 11:21:39 84544 --a------ C:\WINDOWS\system32\vtfyvdwn.dll
2007-10-13 11:21:25 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\WinPatrol
2007-10-13 11:19:03 339968 --a------ C:\Program Files\Hammer.dll
2007-10-13 11:18:38 389184 --a------ C:\WINDOWS\system32\clccfjdq.exe
2007-10-09 14:54:04 0 d-------- C:\Program Files\ProtectDisc Driver Installer
2007-10-09 14:53:27 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\MAGIX
2007-10-09 14:42:15 24576 --a------ C:\WINDOWS\system32\TTIC32.dll <Not Verified; PoINT Software & Systems GmbH; TTIC32>
2007-10-09 14:42:15 24576 --a------ C:\WINDOWS\system32\TTI32.dll <Not Verified; PoINT Software & Systems GmbH; TTI32>
2007-10-09 14:42:15 32768 --a------ C:\WINDOWS\system32\STRING32.dll <Not Verified; PoINT Software & Systems GmbH; STRING32>
2007-10-09 14:42:15 430080 --a------ C:\WINDOWS\system32\MXRestore.exe <Not Verified; MAGIX AG; MAGIX Restore>
2007-10-09 14:42:15 53248 --a------ C:\WINDOWS\system32\mgxasio2.dll
2007-10-09 14:42:15 57344 --a------ C:\WINDOWS\system32\DLLTPO32.dll <Not Verified; PoINT Software & Systems GmbH; DLLTPO32>
2007-10-09 14:42:15 188416 --a------ C:\WINDOWS\system32\DLLRES32.dll <Not Verified; PoINT Software & Systems GmbH; DLLRES32>
2007-10-09 14:42:15 40960 --a------ C:\WINDOWS\system32\DLLRD32.dll <Not Verified; PoINT Software & Systems GmbH; DLLRD32>
2007-10-09 14:42:15 65536 --a------ C:\WINDOWS\system32\DLLPTL32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPTL32>
2007-10-09 14:42:15 53248 --a------ C:\WINDOWS\system32\DLLPRJ32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPRJ32>
2007-10-09 14:42:14 49152 --a------ C:\WINDOWS\system32\DLLPRF32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPRF32>
2007-10-09 14:42:14 36864 --a------ C:\WINDOWS\system32\DLLPNT32.dll <Not Verified; PoINT Software & Systems GmbH; DLLPNT32>
2007-10-09 14:42:14 32768 --a------ C:\WINDOWS\system32\DLLMSC32.dll <Not Verified; PoINT Software & Systems GmbH; DLLMSC32>
2007-10-09 14:42:14 24576 --a------ C:\WINDOWS\system32\DLLIX.dll <Not Verified; PoINT Software & Systems GmbH; DLLIX>
2007-10-09 14:42:14 32768 --a------ C:\WINDOWS\system32\DLLISO32.dll <Not Verified; PoINT Software & Systems GmbH; DLLISO32>
2007-10-09 14:42:14 53248 --a------ C:\WINDOWS\system32\DLLIO32.dll <Not Verified; PoINT Software & Systems GmbH; DLLIO32>
2007-10-09 14:42:14 45056 --a------ C:\WINDOWS\system32\DLLIMG32.dll <Not Verified; PoINT Software & Systems GmbH; DLLIMG32>
2007-10-09 14:42:14 151552 --a------ C:\WINDOWS\system32\DLLDRV32.dll <Not Verified; PoINT Software & Systems GmbH; DLLDRV32>
2007-10-09 14:42:14 32768 --a------ C:\WINDOWS\system32\DLLDIR32.dll <Not Verified; PoINT Software & Systems GmbH; DLLDIR32>
2007-10-09 14:42:14 163840 --a------ C:\WINDOWS\system32\DLLDEV32.dll <Not Verified; PoINT Software & Systems GmbH; DLLDEV32>
2007-10-09 14:42:14 94208 --a------ C:\WINDOWS\system32\DLLCPY32.dll <Not Verified; PoINT Software & Systems GmbH; DLLCPY32>
2007-10-09 14:42:14 61440 --a------ C:\WINDOWS\system32\DLLCDF32.dll <Not Verified; PoINT Software & Systems GmbH; DLLCDF32>
2007-10-09 14:42:14 114688 --a------ C:\WINDOWS\system32\DLLCDA32.dll <Not Verified; PoINT Software & Systems GmbH; PoINT CDarchive for Windows>
2007-10-09 14:42:14 487424 --a------ C:\WINDOWS\system32\DLLAV32.dll <Not Verified; PoINT Software & Systems GmbH; PoINT CD/DVD Audio/Video SDK for Windows>
2007-10-09 14:15:32 0 d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
2007-10-09 14:14:54 120200 --a------ C:\WINDOWS\system32\DLLDEV32i.dll <Not Verified; ; DLLDEV32i>
2007-10-09 14:14:54 0 d-------- C:\Program Files\MAGIX
2007-10-09 14:14:11 0 d-------- C:\WINDOWS\system32\MAGIX
2007-10-08 20:41:29 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Google
2007-10-08 19:23:19 166725 ---hs---- C:\WINDOWS\system32\mlnmp.bak2
2007-10-06 23:31:55 85056 --a------ C:\WINDOWS\system32\gufqpivd.dll
2007-10-06 23:31:54 77376 --a------ C:\WINDOWS\system32\gpkipymg.dll
2007-10-06 11:53:08 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Ahead
2007-10-06 11:45:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-10-06 11:38:03 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\WinRAR
2007-10-06 11:26:30 173389 ---hs---- C:\WINDOWS\system32\mlnmp.bak1
2007-10-06 11:25:50 325728 --a------ C:\WINDOWS\system32\pmnlm.dll
2007-10-06 11:20:39 44054 --a------ C:\WINDOWS\system32\xxyyyvv.dll
2007-10-06 08:58:49 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Symantec
2007-10-05 21:28:15 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-10-05 21:28:14 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-10-05 21:28:14 0 d-------- C:\Program Files\Xvid
2007-10-05 21:14:40 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-10-04 21:22:13 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Uniblue
2007-10-04 13:40:38 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\AdobeUM
2007-10-04 13:38:53 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Adobe
2007-10-03 22:18:41 0 d-------- C:\Program Files\Symantec
2007-10-03 21:29:16 0 d--hs---- C:\Documents and Settings\Leander.PC113802530822\UserData
2007-10-03 20:57:15 0 d-------- C:\WINDOWS\system32\PreInstall
2007-10-03 20:57:02 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Macromedia
2007-10-03 20:55:45 0 d-------- C:\WINDOWS\system32\LogFiles
2007-10-03 20:49:18 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-10-03 20:45:50 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Personal
2007-10-03 20:43:30 0 dr------- C:\Documents and Settings\Leander.PC113802530822\Favorites
2007-10-03 20:43:30 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Desktop
2007-10-03 20:43:30 0 d--hs---- C:\Documents and Settings\Leander.PC113802530822\Cookies
2007-10-03 20:43:30 0 dr-h----- C:\Documents and Settings\Leander.PC113802530822\Application Data
2007-10-03 20:43:30 0 d-------- C:\Documents and Settings\Leander.PC113802530822\Application Data\Identities
2007-10-03 20:43:29 0 d--h----- C:\Documents and Settings\Leander.PC113802530822\Templates
2007-10-03 20:43:29 0 dr------- C:\Documents and Settings\Leander.PC113802530822\Start Menu
2007-10-03 20:43:29 0 dr-h----- C:\Documents and Settings\Leander.PC113802530822\SendTo
2007-10-03 20:43:29 0 dr-h----- C:\Documents and Settings\Leander.PC113802530822\Recent
2007-10-03 20:43:29 0 d--h----- C:\Documents and Settings\Leander.PC113802530822\PrintHood
2007-10-03 20:43:29 0 d--h----- C:\Documents and Settings\Leander.PC113802530822\NetHood
2007-10-03 20:43:29 0 dr------- C:\Documents and Settings\Leander.PC113802530822\My Documents
2007-10-03 20:43:29 0 d--h----- C:\Documents and Settings\Leander.PC113802530822\Local Settings
2007-10-03 20:43:28 2359296 --ah----- C:\Documents and Settings\Leander.PC113802530822\NTUSER.DAT
2007-10-03 20:41:37 0 d-------- C:\Documents and Settings\Default User\Application Data\Symantec
2007-10-03 19:12:53 0 d-------- C:\Documents and Settings\Kersti\cbt
2007-10-03 19:12:53 0 d-------- C:\Documents and Settings\Kersti\Application Data\Netscape
2007-10-03 19:12:53 0 d-------- C:\Documents and Settings\Kersti\Application Data\Mozilla
2007-10-02 21:27:47 0 dr-h----- C:\Documents and Settings\Leander\Recent
2007-10-02 20:53:40 0 d-------- C:\WINDOWS\pss
2007-09-30 00:59:09 0 d-------- C:\Documents and Settings\Leander\Application Data\WinPatrol
2007-09-30 00:58:54 0 d-------- C:\Program Files\BillP Studios
2007-09-30 00:56:55 0 d-------- C:\Program Files\SpywareBlaster
2007-09-28 22:42:37 0 d-------- C:\Program Files\CCleaner
2007-09-28 20:49:21 0 d-------- C:\Program Files\MSBuild
2007-09-28 20:44:54 0 d-------- C:\Program Files\Reference Assemblies
2007-09-28 19:49:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-09-28 19:48:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-09-25 19:53:54 0 d-------- C:\Program Files\Lavalys
2007-09-24 23:28:27 0 d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2007-09-23 21:37:06 0 d-------- C:\Program Files\Uniblue
2007-09-23 21:29:25 0 d-------- C:\Documents and Settings\Leander\Application Data\Uniblue
2007-09-23 20:58:18 0 d-------- C:\Program Files\MSXML 6.0
2007-09-19 20:22:56 0 d-------- C:\Program Files\Lavasoft
2007-09-18 21:52:41 47360 --a------ C:\Documents and Settings\Leander\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-09-18 21:52:40 0 d-------- C:\Documents and Settings\Leander\Application Data\Vso
2007-09-18 21:52:36 0 d-------- C:\Program Files\VSO
2007-09-18 20:37:38 0 d-------- C:\Documents and Settings\Leander\Application Data\Media Player Classic
2007-09-18 20:35:40 0 d-------- C:\Program Files\Combined Community Codec Pack
-- Find3M Report ---------------------------------------------------------------
2007-10-13 20:55:34 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-09 16:08:58 0 d-------- C:\Program Files\Common Files\MAGIX Shared
2007-10-08 20:41:15 0 d-------- C:\Program Files\Google
2007-10-08 19:20:43 0 d-------- C:\Program Files\Norton 360
2007-10-06 11:48:42 0 d-------- C:\Program Files\Common Files\Ahead
2007-10-05 19:06:50 0 d-------- C:\Program Files\Common Files
2007-10-04 21:42:19 0 d-------- C:\Program Files\Online Services
2007-10-04 05:12:41 0 d-------- C:\Program Files\Windows NT
2007-10-04 05:11:05 0 d-------- C:\Program Files\Movie Maker
2007-10-04 05:11:03 0 d-------- C:\Program Files\Microsoft Works
2007-10-04 05:10:17 0 d-------- C:\Program Files\Messenger
2007-10-04 05:10:01 0 d-------- C:\Program Files\Java
2007-10-04 05:08:38 0 d-------- C:\Program Files\Easy Internet signup
2007-10-04 05:08:09 0 d-------- C:\Program Files\Common Files\SureThing Shared
2007-10-04 05:08:08 0 d-------- C:\Program Files\Common Files\Sonic Shared
2007-10-04 05:07:49 0 d-------- C:\Program Files\Common Files\LightScribe
2007-10-03 20:37:37 0 d-------- C:\Program Files\HPQ
2007-10-03 19:51:02 0 d-------- C:\Program Files\PowerArchiver
2007-10-03 19:33:38 0 d-------- C:\Program Files\Packard Bell Data Secure
2007-09-30 00:54:39 0 d-------- C:\Program Files\Logitech
2007-09-23 23:05:11 0 d-------- C:\Program Files\Windows Media Connect 2
2007-09-23 23:05:11 0 d-------- C:\Program Files\TPTEST5
2007-09-23 23:05:11 0 d-------- C:\Program Files\Readiris Pro 8
2007-09-23 23:05:10 0 d-------- C:\Program Files\DivX
2007-09-23 23:05:10 0 d-------- C:\Program Files\Benders
2007-09-23 23:05:06 0 d-------- C:\Program Files\The Guild 2
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7EA70927-FE82-42ED-8480-A6AA73169F0A}]
06/10/2007 11:25 325728 --a------ C:\WINDOWS\system32\pmnlm.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{837B45D6-BF85-457D-AABF-6D2E7815F791}]
06/10/2007 11:20 44054 --a------ C:\WINDOWS\system32\xxyyyvv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89AD4D75-2429-462e-BD4E-443F233F6033}]
06/10/2007 23:31 77376 --a------ C:\WINDOWS\system32\gpkipymg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
13/10/2007 20:21 339968 --a------ C:\WINDOWS\system32\aqkuqzdc.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\aqkuqzdc.dll [13/10/2007 20:21 339968]
[-HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [10/11/2005 21:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [10/11/2005 13:03]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [16/02/2005 23:11]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [19/06/2005 22:50]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [12/12/2005 11:39]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [22/12/2005 08:57]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [01/08/2005 14:26]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [11/10/2005 10:23]
"Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [09/02/2006 09:52]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [13/12/2005 16:45]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [09/01/2007 23:59]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [12/03/2007 10:22]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [12/01/2006 15:40]
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [23/09/2007 19:30]
"SearchIndexer"="C:\WINDOWS\system32\fsqeuoks.dll" [13/10/2007 20:26]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 10:00]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [15/01/2007 16:14]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [27/07/2007 20:40]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [00:00:00]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [24/09/2005 01:39:30]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 10:01:04]
Personal.lnk - C:\Program Files\Personal\bin\Personal.exe [14/04/2007 23:11:43]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktop"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{837B45D6-BF85-457D-AABF-6D2E7815F791}"= C:\WINDOWS\system32\xxyyyvv.dll [06/10/2007 11:20 44054]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\aqkuqzdc]
aqkuqzdc.dll 13/10/2007 20:21 339968 C:\WINDOWS\system32\aqkuqzdc.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyyyvv]
xxyyyvv.dll 06/10/2007 11:20 44054 C:\WINDOWS\system32\xxyyyvv.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmnlm.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{305d6007-71df-11dc-93ab-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
*Newly Created Service* - COMHOST
-- End of Deckard's System Scanner: finished at 2007-10-13 20:58:08 ------------
Deckard's System Scanner v20070905.67
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Turion(tm) 64 Mobile Technology ML-37
Percentage of Memory in Use: 27%
Physical Memory (total/avail): 2046.17 MiB / 1480.54 MiB
Pagefile Memory (total/avail): 3938.68 MiB / 3449.64 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1962.09 MiB
C: is Fixed (NTFS) - 66.33 GiB total, 4.9 GiB free.
D: is Fixed (FAT32) - 7.17 GiB total, 1.3 GiB free.
E: is CDROM (CDFS)
F: is Removable (FAT32)
\\.\PHYSICALDRIVE0 - ST980829A - 74.53 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 66.33 GiB - C:
\PARTITION1 - Unknown - 7.19 GiB - D:
\PARTITION2 - Unknown - 1027.6 MiB
\\.\PHYSICALDRIVE1 - USB 2.0 Flash Disk USB Device - 988.37 MiB - 1 partition
\PARTITION0 - 16-bit FAT - 996 MiB - F:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: Norton 360 v2007 (SYMANTEC Corporation)
AV: Norton 360 v2007 (SYMANTEC Corperation)
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\system32\\dcyoyrhr.exe"="C:\\WINDOWS\\system32\\dcy"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Leander.PC113802530822\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BASTARD
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Leander.PC113802530822
LOGONSERVER=\\BASTARD
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Ahead\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 36 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2402
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\LEANDE~1.PC1\LOCALS~1\Temp
TMP=C:\DOCUME~1\LEANDE~1.PC1\LOCALS~1\Temp
USERDOMAIN=BASTARD
USERNAME=Leander
USERPROFILE=C:\Documents and Settings\Leander.PC113802530822
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Leander.PC113802530822
(admin)
Administrator
(new local, admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Athlon 64 Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Conexant AC-Link Audio --> C:\Program Files\CONEXANT\CNXT_AUDIO\HXFSETUP.EXE -U -ICPL309BA.INF
Firebird SQL Server - MAGIX Edition --> C:\Program Files\MAGIX\Common\Database\instslct.exe /p
GearDrvs --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Help and Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Imaging Device Functions 6.0 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.0 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP QuickPlay 2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP User Guides--System Recovery --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC96BBA7-C634-460E-AD18-A0A994213F80}\Setup.exe" -l0x9 -removeonly
HP User Guides 0025 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52AE81CB-B786-490E-93CF-240A9891B392}\setup.exe" -l0x9 -removeonly
HP Wireless Assistant 2.00 C1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
MAGIX Music Maker 14 13.0.1.1 (UK) --> C:\Program Files\MAGIX\MusicMaker14\instslct.exe
MAGIX PC Visit --> C:\Program Files\MAGIX\PCVisit\instslct.exe
MAGIX Photo Manager 2007 4.2.1.262 (UK) --> C:\Program Files\MAGIX\Photo_Manager_2007\instslct.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office XP Media Content --> MsiExec.exe /I{90300409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Small Business --> MsiExec.exe /I{91930425-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mufin MusicFinder Base 1.0.1.240 (UK) --> C:\Program Files\MAGIX\Mufin MusicFinder\instslct.exe
Nero 7 --> MsiExec.exe /I{9FB8CAC0-CCF6-47C9-8EDE-3AC69FD61033}
Norton 360 --> MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360 --> MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton 360 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X
Norton 360 Help --> MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Authentification Component --> MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
oggcodecs 0.71.0946 --> C:\Program Files\illiminable\oggcodecs\uninst.exe
ProtectDisc Helper Driver 10 --> C:\Program Files\ProtectDisc Driver Installer\uninstall_v10.exe
Quick Launch Buttons 5.20 G1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninst
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1002&DEV_4378\HXFSETUP.EXE -U -Icpl309bk.inf
Sonic Audio Module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SuppSoft --> MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}
Symantec Technical Support Controls --> MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033
Text-To-Speech-Runtime --> MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type1336 / Error
Event Submitted/Written: 10/13/2007 08:49:55 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application swreg.cfexe, version 2.0.1.8, faulting module swreg.cfexe, version 2.0.1.8, fault address 0x00003eca.
Processing media-specific event for [swreg.cfexe!ws!]
Event Record #/Type1335 / Error
Event Submitted/Written: 10/13/2007 08:49:53 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application swreg.cfexe, version 2.0.1.8, faulting module swreg.cfexe, version 2.0.1.8, fault address 0x00003eca.
Processing media-specific event for [swreg.cfexe!ws!]
Event Record #/Type1334 / Error
Event Submitted/Written: 10/13/2007 08:49:37 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application swreg.cfexe, version 2.0.1.8, faulting module swreg.cfexe, version 2.0.1.8, fault address 0x00003eca.
Processing media-specific event for [swreg.cfexe!ws!]
Event Record #/Type1333 / Error
Event Submitted/Written: 10/13/2007 08:49:16 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application swreg.cfexe, version 2.0.1.8, faulting module swreg.cfexe, version 2.0.1.8, fault address 0x00003eca.
Processing media-specific event for [swreg.cfexe!ws!]
Event Record #/Type1332 / Error
Event Submitted/Written: 10/13/2007 08:49:13 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application swreg.cfexe, version 2.0.1.8, faulting module swreg.cfexe, version 2.0.1.8, fault address 0x00003eca.
Processing media-specific event for [swreg.cfexe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type2839 / Error
Event Submitted/Written: 10/13/2007 06:46:09 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type2838 / Error
Event Submitted/Written: 10/13/2007 06:45:46 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type2837 / Error
Event Submitted/Written: 10/13/2007 06:45:30 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Event Record #/Type2836 / Error
Event Submitted/Written: 10/13/2007 06:37:54 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
AmdK8
eabfiltr
eeCtrl
Fips
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
SPBBCDrv
SRTSPX
SYMTDI
Tcpip
Event Record #/Type2835 / Error
Event Submitted/Written: 10/13/2007 06:37:54 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31
-- End of Deckard's System Scanner: finished at 2007-10-13 20:58:08 ------------