Hi,
[color=#FF0000]Log file of Deckard system scanner with name Main.txtDeckard's System Scanner v20071014.68
Run by Jowin on 2008-06-24 08:53:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 3 Restore Point(s) --
3: 2008-06-24 03:23:29 UTC - RP47 - Deckard's System Scanner Restore Point
2: 2008-06-23 08:37:09 UTC - RP46 - avast uninstalled
1: 2008-06-20 10:16:32 UTC - RP45 - Removed Google Toolbar for Internet Explorer
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Jowin.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:55:29 AM, on 6/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
D:\WinPatrol\winpatrol.exe
D:\Comodo\Firewall\cfp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
D:\TakeABreak.exe
C:\Program Files\IDA\ida.exe
D:\System Mechanic 6\SMSystemAnalyzer.exe
C:\WINDOWS\system32\cisvc.exe
D:\Comodo\Firewall\cmdagent.exe
D:\Launchy\Launchy.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Jowin\Desktop\dss.exe
C:\Jowin.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [WinPatrol] D:\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKCU\..\Run: [TakeABreak] D:\\TakeABreak.exe
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [SMSystemAnalyzer] "D:\System Mechanic 6\SMSystemAnalyzer.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Launchy.lnk = D:\Launchy\Launchy.exe
O8 - Extra context menu item: &Download with &DAP - D:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\Program Files\Yahoo!\MESSEN~1\YPager.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{12E191F2-779A-4E0E-9F33-C7937B741129}: NameServer = 203.192.192.22 203.192.195.18
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - D:\Comodo\Firewall\cmdagent.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5679 bytes
-- File Associations -----------------------------------------------------------
.js - JSFile - shell\open\command - NOTEPAD.EXE %1.vbs - VBSFile - shell\open\command - NOTEPAD.EXE %1-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 DgiVecp (Team MFP Comm Driver) - c:\windows\system32\drivers\dgivecp.sys <Not Verified; DeviceGuys, Inc.; DeviceGuys, Inc. Team MFP for Windows NT, 9x, and 3.1>
R3 RMSPPPOE (WAN Miniport (PPP over Ethernet Protocol)) - c:\windows\system32\drivers\rmspppoe.sys <Not Verified; Robert Schlabbach; PPP over Ethernet Protocol>
S3 AshAVMon - c:\program files\ashampoo\ashampoo antivirus\ashavmon.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-06-07 15:44:51 250 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job
2008-06-06 22:24:41 226 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2008-05-27 22:06:04 304 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
-- Files created between 2008-05-24 and 2008-06-24 -----------------------------
2008-06-24 08:55:21 396288 --a------ C:\Jowin.exe <Not Verified; Trend Micro Inc.; HijackThis>
2008-06-23 21:46:46 143360 --a------ C:\WINDOWS\system32\isdbgi51.dll <Not Verified; InstallShield Software Corporation; InstallShield®>
2008-06-23 21:46:35 0 d-------- C:\Program Files\InstallShield
2008-06-23 12:47:47 0 d--h----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Templates
2008-06-23 12:47:47 0 dr------- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Start Menu
2008-06-23 12:47:47 0 dr-h----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\SendTo
2008-06-23 12:47:47 0 d--h----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Recent
2008-06-23 12:47:47 0 d--h----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\PrintHood
2008-06-23 12:47:47 524288 --ah----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\NTUSER.DAT
2008-06-23 12:47:47 0 d--h----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\NetHood
2008-06-23 12:47:47 0 d-------- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\My Documents
2008-06-23 12:47:47 0 d--h----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Local Settings
2008-06-23 12:47:47 0 d-------- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Favorites
2008-06-23 12:47:47 0 d-------- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Desktop
2008-06-23 12:47:47 0 d---s---- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Cookies
2008-06-23 12:47:47 0 dr-h----- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Application Data
2008-06-23 12:47:47 0 d---s---- C:\Documents and Settings\Administrator.JOWIN-BC1F5E70C\Application Data\Microsoft
2008-06-23 10:47:04 0 d-------- C:\Program Files\PC Wizard 2008
2008-06-22 19:37:25 0 d-------- C:\Documents and Settings\LocalService\Application Data\Macromedia
2008-06-22 19:36:24 0 d-------- C:\Documents and Settings\LocalService\Application Data\Mozilla
2008-06-22 19:31:18 0 d-------- C:\Program Files\Ashampoo
2008-06-22 13:27:31 0 d-------- C:\Borland
2008-06-21 19:37:22 0 d-------- C:\Program Files\IZArc
2008-06-21 16:04:22 0 d-------- C:\Program Files\a-squared Anti-Malware
2008-06-21 12:59:09 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\Macromedia
2008-06-21 12:26:15 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\Opera
2008-06-20 21:33:22 0 dr-h----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Recent
2008-06-20 21:28:52 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\Winamp
2008-06-20 14:48:46 0 --a------ C:\Documents and Settings\Jowin\F-Prot
2008-06-20 14:40:09 0 d--h----- C:\WINDOWS\PIF
2008-06-20 12:26:47 0 dr-h----- C:\Documents and Settings\Jowin\Recent
2008-06-19 16:10:47 162304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-06-19 16:10:47 77312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-06-19 16:10:47 69632 --a------ C:\WINDOWS\system32\ztvcabinet.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2008-06-19 16:10:47 153088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-06-19 16:10:47 75264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-06-19 12:41:54 25264 --a------ C:\WINDOWS\system32\smrgdf.exe
2008-06-19 12:41:54 41472 --a------ C:\WINDOWS\system32\iolobtdfg.exe
2008-06-19 12:41:53 1212416 --a------ C:\WINDOWS\system32\Incinerator.dll
2008-06-19 12:41:48 0 d-------- C:\Program Files\iolo
2008-06-19 12:04:28 0 d-------- C:\Downloads
2008-06-19 12:04:09 0 d-------- C:\Program Files\IDA
2008-06-16 22:19:07 0 d-------- C:\Documents and Settings\Selda\Application Data\iolo
2008-06-16 15:59:54 0 d-------- C:\Documents and Settings\LocalService\Application Data\iolo
2008-06-16 15:59:52 126976 --a------ C:\WINDOWS\system32\iavlsp.dll
2008-06-16 15:59:36 0 d-------- C:\Program Files\Common Files\Authentium
2008-06-16 15:46:32 74703 --a------ C:\WINDOWS\system32\mfc45.dll
2008-06-16 15:46:26 0 d-------- C:\Documents and Settings\Jowin\Application Data\iolo
2008-06-16 15:46:26 0 d-------- C:\Documents and Settings\All Users\Application Data\iolo
2008-06-16 08:38:09 0 d-------- C:\Documents and Settings\Jowin\Application Data\Internet Download Accelerator
2008-06-15 20:34:18 0 d-------- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-06-14 13:33:47 0 d-------- C:\Documents and Settings\Selda\Application Data\Opera
2008-06-13 15:59:15 0 d-------- C:\Documents and Settings\Jowin\Application Data\Sawtooth Software, Inc
2008-06-13 15:22:36 0 d-------- C:\Documents and Settings\Jowin\Application Data\Yahoo!
2008-06-13 15:14:42 0 d-------- C:\Documents and Settings\Jowin\Application Data\Opera
2008-06-13 15:14:36 0 d-------- C:\Program Files\Opera
2008-06-13 14:36:19 0 d-------- C:\Program Files\Trend Micro
2008-06-13 14:35:03 396288 --a------ C:\HijackThis.exe <Not Verified; Trend Micro Inc.; HijackThis>
2008-06-12 22:58:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-12 22:43:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2008-06-11 17:27:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo(2)
2008-06-11 10:34:58 0 d-------- C:\Documents and Settings\Jowin\Application Data\Notepad++
2008-06-11 09:56:57 0 d-------- C:\Documents and Settings\Administrator\Templates
2008-06-11 09:56:57 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-11 09:56:57 0 d-------- C:\Documents and Settings\Administrator\Local Settings
2008-06-11 09:56:57 0 d-------- C:\Documents and Settings\Administrator\Cookies
2008-06-11 09:56:57 0 d-------- C:\Documents and Settings\Administrator\Application Data
2008-06-11 09:56:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-09 15:25:40 0 d-------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Application Data\SiteAdvisor
2008-06-09 15:25:40 0 d-------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Application Data\Launchy
2008-06-09 14:13:29 5767168 --a------ C:\Documents and Settings\Jowin\ntuser.dat
2008-06-09 14:13:27 229376 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2008-06-08 20:46:08 0 d-------- C:\Documents and Settings\Jowin\H
2008-06-08 19:01:51 0 d-------- C:\Documents and Settings\Selda\Application Data\WinPatrol
2008-06-08 18:59:20 0 d-------- C:\Documents and Settings\Selda\Application Data\Yahoo!
2008-06-08 18:10:50 0 d-------- C:\Documents and Settings\Jowin\Application Data\IObit
2008-06-08 13:35:31 0 d-------- C:\Documents and Settings\Jowin\Application Data\WinPatrol
2008-06-07 19:53:26 0 d-------- C:\Documents and Settings\Selda\Application Data\Thunderbird
2008-06-07 19:43:57 0 d-------- C:\Documents and Settings\Selda\Application Data\Macromedia
2008-06-07 19:37:05 0 d-------- C:\Documents and Settings\Selda\Application Data\Mozilla
2008-06-07 15:43:41 0 d-------- C:\Documents and Settings\Selda\Application Data\Uniblue
2008-06-07 12:21:01 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\Launchy
2008-06-07 12:20:52 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\Comodo
2008-06-07 12:20:49 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\SiteAdvisor
2008-06-07 12:20:35 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\Identities
2008-06-07 12:20:15 0 d--h----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\PrintHood
2008-06-07 12:20:15 0 d--h----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\NetHood
2008-06-07 12:20:15 0 dr------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\My Documents
2008-06-07 12:20:15 0 d--h----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Local Settings
2008-06-07 12:20:15 0 dr------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Favorites
2008-06-07 12:20:15 0 d-------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Desktop
2008-06-07 12:20:15 0 d---s---- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Cookies
2008-06-07 12:20:15 0 dr-h----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data
2008-06-07 12:20:15 0 d---s---- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Application Data\Microsoft
2008-06-07 12:20:14 0 d--h----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Templates
2008-06-07 12:20:14 0 dr------- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\Start Menu
2008-06-07 12:20:14 0 dr-h----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\SendTo
2008-06-07 12:20:14 2359296 --ah----- C:\Documents and Settings\Sathianesan.JOWIN-BC1F5E70C\ntuser.dat
2008-06-07 11:01:39 0 d-------- C:\Documents and Settings\Selda\Application Data\vlc
2008-06-07 10:57:32 0 d-------- C:\Documents and Settings\Selda\Application Data\Winamp
2008-06-07 10:53:59 0 d-------- C:\Documents and Settings\Selda\Application Data\Launchy
2008-06-07 10:53:50 0 d-------- C:\Documents and Settings\Selda\Application Data\Comodo
2008-06-07 10:53:48 0 d-------- C:\Documents and Settings\Selda\Application Data\SiteAdvisor
2008-06-07 10:53:30 0 d-------- C:\Documents and Settings\Selda\Application Data\Identities
2008-06-07 10:53:24 0 dr------- C:\Documents and Settings\Selda\Favorites
2008-06-07 10:53:24 0 d-------- C:\Documents and Settings\Selda\Desktop
2008-06-07 10:53:24 0 d---s---- C:\Documents and Settings\Selda\Cookies
2008-06-07 10:53:24 0 dr-h----- C:\Documents and Settings\Selda\Application Data
2008-06-07 10:53:24 0 d---s---- C:\Documents and Settings\Selda\Application Data\Microsoft
2008-06-07 10:53:23 0 d--h----- C:\Documents and Settings\Selda\Templates
2008-06-07 10:53:23 0 dr------- C:\Documents and Settings\Selda\Start Menu
2008-06-07 10:53:23 0 dr-h----- C:\Documents and Settings\Selda\SendTo
2008-06-07 10:53:23 0 dr-h----- C:\Documents and Settings\Selda\Recent
2008-06-07 10:53:23 0 d--h----- C:\Documents and Settings\Selda\PrintHood
2008-06-07 10:53:23 2883584 --ah----- C:\Documents and Settings\Selda\ntuser.dat
2008-06-07 10:53:23 0 d--h----- C:\Documents and Settings\Selda\NetHood
2008-06-07 10:53:23 0 dr------- C:\Documents and Settings\Selda\My Documents
2008-06-07 10:53:23 0 d--h----- C:\Documents and Settings\Selda\Local Settings
2008-06-07 06:44:17 0 d-------- C:\Program Files\Common Files\DirectX
2008-06-07 06:36:32 0 d-------- C:\Program Files\ReflexiveArcade
2008-06-06 11:38:29 0 d-------- C:\Documents and Settings\Jowin\Application Data\Netscape
2008-06-05 17:35:22 0 d-------- C:\Documents and Settings\Jowin\Application Data\Launchy
2008-06-05 17:26:23 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-06-05 14:09:26 0 d-------- C:\Documents and Settings\Jowin\Application Data\Broadband
2008-06-05 13:12:15 0 d-------- C:\Documents and Settings\Jowin\Application Data\Thunderbird
2008-06-05 11:21:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-05 10:21:11 0 d-------- C:\Program Files\Common Files\Webroot Shared
2008-06-03 10:40:14 0 d-------- C:\Documents and Settings\Jowin\Application Data\Ashampoo
2008-06-03 10:40:09 0 d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
2008-06-02 22:17:17 0 d-------- C:\Documents and Settings\Jowin\Application Data\CyberLink
2008-06-01 22:17:58 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-01 22:17:50 0 d-------- C:\Documents and Settings\Jowin\Application Data\Mozilla
2008-06-01 17:14:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-06-01 17:11:24 0 d-------- C:\Program Files\Google
2008-06-01 17:11:24 0 d-------- C:\Documents and Settings\Jowin\Application Data\Google
2008-06-01 13:40:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Uniblue
2008-05-29 17:19:23 0 d-------- C:\Documents and Settings\LocalService\Desktop
2008-05-29 17:19:23 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-05-29 16:54:11 0 d-------- C:\Documents and Settings\NetworkService\Desktop
2008-05-29 16:54:11 0 d-------- C:\Documents and Settings\NetworkService\Application Data\SiteAdvisor
2008-05-29 16:54:02 0 d-------- C:\Program Files\SiteAdvisor
2008-05-29 16:53:20 0 d-------- C:\Documents and Settings\Jowin\Application Data\SiteAdvisor
2008-05-29 16:53:20 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-05-29 16:53:20 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-29 14:50:50 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-29 14:12:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-28 21:31:55 0 d-------- C:\WINDOWS\Internet Logs
2008-05-28 21:21:28 0 d-------- C:\Program Files\CyberLink
2008-05-28 13:41:46 0 d-------- C:\Documents and Settings\Jowin\Application Data\Simply Super Software
2008-05-28 13:29:55 23 --a------ C:\WINDOWS\system32\phology
2008-05-28 10:15:47 0 d-------- C:\Documents and Settings\Jowin\Application Data\IDM
2008-05-28 10:15:46 0 d-------- C:\Documents and Settings\Jowin\Application Data\DMCache
2008-05-28 07:34:38 0 d-------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Application Data\Comodo
2008-05-28 07:34:23 0 d-------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Application Data\Identities
2008-05-28 07:34:16 0 d--h----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Templates
2008-05-28 07:34:16 0 dr------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Start Menu
2008-05-28 07:34:16 0 dr-h----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\SendTo
2008-05-28 07:34:16 0 dr-h----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Recent
2008-05-28 07:34:16 0 d--h----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\PrintHood
2008-05-28 07:34:16 0 d--h----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\NetHood
2008-05-28 07:34:16 0 dr------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\My Documents
2008-05-28 07:34:16 0 d--h----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Local Settings
2008-05-28 07:34:16 0 dr------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Favorites
2008-05-28 07:34:16 0 d-------- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Desktop
2008-05-28 07:34:16 0 d---s---- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Cookies
2008-05-28 07:34:16 0 dr-h----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Application Data
2008-05-28 07:34:16 0 d---s---- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\Application Data\Microsoft
2008-05-28 07:34:15 2097152 --ah----- C:\Documents and Settings\Wency.JOWIN-BC1F5E70C\ntuser.dat
2008-05-27 21:53:22 50688 --a------ C:\WINDOWS\system32\wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines>
2008-05-27 20:43:38 34304 --a------ C:\WINDOWS\system32\RASPPPOE.EXE <Not Verified; Robert Schlabbach; PPP over Ethernet Protocol>
2008-05-27 20:43:38 38912 --a------ C:\WINDOWS\system32\RASPPPOE.DLL <Not Verified; Robert Schlabbach; PPP over Ethernet Protocol>
2008-05-27 20:43:38 31232 --a------ C:\WINDOWS\system32\drivers\RMSPPPOE.SYS <Not Verified; Robert Schlabbach; PPP over Ethernet Protocol>
2008-05-27 20:43:37 0 d-------- C:\Program Files\Log2space Dialer
2008-05-27 18:06:40 0 d-------- C:\Program Files\Alwil Software
2008-05-27 17:51:27 0 d---s---- C:\Documents and Settings\Jowin\UserData
2008-05-27 17:26:44 0 d-------- C:\Documents and Settings\Jowin\Application Data\vlc
2008-05-27 12:40:32 299520 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-05-27 12:39:57 0 d-------- C:\Documents and Settings\Jowin\WINDOWS
2008-05-27 09:14:46 0 d-------- C:\Documents and Settings\Jowin\Application Data\dvdcss
2008-05-26 16:05:14 0 d-------- C:\WINDOWS\system32\appmgmt
2008-05-26 11:45:17 0 d-------- C:\Documents and Settings\Jowin\Application Data\Help
2008-05-25 19:58:44 0 d-------- C:\Documents and Settings\Jowin\Application Data\Macromedia
2008-05-25 13:41:21 0 d-------- C:\Documents and Settings\Jowin\Application Data\Winamp
2008-05-25 13:30:39 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-05-24 15:34:35 0 d-------- C:\Documents and Settings\Sathianesan\Application Data\Nero
2008-05-24 15:34:03 0 d-------- C:\Documents and Settings\Sathianesan\Application Data\Comodo
2008-05-24 15:33:49 0 d-------- C:\Documents and Settings\Sathianesan\Templates
2008-05-24 15:33:49 786432 --ah----- C:\Documents and Settings\Sathianesan\NTUSER.DAT
2008-05-24 15:33:49 0 d-------- C:\Documents and Settings\Sathianesan\Local Settings
2008-05-24 15:33:49 0 d-------- C:\Documents and Settings\Sathianesan\Favorites
2008-05-24 15:33:49 0 d-------- C:\Documents and Settings\Sathianesan\Cookies
2008-05-24 15:33:49 0 d-------- C:\Documents and Settings\Sathianesan\Application Data
2008-05-24 15:33:49 0 d-------- C:\Documents and Settings\Sathianesan\Application Data\Microsoft
2008-05-24 13:32:41 0 d-------- C:\Program Files\Common Files\L&H
-- Find3M Report ---------------------------------------------------------------
2008-06-20 11:36:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-17 15:49:45 0 d-------- C:\Program Files\Common Files
2008-06-14 18:15:30 10 --a------ C:\WINDOWS\popcinfo.dat
2008-06-13 14:05:04 0 d-------- C:\Documents and Settings\Jowin\Application Data\Comodo
2008-06-01 13:40:13 0 d-------- C:\Documents and Settings\Jowin\Application Data\Uniblue
2008-05-29 16:40:42 0 d-------- C:\Program Files\Online Services
2008-05-29 16:40:18 0 d-------- C:\Program Files\Windows NT
2008-05-25 15:25:11 0 d-------- C:\Program Files\AskTBar
2008-05-25 13:26:41 0 d-------- C:\Documents and Settings\Jowin\Application Data\Winamp(2)
2008-05-25 13:26:38 0 d-------- C:\Program Files\DFX
2008-05-22 03:11:14 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-22 03:11:12 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-22 03:10:49 62 --ahs---- C:\Documents and Settings\Jowin\Application Data\desktop.ini
2008-05-21 22:25:37 0 d-------- C:\Documents and Settings\Jowin\Application Data\Nero
2008-05-21 22:25:09 0 d-------- C:\Program Files\Common Files\Nero
2008-05-21 22:23:09 0 d-------- C:\Program Files\Nero
2008-05-21 22:10:51 0 d-------- C:\Program Files\Microsoft.NET
2008-05-21 22:10:47 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-05-21 22:06:08 0 d-------- C:\Program Files\Samsung ML-1610 Series
2008-05-21 22:06:06 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-21 21:58:42 0 d-------- C:\Program Files\Realtek
2008-05-21 21:58:38 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-21 21:55:06 0 d-------- C:\Documents and Settings\Jowin\Application Data\InstallShield
2008-05-21 21:54:15 0 d-------- C:\Documents and Settings\Jowin\Application Data\Identities
2008-05-21 21:50:22 0 d-------- C:\Program Files\microsoft frontpage
2008-05-21 21:50:08 0 -rahs---- C:\MSDOS.SYS
2008-05-21 21:50:08 0 -rahs---- C:\IO.SYS
2008-05-21 21:50:08 0 --a------ C:\CONFIG.SYS
2008-05-21 21:50:08 0 --a------ C:\AUTOEXEC.BAT
2008-05-21 21:49:03 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-21 21:48:16 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-21 21:48:08 0 d-------- C:\Program Files\Movie Maker
2008-05-21 21:47:27 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-21 21:47:03 0 d-------- C:\Program Files\Messenger
2008-05-21 21:46:59 0 d-------- C:\Program Files\MSN Gaming Zone
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/04/2007 02:44 PM]
"nwiz"="nwiz.exe" [10/04/2007 02:44 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/04/2007 02:44 PM]
"RTHDCPL"="RTHDCPL.EXE" [05/10/2007 03:38 PM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 04:13 PM C:\WINDOWS\Alcmtr.exe]
"Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [07/03/2005 12:50 PM]
"WinPatrol"="D:\WinPatrol\winpatrol.exe" [04/25/2008 11:01 PM]
"COMODO Firewall Pro"="D:\Comodo\Firewall\cfp.exe" [05/31/2008 01:36 PM]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [06/03/2008 12:37 PM]
"avast!"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [05/16/2008 04:49 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TakeABreak"="D:\\TakeABreak.exe" [02/11/2005 12:14 AM]
"Internet Download Accelerator"="C:\Program Files\IDA\ida.exe" [02/14/2008 06:08 PM]
"SMSystemAnalyzer"="D:\System Mechanic 6\SMSystemAnalyzer.exe" [12/20/2006 12:38 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Launchy.lnk - D:\Launchy\Launchy.exe [6/5/2008 5:35:08 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= C:\WINDOWS\system32\guard32.dll
-- Hosts -----------------------------------------------------------------------
127.0.0.1
http://www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
http://www.008k.com127.0.0.1 008k.com
127.0.0.1
http://www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
http://www.032439.com127.0.0.1 032439.com
8697 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-06-24 08:56:38 ------------
Log file made by Deckard system scanner wuth name extra.txtDeckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
CPU 1: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Percentage of Memory in Use: 32%
Physical Memory (total/avail): 1791.17 MiB / 1202.14 MiB
Pagefile Memory (total/avail): 3685.82 MiB / 3240.14 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.41 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 39.06 GiB total, 31.78 GiB free.
D: is Fixed (NTFS) - 39.06 GiB total, 37.51 GiB free.
E: is Fixed (NTFS) - 39.06 GiB total, 38.08 GiB free.
F: is Fixed (NTFS) - 31.86 GiB total, 28.99 GiB free.
G: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - WDC WD1600AABS-00PRA0 - 149.05 GiB - 4 partitions
\PARTITION0 (bootable) - Installable File System - 39.06 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 109.98 GiB - D: - E: - F:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
UpdatesDisableNotify is set.
AntivirusOverride is set.
FW: COMODO Firewall Pro v3.0 (COMODO)
AV: avast! antivirus 4.8.1201 [VPS 080623-1] v4.8.1201 (ALWIL Software)
AV: Ashampoo AntiVirus v1.0.0.0 (Ashampoo GmbH)
Disabled Outdated[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="D:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"D:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="D:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\iolo\\AntiVirus\\ioloAV.exe"="C:\\Program Files\\iolo\\AntiVirus\\ioloAV.exe:*:Enabled:iolo AntiVirus®"
"C:\\Program Files\\iolo\\AntiVirus\\iAVEmailScanner.exe"="C:\\Program Files\\iolo\\AntiVirus\\iAVEmailScanner.exe:*:Enabled:iolo AntiVirus® Email Protection"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Jowin\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JOWIN-BC1F5E70C
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Jowin
LOGONSERVER=\\JOWIN-BC1F5E70C
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Jowin\LOCALS~1\Temp
TMP=C:\DOCUME~1\Jowin\LOCALS~1\Temp
USERDOMAIN=JOWIN-BC1F5E70C
USERNAME=Jowin
USERPROFILE=C:\Documents and Settings\Jowin
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Sathianesan.JOWIN-BC1F5E70C
(admin)Jowin
(admin)Wency.JOWIN-BC1F5E70C
(new local, admin)Selda
(admin)Administrator.JOWIN-BC1F5E70C
(new local, admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B21B14F-403B-442E-86E1-3A912D70033D}\Setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
a-squared Anti-Malware 3.5 --> "C:\Program Files\a-squared Anti-Malware\unins000.exe"
Ashampoo WinOptimizer 4.51 --> "D:\Ashampoo WinOptimizer 4\unins000.exe"
Authentium AntiVirus SDK - 2 --> MsiExec.exe /I{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only) --> "D:\CCleaner\uninst.exe"
Foxit Reader --> D:\Foxit Reader\Uninstall.exe
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\HijackThis.exe" /uninstall
InstallShield for Microsoft Visual C++ 6 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\InstallShield\InstallShield for Microsoft Visual C++ 6\Uninst.isu"
Internet Download Accelerator version 5.6 --> "C:\Program Files\IDA\unins000.exe"
iolo technologies' System Mechanic 6 --> "D:\System Mechanic 6\unins000.exe"
IZArc 3.81 --> "C:\Program Files\IZArc\unins000.exe"
KP Typing Tutor v3.2 Beta International Edition --> "D:\KP Typing Tutor\unins000.exe"
Launchy 2.0 --> "D:\Launchy\unins000.exe"
Log2space Dialer 1.0 --> "C:\Program Files\Log2space Dialer\unins000.exe"
McAfee SiteAdvisor --> C:\Program Files\SiteAdvisor\6261\uninstall.exe
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSCIT Demo Exam --> D:\MS-CIT\Uninstal.exe
MusicMatch Jukebox --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MusicMatch\MusicMatch Jukebox\Uninst.isu" -cC:\PROGRA~1\MusicMatch\MusicMatch Jukebox\unmatch.dll
Nero 8 Essentials --> MsiExec.exe /X{CB3AA457-6FAD-4C68-8DB5-186D1F121033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NSIS Tuxtype2 (remove only) --> "D:\Tuxtype2\uninstall.exe"
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Opera 9.50 --> MsiExec.exe /X{70B96CD0-FDF2-489E-8FA0-0F92ED599368}
PPP over Ethernet Protocol 0.98 --> C:\WINDOWS\system32\RASPPPOE.EXE /remove
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Recuva (remove only) --> "D:\Recuva\uninst.exe"
Samsung ML-1610 Series --> C:\WINDOWS\Samsung\ML-1610\SETUP.EXE
Unlocker 1.8.7 --> D:\Unlocker\uninst.exe
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6d --> D:\VLC\uninstall.exe
Winamp --> "D:\Winamp\UninstWA.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPatrol 2008 --> D:\WinPatrol\Setup.exe /remove /q0
Yahoo! Messenger --> D:\Program Files\Yahoo!\MESSEN~1\UNWISE.EXE D:\Program Files\Yahoo!\MESSEN~1\INSTALL.LOG
-- Application Event Log -------------------------------------------------------
Event Record #/Type279 / Error
Event Submitted/Written: 06/24/2008 08:50:50 AM
Event ID/Source: 11921 / MsiInstaller
Event Description:
Product: Authentium AntiVirus SDK - 2 -- Error 1921. Service 'dvpapi' (DvpApi) could not be stopped. Verify that you have sufficient privileges to stop system services.
Event Record #/Type273 / Warning
Event Submitted/Written: 06/24/2008 08:45:10 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}', feature 'AV_DVP' failed during request for component '{E39DB87F-D2CB-42FF-AAA4-72E708258DC6}'
Event Record #/Type272 / Warning
Event Submitted/Written: 06/24/2008 08:45:10 AM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}', feature 'AV_DVP', component '{207AD740-F307-4F4C-B354-E035CF9FCB6C}' failed. The resource 'HKEY_LOCAL_MACHINE\Software\Antivirus\' does not exist.
Event Record #/Type267 / Warning
Event Submitted/Written: 06/24/2008 07:48:15 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}', feature 'AV_DVP' failed during request for component '{E39DB87F-D2CB-42FF-AAA4-72E708258DC6}'
Event Record #/Type266 / Warning
Event Submitted/Written: 06/24/2008 07:48:15 AM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}', feature 'AV_DVP', component '{207AD740-F307-4F4C-B354-E035CF9FCB6C}' failed. The resource 'HKEY_LOCAL_MACHINE\Software\Antivirus\' does not exist.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type11135 / Warning
Event Submitted/Written: 06/24/2008 08:55:01 AM
Event ID/Source: 39 / RMSPPPOE
Event Description:
Received a PPPoE Active Discovery Terminate packet with an invalid session ID.
Ignoring this packet.
Event Record #/Type11117 / Error
Event Submitted/Written: 06/24/2008 08:46:42 AM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The dvpapi service hung on starting.
Event Record #/Type11101 / Error
Event Submitted/Written: 06/24/2008 07:49:45 AM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The dvpapi service hung on starting.
Event Record #/Type11100 / Warning
Event Submitted/Written: 06/24/2008 07:48:48 AM
Event ID/Source: 39 / RMSPPPOE
Event Description:
Received a PPPoE Active Discovery Terminate packet with an invalid session ID.
Ignoring this packet.
Event Record #/Type11093 / Warning
Event Submitted/Written: 06/23/2008 10:16:26 PM
Event ID/Source: 63 / RMSPPPOE
Event Description:
Received a PPPoE Session packet for an unknown session.
Ignoring this packet.
-- End of Deckard's System Scanner: finished at 2008-06-24 08:56:38 ------------[/color][/color]