Thanks for reply, scan log files attached. cheers
Deckard's System Scanner v20071014.68
Run by andrew adams on 2008-07-05 10:55:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
9: 2008-07-05 09:55:52 UTC - RP9 - Deckard's System Scanner Restore Point
8: 2008-07-04 20:37:57 UTC - RP8 - Advanced WindowsCare RestorePoint
7: 2008-07-04 20:33:58 UTC - RP7 - Revo Uninstaller's restore point - dBpoweramp Music Converter
6: 2008-07-04 20:20:25 UTC - RP6 - Removed Sony Ericsson PC Suite
5: 2008-07-04 20:16:34 UTC - RP5 - Revo Uninstaller's restore point - Sony Ericsson PC Suite
-- First Restore Point --
1: 2008-07-04 14:08:07 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 224 MiB (512 MiB recommended).-- HijackThis (run as andrew adams.exe) ----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:59, on 05/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\IObit\Advanced WindowsCare 3 Beta\AWC.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\ANDREW~1\LOCALS~1\Temp\dss.exe
C:\PROGRA~1\Trend Micro\HijackThis\andrew adams.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.virginmedia.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
http://www.crawler.com/search/ie.aspx?tb_id=60076R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch =
http://dnl.crawler.com/support/sa_custo ... TbId=60076R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.crawler.com/search/ie.aspx?tb_id=60076R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://dnl.crawler.com/support/sa_custo ... TbId=60076R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: (no name) - {12BF259D-F58E-4707-9DF4-D8E9461C8C4A} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {408752EF-9206-4CF9-92A1-742723840FB2} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {68D34A20-BDFD-412B-AB60-DC34BB1AEF23} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {B5524D09-1E03-4D09-B967-8D5AE29D13FB} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [Advanced WindowsCare 3] "C:\Program Files\IObit\Advanced WindowsCare 3 Beta\AWC.exe" /startup
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\System32\shdocvw.dll
O15 - Trusted Zone:
http://www.ashampoo.co.ukO15 - Trusted Zone:
http://www.bananalotto.co.ukO15 - Trusted Zone:
http://www.jackpotjoy.comO15 - Trusted Zone:
http://www.kinglotto.co.ukO15 - Trusted Zone:
http://www.loopylotto.co.ukO15 - Trusted Zone:
http://www.luckysurf.co.ukO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} -
http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) -
http://h20264.www2.hp.com/ediags/dd/ins ... csxp2k.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 3390563015O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} -
http://sib1.od2.com/common/musicmanager ... Plugin.CABO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: awtsQihe - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 7775 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 hotcore - c:\windows\system32\drivers\hotcore.sys <Not Verified; Paragon Software Group; HotBackup>
R3 pgfilter - c:\program files\peerguardian2\pgfilter.sys
S3 ASFWHide - c:\docume~1\andrew~1\locals~1\temp\asfwhide (file missing)
S3 DarkSpy - c:\windows\system32\darkspykernel.sys (file missing)
S3 MTC0001_MPB (MPB device driver) - c:\windows\system32\ntmpb.sys <Not Verified; ; ESB driver>
S3 PSI - c:\windows\system32\drivers\psi_mf.sys <Not Verified; Secunia; Secunia Personal Software Inspector>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-07-05 10:37:25 426 --a------ C:\WINDOWS\Tasks\AWC Update.job
2008-07-04 20:56:59 414 --a------ C:\WINDOWS\Tasks\AWC AutoSweep.job
2008-07-04 17:04:55 420 --a------ C:\WINDOWS\Tasks\AWC AutoCare.job
2008-07-03 20:11:20 284 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2008-07-03 20:09:47 406 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
2008-07-03 12:14:57 352 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job
2008-07-03 11:24:09 278 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
-- Files created between 2008-06-05 and 2008-07-05 -----------------------------
2008-07-04 20:01:25 0 d-------- C:\Documents and Settings\andrew adams\Application Data\AccurateRip
2008-07-04 20:00:39 0 d-------- C:\Program Files\Illustrate
2008-07-04 19:20:41 0 d-------- C:\Program Files\Disc2Phone
2008-07-04 19:17:32 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Sony Ericsson
2008-07-04 19:16:43 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Teleca
2008-07-04 19:10:45 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-07-04 19:08:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-07-04 19:08:14 0 d-------- C:\Program Files\Sony Ericsson
2008-07-04 18:29:18 0 d-------- C:\Program Files\Trend Micro
2008-07-04 15:13:57 0 dr-h----- C:\Documents and Settings\andrew adams\Recent
2008-07-03 20:13:36 345 --ahs---- C:\WINDOWS\system32\BIPVwGgh.ini2
2008-07-03 10:50:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Uniblue
2008-07-03 10:50:03 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Uniblue
2008-07-03 10:49:18 0 d-------- C:\Program Files\Uniblue
2008-07-02 12:51:36 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-07-02 12:45:07 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-29 23:09:37 90668 --a------ C:\WINDOWS\system32\vobis32.dll
2008-06-29 23:09:37 0 d-------- C:\Documents and Settings\andrew adams\Application Data\IObit
2008-06-29 12:51:27 0 d-------- C:\Program Files\IObit
2008-06-29 11:10:40 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Malwarebytes
2008-06-29 11:10:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-29 11:10:19 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-27 12:26:50 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Ahead
2008-06-27 12:24:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-06-27 12:14:10 0 d-------- C:\Program Files\Nero
2008-06-27 12:14:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-25 11:44:24 0 d-------- C:\Program Files\MSXML 4.0
2008-06-21 15:52:22 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-06-21 15:52:15 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified;
http://www.helixcommunity.org; Helix YV12 YUV Codec>
2008-06-21 15:52:13 159839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-21 15:52:13 755027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-21 15:52:11 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-06-21 15:52:11 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-06-21 15:52:04 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-21 15:51:47 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-06-21 12:01:04 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Real
2008-06-20 19:59:29 0 d-------- C:\Program Files\PeerGuardian2
2008-06-19 22:00:18 0 d-------- C:\WINDOWS\pss
2008-06-18 18:34:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-18 18:15:33 0 d-------- C:\Program Files\Realtek AC97
2008-06-18 17:06:18 0 d-------- C:\Program Files\uTorrent
2008-06-18 17:06:12 0 d-------- C:\Documents and Settings\andrew adams\Application Data\uTorrent
2008-06-18 16:43:47 0 d-------- C:\Program Files\sisagp
2008-06-18 16:43:40 110592 --a------ C:\WINDOWS\system32\TVMode.dll <Not Verified; Silicon Integrated Systems Corporation; TVModeLib Dynamic Link Library>
2008-06-18 16:43:39 65536 --a------ C:\WINDOWS\system32\SiSHook.dll <Not Verified; Silicon Integrated Systems Corporation; SiSHook Dynamic Link Library>
2008-06-18 16:43:23 49152 --a------ C:\WINDOWS\system32\SiSPower.dll <Not Verified; Silicon Integrated Systems Corporation; SiS Power Scheme Library>
2008-06-18 16:43:23 258048 --a------ C:\WINDOWS\system32\SiSParse.dll <Not Verified; Silicon Integrated Systems Corporation; SiS (R) Compatible Super VGA Script Parser Dynamic Link Library>
2008-06-18 16:43:23 49152 --a------ C:\WINDOWS\system32\SiSBase.dll <Not Verified; Silicon Integrated Systems Corporation; SiS (R) Compatible Super VGA SiSBase Dynamic Link Library>
2008-06-18 16:43:22 36864 --a------ C:\WINDOWS\InstFunc.exe
2008-06-18 16:43:22 7168 --a------ C:\WINDOWS\InstFunc.dll <Not Verified; Silicon Integrated Systems Corporation; SiS (R) Compatible Super VGA InstFunc Dynamic Link Library>
2008-06-18 16:40:55 0 d-------- C:\Program Files\SiS VGA Utilities V3.73
2008-06-18 16:28:16 0 d-------- C:\Documents and Settings\andrew adams\Application Data\WinRAR
2008-06-17 22:36:27 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-06-17 16:44:31 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Image Zone Express
2008-06-17 16:40:02 0 d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-06-17 16:33:38 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-17 16:28:38 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-06-17 16:16:18 57344 --a------ C:\WINDOWS\system32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows>
2008-06-17 16:16:18 73728 --a------ C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
2008-06-17 16:16:18 61440 --a------ C:\WINDOWS\system32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows>
2008-06-17 16:16:17 94208 --a------ C:\WINDOWS\system32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows>
2008-06-17 16:16:17 204800 --a------ C:\WINDOWS\system32\HPZipr12.dll <Not Verified; HP; HP PmlRtl>
2008-06-17 16:16:17 278584 --a------ C:\WINDOWS\system32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl>
2008-06-17 13:33:40 0 d-------- C:\Program Files\Eusing Free Registry Cleaner
2008-06-16 22:44:47 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-06-16 22:44:29 0 d-------- C:\Program Files\COMODO
2008-06-16 20:28:43 0 d-------- C:\Program Files\VS Revo Group
2008-06-16 18:03:50 0 d-------- C:\WINDOWS\Sun
2008-06-16 16:47:24 0 d-------- C:\Program Files\Java
2008-06-16 16:47:15 0 d-------- C:\Program Files\Common Files\Java
2008-06-16 16:44:56 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Sun
2008-06-16 14:41:33 0 d-------- C:\Documents and Settings\andrew adams\Application Data\OpenOffice.org2
2008-06-16 14:31:34 0 d-------- C:\Program Files\OpenOffice.org 2.4
2008-06-16 09:31:08 7808 --a------ C:\WINDOWS\system32\drivers\psi_mf.sys <Not Verified; Secunia; Secunia Personal Software Inspector>
2008-06-15 21:39:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-06-15 21:27:21 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-15 21:06:22 0 d-------- C:\Program Files\Secunia
2008-06-15 15:46:04 30820 --a------ C:\WINDOWS\system32\drivers\hotcore.sys <Not Verified; Paragon Software Group; HotBackup>
2008-06-15 15:45:36 232960 --a------ C:\WINDOWS\system32\prgiso.dll
2008-06-15 15:45:28 8192 --a------ C:\WINDOWS\system32\wnaspi32.dll
2008-06-15 15:45:28 4239360 --a------ C:\WINDOWS\system32\qtp-mt334.dll
2008-06-15 15:44:50 0 d-------- C:\Program Files\Paragon Software
2008-06-15 14:10:01 0 d-------- C:\Program Files\Common Files\HP
2008-06-15 13:07:25 112892 --a------ C:\WINDOWS\hpoins07.dat
2008-06-15 13:07:24 21124 -----n--- C:\WINDOWS\hpomdl07.dat
2008-06-15 13:06:32 0 d-------- C:\Documents and Settings\andrew adams\Application Data\HP
2008-06-15 13:02:05 98304 --a------ C:\WINDOWS\system32\hpzjsn01.dll <Not Verified; Hewlett Packard Company; HPJZSN01 Dynamic Link Library>
2008-06-15 12:52:08 0 d-------- C:\Temp
2008-06-15 12:28:41 0 d-------- C:\Program Files\Hp
2008-06-15 11:57:11 0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-15 11:21:12 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Thunderbird
2008-06-15 11:21:12 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Mozilla
2008-06-15 11:20:22 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-06-15 11:18:40 0 d-------- C:\Documents and Settings\andrew adams\Application Data\MiniDm
2008-06-14 23:58:02 0 d-------- C:\Documents and Settings\andrew adams\Application Data\IEPro
2008-06-14 23:56:47 0 d-------- C:\Program Files\IEPro
2008-06-14 18:31:07 0 d-------- C:\Documents and Settings\LocalService\Application Data\PCToolsFirewallPlus
2008-06-14 18:30:22 0 d-------- C:\Documents and Settings\LocalService\Application Data\PCToolsSpamMonitorPlus
2008-06-14 16:50:28 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-14 16:46:05 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-14 16:46:05 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-14 16:13:41 0 d-------- C:\Program Files\CCleaner
2008-06-14 15:22:36 0 d-------- C:\Program Files\Alwil Software
2008-06-14 15:11:15 0 d-------- C:\Program Files\PCPitstop
2008-06-14 12:04:26 0 d-------- C:\WINDOWS\Prefetch
2008-06-14 11:52:02 0 d-------- C:\Program Files\Messengeroff
2008-06-14 11:51:15 0 d-------- C:\WINDOWS\system32\scripting
2008-06-14 11:51:10 0 d-------- C:\WINDOWS\l2schemas
2008-06-14 11:51:08 0 d-------- C:\WINDOWS\system32\en
2008-06-14 11:42:44 0 d-------- C:\WINDOWS\network diagnostic
2008-06-14 03:27:54 446464 --a------ C:\WINDOWS\system32\wmvdmoe.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-06-14 03:27:53 1677312 --a------ C:\WINDOWS\system32\wmvcore2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-06-14 03:27:52 311327 --a------ C:\WINDOWS\system32\wmv8dmod.dll <Not Verified; Microsoft Corporation; Window Media Video>
2008-06-14 03:27:50 77824 --a------ C:\WINDOWS\system32\wmpstub.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2008-06-14 03:22:38 241725 --a------ C:\WINDOWS\system32\msuni11.dll <Not Verified; Microsoft Corporation; Microsoft (R) Jet>
2008-06-14 03:22:20 368710 --a------ C:\WINDOWS\system32\msisam11.dll <Not Verified; Microsoft Corporation; Microsoft (R) Jet>
2008-06-14 03:21:48 163840 --a------ C:\WINDOWS\system32\mindex.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2008-06-14 03:13:03 0 d-------- C:\WINDOWS\I386
2008-06-14 03:06:51 0 dr------- C:\Program Files
2008-06-14 03:06:48 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-06-14 03:06:48 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-14 03:06:48 0 d--h----- C:\Documents and Settings\Default User\Local Settings
2008-06-14 03:06:47 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-14 03:06:47 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-06-14 03:06:42 0 dr------- C:\Documents and Settings\All Users\Documents
2008-06-14 03:06:41 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-14 03:04:29 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-14 02:59:30 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-14 02:56:32 0 d-------- C:\WINDOWS\CACHE
2008-06-14 02:45:06 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-06-14 02:04:56 0 d-------- C:\WINDOWS\provisioning
2008-06-14 02:01:28 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-14 01:49:01 0 d-------- C:\WINDOWS\EHome
2008-06-14 00:43:13 0 d-------- C:\WINDOWS\WinRAR
2008-06-14 00:01:59 0 d-------- C:\Documents and Settings\andrew adams\Application Data\RetinaX
2008-06-13 23:33:49 0 d-------- C:\Documents and Settings\andrew adams\Application DataRetinax
2008-06-13 23:28:07 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Macromedia
2008-06-13 23:28:07 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Adobe
2008-06-13 23:17:17 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Comodo
2008-06-13 22:22:56 171280 --a------ C:\WINDOWS\system32\jit.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:56 139536 --a------ C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:56 46352 --a------ C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:55 313856 --a------ C:\WINDOWS\system32\dx3j.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Java>
2008-06-13 22:22:55 6550 --a------ C:\WINDOWS\jautoexp.dat
2008-06-13 22:22:48 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-06-13 22:22:48 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-06-13 22:22:47 171792 --a------ C:\WINDOWS\system32\wjview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:47 286992 --a------ C:\WINDOWS\system32\vmhelper.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:46 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:46 947472 --a------ C:\WINDOWS\system32\msjava.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:45 154384 --a------ C:\WINDOWS\system32\msawt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:44 172304 --a------ C:\WINDOWS\system32\jview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:42 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:41 404752 --a------ C:\WINDOWS\system32\javart.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:40 63248 --a------ C:\WINDOWS\system32\javaprxy.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:22:39 187152 --a------ C:\WINDOWS\system32\javacypt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:18:51 49424 --a------ C:\WINDOWS\system32\clspack.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2008-06-13 22:04:33 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-13 21:58:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-13 20:56:40 0 d-------- C:\WINDOWS\system32\bits
2008-06-13 20:55:07 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-13 20:55:01 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-13 20:50:58 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-13 20:49:41 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-13 20:42:23 0 dr------- C:\Documents and Settings\andrew adams\Favorites
2008-06-13 20:42:23 0 d-------- C:\Documents and Settings\andrew adams\Desktop
2008-06-13 20:42:23 0 d--hs---- C:\Documents and Settings\andrew adams\Cookies
2008-06-13 20:42:23 0 dr-h----- C:\Documents and Settings\andrew adams\Application Data
2008-06-13 20:42:23 0 d-------- C:\Documents and Settings\andrew adams\Application Data\Identities
2008-06-13 20:42:22 0 d-------- C:\Documents and Settings\andrew adams\WINDOWS
2008-06-13 20:42:22 0 d--hs---- C:\Documents and Settings\andrew adams\UserData
2008-06-13 20:42:22 0 d--h----- C:\Documents and Settings\andrew adams\Templates
2008-06-13 20:42:22 0 dr------- C:\Documents and Settings\andrew adams\Start Menu
2008-06-13 20:42:22 0 dr-h----- C:\Documents and Settings\andrew adams\SendTo
2008-06-13 20:42:22 0 d--h----- C:\Documents and Settings\andrew adams\PrintHood
2008-06-13 20:42:22 5242880 --ah----- C:\Documents and Settings\andrew adams\NTUSER.DAT
2008-06-13 20:42:22 0 d--h----- C:\Documents and Settings\andrew adams\NetHood
2008-06-13 20:42:22 0 dr------- C:\Documents and Settings\andrew adams\My Documents
2008-06-13 20:42:22 0 d--h----- C:\Documents and Settings\andrew adams\Local Settings
2008-06-13 20:40:29 0 d-------- C:\Documents and Settings\Default User\WINDOWS
2008-06-13 20:40:29 0 d---s---- C:\Documents and Settings\Default User\UserData
2008-06-13 20:37:59 0 d--hs---- C:\System Volume Information
-- Find3M Report ---------------------------------------------------------------
2008-07-04 21:30:22 0 d-------- C:\Program Files\Common Files
2008-07-02 14:34:13 2165 --a------ C:\Documents and Settings\andrew adams\Application Data\HPSU_48BitScanUpdate.log
2008-07-02 14:08:35 24133 --a------ C:\Documents and Settings\andrew adams\Application Data\Update_HP_RedboxHprblog_HPSU.log
2008-07-02 14:08:16 139264 --a------ C:\WINDOWS\system32\hpzjrd01.dll <Not Verified; Hewlett Packard; Hewlett Packard Rediscovery Library>
2008-06-27 12:21:39 0 d-------- C:\Program Files\Common Files\Ahead
2008-06-27 11:51:47 0 d-------- C:\Program Files\Ahead
2008-06-26 16:38:25 0 d-------- C:\Program Files\Common Files\AOL
2008-06-18 16:45:49 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-17 22:31:34 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-14 11:51:07 0 d-------- C:\Program Files\Movie Maker
2008-06-14 11:45:59 0 d-------- C:\Program Files\Windows NT
2008-06-14 03:32:13 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT
2008-06-13 20:49:39 0 d--h----- C:\Program Files\WindowsUpdate
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{12BF259D-F58E-4707-9DF4-D8E9461C8C4A}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
11/06/2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{408752EF-9206-4CF9-92A1-742723840FB2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68D34A20-BDFD-412B-AB60-DC34BB1AEF23}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B5524D09-1E03-4D09-B967-8D5AE29D13FB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [04/02/2003 01:49]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [06/12/2007 17:20]
"SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [09/03/2006 03:03]
"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [24/09/2002 09:50]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [16/06/2008 22:44]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 00:19]
"SiSPower"="SiSPower.dll" [09/03/2006 03:04 C:\WINDOWS\system32\SiSPower.dll]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12/06/2008 02:38]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [30/01/2007 00:39]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [27/06/2008 16:47]
"Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [03/07/2008 12:10]
"Advanced WindowsCare 3"="C:\Program Files\IObit\Advanced WindowsCare 3 Beta\AWC.exe" [22/06/2008 11:31]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [5/11/2005 11:23:26 PM]
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe [3/5/2004 4:17:24 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtsQihe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= C:\WINDOWS\system32\guard32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^andrew adams^Start Menu^Programs^Startup^Secunia PSI (RC3).lnk]
backup=C:\WINDOWS\pss\Secunia PSI (RC3).lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced WindowsCare 3]
"C:\Program Files\IObit\Advanced WindowsCare 3 Beta\AWC.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3 (0x3)
"Fax"=2 (0x2)
"NMIndexingService"=3 (0x3)
"RDSessMgr"=3 (0x3)
"RasMan"=3 (0x3)
"RasAuto"=3 (0x3)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a4f83948-397f-11dd-beb4-00038a000015}]
AutoRun\command- E:\setup.exe
*Newly Created Service* - PGFILTER
-- Hosts -----------------------------------------------------------------------
127.0.0.1
http://www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
http://www.008k.com127.0.0.1 008k.com
127.0.0.1
http://www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
http://www.032439.com127.0.0.1 032439.com
8772 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-07-05 11:11:42 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English
CPU 0: Intel(R) Celeron(R) CPU 2.60GHz
Percentage of Memory in Use: 84%
Physical Memory (total/avail): 223.48 MiB / 35.12 MiB
Pagefile Memory (total/avail): 4208.3 MiB / 3760.77 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1890.02 MiB
C: is Fixed (NTFS) - 37.26 GiB total, 23.27 GiB free.
D: is CDROM (No Media)
E: is CDROM (CDFS)
F: is Fixed (NTFS) - 37.62 GiB total, 28.95 GiB free.
G: is Fixed (NTFS) - 39.07 GiB total, 38.68 GiB free.
\\.\PHYSICALDRIVE0 - TOSHIBA MK4025GAS - 37.26 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.26 GiB - C:
\\.\PHYSICALDRIVE1 - HDS72808 0PLAT20 USB Device - 76.69 GiB - 2 partitions
\PARTITION0 - Installable File System - 37.62 GiB - F:
\PARTITION1 - Extended w/Extended Int 13 - 39.07 GiB - G:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\andrew adams\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OWNER-K3KASNB05
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\andrew adams
LOGONSERVER=\\OWNER-K3KASNB05
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Thunderbird;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Teleca Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ANDREW~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ANDREW~1\LOCALS~1\Temp
USERDOMAIN=OWNER-K3KASNB05
USERNAME=andrew adams
USERPROFILE=C:\Documents and Settings\andrew adams
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
andrew adams
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x9 -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Abacast Client --> C:\Documents and Settings\andrew adams\Local Settings\Application Data\Abacast\uninst.exe
Adobe AIR --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Advanced WindowsCare 3 Beta --> "C:\Program Files\IObit\Advanced WindowsCare 3 Beta\unins000.exe"
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
COMODO Firewall Pro --> C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
Eusing Free Registry Cleaner --> C:\PROGRA~1\EUSING~1\UNWISE.EXE C:\PROGRA~1\EUSING~1\INSTALL.LOG
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Driver Diagnostics --> MsiExec.exe /X{624D19C3-D55D-4368-BC10-9B53036D8358}
HP Image Zone Express --> MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
IE7Pro --> C:\Program Files\IEPro\uninst.exe
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 3.9.5 (Full) --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaBar --> C:\WINDOWS\Downloaded Program Files\MusicManagerUnInstaller.exe "C:\WINDOWS\Downloaded Program Files\MusicManagerPlugin.ocx" "{C45B1500-7B63-47C2-AB25-C28CB46AFDEE}"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Mozilla Thunderbird (2.0.0.14) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
Nero 7 Premium --> MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OpenOffice.org 2.4 --> MsiExec.exe /I{80851370-07CF-477B-837D-F2E488916CFE}
Paragon Drive Backup 8 Special Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5F9662B9-ED3F-4F02-9DEE-EFA1F95F629F}\Setup.exe" -l0x9
PC Pitstop Driver Alert 1.0 --> "C:\Program Files\PCPitstop\Driver Alert\unins000.exe"
PC Pitstop Optimize 1.0v --> "C:\Program Files\PCPitstop\Optimize\unins000.exe"
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
Revo Uninstaller 1.71 --> C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Secunia PSI (RC3) --> "C:\Program Files\Secunia\PSI (RC3)\uninstall.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SiS 650 --> RUNDLL32 setuplib.dll,UnInstall ,315&ISUNINST -f"C:\PROGRA~1\SISCOM~1.14A\DeIsL1.isu"&P.U 4 sisgr.inf&-1
SiS 900 PCI Fast Ethernet Adapter Driver --> C:\WINDOWS\SiS\900\Uninst.exe
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R,oem24.inf
SiSAGP driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x9
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Uniblue SpeedUpMyPC 3 --> "C:\Program Files\Uniblue\SpeedUpMyPC 3\unins000.exe"
Uniblue SpyEraser --> "C:\Program Files\Uniblue\SpyEraser\unins000.exe"
Unlocker 1.8.7 --> C:\Program Files\Unlocker\uninst.exe
Update Service --> C:\Program Files\Sony Ericsson\Update Service\uninst.exe
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR --> "C:\WINDOWS\WinRAR\uninstall.exe" "/U:C:\Program Files\WinRAR\Uninstall\uninstall.xml"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type864 / Warning
Event Submitted/Written: 07/04/2008 09:56:39 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{C506A18C-1469-4678-B094-F4EC9DAE6DB7}', feature 'Scan' failed during request for component '{5FF21F12-FDC3-4FB0-A6BE-04FE524B1C11}'
Event Record #/Type863 / Warning
Event Submitted/Written: 07/04/2008 09:56:39 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{C506A18C-1469-4678-B094-F4EC9DAE6DB7}', feature 'Scan', component '{00F96358-A54A-4FB9-8144-C90F621489FB}' failed. The resource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\LeadToolsPath' does not exist.
Event Record #/Type862 / Warning
Event Submitted/Written: 07/04/2008 09:56:35 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{C506A18C-1469-4678-B094-F4EC9DAE6DB7}', feature 'Scan' failed during request for component '{5FF21F12-FDC3-4FB0-A6BE-04FE524B1C11}'
Event Record #/Type861 / Warning
Event Submitted/Written: 07/04/2008 09:56:35 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{C506A18C-1469-4678-B094-F4EC9DAE6DB7}', feature 'Scan', component '{00F96358-A54A-4FB9-8144-C90F621489FB}' failed. The resource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\LeadToolsPath' does not exist.
Event Record #/Type860 / Warning
Event Submitted/Written: 07/04/2008 09:56:32 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{C506A18C-1469-4678-B094-F4EC9DAE6DB7}', feature 'Scan' failed during request for component '{5FF21F12-FDC3-4FB0-A6BE-04FE524B1C11}'
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3000 / Error
Event Submitted/Written: 07/05/2008 10:36:23 AM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
Event Record #/Type2973 / Error
Event Submitted/Written: 07/04/2008 09:00:39 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The avast! Web Scanner service failed to start due to the following error:
%%1053
Event Record #/Type2972 / Error
Event Submitted/Written: 07/04/2008 09:00:37 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the avast! Web Scanner service to connect.
Event Record #/Type2969 / Error
Event Submitted/Written: 07/04/2008 08:59:48 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Security Center service terminated with the following error:
%%16389
Event Record #/Type2963 / Error
Event Submitted/Written: 07/04/2008 08:57:55 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The avast! Web Scanner service failed to start due to the following error:
%%1053
-- End of Deckard's System Scanner: finished at 2008-07-05 11:11:42 ------------