Deckard's System Scanner v20071014.68
Run by A1 on 2007-11-07 14:40:54
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
38: 2007-11-07 19:41:16 UTC - RP302 - Deckard's System Scanner Restore Point
37: 2007-11-06 01:55:23 UTC - RP301 - System Checkpoint
36: 2007-11-05 01:47:42 UTC - RP300 - Made by Registry Mechanic
35: 2007-11-04 22:44:29 UTC - RP299 - System Checkpoint
34: 2007-11-03 22:11:17 UTC - RP298 - System Checkpoint
-- First Restore Point --
1: 2007-09-30 22:14:18 UTC - RP265 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 3.24 GiB (less than 15%) free.
-- HijackThis (run as A1.exe) --------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:43:58 PM, on 11/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\SYSTEM32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\spoolsv.exe
C:\WINXP\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINXP\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINXP\System32\CTSvcCDA.exe
F:\PrfldSvc.exe
C:\WINXP\System32\tcpsvcs.exe
C:\WINXP\System32\svchost.exe
F:\ShellHelper.exe
C:\WINXP\system32\wscntfy.exe
C:\Documents and Settings\A1\Desktop\dss.exe
C:\DOCUME~1\A1\Desktop\A1.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.com//0seenus/saos01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX6000 Series] C:\WINXP\System32\spool\DRIVERS\W32X86\3\E_FATIBIA.EXE /FU "C:\WINXP\TEMP\E_SAA.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [EPSON Stylus CX6000 Series] C:\WINXP\System32\spool\DRIVERS\W32X86\3\E_FATIBIA.EXE /FU "C:\DOCUME~1\A1\LOCALS~1\Temp\E_S10.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [PopupVanish] C:\Documents and Settings\All Users.WINXP\Documents\PopupVanish\PopupVanish.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: MoonPhase.lnk = C:\Program Files\Locutus\Moon\moon.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\WINXP\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Desktop Search - {306BBB66-D9E4-4481-833E-C1D5FCA06774} - C:\WINXP\System32\shdocvw.dll (HKCU)
O9 - Extra button: Privacy Cleaner - {546E08AA-809F-4F1A-BE1A-6B122EBFCD5A} - C:\WINXP\System32\shdocvw.dll (HKCU)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} -
http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -
http://download.pw.aol.com/molbin/share ... cgdmgr.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{53276429-61B7-4221-AB23-90AAAC39CAE6}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: bw+0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B5342987-C42B-462C-BB46-D7E25F5A2705} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINXP\System32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINXP\system32\drivers\KodakCCS.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - F:\PrfldSvc.exe
O24 - Desktop Component 0: (no name) -
http://www.alltel.net/images/topbanner.gif
O24 - Desktop Component 1: (no name) -
http://www.adobe.com/products/acrobat/i ... er60hd.gif
--
End of file - 17911 bytes
-- HijackThis Fixed Entries (C:\DOCUME~1\A1\Desktop\backups\) ------------------
backup-20061128-082810-736 O9 - Extra button: Swift Sweeper - {61039B22-563D-4922-B844-B076C318A66A} - C:\WINXP\System32\shdocvw.dll (HKCU)
backup-20061128-082810-973 O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
backup-20061128-082811-736 O9 - Extra button: The Infinity Button - {E4143585-2688-4EBC-B264-27C774F600D5} - C:\WINXP\System32\shdocvw.dll (HKCU)
backup-20071104-201921-550 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} -
backup-20071104-201921-833 O2 - BHO: (no name) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
backup-20071104-201921-946 O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
backup-20071104-201921-979 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20071104-201922-636 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
backup-20071104-201923-258 O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} -
backup-20071104-201925-128 O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) -
backup-20071104-201927-510 O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) -
backup-20071104-201928-780 O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -
backup-20071104-201930-621 O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} -
backup-20071104-201931-401 O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://download.games.yahoo.com/games/w ... der_v6.cab
-- File Associations -----------------------------------------------------------
.js - JSFile - shell\open\command - unable to read value
.vbs - VBSFile - shell\open\command - unable to read value
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 hotcore - c:\winxp\system32\drivers\hotcore.sys <Not Verified; Paragon Software Group; HotBackup>
R1 mbmiodrvr - c:\winxp\system32\mbmiodrvr.sys <Not Verified;
cansoft@livewiredev.com; Windows (R) 2000 DDK driver>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R1 sp_rsdrv2 (Spyware Terminator Driver 2) - c:\winxp\system32\drivers\sp_rsdrv2.sys
R2 ElbyCDIO (ElbyCDIO Driver) - c:\winxp\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R2 SocketLock (Raw Socket Lock Driver) - c:\winxp\system32\socketlock.sys
R2 ssoftnt4 - c:\winxp\system32\drivers\ssoftnt4.sys
R3 Afc (PPdus ASPI Shell) - c:\winxp\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
R3 ElbyCDFL - c:\winxp\system32\drivers\elbycdfl.sys <Not Verified; SlySoft, Inc.; CloneCD>
S0 PREVXDriver (Prevx Driver) - c:\winxp\system32\drivers\pxfsf.sys (file missing)
S2 PCLinkBridge (USB-USB Network Bridge) - c:\winxp\system32\drivers\pro2000.sys (file missing)
S3 EGATHDRV (IBM Access Support) - c:\winxp\downlo~1\egathdrv.sys
S3 NIC2000 (USB-USB Network Bridge Adapter) - c:\winxp\system32\drivers\nic2000.sys (file missing)
S3 NxFsMon - c:\progra~1\novatix\cyberh~1\nxfsmon.sys (file missing)
S3 NxNetMon - c:\progra~1\novatix\cyberh~1\nxnetmon.sys (file missing)
S3 NxSysMon - c:\progra~1\novatix\cyberh~1\nxsysmon.sys (file missing)
S3 PL2501NW (Hi-Speed USB-USB Network Adapter) - c:\winxp\system32\drivers\pl2501nw.sys <Not Verified; Prolific Technology Inc. (
http://www.prolific.com.tw); USB-USB Network Bridge>
S3 SANDRA - c:\program files\sisoftware\sisoftware sandra lite 2005.sr3\sandra.sys (file missing)
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 TVICHW32 - c:\winxp\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/XP>
S3 USBSNXSTOR (Mass Storage driver ) - c:\winxp\system32\drivers\usbsnx2k.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 prfldsvc (Private Folder Service) - f:\prfldsvc.exe
S4 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator>
S4 ssoftservice (Cryptainer service) - ssoftsrv.exe <Not Verified; Cypherix - A Business Division of Secure-Soft (India) Pvt Ltd; Cryptainer>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NETGEAR FA311 Fast Ethernet Adapter
Device ID: PCI\VEN_100B&DEV_0020&SUBSYS_F3111385&REV_00\3&61AAA01&0&30
Manufacturer: Netgear
Name: NETGEAR FA311 Fast Ethernet Adapter
PNP Device ID: PCI\VEN_100B&DEV_0020&SUBSYS_F3111385&REV_00\3&61AAA01&0&30
Service: FA312
-- Scheduled Tasks -------------------------------------------------------------
2007-10-21 21:00:00 472 --a------ C:\WINXP\Tasks\SmartDefrag.job
-- Files created between 2007-10-07 and 2007-11-07 -----------------------------
2007-11-07 14:31:42 0 dr-h----- C:\Documents and Settings\A1\Recent
2007-10-26 16:53:38 0 d------c- C:\Start Menu
2007-10-26 16:53:00 0 d------c- C:\Netscape
2007-10-26 16:38:50 0 d------c- C:\Ken's stuff
2007-10-26 16:38:49 0 d------c- C:\backups
2007-10-26 16:38:48 0 d------c- C:\a7fceaee10180b62febf77de28ed4a2d
-- Find3M Report ---------------------------------------------------------------
2007-11-07 14:40:04 0 d-------- C:\Program Files\BOINC
2007-11-06 21:00:17 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-09-30 20:05:58 0 d-------- C:\Program Files\AusLogics Registry Defrag
2007-09-25 15:18:03 0 d-------- C:\Program Files\SpywareBlaster
2007-09-21 21:10:42 0 d-------- C:\Documents and Settings\A1\Application Data\ArcSoft
2007-08-23 16:47:24 696320 --a------ C:\WINXP\boinc.scr <Not Verified; Space Sciences Laboratory; BOINC client>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [11/08/2006 06:28 PM]
"EPSON Stylus CX6000 Series"="C:\WINXP\System32\spool\DRIVERS\W32X86\3\E_FATIBIA.exe" [02/13/2006 04:00 AM]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [09/10/2002 09:26 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 02:06 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreeRAM XP"="C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [03/23/2006 12:13 AM]
"EPSON Stylus CX6000 Series"="C:\WINXP\System32\spool\DRIVERS\W32X86\3\E_FATIBIA.exe" [02/13/2006 04:00 AM]
"ClocX"="C:\Program Files\ClocX\ClocX.exe" [04/13/2004 10:12 AM]
"ctfmon.exe"="C:\WINXP\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"PopupVanish"="C:\Documents and Settings\All Users.WINXP\Documents\PopupVanish\PopupVanish.exe" [11/21/2002 11:34 PM]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [10/13/2004 11:24 AM]
C:\Documents and Settings\A1\Start Menu\Programs\Startup\
BOINC Manager.lnk - C:\Program Files\BOINC\boincmgr.exe [8/23/2007 4:53:46 PM]
MoonPhase.lnk - C:\Program Files\Locutus\Moon\moon.exe [2/8/1998]
C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\Startup\
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2/13/2004 2:12:08 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=0 (0x0)
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FA010552-4A27-4cb1-A1BB-3E2D697F1639}"= c:\Program Files\interMute\SpySubtract\sshook.dll [01/02/2005 10:55 AM 77824]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 04/27/2007 07:26 AM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINXP^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINXP\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINXP^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk.disabled]
backup=C:\WINXP\pss\Adobe Reader Speed Launch.lnk.disabledCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINXP^Start Menu^Programs^Startup^Kodak software updater.lnk]
backup=C:\WINXP\pss\Kodak software updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"zBrowser Launcher"=C:\Program Files\Logitech\iTouch\iTouch.exe
-- End of Deckard's System Scanner: finished at 2007-11-07 14:46:45 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon(tm) Processor
Percentage of Memory in Use: 24%
Physical Memory (total/avail): 1535.48 MiB / 1162.95 MiB
Pagefile Memory (total/avail): 1965.04 MiB / 1756.95 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1939.7 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 23.74 GiB total, 3.24 GiB free.
D: is Fixed (FAT32) - 4.89 GiB total, 2.97 GiB free.
E: is CDROM (No Media)
F: is Fixed (NTFS) - 23.74 GiB total, 3.77 GiB free.
G: is Fixed (FAT32) - 4.89 GiB total, 2.97 GiB free.
\\.\PHYSICALDRIVE1 - HDS722580VLAT20 - 76.69 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 23.74 GiB - F:
\PARTITION1 - Extended w/Extended Int 13 - 4.9 GiB - G:
\\.\PHYSICALDRIVE0 - WDC WD307AA-32BAA0 - 28.64 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 23.74 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 4.9 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before download.
Windows Internal Firewall is enabled.
AV: Kaspersky Anti-Virus v6.0.1.411 (?)
Disabled
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\Netscape\\Communicator\\Program\\AIM\\aim.exe"="C:\\Program Files\\Netscape\\Communicator\\Program\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINXP
APPDATA=C:\Documents and Settings\A1\Application Data
CLASSPATH=.;
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MYCOMPUTER
ComSpec=C:\WINXP\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\A1
LOGONSERVER=\\MYCOMPUTER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINXP\SYSTEM32;C:\WINXP;C:\WINXP\SYSTEM32\WBEM;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 4 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0402
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINXP
TEMP=C:\DOCUME~1\A1\LOCALS~1\Temp
TMP=C:\DOCUME~1\A1\LOCALS~1\Temp
USERDOMAIN=MYCOMPUTER
USERNAME=A1
USERPROFILE=C:\Documents and Settings\A1
windir=C:\WINXP
-- User Profiles ---------------------------------------------------------------
A1
(admin)
b1
(admin)
Administrator.MYMAINCOMPUTER.000
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINXP\IsUninst.exe -f"C:\Program Files\Creative\Audio\CTMixer.isu"
--> C:\WINXP\IsUninst.exe -f"C:\Program Files\Creative\Audio\Midi.isu"
--> C:\WINXP\IsUninst.exe -f"C:\Program Files\Creative\Audio\PlayCenter\MDC.isu"
--> C:\WINXP\IsUninst.exe -f"C:\Program Files\Creative\Audio\PlayCenter\Player.isu"
--> C:\WINXP\IsUninst.exe -f"C:\Program Files\Creative\Audio\Recorder\Recorder.isu"
--> C:\WINXP\IsUninst.exe -f"C:\Program Files\Creative\Audio\WaveStudio\Wstudio.isu"
--> C:\WINXP\IsUninst.exe -f"C:\Program Files\Creative\Uninstall\Installer.isu"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINXP\INF\PCHealth.inf
ABI- CODER 3.5.8.1 --> C:\abisoft\coder\Uninstal.exe
Adobe Atmosphere Player for Acrobat and Adobe Reader --> C:\WINXP\atmoUn.exe
Adobe Flash Player 9 ActiveX --> C:\WINXP\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Advanced WindowsCare 2.55 Personal --> "C:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Alt-Tab Task Switcher Powertoy for Windows XP --> MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
AnswerWorks Runtime --> C:\WINXP\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu"
ArcSoft PhotoImpression 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}\Setup.exe" -l0x9
AusLogics Registry Defrag --> "C:\Program Files\AusLogics Registry Defrag\unins000.exe"
BitTorrent 5.0.5 --> "C:\Program Files\BitTorrent\uninstall.exe"
BOINC --> MsiExec.exe /I{B7A29B75-4B5E-4B62-A8C9-2EA14D7891CB}
BroadJump Client Foundation --> C:\WINXP\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
CardRd81 --> MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
ClocX (1.4) --> "C:\Program Files\ClocX\Uninstall.exe"
CloneCD --> "C:\Program Files\Elaborate Bytes\CloneCD\ccd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneCD"
CmdHere Powertoy For Windows XP --> MsiExec.exe /I{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}
CR2 --> MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
Digital PhotoShot 4.00 --> C:\WINXP\uninst.exe -f"C:\Program Files\Panasonic\Palmcorder\Digital PhotoShot\DeIsL4.isu"
Digital PhotoShot 4.10 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{386B44E0-AF56-11D5-8125-00105A533D72}\Setup.exe" -l0x9
EPSON CX6000 Series User's Guide --> C:\Program Files\epson\guide\cx6000_e\uninstall.exe
EPSON Printer Software --> C:\WINXP\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus CX6000 Scanner Driver Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}\Setup.exe" -l0x9
EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\Setup.exe" -l0x9 -anything
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
ESSTUTOR --> MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
FAST Defrag Freeware 2.3 --> "C:\Program Files\FAST Defrag Freeware\unins000.exe"
Free Mp3 Wma Converter V 1.4.0 --> "C:\My Download Files\Free Audio Pack\unins000.exe"
Google Earth --> MsiExec.exe /I{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\Documents and Settings\A1\Desktop\HijackThis.exe" /uninstall
HLPIndex --> MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HLPRFO --> MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593}
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINXP\$NtUninstallKB929399$\spuninst\spuninst.exe"
HTML Slideshow Powertoy for Windows XP --> MsiExec.exe /I{4E475FD4-4513-4B1D-8DDA-43912B068C99}
Image Analyzer 1.20.2 --> C:\Program Files\MeeSoft\ImageAnalyzer\Uninstall.exe
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
Internet Explorer Q903235 --> C:\WINXP\ieuninst.exe C:\WINXP\INF\Q903235.inf
IObit SmartDefrag Beta3.1 --> "C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
Kodak EasyShare software --> C:\Documents and Settings\All Users.WINXP\Application Data\Kodak\EasyShareSetup\$SETUP_140011_27820d7\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
Logitech iTouch Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x9 UNINSTALL
M318B Digital Video Camera --> C:\WINXP\System32\unM318B.exe
Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}
Macromedia Shockwave Player --> C:\WINXP\system32\MACROMED\SHOCKW~2\UNWISE.EXE C:\WINXP\system32\MACROMED\SHOCKW~2\INSTALL.LOG
Magnifier Powertoy for Windows XP --> MsiExec.exe /I{2FBF04DC-404C-4FA4-BA28-99903080D2B9}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINXP\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINXP\muninst.exe C:\WINXP\INF\KB870669.inf
Microsoft Office 2000 SR-1 Standard --> MsiExec.exe /I{00020409-78E1-11D2-B60F-006097C998E7}
Microsoft Private Folder 1.0 --> MsiExec.exe /I{644EA08F-87D2-48C0-AE94-B327D1C85A97}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINXP\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MoonPhase --> C:\WINXP\iun3405.exe C:\Program Files\Locutus\Moon
Mozilla Firefox (2.0.0.3) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP
MSN Messenger 7.5 --> MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
NetShow Tools 3.0 --> C:\Program Files\NetShow Services\Tools\_insttoo.exe /U
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
NVIDIA Drivers --> C:\WINXP\System32\nvudisp.exe UninstallGUI
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
Paragon Drive Copy 8.0 Personal Special Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{334B6B44-2C7F-4AC0-A215-E780541CE033}\Setup.exe" -l0x9
Pawn --> C:\Program Files\Pawn\Uninstal.exe
PC Inspector File Recovery --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x9
PC Inspector smart recovery --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x9
PhotoFiltre --> "c:\Program Files\PhotoFiltre\Uninst.exe"
Pixia --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}\setup.exe" -l0x9 UNINSTALL
PolderBackup --> C:\Program Files\PolderBackup\uninstall.exe
QuickVCD Player 3.4 --> C:\WINXP\IsUninst.exe -f"C:\Program Files\QuickVCD Player\Uninst.isu"
Registry Mechanic 6.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Slideshow Generator Powertoy for Windows XP --> MsiExec.exe /I{C39DE425-6CCF-4B12-A101-3CB5CF3AF3AD}
Sony ACID Pro 4.0f --> MsiExec.exe /I{36235A3F-92C7-4F90-84E7-3697C59AD369}
Sound Blaster PCI --> C:\Program Files\Creative\Uninstall\CTUNINST.EXE /U:UNINST1.INI
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Timershot Powertoy for Windows XP --> MsiExec.exe /I{A743BBCC-3438-4BB3-8397-6C9D9AC125A6}
TuneXP 1.5 --> C:\WINXP\iun6002.exe "C:\Program Files\TuneXP\irunin.ini"
Ulead VideoStudio version 3.0 SE --> C:\WINXP\IsUninst.exe -f"C:\Program Files\Ulead Systems\Ulead VideoStudio 3.0 SE\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead VideoStudio 3.0 SE\IS32Inst.dll"
Virtual Desktop Manager Powertoy for Windows XP --> MsiExec.exe /I{F251B999-08A9-4704-999C-9962F0DFD88E}
Vonage Easy Setup Guide --> C:\Program Files\Vonage\EasySetupGuide\Uninstal.exe
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Installer Clean Up --> MsiExec.exe /I{121634B0-2F4A-11D3-ADA3-00C04F52DD53}
Windows Media Format 11 runtime --> "C:\WINXP\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
WinZip Internet Browser Support Add-On --> "C:\PROGRA~1\WINZIP\winzip32.exe" /inetuninstall
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
-- Application Event Log -------------------------------------------------------
Event Record #/Type244 / Error
Event Submitted/Written: 11/06/2007 08:57:24 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Event Record #/Type240 / Warning
Event Submitted/Written: 11/04/2007 09:54:48 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type233 / Error
Event Submitted/Written: 11/03/2007 11:40:50 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16544, faulting module flash9b.ocx, version 9.0.28.0, fault address 0x00099589.
Processing media-specific event for [iexplore.exe!ws!]
Event Record #/Type228 / Warning
Event Submitted/Written: 11/01/2007 01:23:25 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type224 / Warning
Event Submitted/Written: 11/01/2007 01:14:51 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type31315 / Error
Event Submitted/Written: 11/07/2007 01:11:15 PM
Event ID/Source: 20106 / RemoteAccess
Event Description:
Unable to add the interface {CBA775F6-DF72-42A5-8189-F7C0537D51FE} with the Router Manager for the IP protocol. The
following error occurred: Cannot complete this function.
Event Record #/Type31307 / Warning
Event Submitted/Written: 11/07/2007 01:11:02 PM
Event ID/Source: 2504 / Server
Event Description:
The server could not bind to the transport \Device\NetBT_Tcpip_{53276429-61B7-4221-AB23-90AAAC39CAE6}.
Event Record #/Type31306 / Error
Event Submitted/Written: 11/07/2007 01:10:56 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The USB-USB Network Bridge service failed to start due to the following error:
%%2
Event Record #/Type31305 / Error
Event Submitted/Written: 11/07/2007 01:10:56 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The MCSTRM service failed to start due to the following error:
%%2
Event Record #/Type31304 / Error
Event Submitted/Written: 11/07/2007 01:10:54 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
-- End of Deckard's System Scanner: finished at 2007-11-07 14:46:45 ------------