Deckard's System Scanner v20071014.68
Run by Owner on 2008-03-18 08:13:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
92: 2008-03-18 13:13:26 UTC - RP843 - Deckard's System Scanner Restore Point
91: 2008-03-17 23:06:35 UTC - RP842 - System Checkpoint
90: 2008-03-16 09:49:51 UTC - RP841 - System Checkpoint
89: 2008-03-13 22:37:57 UTC - RP840 - Software Distribution Service 3.0
88: 2008-03-12 23:35:35 UTC - RP839 - System Checkpoint
-- First Restore Point --
1: 2007-12-20 01:00:33 UTC - RP752 - Installed VeohTV BETA
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 8.01 GiB (less than 15%) free.-- HijackThis (run as Owner.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:16:28 AM, on 3/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.netflix.com/MemberHomeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.gatewaybiz.com/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O1 - Hosts: 216.93.174.28 a.tribalfusion.com
O1 - Hosts: 207.44.240.65 rad.msn.com
O1 - Hosts: 216.93.174.28 view.atdmt.com
O1 - Hosts: 216.93.174.28 images.trafficmp.com
O1 - Hosts: 216.93.174.28 adfarm.mediaplex.com
O1 - Hosts: 216.93.174.28 media1.fastclick.net
O1 - Hosts: 216.93.174.28 media19.fastclick.net
O1 - Hosts: 216.93.174.28 media39.fastclick.net
O1 - Hosts: 216.93.174.28 count.exitexchange.com
O1 - Hosts: 216.93.174.28 leader.linkexchange.com
O1 - Hosts: 67.15.114.78 pagead2.googlesyndication.com
O1 - Hosts: 67.15.114.78 pagead.googlesyndication.com
O1 - Hosts: 216.93.174.28 ad.yieldmanager.com
O1 - Hosts: 67.15.114.78 ypn-js.overture.com
O1 - Hosts: 216.93.174.28 freeze.zedo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: CutePDF Form Filler - {D41289F2-69C6-417B-897E-C653D677CBAF} - C:\Program Files\Acro Software\CutePDF Filler Evaluation\CPFillerCoE.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print -
res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O15 - Trusted Zone:
http://www.ehbsr.comO15 - Trusted Zone:
http://www.fox.comO15 - Trusted Zone:
http://by129w.bay129.mail.live.comO15 - Trusted Zone:
http://login.live.comO15 - Trusted Zone:
http://www.sparkpeople.comO16 - DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} (Mines Control) -
http://www.worldwinner.com/games/v41/mines/mines.cabO16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=58813O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
http://zone.msn.com/binFrameWork/v10/St ... b55579.cabO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://utilities.pcpitstop.com/da/PCPitStop.CABO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/download/ipixx.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) -
http://mypoints.worldwinner.com/games/v ... Loader.cabO16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} (WildTangent Active Launcher) -
http://zone.msn.com/bingame/trbo/defaul ... uncher.cabO16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgreens.com/WalgreensActivia.cabO16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) -
http://www.worldwinner.com/games/v43/jigsaw/jigsaw.cabO16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) -
http://webeffective.keynote.com/applica ... uncher.cabO16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/binframework/v10/ZP ... b55579.cabO16 - DPF: {5AA5A569-F96F-4628-A528-8B3698F558BB} (HS_live Control) -
http://install.homestead.com/~site/Inst ... S_live.cabO16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) -
http://www.worldwinner.com/games/v46/be ... eweled.cabO16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) -
http://updates.lifescapeinc.com/install ... nstall.cabO16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) -
http://www.worldwinner.com/games/v41/fr ... eecell.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 0729877649O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://zone.msn.com/bingame/luxr/defaul ... uncher.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinner.com/games/shared/wwlaunch.cabO16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) -
http://www.worldwinner.com/games/v46/sol/sol.cabO16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) -
http://zone.msn.com/binGame/ZAxRcMgr.cabO16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) -
http://zone.msn.com/bingame/zpagames/zp ... b60231.cabO16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) -
http://www.sibelius.com/download/softwa ... Plugin.cabO16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) -
http://www.worldwinner.com/games/v49/luxor/luxor.cabO16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) -
https://media.pineconeresearch.com/Acti ... ontrol.cabO16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) -
http://www.worldwinner.com/games/v67/swapit/swapit.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn.com/binFramework/v ... b56649.cabO16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) -
http://www.worldwinner.com/games/v50/di ... erdash.cabO16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) -
http://www.worldwinner.com/games/v47/fa ... lyfeud.cabO16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) -
http://zone.msn.com/binframework/v10/St ... b55579.cabO16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) -
http://zone.msn.com/bingame/dash/defaul ... 0.0.94.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://zone.msn.com/bingame/popcaploader_v10.cabO18 - Protocol: bw+0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {DF37A7F8-325D-4434-BB4D-0034835A0A1A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 26055 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 CdaD10BA - c:\windows\system32\drivers\cdad10ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R2 LxrJD31d - c:\windows\system32\drivers\lxrjd31d.sys
R2 MCSTRM - c:\windows\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
S3 PCIUtil (PCI Utility) - c:\docume~1\owner\locals~1\temp\pciutil.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 LxrJD31s (Lexar JD31) - lxrjd31s.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-17 11:04:00 260 --a------ C:\WINDOWS\Tasks\Disk Cleanup.job
2008-03-17 10:30:51 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-03-17 10:12:25 392 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FBE20C65-9721-4AAD-ABB5-BD9BF7BEBC73}.job
2008-03-10 15:42:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-03-01 16:52:33 330 --a------ C:\WINDOWS\Tasks\jucheck.job
-- Files created between 2008-02-18 and 2008-03-18 -----------------------------
2008-03-08 17:21:19 0 d-------- C:\Documents and Settings\Owner\Application Data\MailFrontier
2008-03-08 17:14:54 6870560 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-03-08 17:11:06 0 d-------- C:\Program Files\ZoneAlarmSB
2008-03-08 17:08:26 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-03-08 17:08:03 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-03-08 17:07:45 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-03-08 17:06:48 0 d-------- C:\WINDOWS\system32\ZoneLabs
2008-03-08 17:06:13 0 d-------- C:\WINDOWS\Internet Logs
2008-03-08 10:24:37 0 d-------- C:\Documents and Settings\Paul\Application Data\Grisoft
2008-03-07 20:04:51 0 d-------- C:\Program Files\Trend Micro
2008-03-05 17:11:56 0 d-------- C:\Program Files\Opera
2008-03-03 16:56:56 0 d-------- C:\Program Files\iTunes
2008-03-03 16:53:38 0 d-------- C:\Program Files\QuickTime
2008-03-03 01:54:36 0 d-------- C:\Documents and Settings\Owner\Application Data\Grisoft
2008-02-28 04:07:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
-- Find3M Report ---------------------------------------------------------------
2008-03-18 08:12:27 0 d-------- C:\Documents and Settings\Owner\Application Data\Skype
2008-03-18 08:02:42 0 d-------- C:\Documents and Settings\Owner\Application Data\skypePM
2008-03-18 07:37:18 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-03-11 17:46:12 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-03-10 05:32:22 0 d-------- C:\Program Files\Trillian
2008-03-06 13:39:53 0 d-------- C:\Program Files\MidTen Media
2008-03-06 13:34:14 0 d-------- C:\Program Files\Common Files
2008-03-06 13:27:06 0 d-------- C:\Program Files\Spyware Doctor
2008-03-05 17:12:17 0 d-------- C:\Documents and Settings\Owner\Application Data\Opera
2008-03-03 16:58:33 0 d-------- C:\Program Files\e-Sword
2008-03-03 16:57:14 0 d-------- C:\Program Files\iPod
2008-02-24 19:40:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-24 19:39:56 0 d-------- C:\Program Files\PopCap Games
2008-02-24 19:16:31 0 d-------- C:\Program Files\Canon
2008-02-24 19:14:43 73 --a------ C:\WINDOWS\popcinfot.dat
2008-02-24 18:17:15 24 --a------ C:\WINDOWS\popcinfo.dat
2008-02-20 20:53:09 0 d-------- C:\Program Files\OpenOffice.org1.1.0
2008-02-11 16:27:06 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-08 22:43:51 0 d-------- C:\Program Files\Mozilla Sunbird
2008-02-04 04:59:06 9996 --a------ C:\WINDOWS\mozver.dat
2008-02-04 04:37:00 0 d-------- C:\Program Files\view22
2008-01-29 22:46:13 0 d-------- C:\Documents and Settings\Owner\Application Data\Azureus
2008-01-28 01:47:45 0 d-------- C:\Program Files\Coupons
2008-01-25 23:36:51 38515 --a------ C:\Documents and Settings\Owner\Application Data\Comma Separated Values (Windows).ADR
2008-01-25 22:14:28 11504 --a------ C:\Documents and Settings\Owner\Application Data\Comma Separated Values (Windows).TSK
2008-01-25 21:57:55 0 d-------- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-01-25 21:49:10 13055 --a------ C:\Documents and Settings\Owner\Application Data\Comma Separated Values (Windows).CAL
2008-01-25 18:37:55 0 d-------- C:\Documents and Settings\Owner\Application Data\Thunderbird
2008-01-23 15:40:00 0 d-------- C:\Program Files\Acro Software
2008-01-23 14:43:51 0 d-------- C:\Program Files\gs
2008-01-23 14:41:26 0 d-------- C:\Program Files\PlotSoft
2008-01-14 17:55:21 0 --a----c- C:\WINDOWS\system32\(null)id
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
03/08/2008 05:11 PM 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [03/08/2008 05:11 PM 262144]
[-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [03/26/2004 07:20 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/26/2004 07:20 PM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [02/10/2004 12:55 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [02/10/2004 12:51 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [12/22/2007 09:47 AM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [01/11/2008 10:33 PM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 04:25 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [02/01/2008 12:13 AM]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/2007 05:05 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:00 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [08/18/2007 11:07 AM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0a7fc26e-928b-11da-9ed7-000325207fec}]
AutoRun\command- H:\JDSecure\Windows\JDSecure31.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62b1f544-8b5f-11dc-bffe-0003251fc028}]
AutoRun\command- F:\
open\Command- WScript.exe .\autorun.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1479bdf-0842-11da-9e54-000325207fec}]
AutoRun\command- F:\JDSecure\Windows\JDSecure31.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed3ca8c2-4f2e-11dc-bf9a-0003251fc028}]
AutoRun\command- F:\setupSNK.exe
-- Hosts -----------------------------------------------------------------------
216.93.174.28 a.tribalfusion.com
207.44.240.65 rad.msn.com
216.93.174.28 view.atdmt.com
127.0.0.1 media19.fastclick.net
127.0.0.1 ads.specificpop.com
216.93.174.28 images.trafficmp.com
127.0.0.1 webpdp.gator.com
127.0.0.1 ads.x10.com
127.0.0.1 images.x10.com
127.0.0.1 servedby.netadvertising.com
21 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-03-18 08:19:26 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) M processor 1.50GHz
Percentage of Memory in Use: 38%
Physical Memory (total/avail): 1502.42 MiB / 929.59 MiB
Pagefile Memory (total/avail): 2071.63 MiB / 1684.92 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1922.38 MiB
C: is Fixed (NTFS) - 89.6 GiB total, 8 GiB free.
D: is Fixed (FAT32) - 3.54 GiB total, 1.67 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - FUJITSU MHU2100AT - 93.16 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 89.6 GiB - C:
\PARTITION1 - Unknown - 3.55 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: ZoneAlarm Security Suite Firewall v7.0.462.000 (Check Point, LTD.)
DisabledAV: ZoneAlarm Security Suite Antivirus v7.0.462.000 (Check Point, LTD.)
Disabled OutdatedAV: AVG 7.5.518 v7.5.518 (Grisoft)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Disabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Disabled:AOL"
"C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Trillian\\trillian.exe"="C:\\Program Files\\Trillian\\trillian.exe:*:Enabled:Trillian"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Games\\Wheel of Fortune\\Wheel of Fortune.exe"="C:\\Program Files\\Games\\Wheel of Fortune\\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Common Files\\AOL\\1145392032\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1145392032\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\\Program Files\\Abacast\\Abaclient.exe"="C:\\Program Files\\Abacast\\Abaclient.exe:*:Enabled:Abaclient"
"C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Disabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1145392032\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1145392032\\ee\\aolsoftware.exe:*:Disabled:AOL Services"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"="C:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe:*:Disabled:Dreamweaver MX"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Disabled:EasyShare"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Disabled:MSN Messenger 7.0"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MONIKALAPTOP
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\MONIKALAPTOP
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=MONIKALAPTOP
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Owner
(admin)Paul
Guest
(guest)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Abacast Client --> C:\PROGRA~1\Abacast\UNWISE.EXE C:\PROGRA~1\Abacast\client.LOG
abrViewer.NET v2 --> MsiExec.exe /I{7EF6CE03-C8B6-44CC-A937-A02809B98232}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Product/Adobe Studio Update 10/2001 --> "C:\Program Files\InstallShield Installation Information\{73006B34-9743-4A39-AC37-38EDFCEB6DCE}\setup.exe"
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
AFPL Ghostscript 8.53 --> C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.53\uninstal.txt"
AFPL Ghostscript Fonts --> C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\fonts\uninstal.txt"
AlphaSmart Get Utility 3.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\AI\GetUtil.isu"
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
Azureus --> C:\Program Files\Azureus\Uninstall.exe
BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
Canon MP Navigator 2.0 --> "C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini
Canon MP170 --> "C:\WINDOWS\system32\CanonMP Uninstaller Information\{91175441-4E5D-4e13-B116-828FD352CDB2}\DelDrv.exe" /U:{91175441-4E5D-4e13-B116-828FD352CDB2} /L0x0009
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Coupon Printer for Windows --> "C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
CutePDF Form Filler 3.24 (Evaluation) --> "C:\Program Files\Acro Software\CutePDF Filler Evaluation\unins000.exe"
CutePDF Writer 2.7 --> C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall
DebugMode Wink --> "C:\Program Files\Wink\uninst.exe"
DebugMode Wink Plugin for Google Desktop --> "C:\Program Files\Wink\GDSPlugin\uninst.exe"
Diner Dash --> "C:\Program Files\MSN Games\Diner Dash\Uninstall.exe" "C:\Program Files\MSN Games\Diner Dash\install.log"
DirectVobSub (remove only) --> "C:\Program Files\DirectVobSub\uninstall.exe"
e-Sword --> MsiExec.exe /I{79A8E3DA-5609-42D8-BF25-50B02F90073D}
Easy-WebPrint --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
ebgcInfra --> MsiExec.exe /X{39B1BD87-561E-4762-AED9-7C5213B06C24}
ebgcRes --> MsiExec.exe /X{CB33664C-5683-40AB-B968-01276F6F3446}
ebgcSDK --> MsiExec.exe /X{28E7B64D-150F-4A9E-B7A3-5A6AC8C2F822}
ElectricSheep 2.6.4 --> C:\WINDOWS\system32\UninstallElectricSheep.exe
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
ExtractNow --> "C:\Program Files\ExtractNow\unins000.exe"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Talk (remove only) --> "C:\Program Files\Google\Google Talk\uninstall.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Video Uploader --> "C:\Program Files\Google Video\Uninstall.exe"
GTK+ Runtime 2.6.10 rev a (remove only) --> C:\Program Files\Common Files\GTK\2.0\uninst.exe
Hello (remove only) --> "C:\Program Files\Hello\Uninstall.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Homestead SiteBuilder LPX --> C:\Program Files\Homestead\Homestead QuickSite Builder\hkuninst.exe -path C:\Program Files\Homestead\Homestead QuickSite Builder
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Deskjet 3840 --> msiexec /x{B1591C79-1C35-4E09-AA15-F7D6923AFB96}
HP Software Update --> MsiExec.exe /X{B81023A5-71ED-46EB-BE3B-9F974D1155F1}
iDump Build: 22 --> F:\iDump\uninst.exe
InCD EasyWrite Reader --> C:\WINDOWS\unmrw.exe /UNINSTALL
Intel(R) Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
Intel(R) Processor ID Utility --> MsiExec.exe /X{A92A4DB0-CD37-42D1-BE1D-603D53C24328}
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
iPod for Windows 2006-01-10 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java 2 Runtime Environment, SE v1.4.2 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
JD Secure 3.1 --> C:\WINDOWS\System32\JDSecure31.exe /u
Keynote Connector --> C:\WINDOWS\DOWNLO~1\CONNEC~1.EXE /Uninstall
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x9 UNINSTALL
Logitech QuickCam Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
Logitech® Camera Driver --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Macromedia Dreamweaver MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x9 mmUninstall
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{930B2432-43D4-11D5-9871-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
Macromedia Flash MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}\Setup.exe" -l0x9 UNINSTALL
Macromedia FreeHand 10 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D826618-59C6-11D4-976E-00C04F8EEB39}\Setup.exe" -l0x9 UNINSTALL
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Outlook 2003 --> MsiExec.exe /I{90E00409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Outlook Web Access S/MIME --> MsiExec.exe /X{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Owner\Application Data\Move Networks\ie_bin\Uninst.exe
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.12) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
Nero BurnRights --> C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Netflix Movie Viewer --> MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
Network Play System (Patching) --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
OmniPage SE 2.0 --> MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
OpenOffice.org 1.1.0 --> C:\Program Files\OpenOffice.org1.1.0\program\setup.exe -deinstall
Opera 9.26 --> MsiExec.exe /X{FB706A00-C234-4716-AB1F-27DCB192C664}
PDFill PDF Editor with FREE PDF Writer and Tools --> MsiExec.exe /I{D12EBB4E-CF21-496D-979F-89D9DE58C5B8}
PDFill PDF Writer --> C:\WINDOWS\system32\uninstpw.exe C:\Program Files\PlotSoft\PDFill
Pharaoh --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\Pharaoh\Uninst.isu
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Pure Networks Port Magic --> C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe -Uninstall -ShowUI
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Secure Game Player --> C:\Program Files\SkillJam Technologies\Secure Player\Uninstall.exe
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoftK56 Data Fax Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_2030161F\HXFSETUP.EXE -U -Iask20305.inf
Spyware Doctor 5.1 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The Font Thing --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Fisher\The Font Thing\DeIsL1.isu" -c"C:\Program Files\Fisher\The Font Thing\_ISREG32.DLL"
The Sims Hot Date --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{017E65B1-7484-461A-B16F-7C931166083B}\setup.exe" -l0009
Time Zone Data Update Tool for Microsoft Office Outlook --> MsiExec.exe /X{95120000-0038-0409-0000-0000000FF1CE}
Trillian --> C:\Program Files\Trillian\trillian.exe /uninstall
Uniblue Registry Booster --> "C:\Program Files\Uniblue\Registry Booster\unins000.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinSCP 3.8.2 --> "C:\Program Files\WinSCP3\unins000.exe"
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
ZoneAlarm Spy Blocker --> rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
Zuma Deluxe 1.0 --> C:\Program Files\PopCap Games\Zuma Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Zuma Deluxe\Install.log"
-- Application Event Log -------------------------------------------------------
Event Record #/Type3354 / Error
Event Submitted/Written: 03/18/2008 08:17:43 AM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
Event Record #/Type3349 / Warning
Event Submitted/Written: 03/17/2008 01:24:08 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type3345 / Warning
Event Submitted/Written: 03/16/2008 05:27:59 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type3344 / Error
Event Submitted/Written: 03/16/2008 04:55:33 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application Picasa2.exe, version 2.7.37.36, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type3340 / Warning
Event Submitted/Written: 03/15/2008 03:30:09 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type13253 / Warning
Event Submitted/Written: 03/18/2008 08:17:31 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MONIKALAPTOP27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MONIKALAPTOP27 can't undo changes that you allow.
For more information please see the following:
%MONIKALAPTOP275
Scan ID: {0D495315-0769-4CA4-803F-88014CC0CBAF}
User: MONIKALAPTOP\Owner
Name: %MONIKALAPTOP271
ID: %MONIKALAPTOP272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %MONIKALAPTOP276
Alert Type: %MONIKALAPTOP278
Detection Type: 1.1.1593.02
Event Record #/Type13252 / Warning
Event Submitted/Written: 03/18/2008 08:17:31 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MONIKALAPTOP27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MONIKALAPTOP27 can't undo changes that you allow.
For more information please see the following:
%MONIKALAPTOP275
Scan ID: {51CFAA9E-CEA0-4EBB-98A5-007850AE86C9}
User: MONIKALAPTOP\Owner
Name: %MONIKALAPTOP271
ID: %MONIKALAPTOP272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %MONIKALAPTOP276
Alert Type: %MONIKALAPTOP278
Detection Type: 1.1.1593.02
Event Record #/Type13251 / Warning
Event Submitted/Written: 03/18/2008 08:17:31 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MONIKALAPTOP27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MONIKALAPTOP27 can't undo changes that you allow.
For more information please see the following:
%MONIKALAPTOP275
Scan ID: {34BE680D-7535-4FFC-8C0C-7BA3EBCAC1BD}
User: MONIKALAPTOP\Owner
Name: %MONIKALAPTOP271
ID: %MONIKALAPTOP272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %MONIKALAPTOP276
Alert Type: %MONIKALAPTOP278
Detection Type: 1.1.1593.02
Event Record #/Type13250 / Warning
Event Submitted/Written: 03/18/2008 08:17:29 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MONIKALAPTOP27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MONIKALAPTOP27 can't undo changes that you allow.
For more information please see the following:
%MONIKALAPTOP275
Scan ID: {576849C9-1A2A-450D-B98C-21C0EC7BF01F}
User: MONIKALAPTOP\Owner
Name: %MONIKALAPTOP271
ID: %MONIKALAPTOP272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %MONIKALAPTOP276
Alert Type: %MONIKALAPTOP278
Detection Type: 1.1.1593.02
Event Record #/Type13249 / Warning
Event Submitted/Written: 03/18/2008 08:17:29 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MONIKALAPTOP27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MONIKALAPTOP27 can't undo changes that you allow.
For more information please see the following:
%MONIKALAPTOP275
Scan ID: {E9D58815-1E4E-4035-A62B-3B9DC7B81CCE}
User: MONIKALAPTOP\Owner
Name: %MONIKALAPTOP271
ID: %MONIKALAPTOP272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %MONIKALAPTOP276
Alert Type: %MONIKALAPTOP278
Detection Type: 1.1.1593.02
-- End of Deckard's System Scanner: finished at 2008-03-18 08:19:26 ------------