Deckard's System Scanner v20071014.68
Run by Administrator on 2007-11-27 07:05:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
122: 2007-11-27 12:05:13 UTC - RP255 - Deckard's System Scanner Restore Point
121: 2007-11-27 03:11:42 UTC - RP254 - System Checkpoint
120: 2007-11-26 01:44:15 UTC - RP253 - System Checkpoint
119: 2007-11-25 00:25:52 UTC - RP252 - System Checkpoint
118: 2007-11-24 00:19:01 UTC - RP251 - Installed Sygate Personal Firewall
-- First Restore Point --
1: 2007-08-30 07:21:19 UTC - RP134 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Administrator.exe) ---------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:06:42 AM, on 11/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\PROGRA~1\WinFax\WFXSWTCH.exe
C:\WINDOWS\system32\wfxsnt40.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE
C:\Program Files\Norton Password Manager\AcctMgr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\dvd43\dvd43_tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\QUICKENW\QWDLLS.EXE
C:\Program Files\Second Nature\Snsicon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\WFXSVC.EXE
C:\Program Files\WinFax\WFXMOD32.EXE
C:\Program Files\ErrorKiller\ErrorKiller.exe
C:\Program Files\Spamihilator\spamihilator.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SpywareBot\SpywareBot.exe
C:\Program Files\SpywareBot\Scheduler.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MailWasher\MailWasher.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\DOCUME~1\ADMINI~1\MYDOCU~1\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://excite.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\WinFax\WFXSWTCH.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [spywarebot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKLM\..\Run: [EPSON Stylus CX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE /P26 "EPSON Stylus CX4800 Series" /O6 "USB001" /M "Stylus CX4800"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Norton PasswordManager] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID {D1AFB197-5F24-49f4-9571-2F28A9798936}
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ErrorKiller] C:\Program Files\ErrorKiller\ErrorKiller.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Snsicon.lnk = C:\SLIDESHW\Snsicon.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\QUICKENW\BILLMIND.EXE
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\QUICKENW\QWDLLS.EXE
O4 - Global Startup: Snsicon.lnk = C:\Program Files\Second Nature\Snsicon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://www.msi.com.twO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cabO16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resour ... se4009.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 5876926046O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) -
http://liveupdate.msi.com.tw/autobios/L ... nstall.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: ab2k - {01004100-0000-0000-B4F2-00207810F9A4} - C:\Program Files\AB2001\AB2KCD.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:\WINDOWS\system32\WFXSVC.EXE
--
End of file - 8842 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 Teefer (Teefer for NT) - c:\windows\system32\drivers\teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver>
R0 viamraid - c:\windows\system32\drivers\viamraid.sys <Not Verified; VIA Technologies inc,.ltd; VIA RAID driver>
R1 wpsdrvnt - c:\windows\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt>
R3 dvd43llh - c:\windows\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 S3GIGP - c:\windows\system32\drivers\s3gigpm.sys <Not Verified; S3 Graphics Co., Ltd.; S3 Graphics 86c700-series Miniport>
S3 GMSIPCI - f:\install\gmsipci.sys (file missing)
S3 grmnusb - c:\windows\system32\drivers\grmnusb.sys <Not Verified; GARMIN Corp.; Garmin USB GPS>
S3 NCHSSVAD (SoundTap Recorder) - c:\windows\system32\drivers\nchssvad.sys <Not Verified; NCH Swift Sound; NCH Swift Sound Virtual Audio Device>
S3 NTACCESS - f:\ntaccess.sys (file missing)
S3 SetupNTGLM7X - f:\ntglm7x.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 wfxsvc (WinFax PRO) - c:\windows\system32\wfxsvc.exe <Not Verified; Symantec Corporation; Symantec WinFax PRO>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-11-27 04:31:11 414 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-11-27 03:30:00 426 --a------ C:\WINDOWS\Tasks\ErrorKiller Scheduled Scan.job
2007-11-27 01:57:29 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2007-11-27 00:00:00 324 --a------ C:\WINDOWS\Tasks\Symantec Drmc.job
2007-11-21 17:54:13 452 --a------ C:\WINDOWS\Tasks\EasyShare Registration Task.job
2007-11-20 14:25:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2007-10-27 and 2007-11-27 -----------------------------
2007-11-27 06:55:47 0 d-------- C:\Program Files\Navilog1
2007-11-26 06:07:11 0 d-------- C:\WINDOWS\LastGood
2007-11-24 06:09:24 0 d-------- C:\Program Files\Spamihilator
2007-11-24 06:09:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\Spamihilator
2007-11-23 20:24:27 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Google
2007-11-23 20:24:26 0 dr------- C:\Documents and Settings\NetworkService\Favorites
2007-11-23 19:24:20 0 d-------- C:\Documents and Settings\Administrator\.housecall6.6
2007-11-23 19:19:20 60496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver>
2007-11-23 19:19:19 21075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt>
2007-11-23 19:19:06 0 d-------- C:\Program Files\Sygate
2007-11-23 18:45:02 0 d-------- C:\Program Files\Lavasoft
2007-11-23 18:45:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-23 16:49:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\ErrorKiller
2007-11-23 16:48:59 0 d-------- C:\Program Files\ErrorKiller
2007-11-21 14:43:26 0 d-------- C:\WINDOWS\system32\bits
2007-11-21 12:46:19 0 d-------- C:\Program Files\Windows Live Safety Center
2007-11-20 21:30:31 0 d-------- C:\Program Files\Cedelia
2007-11-20 18:46:00 1939 --a------ C:\WINDOWS\mozver.dat
2007-11-20 18:42:22 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-20 18:42:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2007-11-20 16:12:15 0 d-------- C:\Program Files\johnqtv1
2007-11-19 15:28:32 0 d-------- C:\Program Files\Common Files\xing shared
2007-11-19 15:28:16 0 d-------- C:\Program Files\Common Files\Real
2007-11-19 15:28:15 0 d-------- C:\Program Files\Real
2007-11-19 15:27:42 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2007-11-13 08:57:05 0 d-------- C:\Documents and Settings\Administrator\Application Data\Thinstall
2007-11-09 18:34:44 0 d-------- C:\Program Files\Snapshot Viewer
2007-11-09 18:29:12 0 d-------- C:\WINDOWS\ShellNew
2007-11-09 16:57:03 0 d-------- C:\Program Files\Windows Installer Clean Up
2007-11-09 16:56:51 0 d-------- C:\Program Files\MSECACHE
2007-11-09 15:33:36 0 --a------ C:\WINDOWS\system32\OUTLWAB(2).DLL
2007-11-09 10:40:23 0 d-------- C:\Program Files\Common Files\L&H
2007-11-08 11:35:53 0 d-------- C:\WINDOWS\Twain32
2007-11-08 10:48:28 2400 -ra------ C:\Documents and Settings\All Users\kellogg
2007-11-08 10:48:28 2400 -ra------ C:\Documents and Settings\Administrator\kellogg
2007-11-08 10:48:28 163257 -ra------ C:\$batch$ <Not Verified; Microsoft Corporation; Microsoft Systems Management Server Installer>
2007-11-08 10:36:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-11-06 16:55:29 0 d-------- C:\Program Files\QuickTime
2007-11-04 21:01:44 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-10-30 09:48:42 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2007-10-30 09:47:44 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2007-10-30 09:47:44 38912 --a------ C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2007-10-30 09:47:44 544768 --a------ C:\WINDOWS\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress>
2007-10-30 09:47:44 569344 --a------ C:\WINDOWS\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress>
2007-10-30 09:47:43 0 d-------- C:\Program Files\Common Files\Ahead
2007-10-30 06:53:13 0 d-------- C:\Office 2000
-- Find3M Report ---------------------------------------------------------------
2007-11-27 06:34:32 0 d-------- C:\Documents and Settings\Administrator\Application Data\Azureus
2007-11-27 06:33:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\MailWasher
2007-11-26 08:00:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\AVG7
2007-11-25 20:29:01 0 d-------- C:\Program Files\Apophysis 2.0
2007-11-25 19:43:15 0 d-------- C:\Program Files\SpywareBot
2007-11-24 14:11:25 0 d-------- C:\Program Files\AB2001
2007-11-23 20:22:40 18119 --a------ C:\logfile
2007-11-23 18:44:41 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-19 15:28:32 0 d-------- C:\Program Files\Common Files
2007-11-09 18:42:39 0 d-------- C:\Documents and Settings\Administrator\Application Data\OfficeUpdate12
2007-11-08 11:43:41 0 d-------- C:\Program Files\WinFax
2007-11-08 11:25:56 0 d-------- C:\Program Files\WinFax Macro
2007-11-07 20:50:35 1327 --a------ C:\WINDOWS\EntPack.dat
2007-10-30 09:49:49 0 d-------- C:\Program Files\Ahead
2007-10-24 17:07:14 0 d-------- C:\Program Files\Kodak
2007-10-24 17:06:16 0 d-------- C:\Program Files\Common Files\Kodak
2007-10-12 16:43:29 0 d-------- C:\Program Files\Windows Media Components
2007-10-07 01:53:22 0 d-------- C:\Program Files\Java
2007-10-01 05:02:08 0 d-------- C:\Documents and Settings\Administrator\Application Data\Google
2007-10-01 05:01:34 0 d-------- C:\Program Files\Google
2007-09-28 16:33:31 0 d-------- C:\Program Files\Apple Software Update
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [09/21/2006 03:36 AM C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [10/09/2006 04:14 PM C:\WINDOWS\system32\S3Trayp.exe]
"WFXSwtch"="C:\PROGRA~1\WinFax\WFXSWTCH.exe" [12/12/2002 07:45 AM]
"WinFaxAppPortStarter"="wfxsnt40.exe" [12/12/2002 07:45 AM C:\WINDOWS\system32\WFXSNT40.EXE]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [10/24/2007 07:54 AM]
"spywarebot"="C:\Program Files\SpywareBot\SpywareBot.exe" [02/19/2007 03:01 PM]
"EPSON Stylus CX4800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.exe" [02/01/2005 10:00 PM]
"AcctMgr"="C:\Program Files\Norton Password Manager\AcctMgr.exe" [08/18/2004 01:41 PM]
"Norton PasswordManager"="C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe" [11/04/2003 10:36 AM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 06:20 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 12:11 AM]
"RTHDCPL"="RTHDCPL.EXE" [12/18/2006 10:12 PM C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [05/16/2006 05:04 AM C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 05:43 AM C:\WINDOWS\Alcmtr.exe]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [10/30/2006 03:44 PM]
"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [11/16/2006 12:05 PM]
"dvd43"="C:\Program Files\dvd43\dvd43_tray.exe" [05/22/2006 12:26 PM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 10:50 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/19/2007 08:16 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [11/19/2007 03:28 PM]
"ErrorKiller"="C:\Program Files\ErrorKiller\ErrorKiller.exe" [10/23/2007 08:58 AM]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [10/15/2004 07:40 PM]
"Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [08/17/2007 10:24 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 08:07 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/17/2007 05:03 AM]
"xpasbufwaz"="c:\documents and settings\administrator\local settings\application data\xpasbufwaz.exe" [11/20/2007 04:02 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{A213B520-C6C2-11d0-AF9D-008029E1027E}"= C:\Program Files\WinFax\WfxSeh32.Dll [07/27/1998 03:54 AM 38400]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
*Newly Created Service* - SMCSERVICE
*Newly Created Service* - TMCOMM
-- End of Deckard's System Scanner: finished at 2007-11-27 07:07:05 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Percentage of Memory in Use: 38%
Physical Memory (total/avail): 1983.21 MiB / 1218.3 MiB
Pagefile Memory (total/avail): 3876.23 MiB / 3204.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1947.59 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 189.92 GiB total, 145.01 GiB free.
D: is Fixed (NTFS) - 189.92 GiB total, 62.59 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
\\.\PHYSICALDRIVE0 - Maxtor 6B200R0 - 189.92 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 189.92 GiB - C:
\\.\PHYSICALDRIVE1 - Maxtor 6L200P0 - 189.92 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 189.92 GiB - D:
\\.\PHYSICALDRIVE2 - EPSON Stylus Storage USB Device
\\.\PHYSICALDRIVE3 - SanDisk ImageMate III USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: Sygate Personal Firewall v4.6 (Sygate Technologies, Inc.)
AV: AVG 7.5.503 v7.5.503 (Grisoft)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Enabled:backWeb-7288971"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TOM-B39B10B4668
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\TOM-B39B10B4668
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4b02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=TOM-B39B10B4668
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Allok QuickTime to AVI MPEG DVD Converter 1.4.0 --> "C:\Program Files\Allok QuickTime to AVI MPEG DVD Converter\unins000.exe"
Apophysis 2.0 --> "C:\Program Files\Apophysis 2.0\uninstall.exe"
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Arabian Horse DataSource 2001 --> MsiExec.exe /I{F6153FA7-9A17-11D4-8879-00E09885AF47}
ArcSoft PhotoImpression 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}\Setup.exe" -l0x9
Avex DVD & Video Converter Pack (remove only) --> "C:\Program Files\Avex\Avex DVD & Video Converter Pack\bt-uninst.exe"
Avex Video Converter Platinum (remove only) --> "C:\Program Files\Avex\Avex Video Converter Platinum\bt-uninst.exe"
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVS Audio Converter version 4.1 --> "C:\Program Files\AVS4YOU\AVSAudioConverter\unins000.exe"
AVS DVD Copy version 1.4 --> "C:\Program Files\AVS4YOU\AVSDVDCopy\unins000.exe"
AVS DVDMenu Editor 1.2.1.19 --> "C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe"
AVS Video Converter 5.6 --> "C:\Program Files\AVS4YOU\AVSVideoConverter\unins000.exe"
AVS4YOU Software Navigator 1.2 --> "C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Azureus --> C:\Program Files\Azureus\Uninstall.exe
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Concord WinFax Plugin v3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1008475-75B2-4475-B98C-51FAE8B62960}\setup.exe"
CR2 --> MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
DVD43 v3.9.0 --> "C:\Program Files\dvd43\unins000.exe"
EPSON CX 4200 4800 Guide --> C:\Program Files\epson\guide\cx4200_4800_e\uninstall.exe
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
ErrorKiller --> MsiExec.exe /X{D531DE33-38C8-40F7-BA75-3F20AB3B951C}
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
Express Burn --> C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe
Express Rip --> C:\Program Files\NCH Swift Sound\ExpressRip\uninst.exe
Garmin WebUpdater --> MsiExec.exe /X{366FFC89-C800-4366-B903-B9C4314109A5}
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Documents and Settings\Administrator\My Documents\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
JMB36X Raid Configurer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0002_1642391\Setup.exe /APR-REMOVE
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.90 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
MailWasher --> "C:\Program Files\MailWasher\unins000.exe"
Media Library Management Wizard --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplibwiz.inf,DefaultUninstall
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Picture It! 2000 --> MsiExec.exe /I{E78FC917-C21B-11D2-99FE-00105A98B681}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Movie Maker Background Music Files --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmmusic.inf,DefaultUninstall
Movie Maker Sound Effects --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmsounds.inf,DefaultUninstall
Movie Maker Title Images --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mmtitle.inf,DefaultUninstall
Mozilla Firefox (2.0.0.9) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSRedist --> MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
Navilog1 3.3.6 --> "C:\Program Files\Navilog1\unins000.exe"
Nero Media Player --> C:\WINDOWS\UNNMP.exe /UNINSTALL
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NeroVision Express 2 --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
netbrdg --> MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
Norton Password Manager --> MsiExec.exe /I{8315D4B0-9BF2-4D63-8654-74B89D288D6E}
Norton Password Manager (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\SymSetup\{8315D4B0-9BF2-4D63-8654-74B89D288D6E}.exe /X
NPM_DRM_COLLECTION --> MsiExec.exe /I{E38D4B55-212A-4016-BE7E-ED3A6153CBEA}
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
PC Registry Cleaner --> MsiExec.exe /X{610E6187-2D1F-4B80-BC9F-B13D8585415A}
Plus! MP3 Audio Converter LE --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\audcle.inf,DefaultUninstall
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Prism --> C:\Program Files\NCH Software\Prism\uninst.exe
Quicken 2002 Deluxe --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\QUICKENW\Uninst.isu" -c"C:\Program Files\QUICKENW\uninst.dll"
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Second Nature - America the Beautiful by Ray Atkeson --> C:\SLIDESHW\unslide\americCD\UNSLIDE.EXE C:\SLIDESHW\unslide\americCD <:> C:\SLIDESHW
Second Nature - Second Nature presents Summer 2007 --> C:\PROGRA~1\SECOND~1\unslide\SUMMER~1\UNWISE.EXE C:\PROGRA~1\SECOND~1\unslide\SUMMER~1\INSTALL.LOG
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SFR2 --> MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001 --> MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Spamihilator --> "C:\Program Files\Spamihilator\uninstall.exe"
SpywareBot 1.4.2.0 --> "C:\Program Files\SpywareBot\unins000.exe"
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Sygate Personal Firewall --> MsiExec.exe /I{F34D9A5F-484A-4E31-A9D3-908CB265B289}
Symantec WinFax PRO --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WinFax\WFXUNIST.ISU" -c"C:\Program Files\WinFax\UNINSTUB.DLL"
tooltips --> MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
VIA/S3G Display Driver 6.14.10.0075 --> C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
Visual C++ CRT 8.0 --> MsiExec.exe /I{B2395631-54D5-481E-B9A8-74B269546F40}
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WinAVI Video Converter --> "C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_6FE44FCD212D4A086C7BC0C98B9A619782073FB7\amdk8.inf
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Bonus Pack for Windows XP --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmbonus.inf,DefaultUninstall
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinFax Macro for Word 2000-XP-2003 V2.02 --> C:\DOCUME~1\ALLUSE~1\APPLIC~1\TARMAI~1\{A2A98~1\Setup.exe /remove /q0
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip --> C:\PROGRA~1\WinZip\winzip32.exe /uninstall
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Xvid 1.1.2 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type1476 / Error
Event Submitted/Written: 11/26/2007 06:10:00 AM
Event ID/Source: 10005 / MsiInstaller
Event Description:
Product: Windows Defender -- A newer version of the product is already installed on this system.
Event Record #/Type1474 / Error
Event Submitted/Written: 11/26/2007 06:09:10 AM
Event ID/Source: 11316 / MsiInstaller
Event Description:
Product: Windows Defender -- Error 1316. A network error occurred while attempting to read from the file: C:\Documents and Settings\Administrator\My Documents\WindowsDefender[1].msi
Event Record #/Type1468 / Warning
Event Submitted/Written: 11/23/2007 08:20:49 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type1467 / Error
Event Submitted/Written: 11/23/2007 08:20:05 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 513721658.
Event Record #/Type1466 / Error
Event Submitted/Written: 11/23/2007 08:20:00 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16544, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type7334 / Warning
Event Submitted/Written: 11/27/2007 07:06:58 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TOM-B39B10B466827 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TOM-B39B10B466827 can't undo changes that you allow.
For more information please see the following:
%TOM-B39B10B4668275
Scan ID: {CC981E6D-2502-4352-98DD-47B2FB7D06AD}
User: TOM-B39B10B4668\Administrator
Name: %TOM-B39B10B4668271
ID: %TOM-B39B10B4668272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %TOM-B39B10B4668276
Alert Type: %TOM-B39B10B4668278
Detection Type: 1.1.1593.02
Event Record #/Type7333 / Warning
Event Submitted/Written: 11/27/2007 07:06:57 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TOM-B39B10B466827 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TOM-B39B10B466827 can't undo changes that you allow.
For more information please see the following:
%TOM-B39B10B4668275
Scan ID: {ED87D099-9D0D-4030-899E-62B2B70589E8}
User: TOM-B39B10B4668\Administrator
Name: %TOM-B39B10B4668271
ID: %TOM-B39B10B4668272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %TOM-B39B10B4668276
Alert Type: %TOM-B39B10B4668278
Detection Type: 1.1.1593.02
Event Record #/Type7332 / Warning
Event Submitted/Written: 11/27/2007 07:06:57 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TOM-B39B10B466827 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TOM-B39B10B466827 can't undo changes that you allow.
For more information please see the following:
%TOM-B39B10B4668275
Scan ID: {3D8ED830-D562-4774-B82B-B7C43F3F8053}
User: TOM-B39B10B4668\Administrator
Name: %TOM-B39B10B4668271
ID: %TOM-B39B10B4668272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %TOM-B39B10B4668276
Alert Type: %TOM-B39B10B4668278
Detection Type: 1.1.1593.02
Event Record #/Type7331 / Warning
Event Submitted/Written: 11/27/2007 07:06:57 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TOM-B39B10B466827 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TOM-B39B10B466827 can't undo changes that you allow.
For more information please see the following:
%TOM-B39B10B4668275
Scan ID: {FE947D52-DEDF-4DD5-BC49-45A52715DE3F}
User: TOM-B39B10B4668\Administrator
Name: %TOM-B39B10B4668271
ID: %TOM-B39B10B4668272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %TOM-B39B10B4668276
Alert Type: %TOM-B39B10B4668278
Detection Type: 1.1.1593.02
Event Record #/Type7330 / Warning
Event Submitted/Written: 11/27/2007 07:06:57 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TOM-B39B10B466827 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TOM-B39B10B466827 can't undo changes that you allow.
For more information please see the following:
%TOM-B39B10B4668275
Scan ID: {B3772D84-5C60-4660-BB55-15A957586882}
User: TOM-B39B10B4668\Administrator
Name: %TOM-B39B10B4668271
ID: %TOM-B39B10B4668272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %TOM-B39B10B4668276
Alert Type: %TOM-B39B10B4668278
Detection Type: 1.1.1593.02
-- End of Deckard's System Scanner: finished at 2007-11-27 07:07:05 ------------