Deckard's System Scanner v20071014.68
Run by Admin on 2008-01-22 09:40:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
7: 2008-01-22 14:41:19 UTC - RP1086 - Deckard's System Scanner Restore Point
6: 2008-01-22 14:36:02 UTC - RP1085 - Installed Application
5: 2008-01-22 14:35:38 UTC - RP1084 - Installed Application
4: 2008-01-22 14:35:00 UTC - RP1083 - Printer Driver Samsung ML-2510 Series Installed
3: 2008-01-21 14:25:09 UTC - RP1082 - System Checkpoint
-- First Restore Point --
1: 2008-01-20 13:29:17 UTC - RP1080 - 1/20/2008
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Admin.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:43:41 AM, on 1/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\snmp.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Digital Media Reader\shwicon2k.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Print Server\PTP\PSDiagnostic.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Western Digital Technologies\NetCenter EasyLink\WDEzLink.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\45QVWXQZ\dss[1].exe
C:\DOCUME~1\Admin\Desktop\Admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gateway.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunKist] C:\Program Files\Digital Media Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [PrintServer Diagnostic] C:\Program Files\Print Server\PTP\PSDiagnostic.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [eFax 4.3] "C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [WD NetCenter EasyLink] C:\Program Files\Western Digital Technologies\NetCenter EasyLink\WDEzLink.exe -s
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-720389747-1026544460-793208238-1011\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Daddy')
O4 - Global Startup: eFax 4.3.lnk = C:\Program Files\eFax Messenger 4.3\J2GTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg.com/us.yimg.com/i/ ... acscom.cabO16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) -
http://ipgweb.cce.hp.com/rdqna/downloads/sysinfo.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v ... 2768004665O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 2597940078O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) -
http://chat.yahoo.com/cab/yacsui.cabO16 - DPF: {7DD62E58-5FA8-11D2-AFB7-00104B64F126} (Sview Control) -
http://www.swiftview.com/product/public ... _green.exeO16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) -
http://support.gateway.com/eSupport/sta ... launch.cabO16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) -
http://www.linksysfix.com/check/netset/ ... downls.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocxO16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) -
http://livenj01.custhelp.com/7530-b327h ... a/RntX.cabO16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe (file missing)
--
End of file - 7761 bytes
-- HijackThis Fixed Entries (C:\DOCUME~1\Admin\Desktop\backups\) ---------------
backup-20080119-172846-135 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
backup-20080119-172846-157 O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
backup-20080119-172846-331 O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing)
backup-20080119-172846-402 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20080119-172846-478 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
backup-20080119-172846-551 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://url.adtrgt.com/cpv.jsp?p=112194& ... eyword=irs com&selectedListingId=6349671
backup-20080119-172846-601 O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
backup-20080119-172846-772 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080119-172846-882 O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
backup-20080119-172846-889 O8 - Extra context menu item: &AOL Toolbar search -
res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
backup-20080119-172847-440 O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 SOS\avp.exe
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 srr - c:\windows\system32\drivers\srr.sys
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
R3 EMCFILT (Alcor Micro Corp for Emachine- 9361) - c:\windows\system32\drivers\emcfilt.sys <Not Verified; Alcor Micro Corp.; emcfilt>
S2 DgiVecp (Team MFP Comm Driver) - c:\windows\system32\drivers\dgivecp.sys <Not Verified; Samsung Electronics Co., Ltd.; Samsung Electronics Co., Ltd. VECP for Windows 2000, XP>
S3 cdiskdun - c:\docume~1\owner\locals~1\temp\cdiskdun.sys (file missing)
S3 grmnusb - c:\windows\system32\drivers\grmnusb.sys <Not Verified; GARMIN Corp.; Garmin USB GPS>
S3 P2k (Motorola iDEN P2k Device) - c:\windows\system32\drivers\p2k.sys <Not Verified; Motorola Inc; P2k Driver>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S2 WLTRYSVC - c:\windows\system32\wltrysvc.exe c:\windows\system32\bcmwltry.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Wireless-G PCI Adapter
Device ID: PCI\VEN_14E4&DEV_4320&SUBSYS_041814E4&REV_03\3&61AAA01&1&60
Manufacturer: Linksys, A Division of Cisco Systems, Inc.
Name: Wireless-G PCI Adapter
PNP Device ID: PCI\VEN_14E4&DEV_4320&SUBSYS_041814E4&REV_03\3&61AAA01&1&60
Service: BCM43XX
-- Scheduled Tasks -------------------------------------------------------------
2008-01-22 07:47:01 316 --a------ C:\WINDOWS\Tasks\HP Usg Daily.job
2008-01-17 21:09:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2007-12-22 and 2008-01-22 -----------------------------
2008-01-22 09:36:15 0 d-------- C:\WINDOWS\Samsung
2008-01-22 09:34:32 0 d-------- C:\WINDOWS\LastGood
2008-01-22 09:32:42 0 d-------- C:\WINDOWS\ML-2510_GDI
2008-01-21 21:25:23 0 d-------- C:\Program Files\Common Files\ODBC
2008-01-20 08:43:40 0 d-------- C:\Program Files\Bluetack
2008-01-20 08:34:19 0 d-------- C:\Program Files\SpywareBlaster
2008-01-19 10:20:46 0 d-------- C:\Program Files\CCleaner
2008-01-18 00:08:02 0 d-------- C:\Documents and Settings\Daddy\Application Data\eFax Messenger
2008-01-16 09:10:41 21792 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-01-16 09:10:41 4182560 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-16 09:05:42 0 d-------- C:\KAV
2008-01-15 15:50:00 0 d-------- C:\Documents and Settings\Admin\.SunDownloadManager
2008-01-15 15:47:48 0 d-------- C:\Program Files\Common Files\Java
2008-01-15 15:41:27 0 d-------- C:\Program Files\SDM20
2008-01-15 09:25:39 0 d-------- C:\Program Files\Microsoft SMaRT
2008-01-14 17:02:14 0 d-------- C:\Documents and Settings\Admin\Application Data\Adobe
2008-01-14 16:10:49 0 d-------- C:\FFRMA
2008-01-13 23:18:07 0 d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-01-13 20:37:06 0 d-------- C:\Program Files\Trend Micro
2008-01-13 20:26:32 0 d-------- C:\Documents and Settings\Admin\Application Data\Macromedia
2008-01-13 20:25:38 0 d-------- C:\Documents and Settings\Admin\Application Data\Mozilla
2008-01-13 20:23:44 0 d-------- C:\Documents and Settings\Admin\Application Data\Identities
2008-01-13 20:23:44 0 d-------- C:\Documents and Settings\Admin\Application Data\CyberLink
2008-01-13 20:23:43 0 d-------- C:\Documents and Settings\Admin\WINDOWS
2008-01-13 20:23:43 0 d-------- C:\Documents and Settings\Admin\Templates
2008-01-13 20:23:43 0 dr------- C:\Documents and Settings\Admin\Start Menu
2008-01-13 20:23:43 0 dr------- C:\Documents and Settings\Admin\SendTo
2008-01-13 20:23:43 0 dr------- C:\Documents and Settings\Admin\Recent
2008-01-13 20:23:43 0 d-------- C:\Documents and Settings\Admin\PrintHood
2008-01-13 20:23:43 0 d-------- C:\Documents and Settings\Admin\NetHood
2008-01-13 20:23:43 0 dr------- C:\Documents and Settings\Admin\My Documents
2008-01-13 20:23:43 0 d--h----- C:\Documents and Settings\Admin\Local Settings
2008-01-13 20:23:43 0 dr------- C:\Documents and Settings\Admin\Favorites
2008-01-13 20:23:43 0 d-------- C:\Documents and Settings\Admin\Desktop
2008-01-13 20:23:43 0 d--hs---- C:\Documents and Settings\Admin\Cookies
2008-01-13 20:23:43 0 dr------- C:\Documents and Settings\Admin\Application Data
2008-01-13 20:23:43 0 d-------- C:\Documents and Settings\Admin\Application Data\You've Got Pictures Screensaver
2008-01-13 20:23:43 0 d-------- C:\Documents and Settings\Admin\Application Data\Sun
2008-01-13 20:23:42 2883584 --ah----- C:\Documents and Settings\Admin\NTUSER.DAT
2008-01-13 15:57:07 0 d-------- C:\Documents and Settings\Daddy\Application Data\Macromedia
2008-01-13 15:33:29 0 d-------- C:\Documents and Settings\Daddy\Application Data\Yahoo!
2008-01-13 15:33:26 0 d-------- C:\Documents and Settings\Daddy\Application Data\Google
2008-01-13 15:32:15 0 d-------- C:\Documents and Settings\Daddy\Application Data\Mozilla
2008-01-13 15:22:32 0 d-------- C:\Documents and Settings\Daddy\Application Data\Adobe
2008-01-13 14:02:51 0 d-------- C:\Documents and Settings\Lauren\Application Data\Yahoo!
2008-01-13 14:02:36 0 d-------- C:\Documents and Settings\Lauren\Application Data\Google
2008-01-13 14:00:35 0 d-------- C:\Documents and Settings\Lauren\Application Data\Macromedia
2008-01-13 13:59:33 0 d-------- C:\Documents and Settings\Lauren\Application Data\Mozilla
2008-01-13 13:08:06 0 d-------- C:\Documents and Settings\Lauren\Application Data\Identities
2008-01-13 13:08:06 0 d-------- C:\Documents and Settings\Lauren\Application Data\CyberLink
2008-01-13 13:08:05 0 d-------- C:\Documents and Settings\Lauren\WINDOWS
2008-01-13 13:08:05 0 d-------- C:\Documents and Settings\Lauren\Templates
2008-01-13 13:08:05 0 dr------- C:\Documents and Settings\Lauren\Start Menu
2008-01-13 13:08:05 0 dr------- C:\Documents and Settings\Lauren\SendTo
2008-01-13 13:08:05 0 dr------- C:\Documents and Settings\Lauren\Recent
2008-01-13 13:08:05 0 d-------- C:\Documents and Settings\Lauren\PrintHood
2008-01-13 13:08:05 1835008 --ah----- C:\Documents and Settings\Lauren\NTUSER.DAT
2008-01-13 13:08:05 0 d-------- C:\Documents and Settings\Lauren\NetHood
2008-01-13 13:08:05 0 dr------- C:\Documents and Settings\Lauren\My Documents
2008-01-13 13:08:05 0 d--h----- C:\Documents and Settings\Lauren\Local Settings
2008-01-13 13:08:05 0 dr------- C:\Documents and Settings\Lauren\Favorites
2008-01-13 13:08:05 0 d-------- C:\Documents and Settings\Lauren\Desktop
2008-01-13 13:08:05 0 d--hs---- C:\Documents and Settings\Lauren\Cookies
2008-01-13 13:08:05 0 dr------- C:\Documents and Settings\Lauren\Application Data
2008-01-13 13:08:05 0 d-------- C:\Documents and Settings\Lauren\Application Data\You've Got Pictures Screensaver
2008-01-13 13:08:05 0 d-------- C:\Documents and Settings\Lauren\Application Data\Sun
2008-01-13 13:08:05 0 d---s---- C:\Documents and Settings\Lauren\Application Data\Microsoft
2008-01-13 13:03:09 0 d-------- C:\Documents and Settings\Daddy\Application Data\Identities
2008-01-13 13:03:09 0 d-------- C:\Documents and Settings\Daddy\Application Data\CyberLink
2008-01-13 13:03:08 0 d-------- C:\Documents and Settings\Daddy\WINDOWS
2008-01-13 13:03:08 0 d-------- C:\Documents and Settings\Daddy\Templates
2008-01-13 13:03:08 0 dr------- C:\Documents and Settings\Daddy\Start Menu
2008-01-13 13:03:08 0 dr------- C:\Documents and Settings\Daddy\SendTo
2008-01-13 13:03:08 0 dr------- C:\Documents and Settings\Daddy\Recent
2008-01-13 13:03:08 0 d-------- C:\Documents and Settings\Daddy\PrintHood
2008-01-13 13:03:08 0 d-------- C:\Documents and Settings\Daddy\NetHood
2008-01-13 13:03:08 0 dr------- C:\Documents and Settings\Daddy\My Documents
2008-01-13 13:03:08 0 d--h----- C:\Documents and Settings\Daddy\Local Settings
2008-01-13 13:03:08 0 dr------- C:\Documents and Settings\Daddy\Favorites
2008-01-13 13:03:08 0 d-------- C:\Documents and Settings\Daddy\Desktop
2008-01-13 13:03:08 0 d--hs---- C:\Documents and Settings\Daddy\Cookies
2008-01-13 13:03:08 0 dr------- C:\Documents and Settings\Daddy\Application Data
2008-01-13 13:03:08 0 d-------- C:\Documents and Settings\Daddy\Application Data\You've Got Pictures Screensaver
2008-01-13 13:03:08 0 d-------- C:\Documents and Settings\Daddy\Application Data\Sun
2008-01-13 13:03:08 0 d---s---- C:\Documents and Settings\Daddy\Application Data\Microsoft
2008-01-13 13:03:07 2359296 --ah----- C:\Documents and Settings\Daddy\NTUSER.DAT
2008-01-13 08:47:12 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-01-11 18:47:15 0 --a------ C:\WINDOWS\system32\eFax_4_3_Port
2008-01-11 18:47:15 0 d-------- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output
2008-01-11 18:46:50 0 d-------- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Setup
2008-01-11 18:46:45 0 d-------- C:\Program Files\eFax Messenger 4.3
2008-01-09 23:08:05 0 d-------- C:\Documents and Settings\Julie\Application Data\Canon
2008-01-08 14:51:50 0 d-------- C:\Program Files\Windows Defender
2008-01-08 14:07:06 0 d-------- C:\Documents and Settings\Julie\Application Data\eFax Messenger
2008-01-08 10:43:35 0 d-------- C:\Documents and Settings\Guest\Application Data\Yahoo!
2008-01-08 10:12:30 86016 --a------ C:\WINDOWS\system32\drivers\srr.sys
2008-01-08 10:12:28 0 d-------- C:\WINDOWS\system32\usmvt3
2008-01-08 10:12:28 0 d-------- C:\WINDOWS\system32\oobe3
2008-01-08 10:12:28 0 d-------- C:\WINDOWS\system32\cache3
2008-01-08 10:12:27 0 d-------- C:\WINDOWS\system32\drivez4
2008-01-08 10:12:27 0 d-------- C:\WINDOWS\system32\comp2
2008-01-08 10:12:23 0 d-------- C:\WINDOWS\system32\ardCo01
2008-01-06 13:19:47 0 d-------- C:\Documents and Settings\Julie\Application Data\Yahoo!
-- Find3M Report ---------------------------------------------------------------
2008-01-21 21:25:23 0 d-------- C:\Program Files\Common Files
2008-01-19 17:33:13 0 d-------- C:\Program Files\SwiftView
2008-01-19 17:33:12 0 d-------- C:\Program Files\Red Thunder
2008-01-19 17:33:08 0 d-------- C:\Program Files\QuickTime
2008-01-19 17:33:07 0 d-------- C:\Program Files\palmOne
2008-01-19 17:33:06 0 d-------- C:\Program Files\OfficeUpdate11
2008-01-19 17:32:51 0 d-------- C:\Program Files\Microsoft AntiSpyware
2008-01-19 17:32:45 0 d-------- C:\Program Files\HP
2008-01-19 17:32:43 0 d-------- C:\Program Files\GameSpy Arcade
2008-01-19 17:32:41 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-19 17:32:37 0 d-------- C:\Program Files\Common Files\AOL
2008-01-19 17:32:36 0 d-------- C:\Program Files\Battles In Normandy Demo
2008-01-19 17:32:36 0 d-------- C:\Program Files\Apple Software Update
2008-01-15 15:49:18 0 d-------- C:\Program Files\Java
2007-12-13 08:45:29 0 d-------- C:\Program Files\Microsoft Picture It! 9
2007-12-13 08:45:28 0 d-------- C:\Program Files\Messenger
2007-10-29 08:18:46 0 --a----c- C:\WINDOWS\system32\eFax_4_2_Port
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [03/27/2004 11:20 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/27/2004 11:20 AM]
"ATIModeChange"="Ati2mdxx.exe" [08/30/2002 05:17 AM C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [05/16/2003 01:10 PM]
"SunKist"="C:\Program Files\Digital Media Reader\shwicon2k.exe" [05/26/2004 07:57 PM]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [06/07/2003 07:32 PM]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [06/22/2004 07:05 AM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [06/03/2004 03:50 AM]
"PrintServer Diagnostic"="C:\Program Files\Print Server\PTP\PSDiagnostic.exe" [11/24/2004 04:09 PM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 07:20 PM]
"eFax 4.3"="C:\Program Files\eFax Messenger 4.3\J2GDllCmd.exe" [03/06/2007 12:21 PM]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [12/11/2007 09:42 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [12/14/2007 03:42 AM]
"WD NetCenter EasyLink"="C:\Program Files\Western Digital Technologies\NetCenter EasyLink\WDEzLink.exe" [10/12/2005 01:51 PM]
"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe" [02/14/2006 06:32 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
eFax 4.3.lnk - C:\Program Files\eFax Messenger 4.3\J2GTray.exe [1/11/2008 6:46:48 PM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- Hosts -----------------------------------------------------------------------
127.0.0.1 localhost
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1
http://www.aaa-livedoor.net127.0.0.1
http://www.abx4.com127.0.0.1 acezip.net
127.0.0.1
http://www.acezip.net127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
16575 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-01-22 09:44:52 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Mobile AMD Athlon(tm) XP 3000+
Percentage of Memory in Use: 55%
Physical Memory (total/avail): 703.48 MiB / 310.93 MiB
Pagefile Memory (total/avail): 1336.04 MiB / 841.65 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1923.68 MiB
C: is Fixed (NTFS) - 74.53 GiB total, 46.14 GiB free.
D: is CDROM (CDFS)
E: is Removable (No Media)
F: is Removable (FAT)
Z: is Network (NTFS)
\\.\PHYSICALDRIVE0 - IC25N080ATMR04-0 - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.53 GiB - C:
\\.\PHYSICALDRIVE1 - Generic CF Reader USB Device
\\.\PHYSICALDRIVE2 - Generic SM/SD/MS Reader USB Device - 478.5 MiB - 1 partition
\PARTITION0 (bootable) - MS-DOS V4 Huge - 480.26 MiB - F:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
AntivirusOverride is set.
FW: Windows Live OneCare Firewall v1.0.0 (Microsoft Corporation)
AV: Windows Live OneCare v1.0.0 (Microsoft Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft SMaRT\\SMaRTWatcherConsole.exe"="C:\\Program Files\\Microsoft SMaRT\\SMaRTWatcherConsole.exe"
"C:\\Program Files\\Microsoft SMaRT\\SMaRTUI.exe"="C:\\Program Files\\Microsoft SMaRT\\SMaRTUI.exe"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
"C:\\Program Files\\THQ\\Dawn of War\\W40k.exe"="C:\\Program Files\\THQ\\Dawn of War\\W40k.exe:*:Enabled:W40K"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\\Program Files\\Nival Interactive\\Blitzkrieg\\Run\\game.exe"="C:\\Program Files\\Nival Interactive\\Blitzkrieg\\Run\\game.exe:*:Enabled:Game"
"C:\\DBA Online\\dba_server\\server.exe"="C:\\DBA Online\\dba_server\\server.exe:*:Disabled:server"
"C:\\FFRMA\\Office\\MSACCESS.EXE"="C:\\FFRMA\\Office\\MSACCESS.EXE:*:Enabled:Microsoft Access"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Admin\Application Data
CLASSPATH=.;C:\Borland\JBuilder2005\jdk1.4\jre\lib\ext\QTJava.zip
COLLECTIONID=COL8143
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=WMONAHAN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1pro.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Admin
ITEMID=dj-22741-10
LANG=1033
LOGONSERVER=\\WMONAHAN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Borland\JBuilder2005\jdk1.4\jre\lib\ext\QTJava.zip
SESSIONID=1102555946115htx693110c2e8:100bd51539b:2fc7
SESSIONNAME=Console
SWUTVER=1.0.22.20030804
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Admin\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\Admin\LOCALS~1\Temp
TOOLPATH=/c:\Program%20Files\HP\HP%20Software%20Update\install.htm
UPDATEDIR=C:\DOCUME~1\Owner\LOCALS~1\Temp\rad13D75.tmp
USERDOMAIN=WMONAHAN
USERNAME=Admin
USERPROFILE=C:\Documents and Settings\Admin
VERSION=3.0.2.993
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Owner
Julie
Daddy
Lauren
Admin
(admin)Administrator
(admin)Guest
(guest)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Motorola Inc.\Motorola USB Modem Installation\Uninst.isu"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
B.I.S.S. Hosts Manager --> MsiExec.exe /I{A931C76A-8189-4485-A686-53A91658CD30}
BCM Wireless Network Adapter --> C:\WINDOWS\system32\BCMWLU00.exe verbose
BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
Canon CanoScan Toolbox 4.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\Setup.exe" -l0x9 anything
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Close Combat IV --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Close Combat IV\Uninst.isu"
DBA Online --> C:\DBA Online\uninstall.exe
Digital Media Reader --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A607AC66-0C76-4519-9751-E12A93BF8EB2}
Dynamic Draw Professional 4 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Fukushiro Soft\Dynamic Draw4\Uninst.isu"
eFax Messenger 4.3 --> C:\Program Files\eFax Messenger 4.3\Uninstall.exe
Firefight 4.0 --> "C:\Program Files\Firefight\unins000.exe"
Fog of War --> MsiExec.exe /I{73403ADB-A1FA-4F7C-A8FA-A696A0C65C03}
GameMapr --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GameMapr\GameMapr\Uninst.isu"
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
GTOneCare --> MsiExec.exe /X{EE7C954E-2356-491D-9188-D1852ADF41FE}
GWCares --> MsiExec.exe /I{82EF8297-C8B2-4CA8-9430-FF2BC8C40414}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\Documents and Settings\Julie\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
HPS North German Plain '85 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DA2E1669-D933-46B0-8954-CC202C7BEEB4}\setup.exe" -l0x9
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
Invasion Normandy Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FE3B1680-9947-11D4-9E9D-0050DA1EA555}\setup.exe"
iPod for Windows 2005-09-23 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC} /l1033
iPod for Windows 2005-11-17 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{8338BA06-E527-491B-9400-F51708FEE695} /l1033
IPP Port Monitor --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IPP Port Monitor\Uninst.isu"
iTunes --> MsiExec.exe /I{3592F5CB-B524-43AA-92F2-2377268199CC}
Java(TM) 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Linksys Bi-Admin --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Linksys\PrintServer\Uninst.isu"
Linksys EasyLink Advisor 1.6 (0033) --> rundll32 C:\PROGRA~1\LINKSY~1\AUInst.dll,ExUninstall
Linksys PrintServer Driver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Linksys\PrintDriver\Uninst.isu"
Memories Disc Creator 2.0 --> MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft ActiveX Control Pad --> C:\Program Files\ActiveX Control Pad\Setup\Remove.exe
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money 2004 --> MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft Money 2004 System Pack --> MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft MSDN 2005 Express Edition - ENU --> C:\Program Files\Microsoft Visual Studio 8\Microsoft MSDN 2005 Express Edition - ENU\install.exe
Microsoft Office Access 2003 --> MsiExec.exe /I{90150409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Access 2003 Inside Out --> MsiExec.exe /X{80756F64-3FFA-4DBB-B518-C4C7015D8BAD}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Photo Premium 9 --> c:\WINDOWS\System32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903}
Microsoft Protection Service --> MsiExec.exe /I{62514E51-0E57-41B8-968C-43BB55694CC6}
Microsoft SMaRT --> "C:\Program Files\Microsoft SMaRT\SMaRTExtractHelper.exe" -uninstall
Microsoft SQL Server 2005 --> "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) --> MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition --> MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server Native Client --> MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft Streets and Trips 2005 with USB GPS --> MsiExec.exe /I{67E4EE98-59F4-4210-89A6-A20AF5BEC689}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual Web Developer 2005 Express Edition - ENU --> C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Web Developer 2005 Express Edition - ENU\setup.exe
Microsoft Visual Web Developer 2005 Express Edition - ENU --> MsiExec.exe /X{221125DC-6A40-4900-B844-591F5E1195B0}
Microsoft Visual Web Developer 2005 Express Edition - ENU Service Pack 1 (KB926751) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {D07A13F7-D30C-47DD-AD95-7D0105811327} /package {221125DC-6A40-4900-B844-591F5E1195B0}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Windows Live OneCare Resources v2.0.2500.14 --> MsiExec.exe /I{5660022E-F3F2-4126-8CC5-9726C47150EB}
Microsoft Windows OneCare Live AntiSpyware and AntiVirus --> MsiExec.exe /I{CB8410EA-A3D5-47F2-8653-D4EEA4BF8D4C}
Microsoft Windows OneCare Live v2.0.2500.14 --> MsiExec.exe /I{D07A8E7E-D324-4945-BA8C-E532AD008FF3}
Microsoft Windows OneCare Live v2.0.2500.14 Idcrl Install --> MsiExec.exe /I{3851147E-5A91-4469-BA4D-13FFFCC8A920}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Move Networks Player for Firefox --> "C:\Program Files\Mozilla Firefox\plugins\unins000.exe"
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MUSICMATCH® Jukebox --> C:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.exe
Nero BurnRights --> C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NetCenter EasyLink --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA7B0159-CEA4-4BD2-BA71-CDEE6A08A183}\setup.exe" -l0x9 -removeonly
Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Open Office Source Clode Link --> C:\PROGRA~1\PERFEC~1\OOSOUR~1\UNWISE.EXE C:\PROGRA~1\PERFEC~1\OOSOUR~1\UNINST~1.LOG
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Palm Desktop --> MsiExec.exe /X{E89D78B8-28F7-412F-8B26-C684739CBBDC}
Photosmart 140,240,7200,7600,7700,7900 Series --> c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat
Poseidon For UML CE 3.0 --> "C:\Program Files\Poseidon For UML CE 3.0\UninstallerData\Uninstall Poseidon For UML CE 3.0.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Print Server Driver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Print Server\PTP\Uninst.isu"
PX Engine --> MsiExec.exe /I{6513E869-647F-40FD-A55D-CFC92579B9BA}
Quick64 v1.0 BETA (Full) --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Quick64\ST6UNST.LOG"
QuickTime --> MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Reverse Mortgage Analyzer 00 --> MsiExec.exe /I{B5AA141B-F6CE-49C1-AD77-60388588EC0F}
Reverse Mortgage Analyzer 2000 --> C:\WINDOWS\uninst.exe -fC:\FFRMA\DeIsL1.isu -cC:\FFRMA\_ISREG32.DLL
Samsung ML-2510 Series --> C:\Program Files\Samsung\Samsung ML-2510 Series\Install\Setup.exe /R
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SoftK56 Data Fax CARP --> C:\PROGRAM FILES\CONEXANT\CNXT_MODEM_PCI_VEN_10B9&DEV_5457&SUBSYS_2033161F\HXFSETUP.EXE -U -IVEN_10B9&DEV_5457&SUBSYS_2033161F
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Steel Panthers World At War v8.20 --> C:\WINDOWS\iun6002.exe "C:\Matrix Games\Steel Panthers World At War\irunin.ini"
Sun(TM) Download Manager 2.0 --> C:\Program Files\SDM20\Uninstal.exe
SwiftView Viewer --> C:\Program Files\SwiftView\svinst.exe -Uninstall
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
War Plan Orange --> "C:\WINDOWS\War Plan Orange\uninstall.exe" "/U:C:\Matrix Games\War Plan Orange\Uninstall\uninstall.xml"
WebEx --> C:\PROGRA~1\WebEx\atcliun.exe
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Live OneCare --> "C:\Program Files\Microsoft Windows OneCare Live\OCSetup.exe" /u
Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Vista Upgrade Advisor --> MsiExec.exe /I{8F3CF9E1-D738-4C2B-8193-F45AC8B0EC7C}
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\WINDOWS\cache\YINSTH~1.DLL
-- Application Event Log -------------------------------------------------------
Event Record #/Type36391 / Error
Event Submitted/Written: 01/22/2008 09:43:11 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16574, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type36387 / Warning
Event Submitted/Written: 01/21/2008 11:51:21 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type36386 / Error
Event Submitted/Written: 01/21/2008 09:26:31 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application EXCEL.EXE, version 11.0.8169.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type36384 / Warning
Event Submitted/Written: 01/21/2008 09:25:11 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{91120409-6000-11D3-8CFE-0150048383C9}', feature 'EXCELFiles' failed during request for component '{A2B280D4-20FB-4720-99F7-40C09FBCE10A}'
Event Record #/Type36383 / Warning
Event Submitted/Written: 01/21/2008 09:25:11 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{91120409-6000-11D3-8CFE-0150048383C9}', feature 'EXCELFiles', component '{43A46B81-37A6-11D2-AA89-00A0C90F57B0}' failed. The resource 'C:\Program Files\Microsoft Office\OFFICE11\XLSTART\' does not exist.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type412955 / Warning
Event Submitted/Written: 01/22/2008 09:36:39 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver Samsung ML-2510 Series for Windows NT x86 Version-3 was added or updated. Files:- sugo3.DLL, sugo3UI.DLL, sugo3.DLL, sugo3U.DLL, sugo3U2.DLL, sugo3CM.DLL, sugo3UM.DLL, sugo3M.DLL, sugo3lf.DLL, sugo3CM.CTD, sugo3UM.XML, sugo3ab.chm, sugo3bp.chm, sugo3cp.chm, sugo3ct.chm, sugo3cz.chm, sugo3dn.chm, sugo3dt.chm, sugo3el.chm, sugo3EN.chm, sugo3fi.chm, sugo3fn.chm, sugo3gr.chm, sugo3hb.chm, sugo3hu.chm, sugo3it.chm, sugo3kr.chm, sugo3nr.chm, sugo3po.chm, sugo3pt.chm, sugo3ru.chm, sugo3sp.chm, sugo3sw.chm, sugo3tk.chm, sugo3ab.dat, sugo3bp.dat, sugo3cp.dat, sugo3ct.dat, sugo3cz.dat, sugo3dn.dat, sugo3dt.dat, sugo3el.dat, sugo3EN.DAT, sugo3fi.dat, sugo3fn.dat, sugo3gr.dat, sugo3hb.dat, sugo3hu.dat, sugo3it.dat, sugo3kr.dat, sugo3nr.dat, sugo3po.dat, sugo3pt.dat, sugo3ru.dat, sugo3sp.dat, sugo3sw.dat, sugo3tk.dat, sugo3M0.BMP, sugo3M1.BMP, sugo3M2.BMP, sugo3M3.BMP, sugo3u1.bmp, sugo3Ua.BMP, sugo3Ub.BMP, sugo3UC.BMP, sugo3UG.BMP, sugo3Ul.BMP, sugo3U.BMP, sugo3U.INI, sugo3.VER.
Event Record #/Type412954 / Warning
Event Submitted/Written: 01/22/2008 09:36:35 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver Samsung ML-2510 Series for Windows NT x86 Version-3 was added or updated. Files:- sugo3.DLL, sugo3UI.DLL, sugo3.DLL, sugo3U.DLL, sugo3U2.DLL, sugo3CM.DLL, sugo3UM.DLL, sugo3M.DLL, sugo3lf.DLL, sugo3CM.CTD, sugo3UM.XML, sugo3ab.chm, sugo3bp.chm, sugo3cp.chm, sugo3ct.chm, sugo3cz.chm, sugo3dn.chm, sugo3dt.chm, sugo3el.chm, sugo3EN.chm, sugo3fi.chm, sugo3fn.chm, sugo3gr.chm, sugo3hb.chm, sugo3hu.chm, sugo3it.chm, sugo3kr.chm, sugo3nr.chm, sugo3po.chm, sugo3pt.chm, sugo3ru.chm, sugo3sp.chm, sugo3sw.chm, sugo3tk.chm, sugo3ab.dat, sugo3bp.dat, sugo3cp.dat, sugo3ct.dat, sugo3cz.dat, sugo3dn.dat, sugo3dt.dat, sugo3el.dat, sugo3EN.DAT, sugo3fi.dat, sugo3fn.dat, sugo3gr.dat, sugo3hb.dat, sugo3hu.dat, sugo3it.dat, sugo3kr.dat, sugo3nr.dat, sugo3po.dat, sugo3pt.dat, sugo3ru.dat, sugo3sp.dat, sugo3sw.dat, sugo3tk.dat, sugo3M0.BMP, sugo3M1.BMP, sugo3M2.BMP, sugo3M3.BMP, sugo3u1.bmp, sugo3Ua.BMP, sugo3Ub.BMP, sugo3UC.BMP, sugo3UG.BMP, sugo3Ul.BMP, sugo3U.BMP, sugo3U.INI, sugo3.VER.
Event Record #/Type412953 / Warning
Event Submitted/Written: 01/22/2008 09:35:05 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver Samsung ML-2510 Series for Windows NT x86 Version-3 was added or updated. Files:- sugo3.DLL, sugo3UI.DLL, sugo3.DLL, sugo3U.DLL, sugo3U2.DLL, sugo3CM.DLL, sugo3UM.DLL, sugo3M.DLL, sugo3lf.DLL, sugo3CM.CTD, sugo3UM.XML, sugo3ab.chm, sugo3bp.chm, sugo3cp.chm, sugo3ct.chm, sugo3cz.chm, sugo3dn.chm, sugo3dt.chm, sugo3el.chm, sugo3EN.chm, sugo3fi.chm, sugo3fn.chm, sugo3gr.chm, sugo3hb.chm, sugo3hu.chm, sugo3it.chm, sugo3kr.chm, sugo3nr.chm, sugo3po.chm, sugo3pt.chm, sugo3ru.chm, sugo3sp.chm, sugo3sw.chm, sugo3tk.chm, sugo3ab.dat, sugo3bp.dat, sugo3cp.dat, sugo3ct.dat, sugo3cz.dat, sugo3dn.dat, sugo3dt.dat, sugo3el.dat, sugo3EN.DAT, sugo3fi.dat, sugo3fn.dat, sugo3gr.dat, sugo3hb.dat, sugo3hu.dat, sugo3it.dat, sugo3kr.dat, sugo3nr.dat, sugo3po.dat, sugo3pt.dat, sugo3ru.dat, sugo3sp.dat, sugo3sw.dat, sugo3tk.dat, sugo3M0.BMP, sugo3M1.BMP, sugo3M2.BMP, sugo3M3.BMP, sugo3u1.bmp, sugo3Ua.BMP, sugo3Ub.BMP, sugo3UC.BMP, sugo3UG.BMP, sugo3Ul.BMP, sugo3U.BMP, sugo3U.INI, sugo3.VER.
Event Record #/Type412952 / Warning
Event Submitted/Written: 01/22/2008 09:34:24 AM
Event ID/Source: 3 / Print
Event Description:
Printer Samsung ML-2510 Series was deleted.
Event Record #/Type412951 / Warning
Event Submitted/Written: 01/22/2008 09:34:18 AM
Event ID/Source: 4 / Print
Event Description:
Printer Samsung ML-2510 Series is pending deletion.
-- End of Deckard's System Scanner: finished at 2008-01-22 09:44:52 ------------