thanks for the advice on p2p but i am very aware of the problems they can cause and use them with great caution. as for incredimail, the vesion i have is a premium one. i have used it for many years and had no advers experiences with it.
Deckard's System Scanner v20071014.68
Run by tom on 2008-01-19 14:11:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-01-19 14:11:09 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as tom.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:51, on 19/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
C:\Program Files\Wireless Device\Wireless Keyboard\osd.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\tom\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\tom.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.virginmedia.com/newsR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe
O4 - Global Startup: Enable Wireless Optical Mouse Driver.lnk = C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe
O8 - Extra context menu item: &D&ownload &with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 9007499156O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
--
End of file - 6317 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20071229-142618-664 O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
backup-20071229-142618-884 O4 - HKCU\..\Run: [Ljq] C:\WINDOWS\system32\?ymbols\r?gsvr32.exe
backup-20071229-142618-967 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
backup-20071229-143909-125 O8 - Extra context menu item: &D&ownload all with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
backup-20071229-143909-345 O8 - Extra context menu item: &D&ownload all video with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
backup-20071229-143909-428 O8 - Extra context menu item: &D&ownload &with BitComet -
res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
backup-20071229-145739-470 O2 - BHO: (no name) - {C0B0B8E1-CAF5-405A-83E0-AA7D01C88A96} - C:\WINDOWS\system32\vturp.dll
backup-20071229-145739-553 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20071229-162401-511 O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
backup-20071229-162401-656 O2 - BHO: (no name) - {C0B0B8E1-CAF5-405A-83E0-AA7D01C88A96} - C:\WINDOWS\system32\vturp.dll (file missing)
backup-20071231-103949-858 O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
backup-20080110-205710-754 O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
backup-20080110-211833-773 O4 - HKCU\..\Run: [Obrrq] C:\WINDOWS\?racle\s?anregw.exe
backup-20080117-162523-239 O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -
res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 BANTExt (Belarc SMBios Access) - c:\windows\system32\drivers\bantext.sys
R1 kbfilter (Keyboard Filter Driver) - c:\windows\system32\drivers\kbfilter.sys <Not Verified; WayTech Development, Inc.; Keyboard filter driver>
R1 tmtdi (Trend Micro TDI Driver) - c:\windows\system32\drivers\tmtdi.sys <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>
R2 tmmbd (Trend Micro MBD Driver) - c:\windows\system32\drivers\tm_mbd_c.sys <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>
S3 usbsermpt (Motorola USB Modem Driver for MPT) - c:\windows\system32\drivers\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 PcCtlCom (Trend Micro Central Control Component) - c:\progra~1\trendm~1\intern~1\pcctlcom.exe <Not Verified; Trend Micro Inc.; Trend Micro Internet Security>
R2 Tmntsrv (Trend Micro Real-time Service) - c:\progra~1\trendm~1\intern~1\tmntsrv.exe <Not Verified; Trend Micro Inc.; Trend Micro Internet Security>
R2 TmPfw (Trend Micro Personal Firewall) - c:\progra~1\trendm~1\intern~1\tmpfw.exe <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>
R2 tmproxy (Trend Micro Proxy Service) - c:\progra~1\trendm~1\intern~1\tmproxy.exe <Not Verified; Trend Micro Inc.; Trend Micro Network Security Components 3.0>
R3 PcScnSrv (Trend Micro Protection Against Spyware ) - "c:\progra~1\trendm~1\intern~1\pcscnsrv.exe" <Not Verified; Trend Micro Inc.; Trend Micro Internet Security>
S4 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Atheros L2 Fast Ethernet 10/100 Base-T Controller
Device ID: PCI\VEN_1969&DEV_2048&SUBSYS_82331043&REV_A0\4&38D2602C&0&00E1
Manufacturer: Atheros
Name: Atheros L2 Fast Ethernet 10/100 Base-T Controller
PNP Device ID: PCI\VEN_1969&DEV_2048&SUBSYS_82331043&REV_A0\4&38D2602C&0&00E1
Service: AtcL002
-- Scheduled Tasks -------------------------------------------------------------
2007-12-28 19:40:42 136 --ah----- C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_setup_exe.job
-- Files created between 2007-12-19 and 2008-01-19 -----------------------------
2008-01-18 14:32:19 0 d-------- C:\Program Files\ASUS
2008-01-15 19:08:09 0 d-------- C:\Program Files\Enigma Software Group
2008-01-15 15:02:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-15 15:02:26 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-13 18:13:55 0 d-------- C:\Documents and Settings\tom\Application Data\VSRevoGroup
2008-01-13 16:22:00 3840 --a------ C:\WINDOWS\system32\drivers\BANTExt.sys
2008-01-13 16:22:00 0 d-------- C:\Program Files\Belarc
2008-01-11 10:04:16 0 d-------- C:\Program Files\VS Revo Group
2008-01-10 21:57:28 0 dr-h----- C:\Documents and Settings\tom\Recent
2008-01-10 20:50:33 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-10 20:50:33 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-10 20:50:33 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-10 20:50:33 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-01-10 20:50:33 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-10 20:50:33 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-09 15:16:14 0 d-------- C:\Program Files\Total Video Converter
2008-01-09 14:46:16 0 d-------- C:\Documents and Settings\tom\Application Data\ArcSoft
2008-01-09 14:45:31 77312 --a------ C:\WINDOWS\system32\TWAIN_32.DLL <Not Verified; Twain Working Group; Twain_32 Source Manager>
2008-01-09 14:45:31 212480 --a------ C:\WINDOWS\system32\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2008-01-09 14:44:29 0 d-------- C:\Program Files\ArcSoft
2008-01-05 19:31:05 0 d-------- C:\Program Files\What's In My Computer
2008-01-01 20:35:10 0 d-------- C:\Program Files\Microsoft LifeCam
2008-01-01 19:19:19 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-01-01 19:19:19 8 -rahs---- C:\WINDOWS\system32\25C29B6A4F.sys
2008-01-01 19:19:16 0 d-------- C:\Documents and Settings\tom\Application Data\Corel
2008-01-01 19:18:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-01-01 19:18:00 0 d-------- C:\Program Files\Corel
2008-01-01 19:18:00 0 d-------- C:\Program Files\Common Files\Corel
2008-01-01 14:03:16 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-01 14:02:53 0 d-------- C:\Program Files\PerformanceTest
2008-01-01 13:50:59 0 d-------- C:\Program Files\Lavalys
2007-12-31 17:15:35 0 d-------- C:\Documents and Settings\tom\Application Data\Media Player Classic
2007-12-31 15:54:18 164352 --a------ C:\WINDOWS\system32\unrar.dll
2007-12-31 15:54:16 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified;
http://www.helixcommunity.org; Helix YV12 YUV Codec>
2007-12-31 15:54:16 282624 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-12-31 15:54:16 1559040 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-12-31 15:54:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-12-31 15:54:16 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-12-31 15:54:14 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-12-31 15:54:14 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-31 15:54:13 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-12-31 15:47:42 0 d-------- C:\Program Files\Ligos
2007-12-31 15:38:05 56320 --a------ C:\WINDOWS\system32\iyvu9_32.dll
2007-12-31 15:38:05 27648 --a------ C:\WINDOWS\system32\ir50_lcs.dll <Not Verified; Intel Corporation.; Intel Indeo® video 5.0 LC>
2007-12-31 15:38:05 136704 --a------ C:\WINDOWS\system32\iacenc.dll <Not Verified; Ligos Corporation; Indeo® Audio Software>
2007-12-31 15:37:18 0 d-------- C:\Documents and Settings\tom\WINDOWS
2007-12-31 15:25:35 0 d-------- C:\Documents and Settings\tom\Application Data\vlc
2007-12-31 15:17:44 0 d-------- C:\WINDOWS\system32\appmgmt
2007-12-31 15:02:08 0 d-------- C:\Documents and Settings\tom\Application Data\InstallShield
2007-12-31 15:00:53 0 d-------- C:\Program Files\Avanquest update
2007-12-31 14:59:29 0 d-------- C:\Program Files\Motorola Phone Tools
2007-12-31 14:59:29 0 d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2007-12-31 14:59:23 22768 --a------ C:\WINDOWS\system32\drivers\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2007-12-31 14:59:23 24192 --a------ C:\Documents and Settings\tom\usbsermptxp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-31 14:59:23 22768 --a------ C:\Documents and Settings\tom\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2007-12-30 19:39:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-12-30 19:37:56 0 d-------- C:\Program Files\Yahoo!
2007-12-30 19:37:43 0 d-------- C:\Program Files\CCleaner
2007-12-30 09:58:51 0 d-------- C:\Program Files\MSXML 4.0
2007-12-30 09:00:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-12-30 08:53:57 0 d-------- C:\Program Files\Common Files\L&H
2007-12-30 08:53:47 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-12-30 08:53:22 0 d-------- C:\Program Files\Microsoft Works
2007-12-30 08:53:03 0 d-------- C:\WINDOWS\SHELLNEW
2007-12-30 08:51:27 0 d-------- C:\Program Files\Microsoft.NET
2007-12-30 08:49:16 0 dr-h----- C:\MSOCache
2007-12-29 21:29:48 0 d-------- C:\Documents and Settings\All Users\Application Data\SlySoft
2007-12-29 21:27:57 0 d-------- C:\Program Files\SlySoft
2007-12-29 21:19:35 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-12-29 21:19:30 0 d-------- C:\Program Files\DVD Shrink
2007-12-29 21:13:38 0 d-------- C:\Documents and Settings\tom\Application Data\Nero
2007-12-29 21:11:23 0 d-------- C:\Program Files\Nero
2007-12-29 21:11:23 0 d-------- C:\Program Files\Common Files\Nero
2007-12-29 21:11:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-12-29 20:49:34 0 d-------- C:\Program Files\Microsoft AutoRoute
2007-12-29 20:47:38 0 d-------- C:\Program Files\auto route
2007-12-29 20:41:20 0 d-------- C:\Program Files\Google
2007-12-29 20:41:20 0 d-------- C:\Documents and Settings\tom\Application Data\Google
2007-12-29 20:39:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-12-29 20:21:29 0 d-------- C:\Program Files\VideoLAN
2007-12-29 19:49:55 0 d-------- C:\Documents and Settings\tom\Shared
2007-12-29 19:49:51 0 d-------- C:\Documents and Settings\tom\Incomplete <INCOMP~1>
2007-12-29 19:49:22 0 d-------- C:\Documents and Settings\tom\Application Data\LimeWire
2007-12-29 19:47:21 0 d-------- C:\Program Files\LimeWire
2007-12-29 19:46:17 0 d-------- C:\Documents and Settings\tom\Application Data\FaxCtr
2007-12-29 17:46:15 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-29 17:37:55 0 d-------- C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-12-29 17:36:42 32768 --a------ C:\WINDOWS\system32\LXPRMON.DLL
2007-12-29 17:36:42 20480 --a------ C:\WINDOWS\system32\LXPMONUI.DLL
2007-12-29 17:36:22 12288 --a------ C:\WINDOWS\system32\LXPMONRC.DLL <Not Verified; Lexmark International, Inc.; Lexmark Fax Solutions Software Print Monitor>
2007-12-29 17:36:22 98345 --a------ C:\WINDOWS\system32\IMHOST32.DLL <Not Verified; Data Techniques, Inc.; ImageMan Image Processing Toolkit>
2007-12-29 17:36:22 339968 --a------ C:\WINDOWS\system32\IMGMAN32.DLL <Not Verified; Data Techniques, Inc.; ImageMan Image Processing Toolkit>
2007-12-29 17:36:20 0 d-------- C:\Documents and Settings\All Users\Application Data\FaxCtr
2007-12-29 17:36:04 0 d-------- C:\Program Files\Lexmark Fax Solutions
2007-12-29 17:34:07 0 d-------- C:\Program Files\Lx_cats
2007-12-29 17:29:20 0 d-------- C:\Program Files\Lexmark 4300 Series
2007-12-29 17:29:01 0 d-------- C:\Temp
2007-12-29 15:28:54 0 d-------- C:\Program Files\Windows Media Connect 2
2007-12-29 15:27:14 0 d-------- C:\WINDOWS\system32\LogFiles
2007-12-29 11:53:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-29 11:52:23 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-29 10:53:16 745547 --a------ C:\WINDOWS\system32\Magentic Screensaver.scr <Not Verified; IncrediMail LTD.; Magentic Screensaver>
2007-12-29 10:53:03 0 d-------- C:\Program Files\Magentic
2007-12-29 10:51:45 0 d-------- C:\Documents and Settings\tom\Application Data\Adobe
2007-12-29 10:51:37 1167 --a------ C:\WINDOWS\mozver.dat
2007-12-29 10:46:08 1812 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-29 10:22:08 0 d-------- C:\Documents and Settings\tom\Application Data\Macromedia
2007-12-29 10:13:01 0 d-------- C:\Program Files\IncrediMail
2007-12-29 10:04:57 0 d-------- C:\Program Files\Lavasoft
2007-12-28 20:24:27 0 d-------- C:\WINDOWS\system32\Atheros_L2
2007-12-28 20:23:20 0 dr------- C:\WINDOWS\AsDmiHtm
2007-12-28 20:01:20 0 d-------- C:\Documents and Settings\tom\Application Data\skypePM
2007-12-28 20:01:20 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-12-28 19:59:31 0 d-------- C:\Documents and Settings\tom\Application Data\Skype
2007-12-28 19:59:04 0 d-------- C:\Program Files\Skype
2007-12-28 19:59:03 0 d-------- C:\Program Files\Common Files\Skype
2007-12-28 19:54:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-12-28 19:50:15 0 d-------- C:\WINDOWS\system32\drivers\umdf
2007-12-28 19:46:44 0 d-------- C:\Documents and Settings\tom\Contacts
2007-12-28 19:42:46 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-28 19:42:38 0 d-------- C:\Program Files\Windows Live
2007-12-28 19:42:24 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-12-28 19:30:36 12964 --a------ C:\WINDOWS\system32\drivers\kbfilter.sys <Not Verified; WayTech Development, Inc.; Keyboard filter driver>
2007-12-28 19:30:21 0 d-------- C:\Program Files\Wireless Device
2007-12-28 19:28:27 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-12-28 19:06:28 0 d-------- C:\Documents and Settings\tom\Application Data\Grisoft
2007-12-28 19:06:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-28 18:46:51 2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2007-12-28 18:46:50 0 d-------- C:\Downloads
2007-12-28 18:46:25 0 d-------- C:\Program Files\BitComet
2007-12-28 18:38:28 0 --a------ C:\WINDOWS\nsreg.dat
2007-12-28 18:38:24 0 d-------- C:\Documents and Settings\tom\Application Data\Mozilla
2007-12-28 18:25:32 0 d-------- C:\WINDOWS\pss
2007-12-28 17:48:51 0 d-------- C:\WINDOWS\network diagnostic
2007-12-28 17:41:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-12-28 17:25:03 0 d-------- C:\Program Files\Trend Micro
2007-12-28 17:25:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2007-12-28 17:18:19 364544 -ra------ C:\WINDOWS\system32\igxpun.exe <Not Verified; Intel(R) Corporation; Intel(R) Graphics Media Accelerator Driver>
2007-12-28 17:18:14 0 d-------- C:\WINDOWS\system32\PreInstall
2007-12-28 17:18:12 0 d--h----- C:\WINDOWS\$hf_mig$
2007-12-28 17:16:32 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-12-28 17:16:30 0 d-------- C:\Program Files\Intel
2007-12-28 17:14:50 0 d-------- C:\Intel
2007-12-28 17:13:01 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-12-28 17:09:39 0 d-------- C:\WINDOWS\system32\Lang
2007-12-28 17:08:25 49152 -ra------ C:\WINDOWS\system32\ChCfg.exe
2007-12-28 17:08:14 0 d-------- C:\WINDOWS\system32\RTCOM
2007-12-28 17:07:23 0 d-------- C:\Program Files\Realtek
2007-12-28 17:07:19 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-28 17:07:13 520192 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2007-12-28 17:05:11 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2007-12-28 17:04:53 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-12-28 17:04:49 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-12-28 17:04:49 0 d-------- C:\WINDOWS\Prefetch
2007-12-28 17:01:52 0 d-------- C:\WINDOWS\peernet
2007-12-28 17:01:51 0 d-------- C:\WINDOWS\provisioning
2007-12-28 17:01:12 0 d-------- C:\WINDOWS\ServicePackFiles
2007-12-28 17:00:02 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-12-28 16:59:08 0 d-------- C:\WINDOWS\EHome
2007-12-28 16:51:54 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2007-12-28 16:51:46 0 d-------- C:\Program Files\Common Files\InstallShield
2007-12-28 16:50:48 10288 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-12-28 16:44:36 0 d--hs---- C:\WINDOWS\Installer
2007-12-28 16:44:34 0 d-------- C:\Documents and Settings\tom\Application Data\Identities
2007-12-28 16:44:17 0 d--h----- C:\Documents and Settings\tom\Templates
2007-12-28 16:44:17 0 dr------- C:\Documents and Settings\tom\Start Menu
2007-12-28 16:44:17 0 dr-h----- C:\Documents and Settings\tom\SendTo
2007-12-28 16:44:17 0 d--h----- C:\Documents and Settings\tom\PrintHood
2007-12-28 16:44:17 4456448 --ah----- C:\Documents and Settings\tom\NTUSER.DAT
2007-12-28 16:44:17 0 d--h----- C:\Documents and Settings\tom\NetHood
2007-12-28 16:44:17 0 dr------- C:\Documents and Settings\tom\My Documents
2007-12-28 16:44:17 0 d--h----- C:\Documents and Settings\tom\Local Settings
2007-12-28 16:44:17 0 dr------- C:\Documents and Settings\tom\Favorites
2007-12-28 16:44:17 0 d-------- C:\Documents and Settings\tom\Desktop
2007-12-28 16:44:17 0 d--hs---- C:\Documents and Settings\tom\Cookies
2007-12-28 16:44:17 0 d--h----- C:\Documents and Settings\tom\Application Data
2007-12-28 16:43:48 0 d--hs---- C:\System Volume Information
2007-12-28 16:43:47 233472 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-12-28 16:43:47 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-12-28 16:43:47 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-12-28 16:43:47 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-12-28 16:43:47 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-12-28 16:43:47 233472 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-12-28 16:43:47 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-12-28 16:43:47 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-12-28 16:43:47 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-12-28 16:43:47 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-12-28 16:41:40 0 d-------- C:\WINDOWS\system32\xircom
2007-12-28 16:41:40 0 d-------- C:\Program Files\microsoft frontpage
2007-12-28 16:41:34 233472 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-12-28 16:41:25 0 -rahs---- C:\MSDOS.SYS
2007-12-28 16:41:25 0 -rahs---- C:\IO.SYS
2007-12-28 16:41:25 0 --a------ C:\CONFIG.SYS
2007-12-28 16:41:25 0 --a------ C:\AUTOEXEC.BAT
2007-12-28 16:40:55 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-12-28 16:40:50 0 dr------- C:\WINDOWS\Offline Web Pages
2007-12-28 16:40:50 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-12-28 16:40:30 0 d-------- C:\WINDOWS\srchasst
2007-12-28 16:40:18 0 d-------- C:\WINDOWS\system32\DirectX
2007-12-28 16:40:17 0 d-------- C:\WINDOWS\system32\Macromed
2007-12-28 16:39:51 0 d-------- C:\Program Files\Movie Maker
2007-12-28 16:39:02 0 d-------- C:\WINDOWS\system32\Restore
2007-12-28 16:38:51 0 d-------- C:\WINDOWS\PCHEALTH
2007-12-28 16:38:40 0 d---s---- C:\WINDOWS\Tasks
2007-12-28 16:38:34 0 d-------- C:\Program Files\Common Files\MSSoap
2007-12-28 16:38:10 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-12-28 16:38:00 0 d-------- C:\WINDOWS\Registration
2007-12-28 16:37:56 0 d--h----- C:\Program Files\WindowsUpdate
2007-12-28 16:37:56 0 d-------- C:\Program Files\Online Services
2007-12-28 16:37:50 0 d-------- C:\Program Files\Messenger
2007-12-28 16:37:31 0 d-------- C:\Program Files\MSN Gaming Zone
2007-12-28 16:37:14 0 d-------- C:\Program Files\Windows NT
2007-12-28 16:36:52 0 d-------- C:\WINDOWS\system32\MsDtc
2007-12-28 16:36:47 0 d-------- C:\WINDOWS\system32\Com
2007-12-28 16:32:22 0 d-------- C:\Program Files\Common Files\ODBC
2007-12-28 16:32:17 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-12-28 16:32:16 0 dr------- C:\Program Files
2007-12-28 16:32:16 0 d-------- C:\Program Files\Common Files
2007-12-28 16:31:45 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-12-28 16:31:45 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-12-28 16:31:45 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-12-28 16:31:45 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-12-28 16:31:45 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-12-28 16:31:45 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-12-28 16:31:45 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-12-28 16:31:45 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-12-28 16:31:45 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-12-28 16:31:45 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-12-28 16:31:45 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-12-28 16:31:45 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-12-28 16:31:45 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-12-28 16:31:45 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-12-28 16:31:45 0 dr------- C:\Documents and Settings\All Users\Documents
2007-12-28 16:31:45 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-12-28 16:31:06 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-12-28 16:31:06 0 d-------- C:\WINDOWS\system32\CatRoot
2007-12-28 16:31:01 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-12-28 16:31:01 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-12-28 16:31:01 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-12-28 16:31:01 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-12-28 16:30:45 0 d-------- C:\Documents and Settings
2007-12-28 16:27:37 0 d-------- C:\WINDOWS
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\WinSxS
2007-12-28 16:27:37 0 dr------- C:\WINDOWS\Web
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\twain_32
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\wins
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\wbem
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\usmt
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\spool
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\ShellExt
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\Setup
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\ras
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\oobe
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\npp
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\mui
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\inetsrv
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\IME
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\icsxml
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\ias
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\export
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\drivers
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-12-28 16:27:37 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\dhcp
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\config
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\3076
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\2052
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1054
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1042
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1041
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1037
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1033
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1031
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1028
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system32\1025
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\system
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\security
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Resources
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\repair
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\mui
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\msapps
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\msagent
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Media
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\java
2007-12-28 16:27:37 0 d--h----- C:\WINDOWS\inf
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\ime
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Help
2007-12-28 16:27:37 0 dr--s---- C:\WINDOWS\Fonts
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Driver Cache
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Debug
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Cursors
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Connection Wizard
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\Config
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\AppPatch
2007-12-28 16:27:37 0 d-------- C:\WINDOWS\addins
-- Find3M Report ---------------------------------------------------------------
2007-12-28 16:31:45 62 --ahs---- C:\Documents and Settings\tom\Application Data\desktop.ini
2007-10-23 17:06:08 585728 --a------ C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Windows Live Photo Gallery>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [10/04/2007 07:28 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [04/04/2007 09:22 C:\WINDOWS\SkyTel.exe]
"LXCECATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll" [20/07/2005 13:46]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [29/12/2007 14:15]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Enable Wireless Keyboard Driver.lnk - C:\Program Files\Wireless Device\Wireless Keyboard\Magickey.exe [28/12/2007 19:30:22]
Enable Wireless Optical Mouse Driver.lnk - C:\Program Files\Wireless Device\Wireless Mouse\MouseAp.exe [28/12/2007 19:30:24]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
"C:\Program Files\Lexmark 4300 Series\ezprint.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
"C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcemon.exe]
"C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
-- End of Deckard's System Scanner: finished at 2008-01-19 14:13:10 ------------
------------------------------------------------------------------------------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
CPU 1: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of Memory in Use: 36%
Physical Memory (total/avail): 2039.17 MiB / 1291.8 MiB
Pagefile Memory (total/avail): 3932.32 MiB / 3410.58 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1918.79 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 127.99 GiB total, 100.23 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)
\\.\PHYSICALDRIVE0 - Hitachi HDS721616PLA380 - 149.05 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 127.99 GiB - C:
\\.\PHYSICALDRIVE1 - Lexmark USB Mass Storage USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
UpdatesDisableNotify is set.
AntivirusOverride is set.
FW: Trend Micro PC-cillin Internet Security (Firewall) v15 (Trend Micro, Inc.)
AV: Trend Micro PC-cillin Internet Security 2007 v15.00.1454 (Trend Micro, Inc.)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"="C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic"
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"="C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"="C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\tom\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MINE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\tom
LOGONSERVER=\\MINE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\tom\LOCALS~1\Temp
TMP=C:\DOCUME~1\tom\LOCALS~1\Temp
USERDOMAIN=MINE
USERNAME=tom
USERPROFILE=C:\Documents and Settings\tom
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
tom
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> MsiExec.exe /I{219B0DA4-8F1A-499D-8795-4A07C632521E}
--> MsiExec.exe /I{644B991F-B109-4360-9DA3-40CDAD13961C}
--> MsiExec.exe /I{95D9B4D8-B091-4fab-80EA-313EB4B82FD6}
--> MsiExec.exe /I{EB997E90-5EB0-4eb5-90D0-90B1D2F0CA03}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
ArcSoft PhotoImpression 3.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoImpression 3.0\Uninst.isu"
ASUSUpdate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9
Atheros Communications Inc.(R) L2 Fast Ethernet Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A755762-EED8-47AB-A446-505766F93D43}\Setup.exe" -l0x9 -removeonly
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Belarc Advisor 7.2 --> C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG
BitComet 0.97 --> C:\Program Files\BitComet\uninst.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
EVEREST Ultimate Edition v4.00 --> "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IncrediMail JunkFilter Plus --> C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:JunkFilterPlus
IncrediMail Xe --> C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
Indeo® Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu"
Intel A/V Codecs V2.0 --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\CDUninst.isu
Intel(R) Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
K-Lite Codec Pack 3.6.2 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Lexmark 4300 Series --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxceUNST.EXE -NOLICENSE
Lexmark Fax Solutions --> C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe
LimeWire PRO 4.14.10 --> "C:\Program Files\LimeWire\uninstall.exe"
Magentic --> C:\PROGRA~1\Magentic\bin\mgsetup.exe /remove /addon:Magentic
Microsoft AutoRoute 2006 --> MsiExec.exe /I{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft LifeCam --> MsiExec.exe /X{63AFACBC-4795-4A1B-8037-5085DC03FC54}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{91E30409-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Motorola Phone Tools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x9 -removeonly
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 8 --> MsiExec.exe /X{9EDBB857-8028-49CD-B9C9-0B4D10CD1033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PerformanceTest v6.1 --> "C:\Program Files\PerformanceTest\unins000.exe"
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Registry Mechanic 5.1 --> "C:\Program Files\Registry Mechanic\unins000.exe"
Revo Uninstaller 1.42 --> C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Total Video Converter 3.10 --> "C:\Program Files\Total Video Converter\unins000.exe"
Trend Micro PC-cillin Internet Security 2007 --> msiexec.exe /i {BB4B6355-D38A-492C-873B-A1B2CF6C3832}
Trend Micro PC-cillin Internet Security 2007 --> MsiExec.exe /X{BB4B6355-D38A-492C-873B-A1B2CF6C3832}
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
What's In My Computer? --> "C:\Program Files\What's In My Computer\unins000.exe"
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail --> MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Photo Gallery --> MsiExec.exe /X{257E440F-781F-459B-9A68-A0872B80C1D6}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Writer --> MsiExec.exe /X{9176251A-4CC1-4DDB-B343-B487195EB397}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Wireless Keyboard and Optical Mouse --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Wireless Device\Wireless Keyboard\uninst.isu" -c"C:\Program Files\Wireless Device\Wireless Keyboard\UnInst.dll"
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type1386 / Success
Event Submitted/Written: 01/19/2008 10:47:11 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1375 / Success
Event Submitted/Written: 01/18/2008 09:25:57 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1364 / Success
Event Submitted/Written: 01/18/2008 03:25:16 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1357 / Error
Event Submitted/Written: 01/18/2008 02:54:32 PM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 593445573.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.
Event Record #/Type1356 / Error
Event Submitted/Written: 01/18/2008 02:54:23 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application update.exe, version 7.13.0.4, faulting module update.exe, version 7.13.0.4, fault address 0x0000414a.
Processing media-specific event for [update.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3685 / Warning
Event Submitted/Written: 01/16/2008 08:00:11 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type3587 / Error
Event Submitted/Written: 01/15/2008 07:10:37 PM
Event ID/Source: 10000 / DCOM
Event Description:
Unable to start a DCOM Server: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
The error:
"%%5"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding
Event Record #/Type3211 / Error
Event Submitted/Written: 01/11/2008 06:33:00 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Event Record #/Type3210 / Error
Event Submitted/Written: 01/11/2008 06:33:00 PM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Event Record #/Type3100 / Error
Event Submitted/Written: 01/10/2008 08:53:08 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
-- End of Deckard's System Scanner: finished at 2008-01-19 14:13:10 ------------