Online Scan ResultsBoth online scanners you told me to use yielded no results for the .....iexplore.exe
The pwmanager_messenger.dll file gave this message: "The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file"
Deckard's System Scanner v20071014.68
Run by nick on 2008-03-25 00:53:26
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-03-25 04:53:33 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as nick.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:26 AM, on 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\VM305_STI.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SPYWAREfighter\spftray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Documents and Settings\nick\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\nick.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://myneu.neu.edu/cp/home/loginfR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CDEReInst] "C:\Program Files\InstallShield Installation Information\{85459D1C-7569-4D5F-B5C4-C3F5A3BE746C}\setup.exe" /scsiinst
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKLM\..\Run: [usnsvc] "C:\WINDOWS\system32\Messenger Sharing USN Journal Reader Service.bat"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cryptoexpert] "C:\Program Files\CryptoExpert 2007 Pro\cexpert.exe" /T
O4 - HKCU\..\Run: [iTunesFolderWatch] C:\Program Files\JezSoft\iTunesFolderWatch\iTunesFolderWatch.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [usnsvc] "C:\WINDOWS\system32\Messenger Sharing USN Journal Reader Service.bat"
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: StumbleUpon PhotoBlog It! -
res://StumbleUponIEBar.dll/blogimageO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnotes.com/download/mnviewer.cabO16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) -
http://pcpitstop.com/internet/pcpConnCheck.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} -
http://www.fileplanet.com/fpdlmgr/cabs/ ... .2.100.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebook.com/controls/Fac ... loader.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 6382370281O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -
http://download.shockwave.com/pub/otoy/OTOYAX.cabO16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) -
http://www.sibelius.com/download/softwa ... Plugin.cabO16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) -
https://secure.logmein.com/activex/ractrl.cab?lmi=100O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 13089 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S0 fcdabus - c:\windows\system32\drivers\fcdabus.sys (file missing)
S0 nullcd - c:\windows\system32\drivers\nullcd.sys (file missing)
S3 3xHybrid (Philips SAA713x PCI Card) - c:\windows\system32\drivers\3xhybrid.sys <Not Verified; Philips Semiconductors GmbH; Philips Semiconductors 3xHybrid>
S3 fsRamDsk (RamDisk Drive Service) - c:\windows\system32\drivers\fsramdsk.sys (file missing)
S3 pgfilter - c:\program files\peerguardian2\pgfilter.sys
S3 vaxscsi - c:\windows\system32\drivers\vaxscsi.sys (file missing)
S3 ZSMC0305 (PC CAMERA 188) - c:\windows\system32\drivers\usbvm305.sys <Not Verified; Vimicro Corporation; >
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Diskeeper - "c:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper (TM) Disk Defragmenter>
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 52\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
S2 PCA (PC Angel) - c:\windows\sminst\pcangel.exe <Not Verified; SoftThinks; PCAngel Application>
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2006-08-27 12:49:48 104 --a------ C:\WINDOWS\Tasks\Low Battery Alarm Program.job
-- Files created between 2008-02-25 and 2008-03-25 -----------------------------
2008-03-24 14:30:45 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-17 22:25:39 0 d-------- C:\Program Files\Common Files\Application
2008-03-17 22:24:24 0 d-------- C:\Program Files\SPYWAREfighter
2008-03-17 19:44:17 0 d-------- C:\Program Files\DAMN NFO Viewer
2008-03-17 00:04:22 0 d-------- C:\Program Files\Web Services Accelerator
2008-03-17 00:04:14 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-03-14 16:41:07 0 d-------- C:\Documents and Settings\nick\Application Data\Grisoft
2008-03-14 16:40:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-14 16:04:40 0 d-------- C:\Program Files\EndItAll
2008-03-14 15:34:59 0 d-------- C:\Program Files\Driver Sweeper
2008-03-14 14:34:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-14 14:21:31 0 d-------- C:\Program Files\Trend Micro
2008-03-13 13:01:46 0 d-------- C:\Documents and Settings\LocalService\Application Data\StumbleUpon
2008-03-13 12:59:29 52224 --a------ C:\WINDOWS\system32\jpg.dll <Not Verified; Intel Corporation; Intel® JPEG Library>
2008-03-13 12:59:28 28160 --a------ C:\WINDOWS\system32\zlib.dll <Not Verified; ; ZLib.DLL>
2008-03-05 02:42:13 0 d-------- C:\Documents and Settings\All Users\Application Data\LightScribe
2008-03-05 02:35:01 0 d-------- C:\Program Files\Synaptics
2008-03-05 02:20:36 0 d-------- C:\Program Files\SP36691
2008-03-05 02:19:43 0 d-------- C:\WINDOWS\system32\Lang
2008-03-05 02:19:24 0 d-------- C:\Intel
2008-03-03 01:33:12 0 d-------- C:\Documents and Settings\All Users\Application Data\InstalledPackages
2008-03-02 03:50:07 0 d-------- C:\Program Files\PeerGuardian2
-- Find3M Report ---------------------------------------------------------------
2008-03-25 00:49:28 0 d-------- C:\Program Files\Java
2008-03-25 00:42:32 0 d-------- C:\Program Files\Symantec AntiVirus
2008-03-25 00:41:16 984576 --a------ C:\Documents and Settings\nick\Application Data\kernel33.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-25 00:39:29 0 d-------- C:\Program Files\LogMeIn
2008-03-24 23:40:32 0 d-------- C:\Documents and Settings\nick\Application Data\StumbleUpon
2008-03-24 22:18:37 0 d-------- C:\Program Files\WarRock
2008-03-23 08:21:53 0 d-------- C:\Documents and Settings\nick\Application Data\FileVOoM
2008-03-17 22:25:39 0 d-------- C:\Program Files\Common Files
2008-03-14 16:05:28 0 d-------- C:\Program Files\Microsoft IntelliPoint
2008-03-13 13:14:34 0 d-------- C:\Documents and Settings\nick\Application Data\BitTorrent
2008-03-05 02:38:01 0 d-------- C:\Program Files\Common Files\LightScribe
2008-03-04 23:42:17 0 d-------- C:\Program Files\AIM6
2008-03-04 23:23:30 0 d-------- C:\Program Files\Common Files\ACD Systems
2008-03-04 23:23:30 0 d-------- C:\Program Files\ACD Systems
2008-02-29 16:01:40 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-26 16:19:21 0 d-------- C:\Documents and Settings\nick\Application Data\Adobe
2008-02-12 18:26:16 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-04 01:11:24 0 d-------- C:\Documents and Settings\nick\Application Data\InstallShield
2008-01-31 11:42:36 0 d-------- C:\Program Files\Adobe Photoshop CS3
2008-01-31 11:21:48 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-01-28 18:53:14 2528 --a------ C:\Documents and Settings\nick\Application Data\$_hpcst$.hpc
2008-01-28 15:17:18 0 d-------- C:\Program Files\StumbleUpon
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [01/29/2006 09:00 PM C:\WINDOWS\AGRSMMSG.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [05/20/2005 04:11 AM]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [05/06/2005 05:06 PM]
"PTHOSTTR"="C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [02/14/2006 02:56 PM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [08/31/2005 08:20 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [09/14/2007 08:27 PM]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [02/14/2006 01:49 PM]
"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [12/22/2003 02:12 PM]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [03/02/2006 06:39 PM]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [02/22/2006 11:03 AM]
"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [12/20/2005 06:51 PM]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [01/23/2006 07:11 PM]
"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [02/15/2006 06:43 PM]
"WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [11/08/2005 11:59 AM]
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [06/07/2006 12:35 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [10/04/2005 12:42 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [11/15/2005 01:28 PM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [12/04/2005 08:39 PM]
"BigDog305"="C:\WINDOWS\VM305_STI.exe" [08/05/2005 04:15 PM]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [08/04/2004 04:00 AM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 07:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 07:50 PM]
"CDEReInst"="C:\Program Files\InstallShield Installation Information\{85459D1C-7569-4D5F-B5C4-C3F5A3BE746C}\setup.exe" []
"RAMDrive"="C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" []
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [02/16/2005 11:11 PM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" []
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [09/26/2007 06:05 PM]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [08/03/2007 04:09 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/11/2007 11:56 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [09/14/2007 08:29 PM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [08/08/2007 04:07 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [08/08/2007 04:07 PM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [08/08/2007 04:07 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"spywarefighterguard"="C:\Program Files\SPYWAREfighter\spftray.exe" [02/21/2008 03:37 PM]
"@"="" []
"usnsvc"="C:\WINDOWS\system32\Messenger Sharing USN Journal Reader Service.bat" [08/04/2004 04:00 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 05:25 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 04:00 AM]
"Aim6"="" []
"cryptoexpert"="C:\Program Files\CryptoExpert 2007 Pro\cexpert.exe" []
"iTunesFolderWatch"="C:\Program Files\JezSoft\iTunesFolderWatch\iTunesFolderWatch.exe" []
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" [07/02/2007 06:22 AM]
"usnsvc"="C:\WINDOWS\system32\Messenger Sharing USN Journal Reader Service.bat" [08/04/2004 04:00 AM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableChangePassword"=0 (0x0)
"DisableLockWorkstation"=0 (0x0)
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"=0 (0x0)
"NoLogOff"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 11/15/2007 07:46 PM 87352 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll 07/25/2005 02:41 PM 40960 C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli AsWlnPkg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance ASChannel
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-- Hosts -----------------------------------------------------------------------
127.0.0.1
http://www.007guard.com127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
http://www.008k.com127.0.0.1 008k.com
127.0.0.1
http://www.00hq.com127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
http://www.032439.com127.0.0.1 032439.com
8025 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-03-25 00:56:24 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Genuine Intel(R) CPU T2400 @ 1.83GHz
CPU 1: Genuine Intel(R) CPU T2400 @ 1.83GHz
Percentage of Memory in Use: 58%
Physical Memory (total/avail): 1015.36 MiB / 425.66 MiB
Pagefile Memory (total/avail): 3965.45 MiB / 3427.54 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.2 MiB
C: is Fixed (NTFS) - 68.14 GiB total, 21.37 GiB free.
D: is CDROM (UDF)
E: is Fixed (FAT32) - 6.38 GiB total, 0.54 GiB free.
F: is CDROM (No Media)
G: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - HTS541080G9SA00 - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 68.14 GiB - C:
\PARTITION1 - Unknown - 6.39 GiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: Norton Internet Worm Protection v2006 (Symantec)
DisabledAV: Symantec AntiVirus Corporate Edition v10.0.2.2000 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\SMINST\\Scheduler.exe"="C:\\WINDOWS\\SMINST\\Scheduler.exe:*:Enabled:Scheduler "
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Need for Speed Most Wanted\\speed.exe"="C:\\Program Files\\Need for Speed Most Wanted\\speed.exe:*:Enabled:speed"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Ares Ultra\\Ares Ultra.exe"="C:\\Program Files\\Ares Ultra\\Ares Ultra.exe:*:Enabled:Ares Ultra"
"C:\\Program Files\\K-litePro\\k-litepro.exe"="C:\\Program Files\\K-litePro\\k-litepro.exe:*:Enabled:K-litePro Ultimate File Sharing"
"C:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe"="C:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe:*:Enabled:Halo"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\Program Files\\FileVOoM Pro\\IeEmbed.exe"="C:\\Program Files\\FileVOoM Pro\\IeEmbed.exe:*:Enabled:JDesktop Integration Components binary"
"C:\\Westwood\\RA2\\game.exe"="C:\\Westwood\\RA2\\game.exe:*:Enabled:Main executable for Red Alert 2"
"C:\\WINDOWS\\system32\\mstsc.exe"="C:\\WINDOWS\\system32\\mstsc.exe:*:Enabled:Remote Desktop Connection"
"C:\\Program Files\\FileVOoM Pro\\FileVOoM.exe"="C:\\Program Files\\FileVOoM Pro\\FileVOoM.exe:*:Enabled:FileVOoM Pro"
"C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"="C:\\Program Files\\Microsoft Games\\Halo\\halo.exe:*:Enabled:Halo"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Ruckus Player\\Ruckus.exe"="C:\\Program Files\\Ruckus Player\\Ruckus.exe:*:Enabled:Ruckus"
"C:\\Program Files\\Hp\\HP Software Update\\HPWUCli.exe"="C:\\Program Files\\Hp\\HP Software Update\\HPWUCli.exe:*:Enabled:HP Software Update Client"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\nick\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC429825795899
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\nick
LOGONSERVER=\\PC429825795899
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\PROGRAM FILES\HPQ\IAM\BIN;C:\PROGRAM FILES\DISKEEPER CORPORATION\DISKEEPER\;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\WINDOWS\SYSTEM32;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\nick\LOCALS~1\Temp
TMP=C:\DOCUME~1\nick\LOCALS~1\Temp
USERDOMAIN=PC429825795899
USERNAME=nick
USERPROFILE=C:\Documents and Settings\nick
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
nick
(admin)Administrator
(admin)Guest
(new local, guest)-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_NOMADJUKEBOXTYPE2_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> MsiExec.exe /I{93F549B5-BAFB-4DEC-9DD8-74309A463DA9}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E120C99-63A0-470C-B44A-02ED9969A49D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E120C99-63A0-470C-B44A-02ED9969A49D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee for PENTAX 2.0 --> MsiExec.exe /I{D8320DD6-FE47-41DE-B116-4158B7AE3F37}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{77D2A9D3-5800-43E3-B274-87841BC87DB2}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup --> MsiExec.exe /I{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}
Adobe Setup --> MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Agere Systems HDA Modem --> agrsmdel
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Application Installer 4.00.B5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}\setup.exe" -l0x9
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
BitTorrent --> "C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL
Bonjour Core for Windows --> MsiExec.exe /I{56DF5C9E-6392-46D3-B366-297B14E1DAAF}
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN Vision W --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569C24E9-1D28-4738-99EF-6BEC75DC5F6A}\SETUP.EXE" -l0x9 /remove
Diskeeper Professional Premier Edition --> MsiExec.exe /X{674D5CE7-BFE9-43B8-B246-51D8F088A1C6}
DivX 4.02 Codec --> "C:\Program Files\DivXCodec\uninstall.exe"
DivX 5.2.1 (Playback Only) --> C:\Program Files\DivX\DivXCodecUninstall.exe
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
EndItAll 2.0 --> "C:\Program Files\EndItAll\unins000.exe"
FileVOoM Pro 2.5 --> "C:\Program Files\FileVOoM Pro\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Backup and Recovery Manager Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x9 -uninst -removeonly
HP BIOS Configuration for ProtectTools 2.00 G1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE052EF7-2640-48D7-8915-69B810D975CB}\Setup.exe" -l0x9 biosuninst
HP Credential Manager for ProtectTools --> MsiExec.exe /X{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}
HP Help and Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Integrated Module with Bluetooth wireless technology --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
HP Notebook Accessories Product Tour --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}\setup.exe" -l0x9 -removeonly
HP ProtectTools Security Manager 2.00 C3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\Setup.exe" -l0x9 -removeonly hpquninst
HP Quick Launch Buttons 6.00 D2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 -removeonly uninst
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guides 0029 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22C28506-B1E0-4050-B0B7-B97AEB061381}\setup.exe" -l0x9 -removeonly
HP Wireless Assistant 2.00 E1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
Intel(R) Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
InterVideo DVD Check --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo FilterSDK --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A15ED800-19FF-11D5-AF7F-0050BA1191E9}\setup.exe" REMOVEALL
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 3.5.7 Standard --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
LightScribe System Software 1.10.19.1 --> MsiExec.exe /X{59046D29-2E6B-4224-BF0D-64F3E7A93F7B}
LIVE gaming on Windows Runtime Version 1.0.6027 --> MsiExec.exe /X{839916F4-D8B5-4407-BE6D-6D4EB9D96AF4}
LiveUpdate 2.6 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
LogMeIn --> MsiExec.exe /I{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}
MetaFrame Presentation Server Web Client for Win32 --> C:\WINDOWS\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1 --> "C:\WINDOWS\$NtUninstallWdf01001$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Xbox 360 Accessories 1.1 --> MsiExec.exe /X{66F0AC35-4805-44BC-A3D4-347D4196F9B3}
Mihov Image Resizer (remove only) --> "C:\Program Files\Mihov Image Resizer\Uninstall.exe"
OTOY --> RunDll32 C:\WINDOWS\DOWNLO~1\OTOYAX.dll,_RemoveGroove@16
PC CAMERA 188 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}\setup.exe" -l0x9
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
PunkBuster Services --> C:\WINDOWS\system32\pbsvc[1].exe -u
QuickTime --> MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sibelius Scorch (ActiveX Only) --> MsiExec.exe /I{C8E4455F-0F70-4DA2-A9F9-2D56C80E10AD}
Sonic Audio Module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x9 -removeonly
SPYWAREfighter --> MsiExec.exe /X{772BD148-E274-495C-BF15-AB9454D57563}
StumbleUpon IE Toolbar --> C:\Program Files\StumbleUpon\uninstall.exe
Symantec AntiVirus --> MsiExec.exe /I{46B63F23-2B4A-4525-A827-688026BE5E40}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
WarRock --> C:\Program Files\InstallShield Installation Information\{00D15456-F679-4AD4-8BD2-56450D4C3F72}\setup.exe -runfromtemp -l0x0009 -removeonly
Web Services Accelerator v1.0 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Web Services Accelerator\ST6UNST.LOG"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
ZENcast Organizer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove
-- Application Event Log -------------------------------------------------------
Event Record #/Type6157 / Error
Event Submitted/Written: 03/25/2008 00:43:50 AM
Event ID/Source: 51 / Symantec AntiVirus
Event Description:
Security Risk Found!Threat: Hacktool.PassReminder in File: C:\WINDOWS\Temp\pwmanager_messenger.dll by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access allowed. Action Description: Quarantine was partially successful.
Event Record #/Type6156 / Error
Event Submitted/Written: 03/25/2008 00:43:37 AM
Event ID/Source: 46 / Symantec AntiVirus
Event Description:
Security Risk Found!Threat: Hacktool.PassReminder in File: C:\WINDOWS\Temp\pwmanager_messenger.dll by: Auto-Protect scan. Action: Clean failed : Quarantine failed. Action Description: The file was left unchanged.
Event Record #/Type6154 / Error
Event Submitted/Written: 03/25/2008 00:42:35 AM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Hacktool.PassReminder in File: C:\WINDOWS\Temp\pwmanager_messenger.dll by: Auto-Protect scan. Action: Pending Side Effects Analysis. Action Description:
Event Record #/Type6152 / Error
Event Submitted/Written: 03/25/2008 00:42:32 AM
Event ID/Source: 5 / Symantec AntiVirus
Event Description:
Threat Found!Threat: Backdoor.Trojan in File: C:\Documents and Settings\nick\Application Data\1.exe by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Delete succeeded : Access denied. Action Description: The file was deleted successfully.
Event Record #/Type6136 / Error
Event Submitted/Written: 03/24/2008 07:28:50 PM
Event ID/Source: 51 / Symantec AntiVirus
Event Description:
Security Risk Found!Threat: Hacktool.PassReminder in File: C:\WINDOWS\Temp\pwmanager_messenger.dll by: Auto-Protect scan. Action: Clean failed : Quarantine failed : Access allowed. Action Description: Quarantine was partially successful.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type25619 / Error
Event Submitted/Written: 03/25/2008 00:52:10 AM
Event ID/Source: 8032 / BROWSER
Event Description:
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{EAC9CA8B-5448-43F5-A695-7DA6088B291B}.
The backup browser is stopping.
Event Record #/Type25614 / Warning
Event Submitted/Written: 03/25/2008 00:48:46 AM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\SCHOOL on the network \Device\NetBT_Tcpip_{EAC9CA8B-5448-43F5-A695-7DA6088B291B}.
The data is the error code.
Event Record #/Type25594 / Warning
Event Submitted/Written: 03/25/2008 00:41:02 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0013026CF752. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type25578 / Error
Event Submitted/Written: 03/24/2008 09:02:43 PM
Event ID/Source: 8032 / BROWSER
Event Description:
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{EAC9CA8B-5448-43F5-A695-7DA6088B291B}.
The backup browser is stopping.
Event Record #/Type25577 / Warning
Event Submitted/Written: 03/24/2008 08:59:16 PM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\SCHOOL on the network \Device\NetBT_Tcpip_{EAC9CA8B-5448-43F5-A695-7DA6088B291B}.
The data is the error code.
-- End of Deckard's System Scanner: finished at 2008-03-25 00:56:24 ------------
Here's everything you've asked. I've also eliminated those extra java updates.
-Nick