MAIN:
Deckard's System Scanner v20071014.68
Run by Serp on 2008-03-23 20:22:26
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
26: 2008-03-24 00:22:36 UTC - RP464 - Deckard's System Scanner Restore Point
25: 2008-03-24 00:17:35 UTC - RP463 - Installed Java(TM) 6 Update 5
24: 2008-03-24 00:14:50 UTC - RP462 - Removed Java(TM) 6 Update 3
23: 2008-03-24 00:12:59 UTC - RP461 - Removed J2SE Runtime Environment 5.0 Update 11
22: 2008-03-23 23:09:10 UTC - RP460 - Installed BitDefender Antivirus 2008
-- First Restore Point --
1: 2008-03-20 03:49:31 UTC - RP439 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Serp.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:25:29 PM, on 3/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\878RMTMon.exe
C:\WINDOWS\system32\TrayIcon.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\878RMT.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\878RMT.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
E:\WAREZ\UPLOAD FOLDER\Deckards System Scanner\dss.exe
C:\DOCUME~1\Serp\Desktop\HJT\Serp.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {39BDBC4F-3B30-4031-8B9C-78EBE1B4D951} - C:\WINDOWS\system32\pmkji.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {85A611CA-CA0F-469B-8220-B70221A545BB} - C:\WINDOWS\system32\cbxuvwv.dll
O2 - BHO: {71162ea6-afe6-6608-d404-bae7a0e0ce59} - {95ec0e0a-7eab-404d-8066-6efa6ae26117} - C:\WINDOWS\system32\xqfdlmcr.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\878RMTMon.exe
O4 - HKLM\..\Run: [DisplayTrayIcon] C:\WINDOWS\system32\TrayIcon.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\Avanquest update\Engine\Setup.exe /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRPSO~1\MOTORO~1\LIVEUP~1\LISTOF~1.DAT
O4 - HKLM\..\Run: [041decaf] rundll32.exe "C:\WINDOWS\system32\yjhdahwe.dll",b
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O8 - Extra context menu item: Append to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 8487038093O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: cbxuvwv - C:\WINDOWS\SYSTEM32\cbxuvwv.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 8415 bytes
-- File Associations -----------------------------------------------------------
.js - jsfile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2.txt - unable to read key.txt - unable to read key-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 878TVCard (Bt878 TV Card - Video Capture) - c:\windows\system32\drivers\bt878.sys <Not Verified; Conexant Systems, Inc.; Bt878 TV Card>
R2 878TVTuner (Bt878 TV Card - TV Tuner) - c:\windows\system32\drivers\bttuner.sys <Not Verified; Conexant Systems, Inc.; Bt878 TV Card>
R2 878Xbar (Bt878 TV Card - Crossbar) - c:\windows\system32\drivers\btxbar.sys <Not Verified; Conexant Systems, Inc.; Bt878 TV Card>
R3 BDSelfPr - c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys <Not Verified; BitDefender S.R.L.; BitDefender>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S2 RoxLiveShare9 (LiveShare P2P Server 9) - "c:\program files\common files\roxio shared\9.0\sharedcom\roxliveshare9.exe" (file missing)
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_10DE&DEV_0084&SUBSYS_1C09147B&REV_A1\3&13C0B0C5&0&09
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_10DE&DEV_0084&SUBSYS_1C09147B&REV_A1\3&13C0B0C5&0&09
Service:
-- Files created between 2008-02-23 and 2008-03-23 -----------------------------
2008-03-23 20:17:40 0 d-------- C:\Program Files\Common Files\Java
2008-03-23 19:12:04 0 d-------- C:\Documents and Settings\Serp\Application Data\BitDefender
2008-03-23 19:10:09 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-03-23 19:10:08 0 d-------- C:\Program Files\BitDefender
2008-03-23 19:07:40 0 d-------- C:\Program Files\Common Files\BitDefender
2008-03-23 11:58:19 90176 --a------ C:\WINDOWS\system32\yjhdahwe.dll
2008-03-23 11:55:26 92736 --a------ C:\WINDOWS\system32\xqfdlmcr.dll
2008-03-23 11:55:19 90176 --a------ C:\WINDOWS\system32\pigwjxjf.dll
2008-03-22 11:55:26 93248 --a------ C:\WINDOWS\system32\lojogklt.dll
2008-03-22 11:55:18 92224 --a------ C:\WINDOWS\system32\gjreeykn.dll
2008-03-21 11:52:47 94784 --a------ C:\WINDOWS\system32\ihuassjm.dll
2008-03-21 11:52:39 91712 --a------ C:\WINDOWS\system32\ieqoeucr.dll
2008-03-20 11:55:19 91712 --a------ C:\WINDOWS\system32\narcrtqv.dll
2008-03-20 11:52:19 89664 --a------ C:\WINDOWS\system32\vasocojr.dll
2008-03-19 23:49:18 304186 --ahs---- C:\WINDOWS\system32\ijkmp.ini2
2008-03-19 23:49:09 305728 --a------ C:\WINDOWS\system32\pmkji.dll
2008-03-19 23:44:27 0 d-------- C:\Program Files\Xilisoft
2008-03-19 23:44:03 39424 --a------ C:\WINDOWS\system32\cbxuvwv.dll
2008-03-13 22:57:23 0 d-------- C:\Program Files\Fallout2
2008-03-11 08:05:45 0 d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-03-10 12:46:10 52736 --a------ C:\WINDOWS\ipuninst.exe <Not Verified; Interplay Productions; Interplay Uninstaller for Windows 95>
2008-03-10 12:43:25 0 d-------- C:\Program Files\Fallout
2008-03-05 00:26:55 0 d-------- C:\Program Files\Better File Rename
2008-03-05 00:01:10 0 d-------- C:\Program Files\Batch File Renamer 2.51
2008-03-02 15:22:47 0 d-------- C:\Program Files\Avanquest update
2008-03-02 15:22:46 0 d-------- C:\Documents and Settings\Serp\Application Data\InstallShield
2008-02-28 12:15:27 0 d-------- C:\Documents and Settings\Serp\Application Data\Intuit
2008-02-28 12:12:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Intuit
2008-02-28 12:12:36 0 d-------- C:\Program Files\Common Files\Intuit
2008-02-28 12:11:30 0 d-------- C:\Program Files\TurboTax
-- Find3M Report ---------------------------------------------------------------
2008-03-23 20:19:16 0 d-------- C:\Program Files\Java
2008-03-23 20:17:40 0 d-------- C:\Program Files\Common Files
2008-03-23 20:04:17 0 d-------- C:\Documents and Settings\Serp\Application Data\Skype
2008-03-23 19:59:40 0 d-------- C:\Documents and Settings\Serp\Application Data\uTorrent
2008-03-19 23:43:10 0 d-------- C:\Program Files\AAC Audio Converter
2008-03-11 08:14:12 0 d-------- C:\Program Files\1Click DVD Copy Pro
2008-03-04 14:25:01 0 d-------- C:\Documents and Settings\Serp\Application Data\Vso
2008-03-04 14:25:01 34 --a------ C:\Documents and Settings\Serp\Application Data\pcouffin.log
2008-03-04 14:24:58 47360 --a------ C:\Documents and Settings\Serp\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-03-04 14:24:58 1144 --a------ C:\Documents and Settings\Serp\Application Data\pcouffin.inf
2008-03-04 14:24:58 7887 --a------ C:\Documents and Settings\Serp\Application Data\pcouffin.cat
2008-03-04 14:10:23 0 d-------- C:\Program Files\Soulseek
2008-03-03 22:46:00 0 d-------- C:\Documents and Settings\Serp\Application Data\Adobe
2008-03-03 22:25:47 1366 --a------ C:\WINDOWS\mozver.dat
2008-03-02 15:27:44 0 d-------- C:\Program Files\Motorola Phone Tools
2008-03-02 15:22:47 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-02 14:39:14 0 d-------- C:\Program Files\Visual Business Cards
2008-03-02 14:38:32 0 d-------- C:\Program Files\Xvid
2008-03-02 14:38:12 0 d-------- C:\Program Files\Yahoo!
2008-03-02 14:37:01 0 d-------- C:\Program Files\RM Converter 3
2008-03-02 14:35:51 0 d-------- C:\Program Files\Street Atlas USA 2004
2008-03-02 14:34:31 0 d-------- C:\Documents and Settings\Serp\Application Data\SUPERAntiSpyware.com
2008-03-02 14:34:28 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-02 14:34:06 0 d-------- C:\Program Files\Smart MP3 Renamer
2008-03-02 14:32:41 0 d-------- C:\Program Files\Project64 1.6
2008-03-02 14:32:02 0 d-------- C:\Program Files\Musicmatch
2008-03-02 14:30:52 0 d-------- C:\Program Files\MP3TagEditor
2008-03-02 14:30:23 0 d-------- C:\Program Files\InterActual
2008-03-02 14:28:15 0 d-------- C:\Program Files\GIMP-2.0
2008-03-02 14:27:51 0 d-------- C:\Program Files\DVD2one V2
2008-03-02 14:27:32 0 d-------- C:\Program Files\VSO
2008-03-02 14:22:43 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-02 14:02:16 0 d-------- C:\Program Files\Opera
2008-02-26 13:06:48 0 d-------- C:\Program Files\PokerStars
2008-02-22 14:17:54 668 --a------ C:\Documents and Settings\Serp\Application Data\vso_ts_preview.xml
2008-02-21 13:51:34 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-02-21 13:11:10 0 d-------- C:\Program Files\Lotto007
2008-02-21 12:36:02 0 d-------- C:\Program Files\MKVtoolnix
2008-02-12 12:25:02 0 d-------- C:\Documents and Settings\Serp\Application Data\Apple Computer
2008-02-04 23:01:28 0 d-------- C:\Documents and Settings\Serp\Application Data\Move Networks
2008-01-27 18:02:14 0 d-------- C:\Program Files\AC3Filter
2008-01-27 18:01:35 0 d-------- C:\Program Files\CoreCodec
2008-01-27 17:56:38 0 d-------- C:\Program Files\Haali
2008-01-11 18:39:20 40 ---hs---- C:\Documents and Settings\Serp\Application Data\.zreglib
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39BDBC4F-3B30-4031-8B9C-78EBE1B4D951}]
03/19/2008 11:49 PM 305728 --a------ C:\WINDOWS\system32\pmkji.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85A611CA-CA0F-469B-8220-B70221A545BB}]
03/19/2008 11:44 PM 39424 --a------ C:\WINDOWS\system32\cbxuvwv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95ec0e0a-7eab-404d-8066-6efa6ae26117}]
03/23/2008 11:55 AM 92736 --a------ C:\WINDOWS\system32\xqfdlmcr.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TV Card Remote Control Device Monitor"="C:\WINDOWS\878RMTMon.exe" [07/14/2005 01:00 PM]
"DisplayTrayIcon"="C:\WINDOWS\system32\TrayIcon.exe" [10/17/2001 10:27 PM]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [05/10/2007 11:46 PM]
"@"="" []
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 02:41 AM]
"nwiz"="nwiz.exe" [12/05/2007 02:41 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 02:41 AM]
"BVRPLiveUpdate"="C:\Program Files\Avanquest update\Engine\Setup.exe" []
"041decaf"="C:\WINDOWS\system32\yjhdahwe.dll" [03/23/2008 11:58 AM]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [10/09/2007 03:46 PM]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [02/16/2008 05:45 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [11/30/2006 10:49 PM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [06/08/2007 03:18 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [04/03/2007 06:29 PM]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [02/29/2008 03:55 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFolderOptions"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{85A611CA-CA0F-469B-8220-B70221A545BB}"= C:\WINDOWS\system32\cbxuvwv.dll [03/19/2008 11:44 PM 39424]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxuvwv]
cbxuvwv.dll 03/19/2008 11:44 PM 39424 C:\WINDOWS\system32\cbxuvwv.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkji.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk
backup=C:\WINDOWS\pss\ymetray.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
"C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
CTXFIHLP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
"C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
"C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx scan
*Newly Created Service* - BDFSFLTR
*Newly Created Service* - BDFTDIF
-- End of Deckard's System Scanner: finished at 2008-03-23 20:26:23 ------------
++++++++++++++++
++++++++++++++++
++++++++++++++++
EXTRA:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon(tm) XP 3200+
Percentage of Memory in Use: 59%
Physical Memory (total/avail): 511.48 MiB / 207.7 MiB
Pagefile Memory (total/avail): 1248.29 MiB / 820.11 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.1 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 37.26 GiB total, 21.73 GiB free.
D: is Fixed (NTFS) - 114.49 GiB total, 16.33 GiB free.
E: is Fixed (NTFS) - 114.49 GiB total, 4 GiB free.
F: is Fixed (NTFS) - 54.99 GiB total, 21.1 GiB free.
G: is Fixed (NTFS) - 19.53 GiB total, 9.06 GiB free.
H: is CDROM (CDFS)
I: is CDROM (No Media)
J: is CDROM (CDFS)
N: is CDROM (No Media)
\\.\PHYSICALDRIVE1 - Maxtor 4R120L0 - 114.49 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 114.49 GiB - D:
\\.\PHYSICALDRIVE0 - ST340016A - 37.27 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.26 GiB - C:
\\.\PHYSICALDRIVE2 - WDC WD800BB-00CAA1 - 74.53 GiB - 2 partitions
\PARTITION0 - Extended w/Extended Int 13 - 74.52 GiB - F: - G:
\\.\PHYSICALDRIVE3 - Maxtor 4 R120L0 SCSI Disk Device - 114.49 GiB - 1 partition
\PARTITION0 - Installable File System - 114.5 GiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.
AV: Bitdefender Antivirus v8.0 (BitDefender)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\FlashFXP\\flashfxp.exe"="C:\\Program Files\\FlashFXP\\flashfxp.exe:*:Enabled:FlashFXP v3"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\FlashFXP\\flashfxp.exe"="C:\\Program Files\\FlashFXP\\flashfxp.exe:*:Enabled:FlashFXP v3"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Soulseek\\slsk.exe"="C:\\Program Files\\Soulseek\\slsk.exe:*:Enabled:SoulSeek"
"C:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE"="C:\\Program Files\\Microsoft Office\\OFFICE11\\FRONTPG.EXE:*:Enabled:Microsoft Office FrontPage"
"C:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe"="C:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe:*:Enabled:VNC Server"
"C:\\Program Files\\Opera\\Opera.exe"="C:\\Program Files\\Opera\\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Disabled:Nero ShowTime"
"C:\\Program Files\\IBP 9\\IBP.exe"="C:\\Program Files\\IBP 9\\IBP.exe:*:Enabled:Internet Business Promoter (IBP)"
"C:\\Program Files\\Motorola\\RSD Lite\\SDL.exe"="C:\\Program Files\\Motorola\\RSD Lite\\SDL.exe:*:Enabled:SDL"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\TurboTax\\Home & Business 2007\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Home & Business 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Home & Business 2007\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Home & Business 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Serp\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DA_PIT
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Serp
LOGONSERVER=\\DA_PIT
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\MKVtoolnix
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Serp\LOCALS~1\Temp
TMP=C:\DOCUME~1\Serp\LOCALS~1\Temp
USERDOMAIN=DA_PIT
USERNAME=Serp
USERPROFILE=C:\Documents and Settings\Serp
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Serp
(admin)Admin
(new local, admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\Setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\Setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
1Click DVD Copy Pro 3.1.3.6 --> "C:\Program Files\1Click DVD Copy Pro\unins000.exe"
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Adobe Acrobat 8.1.1 Professional --> msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Audition 3.0 --> msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Alive YouTube Video Converter (version 1.2.6.9) --> "C:\Program Files\AliveMedia\YouTube Video Converter\unins000.exe"
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AT Screen Thief 3.9 --> "C:\Program Files\AT Screen Thief 3.9\unins000.exe"
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
Batch File Renamer 2.51 --> "C:\Program Files\Batch File Renamer 2.51\uninstall.exe"
Better File Rename 5.2 --> "C:\Program Files\Better File Rename\unins000.exe"
BitDefender Antivirus 2008 --> MsiExec.exe /I{4A56DAB1-2680-4B8A-AD84-77EECFB94D7B}
BlackBerry Desktop Software 4.2.1 --> MsiExec.exe /i{F804AE2A-92AD-4189-B8B1-7D4207F7AB13}
BlackBerry Desktop Software 4.2.1 --> MsiExec.exe /I{F804AE2A-92AD-4189-B8B1-7D4207F7AB13}
BlackBerry v4.2.1 for the 8800 Series Wireless Handheld --> MsiExec.exe /X{596F2287-ACD9-4E5F-978C-43A00A7A98B8}
CoreAVC Professional Edition (remove only) --> "C:\Program Files\CoreCodec\CoreAVC Professional Edition\CoreAVC Professional Edition-uninstall.exe"
Creative Audio Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9 /remove
Creative Jukebox Driver --> C:\Program Files\Creative\Jukebox Driver\DrvUnins.exe /s
Creative MediaSource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\setup.exe" -l0x9 /remove
Fallout --> C:\WINDOWS\ipuninst.exe -fC:\Program Files\Fallout\uninst.log
Fallout2 --> C:\WINDOWS\ipuninst.exe -fC:\Program Files\Fallout2\uninst.log
FlashFXP v3.17 (Build 1060) Scene Edition --> C:\WINDOWS\unvise32.exe C:\Program Files\FlashFXP\uninstal.log
Haali Media Splitter --> "C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
HighGrow Freeware Version 4.20 --> C:\PROGRA~1\HighGrow\UNWISE.EXE C:\PROGRA~1\HighGrow\INSTALL.LOG
HijackThis 2.0.2 --> "C:\Documents and Settings\Serp\Desktop\HJT\HijackThis.exe" /uninstall
honestech TVR --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE27845A-6438-4DCF-AE3D-44EC96CB31CA}\setup.exe" -l0x9
IBP & ARELIS 9.6 --> "C:\Program Files\IBP 9\unins000.exe"
Jasc Paint Shop Pro 9 --> MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Logitech Gaming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C1DA723-24FC-48AD-93BA-925695C3EF26}\setup.exe" -l0x9 -removeonly
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks 8 --> MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTS.inf, Uninstall
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MKVtoolnix 2.1.0 --> C:\Program Files\MKVtoolnix\uninst.exe
Motorola Driver Installation --> MsiExec.exe /I{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}
Motorola Phone Tools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x9 -removeonly
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Ultra Edition --> MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31033}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Opera 9.10 --> MsiExec.exe /X{750B9AD1-4C63-4143-94C5-6FB304199BAD}
Pagan Daybook 3 --> C:\WINDOWS\ALCHUNIN.EXE C:\Program Files\Alchemy Mindworks\Pagan Daybook 3\INSTALLD.TXT
PokerStars --> "C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
QuickTime --> MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
Skype™ 3.2 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoulSeek Client 156c --> "C:\Program Files\Soulseek\uninstall.exe"
TurboTax Deluxe 2007 --> C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Home & Business 2007 --> C:\Program Files\TurboTax\Home & Business 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Home & Business 2007\Uninstall.log" -NoGui
VNC Enterprise Edition E4.2.7 --> "C:\Program Files\RealVNC\VNC4\unins000.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
WinPcap 4.0.1 --> C:\Program Files\WinPcap\uninstall.exe
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xilisoft Video Converter 3 --> C:\Program Files\Xilisoft\Video Converter 3\Uninstall.exe
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
-- Application Event Log -------------------------------------------------------
Event Record #/Type13679 / Success
Event Submitted/Written: 03/23/2008 08:05:05 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type13511 / Success
Event Submitted/Written: 03/19/2008 06:33:24 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type13498 / Success
Event Submitted/Written: 03/19/2008 03:47:37 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type13343 / Error
Event Submitted/Written: 03/16/2008 00:24:56 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application highgrow.exe, version 3.0.0.0, faulting module highgrow.exe, version 3.0.0.0, fault address 0x0000b8c0.
Processing media-specific event for [highgrow.exe!ws!]
Event Record #/Type13274 / Success
Event Submitted/Written: 03/11/2008 11:03:48 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type11532 / Warning
Event Submitted/Written: 03/22/2008 07:31:51 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type11531 / Warning
Event Submitted/Written: 03/21/2008 03:38:21 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type11530 / Warning
Event Submitted/Written: 03/21/2008 11:43:41 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type11529 / Warning
Event Submitted/Written: 03/21/2008 09:54:27 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type11528 / Warning
Event Submitted/Written: 03/20/2008 10:36:48 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
-- End of Deckard's System Scanner: finished at 2008-03-23 20:26:23 ------------