Deckard's System Scanner v20071014.68 Run by ian on 2008-06-27 16:35:25 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 83: 2008-06-27 15:35:39 UTC - RP1192 - Deckard's System Scanner Restore Point 82: 2008-06-27 14:05:16 UTC - RP1191 - ComboFix created restore point 81: 2008-06-27 07:17:24 UTC - RP1190 - System Checkpoint 80: 2008-06-26 06:17:24 UTC - RP1189 - System Checkpoint 79: 2008-06-25 05:17:25 UTC - RP1188 - System Checkpoint -- First Restore Point -- 1: 2008-03-29 23:07:15 UTC - RP1110 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as ian.exe) ------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:38, on 2008-06-27 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpcc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpm.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NMapWin\bin\nmapserv.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\system32\PDFCreatorMessages.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\ScsiAcc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wfxsnt40.exe C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpcc.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE C:\Program Files\Microsoft Office\Office10\msoffice.exe C:\Program Files\Symantec\WinFax\WFXMOD32.EXE C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\IAN.CSS\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\ian.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig?hl=en R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sbserver:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = https://195.8.126.162; O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\PROGRA~1\DAP\DAPIEBar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpcc.exe" /wait O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [ScreenPrint32] C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe O4 - HKLM\..\Run: [BurnQuick Queue] C:\Program Files\BurnQuick\BQTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PDFCreatorClient] "C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [WPSched4] "C:\Program Files\WebPosition 4\WPSched4.exe" MINIMIZE O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Controller.LNK = C:\Program Files\Symantec\WinFax\WFXCTL32.EXE O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: MaxAlarm.lnk = C:\Program Files\Maximizer\MxAlarm.exe O4 - Global Startup: MaxFinder.lnk = C:\Program Files\Maximizer\MxFinder.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .tiff: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093429156716 O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://E:\SuperCD\IntraLaunch.CAB O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = css.local O17 - HKLM\Software\..\Telephony: DomainName = css.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = css.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = css.local O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = css.local O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: AVP Control Centre Service (AVPCC) - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpcc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: KAV Monitor Service (KAVMonitorService) - Kaspersky Labs. - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpm.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NMap - Unknown owner - C:\Program Files\NMapWin\bin\nmapserv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd. - C:\WINDOWS\system32\PDFCreatorMessages.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAcc.exe -- End of file - 10671 bytes -- File Associations ----------------------------------------------------------- [COLOR=red].js - JSFile - DefaultIcon - C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe,2[/COLOR] [COLOR=red].js - JSFile - shell\open\command - "C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1"[/COLOR] -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 VIAPFD - c:\windows\system32\drivers\viapfd.sys R2 avpg - c:\program files\common files\kav shared files\avpg.sys R2 DgiVecp (Team MFP Comm Driver) - c:\windows\system32\drivers\dgivecp.sys R2 n5lpt.sys (N5 Print Device) - c:\windows\system32\drivers\n5lpt.sys R2 Stld - c:\windows\system32\drivers\stld.sys R3 AvcPWilo (Adaptec Willow PCI) - c:\windows\system32\drivers\avcpwilo.sys R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys S2 key5usb (KeyFive USB Reader) - c:\windows\system32\drivers\key5usb.sys S3 GMSIPCI - e:\install\gmsipci.sys (file missing) S3 SANDRA - c:\program files\sisoftware\sisoftware sandra standard 2004.sp2b (win32 x86)\sandra.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AVPCC (AVP Control Centre Service) - "c:\program files\kaspersky lab\kaspersky anti-virus for workstation\avpcc.exe" /service R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" R2 KAVMonitorService (KAV Monitor Service) - "c:\program files\kaspersky lab\kaspersky anti-virus for workstation\avpm.exe" /service R2 NMap - c:\program files\nmapwin\bin\nmapserv.exe R2 Pctspk (W2k PCtel speaker phone) - c:\windows\system32\pctspk.exe R2 PDFCreatorMessages - c:\windows\system32\pdfcreatormessages.exe R2 ScsiAccess - c:\windows\system32\scsiacc.exe S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" S4 ATMsrvc (ATM Service) - c:\windows\system32\atmsrvc.exe S4 wfxsvc (WinFax PRO) - c:\windows\system32\wfxsvc.exe -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E96D-E325-11CE-BFC1-08002BE10318} Description: HSP56 MR Device ID: PCI\VEN_1106&DEV_3068&SUBSYS_00000000&REV_80\3&61AAA01&0&8E Manufacturer: PCtel,Inc. Name: HSP56 MR PNP Device ID: PCI\VEN_1106&DEV_3068&SUBSYS_00000000&REV_80\3&61AAA01&0&8E Service: Modem -- Scheduled Tasks ------------------------------------------------------------- 2008-06-27 12:29:33 418 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F42B81CA-C79C-4D88-9850-7989429ADDAA}.job -- Files created between 2008-05-27 and 2008-06-27 ----------------------------- 2008-06-27 16:35:09 0 d-------- Z:\Deckard 2008-06-27 15:04:11 68096 --a------ C:\WINDOWS\zip.exe 2008-06-27 15:04:11 49152 --a------ C:\WINDOWS\VFind.exe 2008-06-27 15:04:11 212480 --a------ C:\WINDOWS\swxcacls.exe 2008-06-27 15:04:11 136704 --a------ C:\WINDOWS\swsc.exe 2008-06-27 15:04:11 161792 --a------ C:\WINDOWS\swreg.exe 2008-06-27 15:04:11 98816 --a------ C:\WINDOWS\sed.exe 2008-06-27 15:04:11 80412 --a------ C:\WINDOWS\grep.exe 2008-06-27 15:04:11 89504 --a------ C:\WINDOWS\fdsv.exe 2008-06-27 14:43:37 0 d-------- C:\WINDOWS\setup.pss 2008-06-27 14:43:06 0 d-------- C:\WINDOWS\setupupd 2008-06-27 13:36:38 0 d-------- C:\Program Files\Trend Micro 2008-06-02 14:43:40 0 d-------- C:\WINDOWS\pss -- Find3M Report --------------------------------------------------------------- 2008-06-27 16:12:43 0 d-------- C:\Program Files\WebPosition 4 2008-06-09 17:01:56 0 d-------- C:\Documents and Settings\IAN.CSS\Application Data\AdobeUM 2008-06-06 16:32:39 0 d-------- C:\Program Files\Google 2008-06-04 16:42:55 98736 --a------ C:\Documents and Settings\IAN.CSS\Application Data\GDIPFONTCACHEV1.DAT 2008-06-04 16:12:00 0 d-------- C:\Program Files\SearchGnome 2008-05-30 10:56:16 0 d-------- C:\Program Files\Picasa2 2008-04-28 06:06:07 0 d-------- C:\Documents and Settings\IAN.CSS\Application Data\Real -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 15:16] "nwiz"="nwiz.exe" [2003-10-06 15:16 C:\WINDOWS\system32\nwiz.exe] "WinFaxAppPortStarter"="wfxsnt40.exe" [2000-02-14 18:36 C:\WINDOWS\system32\WFXSNT40.EXE] "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 03:15] "Logitech Utility"="Logi_MwX.Exe" [2002-11-08 10:50 C:\WINDOWS\LOGI_MWX.EXE] "DDCM"="C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" [2002-06-07 19:18] "DDCActiveMenu"="C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" [2002-06-07 19:20] "AVPCC"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpcc.exe" [2002-09-05 13:13] "SoundMan"="SOUNDMAN.EXE" [2003-08-15 16:34 C:\WINDOWS\SOUNDMAN.EXE] "C-Media Mixer"="Mixer.exe" [2002-10-15 19:00 C:\WINDOWS\mixer.exe] "ScreenPrint32"="C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe" [2003-05-15 20:36] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0\bin\jusched.exe" [2005-12-05 12:12] "DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [2006-04-21 10:16] "LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2005-07-11 10:44] "BurnQuick Queue"="C:\Program Files\BurnQuick\BQTray.exe" [2005-11-12 19:24] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-04-28 15:06] "PDFCreatorClient"="C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe" [2005-10-13 18:03] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-15 10:41] "WPSched4"="C:\Program Files\WebPosition 4\WPSched4.exe" [2006-05-12 16:03] "RssReader"="C:\Program Files\RssReader\RssReader.exe" [2004-04-04 18:21] "FreeRAM XP"="C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-23 01:13] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe [2004-03-22 13:32:59] Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-03-17 13:50:53] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26] Controller.LNK - C:\Program Files\Symantec\WinFax\WFXCTL32.EXE [2004-03-22 13:40:39] Firewall Client Connectivity Monitor.LNK - C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE [2004-03-17 17:35:53] InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-03-26 11:36:18] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-03-15 10:41:11] MaxAlarm.lnk - C:\Program Files\Maximizer\MxAlarm.exe [2004-10-26 23:44:00] MaxFinder.lnk - C:\Program Files\Maximizer\MxFinder.exe [2004-10-26 23:44:00] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2004-03-17 17:39:53] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{A213B520-C6C2-11d0-AF9D-008029E1027E}"= C:\Program Files\Symantec\WinFax\WfxSeh32.Dll [1998-07-27 05:54 38400] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" -- End of Deckard's System Scanner: finished at 2008-06-27 16:38:50 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: AMD Athlon(tm) XP 2600+ Percentage of Memory in Use: 71% Physical Memory (total/avail): 511.48 MiB / 145.98 MiB Pagefile Memory (total/avail): 1248.2 MiB / 983.77 MiB Virtual Memory (total/avail): 2047.88 MiB / 1927.35 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 62.95 GiB total, 20.17 GiB free. D: is Fixed (NTFS) - 48.83 GiB total, 15.39 GiB free. E: is CDROM (No Media) F: is CDROM (No Media) S: is Network (NTFS) T: is Network (NTFS) Y: is Network (NTFS) Z: is Network (NTFS) \\.\PHYSICALDRIVE0 - ST3120022A - 111.79 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - 62.95 GiB - C: \PARTITION1 - Extended w/Extended Int 13 - 48.83 GiB - D: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Common Files\\KAV Shared Files\\avpupd.exe"="C:\\Program Files\\Common Files\\KAV Shared Files\\avpupd.exe:*:Enabled:avpupd" "C:\\Program Files\\flashfxp\\flashfxp.exe"="C:\\Program Files\\flashfxp\\flashfxp.exe:*:Enabled:FlashFXP" "C:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"="C:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe:*:Enabled:Dreamweaver MX" "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer" "C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console" "C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)" "C:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"="C:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe:*:Enabled:WinDVD" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Common Files\\KAV Shared Files\\avpupd.exe"="C:\\Program Files\\Common Files\\KAV Shared Files\\avpupd.exe:*:Enabled:avpupd" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users.WINDOWS APPDATA=C:\Documents and Settings\IAN.CSS\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=ARIES ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=Z: HOMEPATH=\ HOMESHARE=\\SBSERVER\users\Ian LOGONSERVER=\\SBSERVER NMAPDIR=C:\Program Files\NMapWin\ NUMBER_OF_PROCESSORS=1 OPENSSL_CONF=C:\OpenSSL\bin\openssl.cnf OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\NMapWin\\bin;C:\Program Files\Sonic\MyDVD;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Maximizer;C:\PROGRA~1\MICROS~3\Office10;C:\Program Files\Common Files\Sage SBD;C:\PROGRA~1\MICROS~3\Office10 PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0801 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\IAN.CSS\LOCALS~1\Temp TMP=C:\DOCUME~1\IAN.CSS\LOCALS~1\Temp USERDNSDOMAIN=CSS.LOCAL USERDOMAIN=CSS USERNAME=ian USERPROFILE=C:\Documents and Settings\IAN.CSS windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- IAN.CSS [I](admin)[/I] mike james [I](new local, net ready)[/I] tim IAN LUKE.ARIES [I](admin)[/I] -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-aware 6 Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll" Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD} Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e225e\Setup.exe Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862} Adobe Flash CS3 --> MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589} Adobe Flash CS3 Professional --> C:\Program Files\Common Files\Adobe\Installers\c3c7fe8b09d497ab2b3fd91c9353390\Setup.exe Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C} Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Video Encoder --> MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2} Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Photoshop Album 2.0 Starter Edition --> MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24} Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002} Adobe Reader Japanese Fonts --> MsiExec.exe /I{AC76BA86-7AD7-5760-0000-705000000001} Adobe Setup --> MsiExec.exe /I{2274624C-5B38-41AD-AD27-CEC0924EB628} Adobe Setup --> MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8} Adobe Setup --> MsiExec.exe /I{FFC1ADE3-944B-4231-894E-3903C37271D2} Adobe Stock Photos CS3 --> C:\Program Files\Common Files\Adobe\Installers\cbb2ea61da9c780bd7e47a5230a9ed7\Setup.exe Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Manager 4.1 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Adobe Type Manager\DeIsL1.isu" -c"C:\Program Files\Adobe Type Manager\UNINST.DLL" Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Ashampoo UnInstaller Platinum Suite --> "C:\Program Files\Ashampoo\Ashampoo UnInstaller Platinum Suite\Uninstall\UIP_Uninstall.exe" AutoCAD Drawing Viewer --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\AutoCAD Drawing Viewer\ST6UNST.LOG" AVS DVDMenu Editor 1.2.1.19 --> "C:\Program Files\Common Files\AVSMedia\AVS DVDMenu Editor\unins000.exe" AVS Video Tools 5.6 --> "C:\Program Files\AVSMedia\VideoTools\unins000.exe" Beyond Compare Version 2.2.7 --> "C:\Program Files\Beyond Compare 2\unins000.exe" Blackhawk Striker --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {FAA23FA3-E415-488A-94BE-CD18942DC813} Blasterball 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {93F8CA95-311D-4DB1-8226-AD572B8CC0CE} Blasterball Wild --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {CA3420D8-75ED-41BC-AC6A-D41EA327649C} BurnQuick --> C:\WINDOWS\iun6002.exe "C:\Program Files\BurnQuick\irunin.ini" Canon Camera Window for ZoomBrowser EX --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{570B96D1-70D3-4B48-93EF-029440FA1BCE} Canon MV630i WIA Driver --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{ED46AF9E-9157-41D6-9F2C-72818C015DB9} Canon PhotoRecord --> C:\WINDOWS\IsUninst.exe -fC:\PROGRA~1\Canon\PhotoRecord\Uninst.isu -c"C:\PROGRA~1\Canon\PhotoRecord\Program\uninstdll.dll" Canon Utilities PhotoStitch 3.1 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A3E0FF15-90D5-40CD-8565-B80A433B0D4C} Canon Utilities ZoomBrowser EX --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} CardFive --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{60932A82-E923-452A-8494-0822614F1177}\setup.exe" -l0x9 -uninst -removeonly Creative DVD Audio Plugin for Audigy Series --> "C:\Program Files\Creative\CTDPlugin\CTUIDVD.exe " -u CuteFTP Pro 3.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6E70EDD-6255-4DB7-9A43-F54D8462D987}\Setup.exe" -l0x9 DesignSafe --> C:\Program Files\DesignSafe\Uninstal.exe Direct Show Ogg Vorbis Filter (remove only) --> "C:\WINDOWS\system32\OggDSuninst.exe" DivX Player --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Player\uninstal.log DivX Pro Codec Adware --> C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Pro Codec Adware\UninstalDivXProCodecAdware.log Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE DVDCutter Stream and Mp3CDWav Converter 4.1 --> "C:\Program Files\Jummfa Software\setup\uninst.exe" Express Burn Uninstall --> C:\Program Files\NCH Swift Sound\ExpressBurn\uninst.exe Express Rip Uninstall --> C:\Program Files\NCH Swift Sound\ExpressRip\uninst.exe Extensis Intellihance Pro 4.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Extensis\Intellihance Pro 4.0\Uninst.isu" Gem Master 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {A399157E-EF92-4012-8F7A-DBDBDE3A269F} Google AdWords Editor --> MsiExec.exe /I{F4BB8B30-08AF-4E50-B639-635A9985B80E} Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe" GPL MPEG-1/2 DirectShow Decoder Filter --> MsiExec.exe /I{870815CA-6B60-47B6-88DD-A67F42D2F03E} GroupMail :: Free Edition --> "C:\Documents and Settings\IAN.CSS\Application Data\unins000.exe" HammerSnipe PowerTool --> "C:\Program Files\HammerSnipe PowerTool\unins000.exe" HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F} HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall HP Color LaserJet 3600 --> "C:\Program Files\Hewlett-Packard\Install Engines\HP Color LaserJet 3600\setup.exe" /x HP Color LaserJet 3600 --> msiexec /x{EED52BB5-3A22-42F2-9B76-BB743F6739B7} HSP56 LansisII Drivers --> ptuninst.exe ImgBurn --> "C:\Program Files\ImgBurn\uninstall.exe" InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe InterVideo WinDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL InterVideo WinDVD 6 --> "C:\Program Files\InstallShield Installation Information\{6ACA2FD2-4C4A-42F3-AFB5-7B433BBDF6DB}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Java 2 Runtime Environment Standard Edition v1.3.1_11 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68249B71-B714-11D7-88E8-0050DA21757E}\Setup.exe" -uninst Jaws PDF Creator 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2A227E0-8DEC-11D2-A564-B2890D000000}\setup.exe" -l0x9 -Uninstall -removeonly jEdit Version 4.0 --> C:\Program Files\jEdit 4.1\unlaunch.exe Kaspersky(TM) Anti-Virus for Workstation --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F5E2A5A-92C5-4DF1-808D-1688C50CBFEE}\Setup.exe" -l0x9 LiveAdvisor (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveAdvisor\VcSetup.exe /REMOVE LiveUpdate --> C:\Program Files\Symantec\LiveUpdate\Uninst.exe -u Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL Logitech iTouch Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x9 UNINSTALL Logitech MouseWare 9.75 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL Logitech Resource Center --> C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG Macromedia Dreamweaver MX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590}\Setup.exe" -l0x9 mmUninstall Macromedia Extension Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall Macromedia Fireworks 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A8833100-1481-11D4-9731-00C04F8EEB39}\setup.exe" UNINSTALL Maximizer Enterprise 8 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DB2C875D-0C2F-4EFC-81DE-F8F37E3F7CBD} Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf Microsoft DirectX Transform optional components --> RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12 Microsoft Firewall Client --> MsiExec.exe /I{8C7A59A8-9ABE-459A-9A93-08C281A4A264} Microsoft Office 2003 Web Components --> MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9} Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Professional 2007 --> MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE} Microsoft Office Professional 2007 Trial --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Small Business Connectivity Components --> MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D} Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Office XP Professional --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9} Microsoft PowerPoint Viewer 97 --> C:\Program Files\PowerPoint Viewer\setup\setup.exe Microsoft Publisher 2002 --> MsiExec.exe /I{90190409-6000-11D3-8CFE-0050048383C9} Microsoft SQL Server Native Client --> MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D} Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE} Microsoft SQL Server VSS Writer --> MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mozilla Firefox (1.0.4) --> C:\WINDOWS\UninstallFirefox.exe /ua "1.0.4 (en-GB)" MSI Live Update 3 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MSI\Live Update 3\Uninst.isu" MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} MUSICMATCH Jukebox --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll MyDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\setup.exe" -l0x9 -L0x9 /SMAINT NMapWin --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EEF130E5-FC17-4EA8-8796-2F422AC7D7D8} Notepad++ --> C:\Program Files\Notepad++\uninstall.exe NotePager 32 v3.0 --> C:\PROGRA~1\NOTEPA~2\UNWISE.EXE C:\PROGRA~1\NOTEPA~2\unnotepager.log NVIDIA Display Driver --> C:\WINDOWS\System32\nvudisp.exe Uninstall C:\WINDOWS\System32\nvdisp.nvu,NVIDIA Display Driver OpenSSL 0.9.7e --> C:\OpenSSL\unins000.exe P-touch Editor 3.2 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\brother\Ptouch32\Uninst.isu" PCI Audio Applications --> C:\Program Files\PCI Audio Applications\Bin\Uninstall.exe PCI Audio Driver --> cmuninst.exe PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} Pervasive System Analyzer --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Common Files\Pervasive Software Shared\PSA\psa.isu" Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" Pig Pen --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5E83229B-2295-4C3C-B97D-81156122759B} Pixie 3.1 (remove only) --> "C:\Program Files\Nattyware\Pixie\uninstall.exe" QuarkXPress 5.0 --> MsiExec.exe /I{A7BF5269-3E74-11D5-B00F-00104B398D77} Quick Video Converter 1.20 --> "C:\Program Files\Quick Video Converter\unins000.exe" QuickTime 3.0 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\QuickTime\DeIsL1.isu" -c"C:\WINDOWS\System32\QTUninst.dll RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE RecordPad Sound Recorder Uninstall --> C:\Program Files\NCH Swift Sound\RecordPad\uninst.exe RssReader --> MsiExec.exe /I{D88857C8-B36B-42CE-AC26-9FFFEEDB181A} Sage Accounts 2007 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1E5E485A-50B3-43D8-AD92-E5F24365AFBE} Sage Accounts 2007 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C58ACAC9-EDC0-4093-A7F9-A91375743F8C} Sage Accounts V11.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4AB1A758-E447-423F-B450-905FE9ABC2A6} Sage MIS 3.01 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Informer50\Uninst.isu" ScreenPrint32 v3.5 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\ScreenPrint32 v3\ST6UNST.LOG" SearchDigger Free v1.2 --> "C:\Program Files\Shrub Software\SearchDigger Free\unins000.exe" SearchGnome 2.00.0002 --> C:\PROGRA~1\SEARCH~1\UNINST~1.EXE /remove /q0 Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E} Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Security Update for Office 2007 (KB934062) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33} Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E} Security Update for Outlook 2007 (KB946983) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3} Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86} Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41} ShowBiz --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07295ABF-1245-415A-BE06-863271753443}\setup.exe" -l0x9 SiSoftware Sandra Standard 2004.SP1 (CNET Edition) --> "C:\Program Files\SiSoftware\SiSoftware Sandra Standard 2004.SP1 (Win32 x86)\unins000.exe" SiSoftware Sandra Standard 2004.SP2b (Win32 x86) --> "C:\Program Files\SiSoftware\SiSoftware Sandra Standard 2004.SP2b (Win32 x86)\unins000.exe" Sothink SWF Decompiler --> "C:\Program Files\SourceTec\Sothink SWF Decompiler\unins000.exe" Space Rocks --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {1336A42D-44B3-4063-B160-9F81ECE7D6D7} Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Switch Uninstall --> C:\Program Files\NCH Swift Sound\Switch\uninst.exe Symantec WinFax PRO 10.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Symantec\WinFax\WFXUNIST.ISU" -c"C:\Program Files\Symantec\WinFax\UNINSTUB.DLL" t@b Media Converter (GUI for sox, mencoder) v0.952-686 --> "C:\Program Files\t@b\unins000.exe" Ulead VideoStudio 7 SE DVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}\setup.exe" -l0x9 Update for Office 2007 (KB932080) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7} Update for Office 2007 (KB934391) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5} Update for Office 2007 (KB946691) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb950378) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {F6296086-AED5-4EC0-938B-08EA0254F20E} Video Converter 3 --> C:\Program Files\Xilisoft\Video Converter 3\Uninstall.exe Virtual Warfare --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {539E887B-98A5-4CDC-85D6-07371995D66E} WavePad Uninstall --> C:\Program Files\NCH Swift Sound\WavePad\uninst.exe WebPosition 4 --> rundll32.exe C:\PROGRA~1\WEBPOS~1\FPUninst.dll,EntryPoint "C:\PROGRA~1\WEBPOS~1\UNWISE.EXE" "C:\PROGRA~1\WEBPOS~1\install4.log" WildTangent Channel Manager --> C:\Program Files\WildTangent\DDC\DDCManager\Uninstall.exe WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} WinPcap 3.0 alpha 4 --> "C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log" WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall Zebra P120i Card Printer --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5B8AED64-F865-4F76-BE43-07868DE6D07F} -- Application Event Log ------------------------------------------------------- Event Record #/Type24470 / Error Event Submitted/Written: 06/27/2008 02:22:43 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application itouch.exe, version 2.15.264.0, faulting module itouch.exe, version 2.15.264.0, fault address 0x0002c28c. Processing media-specific event for [itouch.exe!ws!] Event Record #/Type24460 / Error Event Submitted/Written: 06/26/2008 07:16:28 PM Event ID/Source: 1000 / Microsoft Office 10 Event Description: Faulting application outlook.exe, version 10.0.6838.0, faulting module msvcrt.dll, version 7.0.2600.2180, fault address 0x00036155. Event Record #/Type24458 / Error Event Submitted/Written: 06/25/2008 10:46:23 PM Event ID/Source: 1000 / Microsoft Office 10 Event Description: Faulting application outlook.exe, version 10.0.6838.0, faulting module msvcrt.dll, version 7.0.2600.2180, fault address 0x00036155. Event Record #/Type24456 / Error Event Submitted/Written: 06/25/2008 05:20:58 PM Event ID/Source: 1000 / Microsoft Office 10 Event Description: Faulting application outlook.exe, version 10.0.6838.0, faulting module msvcrt.dll, version 7.0.2600.2180, fault address 0x00036155. Event Record #/Type24455 / Error Event Submitted/Written: 06/25/2008 03:02:18 PM Event ID/Source: 1000 / Microsoft Office 10 Event Description: Faulting application outlook.exe, version 10.0.6838.0, faulting module msvcrt.dll, version 7.0.2600.2180, fault address 0x00036155. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type40349 / Error Event Submitted/Written: 06/27/2008 04:07:57 PM Event ID/Source: 7034 / Service Control Manager Event Description: The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s). Event Record #/Type40343 / Error Event Submitted/Written: 06/27/2008 04:07:57 PM Event ID/Source: 7022 / Service Control Manager Event Description: The SQL Server VSS Writer service hung on starting. Event Record #/Type40342 / Error Event Submitted/Written: 06/27/2008 04:07:57 PM Event ID/Source: 7000 / Service Control Manager Event Description: The ASCTRM service failed to start due to the following error: %%2 Event Record #/Type40341 / Error Event Submitted/Written: 06/27/2008 04:07:57 PM Event ID/Source: 7000 / Service Control Manager Event Description: The KeyFive USB Reader service failed to start due to the following error: %%1058 Event Record #/Type40340 / Error Event Submitted/Written: 06/27/2008 04:06:07 PM / 06/27/2008 04:06:37 PM Event ID/Source: 36 / ptserial Event Description: \Device\PTSerial0 -- End of Deckard's System Scanner: finished at 2008-06-27 16:38:50 ------------