Hi, thanks for helping me!
main.txt:
Deckard's System Scanner v20071014.68
Run by Hass on 2008-02-03 18:28:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 4 Restore Point(s) --
4: 2008-02-03 18:28:04 UTC - RP4 - Deckard's System Scanner Restore Point
3: 2008-02-03 13:05:53 UTC - RP3 - Last known good configuration
2: 2008-02-03 13:05:48 UTC - RP2 - Removed Adobe After Effects 7.0
1: 2008-02-03 13:05:48 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 9.39 GiB (less than 15%) free.-- HijackThis (run as Hass.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:31:29, on 03/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRAM FILES\FRAPS\FRAPS.EXE
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Hass\Desktop\dss.exe
C:\WINDOWS\system32\logonui.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\DOCUME~1\Hass\Desktop\Hass.exe
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {BBA69516-4F37-477C-A759-187B6F869D0E} - C:\WINDOWS\system32\vturq.dll (file missing)
O2 - BHO: (no name) - {E0604D7B-C98B-409E-870F-9C4772F649D7} - (no file)
O2 - BHO: (no name) - {FC1B64D9-3499-4791-82D5-AABAC3FAEA45} - C:\WINDOWS\system32\ddcyvur.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Fraps] C:\PROGRAM FILES\FRAPS\FRAPS.EXE
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: wineky32 - wineky32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
--
End of file - 7433 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 AsIO - c:\windows\system32\drivers\asio.sys
R1 asuskbnt (Enhanced Display Driver Helper Service) - c:\windows\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
R3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
R3 NVR0Dev - c:\windows\nvoclock.sys <Not Verified; NVidia Corp.; NVidia System Utility Driver>
R3 pgfilter - c:\program files\peerguardian2\pgfilter.sys
S1 SysTool (SysTool Overclocking Utility) - c:\windows\system32\drivers\systool.sys <Not Verified; ; Low-Level Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 ATKKeyboardService (ATK Keyboard Service) - c:\windows\atkkbservice.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
R2 nTuneService (nTune Service) - c:\program files\nvidia corporation\ntune\ntuneservice.exe /startservice <Not Verified; NVIDIA; NVIDIA nTune>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S4 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
S4 crd - c:\docume~1\lorraine\locals~1\temp\ixp001.tmp\poststp.exe (file missing)
S4 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S4 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {928DAA00-88CC-4E7E-A891-EFD3BBC6CD47}
Description:
Device ID: ROOT\*SYSTOOLDEVICE\0000
Manufacturer: W1zzard
Name:
PNP Device ID: ROOT\*SYSTOOLDEVICE\0000
Service:
Class GUID:
Description:
Device ID: ACPI\AWY0001\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\AWY0001\2&DABA3FF&0
Service:
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\123A0CE11D800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\123A0CE11D800
Service: NIC1394
-- Scheduled Tasks -------------------------------------------------------------
2008-02-03 18:25:47 262 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
2008-02-03 18:25:33 336 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job
2008-02-01 23:28:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-09-17 14:23:38 340 --a------ C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1182079904.job
-- Files created between 2008-01-03 and 2008-02-03 -----------------------------
2008-02-03 18:29:18 331776 --a------ C:\WINDOWS\system32\sstqo.dll
2008-02-03 02:20:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Uniblue
2008-02-02 19:41:39 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-02-02 16:29:15 0 d-------- C:\VundoFix Backups
2008-02-02 16:15:40 39424 -----n--- C:\WINDOWS\system32\ddcyvur.dll
2008-02-02 14:36:27 0 d-------- C:\Documents and Settings\Hass\.DownloadManager
2008-01-24 22:26:26 176235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2008-01-24 22:26:21 0 d-------- C:\WINDOWS\PrimoPDF
2008-01-24 22:26:21 0 d-------- C:\Program Files\activePDF
2008-01-24 21:07:17 1025 --a------ C:\WINDOWS\system32\sysprs7.dll
2008-01-24 21:07:17 73 --a------ C:\WINDOWS\system32\ssprs.dll
2008-01-24 21:07:17 205 --a------ C:\WINDOWS\system32\lsprst7.dll
2008-01-24 21:07:17 1025 --a------ C:\WINDOWS\system32\clauth2.dll
2008-01-24 21:07:17 1025 --a------ C:\WINDOWS\system32\clauth1.dll
2008-01-24 21:07:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
2008-01-23 18:55:03 0 d-------- C:\Documents and Settings\Hass\Application Data\Opera
2008-01-20 02:18:00 0 d-------- C:\Documents and Settings\Hass\Application Data\gtk-2.0
2008-01-20 02:17:58 0 d-------- C:\Documents and Settings\Hass\.thumbnails
2008-01-20 02:16:58 0 d-------- C:\Documents and Settings\Hass\.gimp-2.4
2008-01-20 02:14:51 0 d-------- C:\Program Files\GIMP-2.0
2008-01-19 23:29:34 0 d-------- C:\Documents and Settings\Hass\Application Data\FileMaker
2008-01-12 20:22:41 0 d-------- C:\WINDOWS\NV28605440.TMP
2008-01-12 12:32:39 160 --ah----- C:\Documents and Settings\Moe\hpothb07.dat
2008-01-12 12:31:46 0 d---s---- C:\Documents and Settings\Moe\UserData
2008-01-12 12:31:17 0 d-------- C:\Documents and Settings\Moe\Application Data\Hewlett-Packard
2008-01-06 01:08:39 3 --a------ C:\Documents and Settings\Hass\Application Data\ATE
2008-01-05 11:28:28 0 d-------- C:\Program Files\Aspyr
2008-01-05 11:13:59 0 d-------- C:\Program Files\Alcohol Soft
2008-01-05 03:02:06 0 d-------- C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-01-05 02:55:48 81 -r-hs---- C:\WINDOWS\ICMET20.BIN
2008-01-05 02:54:39 0 d-------- C:\Program Files\Reallusion
2008-01-04 19:39:40 0 d-------- C:\Documents and Settings\Hass\.bitrock
2008-01-04 19:25:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-04 19:21:52 0 d-------- C:\Program Files\NVIDIA nTune Performance Application
2008-01-04 19:07:30 0 d-------- C:\WINDOWS\NV388404.TMP
2008-01-04 19:01:55 0 d-------- C:\Documents and Settings\Hass\Application Data\InstallShield
-- Find3M Report ---------------------------------------------------------------
2008-02-03 18:23:52 0 d-------- C:\Documents and Settings\Hass\Application Data\WTablet
2008-02-03 03:02:07 0 d-------- C:\Program Files\PeerGuardian2
2008-02-03 02:19:54 0 d-------- C:\Documents and Settings\Hass\Application Data\Uniblue
2008-02-03 02:19:47 0 d-------- C:\Program Files\Uniblue
2008-02-02 22:38:44 0 d-------- C:\Documents and Settings\Hass\Application Data\uTorrent
2008-02-02 20:49:22 0 d-------- C:\Program Files\WinUHA
2008-02-02 20:44:38 0 d-------- C:\Program Files\SmartFTP Client
2008-02-02 20:43:57 0 d-------- C:\Program Files\QuickTime
2008-02-02 20:43:43 0 d-------- C:\Program Files\PowerISO
2008-02-02 20:41:16 0 d-------- C:\Program Files\MSN Messenger
2008-02-02 20:39:46 0 d-------- C:\Program Files\MagicISO
2008-02-02 20:37:56 0 d-------- C:\Program Files\Fraps
2008-02-02 20:36:09 0 d-------- C:\Program Files\FileZilla Client
2008-02-02 20:27:23 0 d-------- C:\Program Files\Bonjour
2008-02-02 20:20:15 0 d-------- C:\Program Files\7-Zip
2008-02-02 19:57:56 8192 --ahs---- C:\Documents and Settings\Hass\Application Data\Thumbs.db
2008-01-31 18:30:52 0 d-------- C:\Program Files\Call of Duty 4 - Modern Warfare
2008-01-24 18:54:30 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-17 23:01:35 0 d-------- C:\Documents and Settings\Hass\Application Data\Hamachi
2008-01-12 23:04:24 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-01-12 20:03:58 0 d-------- C:\Program Files\SystemRequirementsLab
2008-01-12 11:44:36 0 d-------- C:\Program Files\eMule
2008-01-10 17:49:46 0 d-------- C:\Documents and Settings\Hass\Application Data\Ahead
2008-01-06 00:49:07 0 d-------- C:\Program Files\Final Draft 7
2008-01-05 02:54:38 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-04 19:00:36 0 d-------- C:\Program Files\Sony
2007-12-29 20:56:32 0 d-------- C:\Program Files\DivX
2007-12-27 03:00:38 0 d-------- C:\Program Files\MSXML 4.0
2007-12-25 14:36:54 0 d-------- C:\Documents and Settings\Hass\Application Data\Adobe
2007-12-25 12:35:59 0 d-------- C:\Program Files\Common Files\Adobe
2007-12-25 12:34:44 0 d-------- C:\Program Files\Common Files
2007-12-25 12:34:44 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-12-25 12:33:42 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>
2007-12-25 12:30:58 0 d-------- C:\Program Files\MagicDisc
2007-12-24 16:43:47 0 d-------- C:\Documents and Settings\Hass\Application Data\Rominator Data
2007-12-21 10:53:24 0 d-------- C:\Program Files\Ambient Design
2007-12-21 10:52:54 0 d-------- C:\Program Files\VSed
2007-12-21 10:51:29 0 d-------- C:\Program Files\Mozilla Thunderbird
2007-12-21 10:49:58 0 d-------- C:\Program Files\Logitech
2007-12-21 10:49:14 0 d-------- C:\Program Files\Google
2007-12-21 10:49:07 0 d-------- C:\Program Files\Red Storm Entertainment
2007-12-21 10:48:33 0 d-------- C:\Program Files\Folding@Home
2007-12-13 20:37:41 0 d-------- C:\Program Files\Postal2
2007-12-13 19:31:09 0 d-------- C:\Program Files\Cyberlink
2007-12-05 01:41:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-12-05 01:41:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-12-05 01:41:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-12-05 01:41:00 1474560 --a------ C:\WINDOWS\system32\nview.dll
2007-12-05 01:41:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-12-05 01:41:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-12-05 01:41:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2007-12-04 01:33:18 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-12-04 01:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-04 01:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-04 01:33:16 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-11-29 22:30:28 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:28:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-11-29 22:28:24 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-11-28 21:52:32 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BBA69516-4F37-477C-A759-187B6F869D0E}]
C:\WINDOWS\system32\vturq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E0604D7B-C98B-409E-870F-9C4772F649D7}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FC1B64D9-3499-4791-82D5-AABAC3FAEA45}]
03/02/2008 00:37 39424 --------- C:\WINDOWS\system32\ddcyvur.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/12/2007 01:41]
"nwiz"="nwiz.exe" []
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [27/10/2004 14:21 C:\WINDOWS\system32\HdAShCut.exe]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [13/07/2006 06:12]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 13:00]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12/07/2007 03:00]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [18/12/2006 20:34]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/12/2007 01:41]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [10/01/2008 15:27]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 11:54]
"Steam"="c:\program files\valve\steam\steam.exe" [30/11/2007 07:31]
"Fraps"="C:\PROGRAM FILES\FRAPS\FRAPS.EXE" [19/12/2006 13:02]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [04/09/2007 19:25]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [18/09/2005 17:40]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 16:46]
"Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [29/01/2008 10:13]
C:\Documents and Settings\Hass\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 20:16:50]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [09/04/2003 17:21:38]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [09/04/2003 17:11:12]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FC1B64D9-3499-4791-82D5-AABAC3FAEA45}"= C:\WINDOWS\system32\ddcyvur.dll [03/02/2008 00:37 39424]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll 20/12/2001 22:34 24576 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 06/12/2006 17:25 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wineky32]
wineky32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vturq.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Hass^Start Menu^Programs^Startup^Folding@Home 5.03.lnk]
backup=C:\WINDOWS\pss\Folding@Home 5.03.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Hass^Start Menu^Programs^Startup^MagicDisc.lnk]
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Hass^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
"C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avp]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nTrayFw]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster2]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ProtexisLicensing"=2 (0x2)
"Microsoft Office Groove Audit Service"=3 (0x3)
"crd"=2 (0x2)
"SQLWriter"=2 (0x2)
"MSSQL$SONY_MEDIAMGR2"=3 (0x3)
"idsvc"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Adobe LM Service"=3 (0x3)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3731c8f-1905-11dc-a837-806d6172696f}]
AutoRun\command- D:\SETUP.EXE
-- Hosts -----------------------------------------------------------------------
127.255.255.255 serial.alcohol-soft.com
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
7841 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-02-03 18:32:03 ------------
extra.txt:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon 64 X2 Dual Core Processor 4600+
CPU 1: AMD Athlon 64 X2 Dual Core Processor 4600+
Percentage of Memory in Use: 26%
Physical Memory (total/avail): 2046.48 MiB / 1511.92 MiB
Pagefile Memory (total/avail): 3938.79 MiB / 3534.45 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1929.33 MiB
A: is Removable (Unformatted)
C: is Fixed (NTFS) - 76.17 GiB total, 9.39 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 77.2 GiB total, 6.57 GiB free.
F: is CDROM (No Media)
G: is CDROM (No Media)
H: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - Hitachi HDS721616PLAT80 - 153.38 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 76.17 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 77.2 GiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AV: avast! antivirus 4.7.1098 [VPS 080202-0] v4.7.1098 (ALWIL Software)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Documents and Settings\\Hass\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\Hass\\Desktop\\utorrent.exe:*:Enabled:µTorrent"
"E:\\Toolbar\\utorrent.exe"="E:\\Toolbar\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe:*:Enabled:avast! Antivirus"
"C:\\Program Files\\Valve\\Steam\\Steam.exe"="C:\\Program Files\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Winamp\\winamp.exe"="C:\\Program Files\\Winamp\\winamp.exe:*:Enabled:Winamp"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\half-life 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\half-life 2\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"="C:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe:*:Enabled:DarkCrusade"
"C:\\Documents and Settings\\Hass\\Local Settings\\Temp\\ElectronicArts_Patcher_000.exe"="C:\\Documents and Settings\\Hass\\Local Settings\\Temp\\ElectronicArts_Patcher_000.exe:*:Enabled:ElectronicArts_Patcher_000"
"E:\\Games\\Paintball2\\paintball2.exe"="E:\\Games\\Paintball2\\paintball2.exe:*:Enabled:paintball2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\source sdk base\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\source sdk base\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\half-life\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\half-life\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\deathmatch classic\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\gmaster\\deathmatch classic\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"="C:\\Program Files\\THQ\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi"
"C:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"="C:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\\Documents and Settings\\Rachid\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\Rachid\\Desktop\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5"
"C:\\Documents and Settings\\Hass\\Desktop\\utorrent(2).exe"="C:\\Documents and Settings\\Hass\\Desktop\\utorrent(2).exe:*:Enabled:µTorrent"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Adobe\\Adobe Photoshop CS3\\Photoshop.exe"="C:\\Program Files\\Adobe\\Adobe Photoshop CS3\\Photoshop.exe:*:Disabled:Adobe Photoshop CS3"
"E:\\DS\\Win2DS.exe"="E:\\DS\\Win2DS.exe:*:Enabled:Win2DS"
"E:\\DS\\Server.exe"="E:\\DS\\Server.exe:*:Enabled:Server"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"I:\\Portable\\Torrents\\utorrent.exe"="I:\\Portable\\Torrents\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Alcohol Soft\\Alcohol 120\\Alcohol.exe"="C:\\Program Files\\Alcohol Soft\\Alcohol 120\\Alcohol.exe:*:Disabled:Alcohol 120%"
"C:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe"="C:\\Program Files\\Aspyr\\Guitar Hero III\\GH3.exe:*:Disabled:Guitar Hero III"
"C:\\Program Files\\Final Draft 7\\Final Draft.exe"="C:\\Program Files\\Final Draft 7\\Final Draft.exe:*:Enabled:Final Draft"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Hass\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=STUDY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Hass
LOGONSERVER=\\STUDY
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Avid;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4b02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Hass\LOCALS~1\Temp
TMP=C:\DOCUME~1\Hass\LOCALS~1\Temp
USERDOMAIN=STUDY
USERNAME=Hass
USERPROFILE=C:\Documents and Settings\Hass
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Hass
(admin)Moe
(admin)Lorraine
(admin)Rachid
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
--> MsiExec.exe /I{0CDCA5CD-C404-41FD-9216-9B4B3D24A7AA}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Adobe After Effects 7.0 --> msiexec /I {DD362256-A7A2-4524-9457-213DDC2AFC2A}
Adobe After Effects CS3 --> C:\Program Files\Common Files\Adobe\Installers\5d83aea83f5009a0d267d337e3f55fe\Setup.exe
Adobe After Effects CS3 --> MsiExec.exe /I{EB0202F7-016A-410C-ADE4-40F848CCC661}
Adobe After Effects CS3 Presets --> MsiExec.exe /I{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}
Adobe After Effects CS3 Third Party Content --> MsiExec.exe /I{7ECEF10B-F1C2-4FD5-861F-A3FCB4653304}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge 1.0 --> MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 1.0 --> MsiExec.exe /I{B74D4E10-0000-0000-0000-EDED00000102}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files --> MsiExec.exe /I{6B708481-748A-4EB4-97C1-CD386244FF77}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Premiere Pro CS3 --> C:\Program Files\Common Files\Adobe\Installers\32fdd767b4383606e8168e834af5d90\Setup.exe
Adobe Premiere Pro CS3 --> MsiExec.exe /I{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}
Adobe Premiere Pro CS3 Functional Content --> MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content --> MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Setup --> MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244}
Adobe Setup --> MsiExec.exe /I{F1C9C7F7-0D56-40B2-A276-152762D39BCA}
Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe Video Profiles --> MsiExec.exe /I{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3 --> MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3 --> MsiExec.exe /I{D5A31AB1-345D-47C7-A87B-036A669F6DF1}
AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ASUS Enhanced Display Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9 -removeonly
ASUS SmartDoctor --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{12E11FBB-7CA6-4A86-834D-5E6390D51009} /l1033
Athlon 64 Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
Audacity 1.3.2 (Unicode) --> "C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
Blaze Media Pro --> "C:\Documents and Settings\Hass\Local Settings\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\setup_blazemp.exe" REMOVE=TRUE MODIFY=FALSE
CDisplay 1.8 --> "C:\Program Files\CDisplay\unins000.exe"
Cool & Quiet --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}\setup.exe" -l0x9
Corel Painter X --> MsiExec.exe /I{05D60953-9012-44DF-A1A6-9DD97AD6580A}
Counter-Strike: Source --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/240
Crimson Editor (remove only) --> C:\Program Files\Crimson Editor\uninstall.exe
Deathmatch Classic --> "C:\program files\valve\steam\steam.exe" steam://uninstall/40
Diablo II --> C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
eMule --> "C:\Program Files\eMule\Uninstall.exe"
FileZilla Client 3.0.1 --> C:\Program Files\FileZilla Client\uninstall.exe
Final Draft 7 --> MsiExec.exe /I{78D62D17-D970-42DA-B8CF-5E5576293B33}
Fraps (remove only) --> "C:\Program Files\Fraps\uninstall.exe"
Frets On Fire --> "C:\Program Files\Frets on Fire\Uninstall.exe"
GIMP 2.4.2 --> "C:\Program Files\GIMP-2.0\setup\unins000.exe"
Guitar Hero III --> MsiExec.exe /I{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}
Half-Life 2 --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/220
Half-Life 2: Deathmatch --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/320
Half-Life 2: Lost Coast --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/340
Half-Life Deathmatch: Source --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/360
Half-Life® 2 --> MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
Half-Life: Source --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/280
Hamachi 1.0.2.2 --> C:\Program Files\Hamachi\uninstall.exe
High Definition Audio Driver Package - KB888111 --> C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Documents and Settings\Hass\Desktop\HijackThis.exe" /uninstall
HP Photo and Imaging 2.0 - All-in-One --> MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
HP Photo and Imaging 2.0 - All-in-One Drivers --> MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - hp psc 1200 series --> C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
hp psc 1200 series --> MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
iClone SE - Fantasy Experience --> C:\Program Files\InstallShield Installation Information\{580EC579-E476-469F-9EBF-F82D696FC67A}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Impossible Creatures --> "C:\Games\UNINSTAL.EXE" /runtemp /addremove
Impossible Creatures 1.0.1 --> MsiExec.exe /X{6B2B0D05-2B4A-4855-A47B-D69CD9E3CDD6}
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
LDC Driving Test extra --> "C:\WINDOWS\LDC Driving Test extra\uninstall.exe" "/U:E:\Apps\LDC Driving Test extra\Uninstall\uninstall.xml"
Magic ISO Maker v5.4 (build 0251) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
MagicDisc 2.5.79 --> C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 --> "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2) --> MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server Native Client --> MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft VM for Java --> RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall
Microsoft Web Publishing Wizard 1.53 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
mIRC --> "K:\MIRC\mIRC\mirc.exe" -uninstall
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 7 Ultra Edition --> MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31033}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA nTune --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1033
Paintball2 Alpha build 019 --> C:\Games\Paintball2\uninst.exe
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PC Probe II --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x9
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5