Thank you so much for your help!
Deckard's System Scanner v20071014.68
Run by kim on 2008-02-04 21:33:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
22: 2008-02-05 03:34:12 UTC - RP1543 - Deckard's System Scanner Restore Point
21: 2008-02-04 20:21:45 UTC - RP1542 - Removed Microsoft Office Small Business Connectivity Components
20: 2008-02-04 15:24:13 UTC - RP1541 - Removed Image Resizer Powertoy for Windows XP
19: 2008-02-04 15:23:30 UTC - RP1540 - Removed HighMAT Extension to Microsoft Windows XP CD Writing Wizard
18: 2008-02-04 15:22:19 UTC - RP1539 - Removed VideoImpression
-- First Restore Point --
1: 2008-01-24 07:45:36 UTC - RP1522 - Software Distribution Service 3.0
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 254 MiB (512 MiB recommended).System Drive C: has 5.33 GiB (less than 15%) free.-- HijackThis (run as kim.exe) -------------------------------------------------
logfile has no content; running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-04 21:40:40
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\AOL\ACS\acsd.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\SYSTEM32\bgsvcgen.exe
C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
C:\WINDOWS\SYSTEM32\cisvc.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\SYSTEM32\alg.exe
C:\WINDOWS\SYSTEM32\CIDAEMON.EXE
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SYSTEM32\CIDAEMON.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware .exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe
C:\Documents and Settings\kim\Local Settings\Temporary Internet Files\Content.IE5\HCYZ0LK5\dss[1].exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll
O2 - BHO: (no name) - {EBA4A5C7-F3B7-4881-9FA5-2963395AE1F8} - C:\WINDOWS\SYSTEM32\gebcy.dll
O2 - BHO: {4b160c99-c72f-20cb-f644-99b4a5e64b5f} - {f5b46e5a-4b99-446f-bc02-f27c99c061b4} - C:\WINDOWS\SYSTEM32\qedjyemn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll (file missing)
O3 - Toolbar: Cox Popup Blocker - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - C:\Program Files\Cox\Applications\App\PopupBHO01.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - SITEguard - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ESP] c:\Program Files\Cox\Applications\app\start.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [f0914bc8] rundll32.exe "C:\WINDOWS\system32\vqqamcwg.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O4 - Global Startup: Exif Launcher 2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} -
http://www.pandasoft....com/activescan (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader () -
http://www.miniclip....tgameloader.cabO16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
http://support.dell....iler/SysPro.CABO16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} () -
http://office.micros...tes/ieawsdc.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://download.micr...heckControl.cabO16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} (CNavigationManager Object) -
http://www3.authenti.../bin/wizard.exeO16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) -
http://www.miniclip....pGameLoader.dllO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.syma...bin/AvSniff.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) -
https://support.micr...ActiveX/odc.cabO16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg...l_v1-0-3-36.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by122w.bay122...es/MsnPUpld.cabO16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) -
http://www.webshots....SDownloader.ocxO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1119759937815O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.syma...n/bin/cabsa.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1152062713078O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai...all/xscan53.cabO16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://zone.msn.com/...mjolauncher.cabO16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.ma...t/ultrashim.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {9E214F45-89C2-4DE3-94A9-530EB1D05F7E} () -
http://www.quest3d.c..._WebInstall.cabO16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) -
http://www.superadbl...ivex/sabspx.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://cdn2.zone.msn...ro.cab34246.cabO16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) -
http://a532.g.akamai...5/installer.exeO16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) -
http://mail.lycos.co.../AttachMail.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.ma...ent/swflash.cabO16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) -
http://www.gamespot....ownload/kdx.cabO18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\acsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\SYSTEM32\bgsvcgen.exe
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: dvpapi - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Unknown owner - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 11839 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys
R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys <Not Verified; Andrea Electronics Corporation; Andrea Audio Driver>
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft® ASPI Shell>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
R3 smwdm - c:\windows\system32\drivers\smwdm.sys <Not Verified; Analog Devices, Inc.; SoundMAX Digital Audio Driver>
R3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys <Not Verified; America Online, Inc.; Wan Miniport (ATW)>
S3 CoachAud (Coach Audio) - c:\windows\system32\drivers\coachaud.sys <Not Verified; FotoNation Inc.; Audio Port Driver for Digital Camera>
S3 CoachUsb (Coach Digital Camera on USB) - c:\windows\system32\drivers\coachusb.sys (file missing)
S3 CoachVc (Coach Video Capture) - c:\windows\system32\drivers\coachvc.sys (file missing)
S3 DCamUSBSQTECH (Dual-Mode DSC(2770)) - c:\windows\system32\drivers\sqcaptur.sys <Not Verified; Service & Quality Technology.; SQ913>
S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 mohfilt - c:\windows\system32\drivers\mohfilt.sys <Not Verified; Intel Corporation; Intel® 537EP V9x DFV PCI Modem>
S3 SABProcEnum - c:\program files\internet explorer\sabprocenum.sys (file missing)
S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda® Antivirus>
S3 USBCamera (Bulk USB Device) - c:\windows\system32\drivers\bulk533.sys <Not Verified; USB BULK; Platform SDK Sample Code>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; C-Dilla Ltd; SafeCast Windows NT>
S2 LexBceS (LexBce Server) - c:\windows\system32\lexbces.exe (file missing)
S3 gusvc (Google Updater Service) - "c:\program files\google\common\google updater\googleupdaterservice.exe" (file missing)
S3 IDriverT (InstallDriver Table Manager) - "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-02-04 18:24:00 338 --a------ C:\WINDOWS\Tasks\HP Usg Daily.job
2008-01-13 21:36:56 552 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - kim.job
-- Files created between 2008-01-04 and 2008-02-04 -----------------------------
2008-02-04 21:39:57 88128 --a------ C:\WINDOWS\system32\vqqamcwg.dll
2008-02-04 21:36:53 93248 --a------ C:\WINDOWS\system32\qedjyemn.dll
2008-02-04 21:33:39 88128 -----n--- C:\WINDOWS\system32\sgpskpgk.dll
2008-02-04 21:31:46 93248 --a------ C:\WINDOWS\system32\pokrhybn.dll
2008-02-04 18:41:41 0 d-------- C:\Program Files\Trend Micro
2008-02-03 21:10:04 88640 --a------ C:\WINDOWS\system32\bnlathau.dll
2008-02-03 21:07:35 92736 --a------ C:\WINDOWS\system32\anixafkm.dll
2008-02-03 21:04:08 88640 -----n--- C:\WINDOWS\system32\wvfenilr.dll
2008-02-03 21:04:01 92736 --a------ C:\WINDOWS\system32\bcqbxcqr.dll
2008-02-02 23:55:15 0 dr-h----- C:\Documents and Settings\kim\Recent
2008-02-02 23:50:17 343040 --a------ C:\WINDOWS\system32\gebcy.exe
2008-02-02 20:55:23 96832 --a------ C:\WINDOWS\system32\wwpuyqwg.dll
2008-02-02 20:49:00 96832 --a------ C:\WINDOWS\system32\mhnyrnrg.dll
2008-02-01 18:30:21 92736 --a------ C:\WINDOWS\system32\wdttdtyf.dll
2008-02-01 18:28:25 92224 --a------ C:\WINDOWS\system32\ivxrlugx.dll
2008-02-01 18:24:16 92224 -----n--- C:\WINDOWS\system32\nfucgfbm.dll
2008-02-01 18:22:47 92736 --a------ C:\WINDOWS\system32\wiytmjgr.dll
2008-01-31 18:10:02 90688 --a------ C:\WINDOWS\system32\iersglpw.dll
2008-01-31 18:07:02 94784 --a------ C:\WINDOWS\system32\edmoqstf.dll
2008-01-31 18:04:03 90688 -----n--- C:\WINDOWS\system32\bvakyuwn.dll
2008-01-31 18:02:41 94784 --a------ C:\WINDOWS\system32\okbfjosg.dll
2008-01-30 18:00:55 92736 --a------ C:\WINDOWS\system32\eccdcbnr.dll
2008-01-30 17:57:54 87616 --a------ C:\WINDOWS\system32\wcrsuxxe.dll
2008-01-30 17:54:54 87616 -----n--- C:\WINDOWS\system32\ywimnvwi.dll
2008-01-30 17:51:54 92736 --a------ C:\WINDOWS\system32\fhxaxulx.dll
2008-01-29 17:58:12 88640 --a------ C:\WINDOWS\system32\fepiuinv.dll
2008-01-29 17:48:03 78912 --a------ C:\WINDOWS\system32\ijfwiduh.dll
2008-01-28 16:54:22 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-28 16:53:03 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-28 16:53:01 0 d-------- C:\Documents and Settings\kim\Application Data\SUPERAntiSpyware.com
2008-01-28 11:54:37 0 d-------- C:\Documents and Settings\kim\Application Data\Grisoft
2008-01-28 11:52:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-28 09:59:18 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
2008-01-28 09:56:26 8576 --a------ C:\WINDOWS\system32\drivers\doxahacacnep.sys <Not Verified; Panda Software International; RKPavProc Driver>
2008-01-28 01:29:15 11555 --a------ C:\WINDOWS\system32\ytaygyht.dll
2008-01-28 01:23:04 75795 --a------ C:\WINDOWS\system32\fjibiuov.dll
2008-01-27 01:27:29 0 d-------- C:\Documents and Settings\NetworkService\Desktop
2008-01-27 00:25:24 0 d-------- C:\Program Files\STOPzilla!
2008-01-27 00:25:21 0 d-------- C:\Program Files\Common Files\iS3
2008-01-27 00:25:07 0 d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-01-25 23:07:06 87104 --a------ C:\WINDOWS\system32\yibofdvu.dll
2008-01-25 00:19:07 0 d-------- C:\Program Files\CCleaner
2008-01-24 02:26:01 0 d-------- C:\Program Files\Microsoft Silverlight
2008-01-24 02:19:09 0 d-------- C:\Program Files\MSBuild
2008-01-24 02:11:07 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-01-24 02:07:54 0 d-------- C:\Program Files\Reference Assemblies
2008-01-24 02:03:26 0 d-------- C:\74c32015e95a4c429486495272
2008-01-24 02:03:00 0 d-------- C:\Program Files\MSXML 6.0
2008-01-24 01:58:12 0 d-------- C:\Program Files\Windows Media Connect 2
2008-01-23 22:40:16 8576 --a------ C:\WINDOWS\system32\drivers\qnptamuyyngn.sys <Not Verified; Panda Software International; RKPavProc Driver>
2008-01-23 21:58:10 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-01-20 19:20:38 85568 --a------ C:\WINDOWS\system32\bubyehgl.dll
2008-01-19 19:18:09 87104 --a------ C:\WINDOWS\system32\wunwyeln.dll
2008-01-13 23:50:32 0 d-------- C:\Documents and Settings\Default User\Application Data\Apple Computer
2008-01-13 20:37:01 0 d-------- C:\WINDOWS\E80F62FF5D3C4A1984099721F2928206.TMP
2008-01-13 20:10:43 0 d-------- C:\Program Files\Windows Sidebar
2008-01-13 20:10:40 0 d-------- C:\Program Files\Norton AntiVirus
2008-01-10 18:23:08 0 d-------- C:\temp
2008-01-06 09:05:54 0 d-------- C:\Program Files\MSXML 4.0
2008-01-04 19:08:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Authentium
2008-01-04 19:07:25 0 d-------- C:\Program Files\Common Files\RuleSpace
2008-01-04 19:06:49 0 d-------- C:\Program Files\Common Files\Aluria
2008-01-04 19:04:37 0 d-------- C:\Program Files\Common Files\Authentium
2008-01-04 18:57:47 0 d-------- C:\Program Files\Cox
2008-01-04 18:52:01 0 d-------- C:\Program Files\Common Files\Authentium Shared
-- Find3M Report ---------------------------------------------------------------
2008-02-04 21:41:03 289141 --ahs---- C:\WINDOWS\system32\ycbeg.ini2
2008-02-04 18:22:46 0 d-------- C:\Program Files\iTunes
2008-02-04 14:48:31 0 d-------- C:\Program Files\Intel
2008-02-04 14:41:44 0 d-------- C:\Program Files\Common Files
2008-02-04 09:22:35 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-04 09:22:34 0 d-------- C:\Program Files\ArcSoft
2008-01-28 21:52:41 0 d-------- C:\Documents and Settings\kim\Application Data\MSN6
2008-01-28 16:50:12 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-28 16:10:24 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-28 10:50:15 0 d-------- C:\Program Files\FinePixViewer
2008-01-28 10:46:22 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-01-27 10:19:20 0 d-------- C:\Program Files\Microsoft SQL Server
2008-01-24 23:52:50 0 d-------- C:\Program Files\CyberLink
2008-01-23 23:35:56 0 d-------- C:\Program Files\Messenger
2008-01-20 16:40:56 0 d-------- C:\Program Files\QuickTime
2008-01-17 06:51:44 0 d-------- C:\Program Files\Symantec
2008-01-13 19:45:05 0 d-------- C:\Program Files\Yahoo!
2008-01-04 18:39:01 0 d-------- C:\Program Files\Windows Defender
2007-12-27 23:22:18 0 d-------- C:\Documents and Settings\kim\Application Data\AVG7
2007-12-26 21:24:35 0 d-------- C:\Documents and Settings\kim\Application Data\Yahoo!
2007-12-26 21:21:44 0 d-------- C:\Documents and Settings\kim\Application Data\Move Networks
2007-12-26 21:20:22 0 d-------- C:\Program Files\IrfanView
2007-12-26 18:03:38 0 d-------- C:\Program Files\REGSHAVE
2007-12-26 17:23:04 169984 --a------ C:\WINDOWS\system32\LEXPPS .EXE <Not Verified; Lexmark International, Inc.; MarkVision for Windows (32 bit)>
2007-12-26 17:22:35 0 d-------- C:\Program Files\?ymbols
2007-12-25 10:24:05 0 d-------- C:\Program Files\Common Files\?ppPatch
2007-12-25 09:35:16 339456 -----n--- C:\WINDOWS\system32\gebcy.dll
2007-12-25 09:29:50 8147 --ahs---- C:\WINDOWS\system32\ehkmp.ini2
2007-12-24 18:03:45 534641 --ahs---- C:\WINDOWS\system32\qtvwa.ini2
2007-12-18 21:29:44 80 -r-hs---- C:\WINDOWS\system32\B08DF75570.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
01/30/2008 10:06 PM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EBA4A5C7-F3B7-4881-9FA5-2963395AE1F8}]
12/25/2007 09:35 AM 339456 --------- C:\WINDOWS\system32\gebcy.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f5b46e5a-4b99-446f-bc02-f27c99c061b4}]
02/04/2008 09:36 PM 93248 --a------ C:\WINDOWS\system32\qedjyemn.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LexStart"="" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
"ESP"="c:\Program Files\Cox\Applications\app\start.exe" []
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" []
"f0914bc8"="C:\WINDOWS\system32\vqqamcwg.dll" [02/04/2008 09:39 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservicesonce]
"washindex"=C:\Program Files\Washer\washidx.exe
C:\Documents and Settings\kim\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 12:36:04 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 12:36:04 PM]
Exif Launcher 2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe [2/3/2007 3:26:02 PM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\gebcy
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
*Newly Created Service* - IPOD_SERVICE
-- End of Deckard's System Scanner: finished at 2008-02-04 21:43:37 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.66GHz
Percentage of Memory in Use: 85%
Physical Memory (total/avail): 254 MiB / 36.24 MiB
Pagefile Memory (total/avail): 1005.9 MiB / 538.79 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1915.23 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 37.21 GiB total, 5.33 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
\\.\PHYSICALDRIVE0 - WDC WD400BB-75DEA0 - 37.25 GiB - 2 partitions
\PARTITION0 - Unknown - 31.35 MiB
\PARTITION1 (bootable) - Installable File System - 37.21 GiB - C:
\\.\PHYSICALDRIVE1 - HP photosmart 7200 USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: Norton AntiVirus v15.0.0.58 (Symantec Corporation)
DisabledAV: Norton AntiVirus v15.0.0.58 (Symantec Corporation)
Disabled Outdated[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_server.exe"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_server.exe:*:Disabled:TODO: <File description>"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\SYSTEM32\\Lexpps.exe"="C:\\WINDOWS\\SYSTEM32\\Lexpps.exe:*:Disabled:LEXPPS.EXE"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\\WINDOWS\\SYSTEM32\\dxdiag.exe"="C:\\WINDOWS\\SYSTEM32\\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\\WINDOWS\\SYSTEM32\\dpvsetup.exe"="C:\\WINDOWS\\SYSTEM32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\FlightGear\\bin\\win32\\fgfs.exe"="C:\\Program Files\\FlightGear\\bin\\win32\\fgfs.exe:*:Enabled:fgfs"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\omtpbalj.exe"="C:\\WINDOWS\\system32\\omt"
"C:\\WINDOWS\\SYSTEM32\\LEXPPS .EXE"="C:\\WINDOWS\\SYSTEM32\\LEXPPS .EXE:*:Disabled:LEXPPS.EXE"
"C:\\WINDOWS\\system32\\nnvkvcsf.exe"="C:\\WINDOWS\\system32\\nnv"
"C:\\WINDOWS\\system32\\ftcbikgy.exe"="C:\\WINDOWS\\system32\\ftc"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\kim\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DFVVTQ41
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\kim
LOGONSERVER=\\DFVVTQ41
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\backburner 2\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\kim\LOCALS~1\Temp
TMP=C:\DOCUME~1\kim\LOCALS~1\Temp
USERDOMAIN=DFVVTQ41
USERNAME=kim
USERPROFILE=C:\Documents and Settings\kim
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
kim
(admin)Administrator
(admin)Guest
(new local, guest)-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70800000002}
America Online (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\Aolunins_us.exe
Anti-Spyware (Aluria) --> MsiExec.exe /I{5D52D604-F3C0-45B4-9128-630B4AF57B13}
Anti-Virus (Command Software) --> MsiExec.exe /I{C1A5671F-3BD1-4EAE-B613-946BB890662D}
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{797703D4-461B-4BC9-AACA-292917F3A47F}\setup.exe" -l0x9 -uninst
Authentium AntiVirus SDK - 2 --> MsiExec.exe /I{1ACE3F9D-CDA4-4F39-9605-334CF37A1579}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Broadcom Management Programs --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{89EE857B-8970-4F9F-AB58-A1C873AC72B3} /l1033
ccCommon --> MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Cda Product Service - shared component --> C:\WINDOWS\CdaC13BA.EXE /uninstall
Component Framework --> MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
Cox (CVUS) --> MsiExec.exe /I{5BD7238A-6B67-41FE-AC97-E59A71838F4D}
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Support --> MsiExec.exe /X{43FCA273-9534-40DB-B7C5-D7758875616A}
DVD Photo Slideshow Pro 7.55 --> C:\Program Files\DVD Photo Slideshow Professional\uninst.exe
ESP --> MsiExec.exe /I{F61BC717-3F50-457D-86AC-DA5D537D1850}
FinePixViewer Resource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE" -l0x9
FinePixViewer Ver.5.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE" -l0x9
Firewall (Core) --> MsiExec.exe /I{B01F6BFA-2761-4621-A47F-CD46532D40B4}
Firewall (User) --> MsiExec.exe /I{3BEFC9CE-F87D-4D98-8E82-36C5FA90D4D2}
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB910998) --> "C:\WINDOWS\$NtUninstallKB910998$\spuninst\spuninst.exe"
Intel® 537EP V9x DF PCI Modem --> rundll32 IntelCci.dll,iSMUninstallation "Intel® 537EP V9x DF PCI Modem"
Intel® Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java 2 Runtime Environment, SE v1.4.2 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142000}
LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Macromedia Extension Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
Macromedia Fireworks MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E583ED6F-BD99-4066-A420-C815BF692B69}\Setup.exe" -l0x9 UNINSTALL
Macromedia Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MySpaceIM --> MsiExec.exe /I{FE242C4A-4AF0-4E9F-ABFF-92CA3CEE8761}
Norton AntiVirus --> MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Norton AntiVirus (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}_15_0_0_58\Setup.exe" /X
Norton AntiVirus Help --> MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton Protection Center --> MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
Photosmart 140,240,7200,7600,7700,7900 Series --> C:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\setup\hpzscr01.exe -datfile hphscr01.dat
Popup Blocker --> MsiExec.exe /I{5A79D76E-D50E-46A6-9D78-F689CF58AC9D}
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Secure Delivery --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\kdx\kdx.inf,DefaultUninstall,5
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sony MP4 Shared Library --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe" -l0x9 -removeonly
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Third Party Prerequisites --> MsiExec.exe /I{F6A31EEF-7DB9-4A46-B3BB-9DB5F117508D}
V3750 Digital Camera Driver --> C:\PROGRA~1\V3750D~1\UNWISE.EXE C:\PROGRA~1\V3750D~1\INSTALL.LOG
Watchtower Library 2006 - English Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42EED331-936C-446E-9374-077F7B028518}\Setup.exe"
Web Filtering (Base 2) --> MsiExec.exe /I{D3AB0F01-C515-4470-B9CA-8CB78FD42AE8}
Web Filtering (Base) --> MsiExec.exe /I{6AC20055-5E5B-48FA-9F5F-E778D354CE50}
Web Filtering (Kids Page) --> MsiExec.exe /I{2D02E0B0-D759-4F33-88E5-B83DDCB58473}
Web Filtering (RuleSpace Anti-Phishing) --> MsiExec.exe /I{634B7897-EDEA-4893-9A8A-54DA037928A5}
Web Filtering (Rulespace) --> MsiExec.exe /I{9043ED00-BEA5-44EE-AA13-44C71149AFAD}
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
XML Paper Specification Shared Components Pack 1.0 -->
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type8729 / Error
Event Submitted/Written: 02/04/2008 01:43:06 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Initialization of the COM subsystem failed. Error code: 0x8007041D.
Event Record #/Type8714 / Error
Event Submitted/Written: 02/03/2008 06:13:13 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16574, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00009dea.
Processing media-specific event for [iexplore.exe!ws!]
Event Record #/Type8710 / Error
Event Submitted/Written: 02/03/2008 05:49:01 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Initialization of the COM subsystem failed. Error code: 0x8007041D.
Event Record #/Type8703 / Error
Event Submitted/Written: 02/03/2008 00:20:27 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Initialization of the COM subsystem failed. Error code: 0x8007041D.
Event Record #/Type8690 / Error
Event Submitted/Written: 02/02/2008 10:45:44 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16574, faulting module ieui.dll, version 7.0.5730.11, fault address 0x000061aa.
Processing media-specific event for [iexplore.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type73329 / Warning
Event Submitted/Written: 02/04/2008 09:30:38 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000F1F515CC6. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type73322 / Error
Event Submitted/Written: 02/04/2008 06:11:04 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The SABProcEnum service failed to start due to the following error:
%%2
Event Record #/Type73320 / Error
Event Submitted/Written: 02/04/2008 06:07:23 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
Event Record #/Type73313 / Error
Event Submitted/Written: 02/04/2008 01:43:39 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
Event Record #/Type73312 / Error
Event Submitted/Written: 02/04/2008 01:43:05 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1053" attempting to start the service LiveUpdate with arguments ""
in order to run the server:
{03E0E6C2-363B-11D3-B536-00902771A435}
-- End of Deckard's System Scanner: finished at 2008-02-04 21:43:37 ------------