Hi I've run the scans and posted on Spy killer, thanks for helping me, here are the logs:
main.txt:Deckard's System Scanner v20071014.68
Run by tom on 2008-02-28 21:22:28
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Failed to create restore point; System Restore is disabled (service is not running).
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 80% (more than 75%).-- HijackThis (run as tom.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:35:43, on 28/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\WINDOWS\System32\NILaunch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\p0twlg8i213.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\tom\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\tom.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.myexexex.com/searchbar.phpR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.myexexex....aid=spage&qq=%sR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.myexexex.....php?said=spageR1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.myexexex.....php?said=spageO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {D7284B7D-20FD-4F4D-9148-F5616E9CD3EE} - C:\WINDOWS\system32\CLUTIL_Sp.dll
O2 - BHO: (no name) - {DFB06C1D-F0D3-4652-9E71-8BC446793ACB} - c:\windows\system32\davclntn.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\System32\NILaunch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Workflow] D:\Workflow.exe
O4 - HKLM\..\Run: [p0twlg8i213] C:\WINDOWS\system32\p0twlg8i213.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [p0twlg8i213] C:\WINDOWS\system32\p0twlg8i213.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Lotus Organizer EasyClip.lnk = C:\Program Files\lotus 9.5\organize\easyclip.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {D0916B36-439B-4504-8651-E2BF16F1F52C} - C:\WINDOWS\system32\comdlg32.ocx
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {E9173ECA-1F4F-41ed-AF1F-8F723DFE3458} - C:\Documents and Settings\hugh\Local Settings\Temporary Internet Files\Content.IE5\BJLJ79CW\access[1].exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Microsoft® JavaScript® Console - {C8A1F4AD-F95C-46DE-80F4-A31ACDB283C1} - C:\WINDOWS\system32\comdlg32.ocx (HKCU)
O9 - Extra 'Tools' menuitem: JavaScript Console - {C8A1F4AD-F95C-46DE-80F4-A31ACDB283C1} - C:\WINDOWS\system32\comdlg32.ocx (HKCU)
O16 - DPF: symsupportutil -
https://www-secure.s...supportutil.CABO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg...l_v1-0-3-30.cabO16 - DPF: {4CCA4E6B-9259-11D9-AC6E-444553544200} (FixController Control) -
http://h30155.www3.h...tallMgr_v01.cabO16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) -
http://www.parallelg...in/cortvrml.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn...ro.cab56649.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: hfsvlcdy - C:\WINDOWS\SYSTEM32\davclntn.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 10339 bytes
-- File Associations -----------------------------------------------------------
.chm - unable to read key.chm - unable to read key.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2.js - JSFile - shell\open\command - unable to read value-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 pbreamhh - c:\windows\system32\drivers\sehednta.dat
R0 Teefer (Teefer for NT) - c:\windows\system32\drivers\teefer.sys <Not Verified; Sygate Technologies, Inc.; Sygate Teefer Driver>
R0 VClone - c:\windows\system32\drivers\vclone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R1 wpsdrvnt - c:\windows\system32\drivers\wpsdrvnt.sys <Not Verified; Sygate Technologies, Inc.; wpsdrvnt>
R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
R2 wg3n (SyGate for NT, wg3n) - c:\windows\system32\drivers\wg3n.sys <Not Verified; Sygate Technologies, Inc.; Sygate WGXN>
R3 DNINDIS5 (DNINDIS5 NDIS Protocol Driver) - c:\program files\belkin\belkin 802.11g wireless pci card configuration utility\dnindis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 GMSIPCI - d:\install\gmsipci.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 EPSONStatusAgent2 (EPSON Printer Status Agent2) - c:\program files\common files\epson\ebapi\sagent2.exe <Not Verified; SEIKO EPSON CORPORATION; EPSON Bidirectional Printer>
S3 Mrxsamg_1ns -
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: RAID Controller
Device ID: PCI\VEN_105A&DEV_3376&SUBSYS_809E1043&REV_02\4&3B90381F&0&20F0
Manufacturer:
Name: RAID Controller
PNP Device ID: PCI\VEN_105A&DEV_3376&SUBSYS_809E1043&REV_02\4&3B90381F&0&20F0
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-02-24 18:06:56 436 --a------ C:\WINDOWS\Tasks\At1.job
2008-02-18 08:54:06 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-02-01 17:15:00 398 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
-- Files created between 2008-01-28 and 2008-02-28 -----------------------------
2008-02-24 16:14:09 0 d-------- C:\Program Files\Trend Micro
2008-02-23 20:42:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2008-02-23 20:30:50 0 d-------- C:\Documents and Settings\tom\Application Data\Grisoft
2008-02-23 20:06:57 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-23 20:06:29 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-02-23 20:06:28 0 d-------- C:\Documents and Settings\tom\Application Data\SUPERAntiSpyware.com
2008-02-23 20:00:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-23 18:53:21 8912896 --a------ C:\Documents and Settings\tom\ntuser.dat
2008-02-18 08:39:33 35072 --a------ C:\WINDOWS\system32\zdhzhldl.dat
2008-02-18 08:39:33 246545 --a------ C:\WINDOWS\system32\libssl32.dll <Not Verified; OpenSSL <www.openssl.org>; OpenSSL>
2008-02-18 08:39:33 1188375 --a------ C:\WINDOWS\system32\libeay32.dll <Not Verified; OpenSSL <www.openssl.org>; OpenSSL>
2008-02-18 08:39:32 741632 --a------ C:\WINDOWS\system32\prksrkwq.dat
2008-02-18 08:39:32 42752 --a------ C:\WINDOWS\system32\paodiudz.dat
2008-02-18 08:39:32 36608 --a------ C:\WINDOWS\system32\otfulggr.dat
2008-02-16 11:02:25 19712 --a------ C:\WINDOWS\system32\drivers\sehednta.dat
2008-02-16 10:45:07 120576 --a------ C:\WINDOWS\system32\mkooyzyq.dat
2008-02-16 10:40:30 0 d-------- C:\WINDOWS\system32\AppCert
2008-02-16 10:40:11 111360 --a------ C:\WINDOWS\system32\CLUTIL_Sp.dll
2008-02-16 10:38:50 86528 --a------ C:\WINDOWS\system32\davclntn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-16 10:38:37 16384 --a------ C:\WINDOWS\system32\p0twlg8i213.exe
2008-02-03 17:42:32 0 d-------- C:\Program Files\ImageMagick-6.3.8-Q16
2008-02-02 08:50:16 0 d-------- C:\Documents and Settings\tom\Application Data\proDAD
2008-02-02 08:50:09 0 d-------- C:\Program Files\proDAD
-- Find3M Report ---------------------------------------------------------------
2008-02-28 19:33:24 0 d-------- C:\Program Files\lg_fwupdate
2008-02-24 17:24:44 0 d-------- C:\Program Files\QuickTime
2008-02-24 17:22:58 0 d-------- C:\Program Files\NavNT
2008-02-24 17:20:54 0 d-------- C:\Program Files\Messenger
2008-02-24 17:16:59 0 d-------- C:\Program Files\iTunes
2008-02-24 17:15:08 0 d-------- C:\Program Files\Eraser
2008-02-24 17:13:52 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-02-23 20:05:28 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-06 17:57:52 0 d-------- C:\Documents and Settings\tom\Application Data\Adobe
2008-01-06 22:25:27 212 --a------ C:\WINDOWS\recover.reg
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D7284B7D-20FD-4F4D-9148-F5616E9CD3EE}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DFB06C1D-F0D3-4652-9E71-8BC446793ACB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="C:\Program Files\NavNT\vptray.exe" [31/10/2001 10:59]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\Smtray.exe" [26/06/2002 16:36]
"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [22/03/2002 04:41]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [24/12/2003 13:44]
"Net-It Launcher"="C:\WINDOWS\System32\NILaunch.exe" [05/02/1998 19:16]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [01/09/2003 11:42]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [16/02/2005 22:11]
"DeviceDiscovery"="C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [21/05/2003 17:37]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [26/10/2005 16:17]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30/10/2006 09:36]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [29/04/2006 13:21]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [02/11/2004 20:24]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [12/07/2006 09:58]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50]
"LGODDFU"="C:\Program Files\lg_fwupdate\fwupdate.exe" [05/04/2007 06:45]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [16/02/2007 09:54]
"Workflow"="D:\Workflow.exe" []
"p0twlg8i213"="C:\WINDOWS\system32\p0twlg8i213.exe" [16/02/2008 10:38]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 09:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 07:56]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 16:24]
"PowerBar"="" []
"p0twlg8i213"="C:\WINDOWS\system32\p0twlg8i213.exe" [16/02/2008 10:38]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [27/02/2007 11:39]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 22:05:26]
Belkin 802.11g Wireless PCI Card Configuration Utility.lnk - C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe [20/09/2006 20:19:33]
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [30/05/2003 20:49:54]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 27/02/2007 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hfsvlcdy]
davclntn.dll 04/08/2004 07:56 86528 C:\WINDOWS\system32\davclntn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
vgjtxvyf
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9b040a33-6167-11dc-b9f6-001150a95293}]
auto\command- Knight.exe open
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
explore\command- Knight.exe open
find\command- Knight.exe open
install\command- Knight.exe open
open\command- Knight.exe open
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
7966 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-02-28 21:39:52 ------------
extra.txtDeckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.40GHz
Percentage of Memory in Use: 75%
Physical Memory (total/avail): 511.47 MiB / 122.93 MiB
Pagefile Memory (total/avail): 1248 MiB / 816.29 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.45 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 114.48 GiB total, 41.8 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
G: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - Maxtor 6Y120P0 - 114.49 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 114.48 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat"="C:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat:*:Enabled:game"
"C:\\Program Files\\Buzz 3D FreeChat\\FreeChat.exe"="C:\\Program Files\\Buzz 3D FreeChat\\FreeChat.exe:*:Enabled:FreeChat"
"C:\\Program Files\\Buzz 3D FreeChat\\Setup.exe"="C:\\Program Files\\Buzz 3D FreeChat\\Setup.exe:*:Enabled:Buzz 3D Network Setup Wizard"
"C:\\Program Files\\Buzz 3D FreeChat\\BVCProxy.exe"="C:\\Program Files\\Buzz 3D FreeChat\\BVCProxy.exe:*:Enabled:Buzz 3D Conferencing Proxy"
"C:\\Program Files\\Symantec\\pcAnywhere\\winaw32.exe"="C:\\Program Files\\Symantec\\pcAnywhere\\winaw32.exe:*:Enabled:pcAnywhere Main Program"
"C:\\Program Files\\Symantec\\pcAnywhere\\awhost32.exe"="C:\\Program Files\\Symantec\\pcAnywhere\\awhost32.exe:*:Enabled:pcAnywhere Host Service"
"C:\\Program Files\\Symantec\\pcAnywhere\\awrem32.exe"="C:\\Program Files\\Symantec\\pcAnywhere\\awrem32.exe:*:Enabled:pcAnywhere Remote Service"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\WS_FTP\\WS_FTP95.exe"="C:\\Program Files\\WS_FTP\\WS_FTP95.exe:*:Enabled:WS_FTP 95"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\iVisit\\iVisit.exe"="C:\\Program Files\\iVisit\\iVisit.exe:*:Enabled: iVisit "
"C:\\WINDOWS\\system32\\fxsclnt.exe"="C:\\WINDOWS\\system32\\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"="C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe:*:Enabled:Dreamweaver 8"
"C:\\Documents and Settings\\tom\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\tom\\Desktop\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\WINDOWS\\system32\\mshta.exe"="C:\\WINDOWS\\system32\\mshta.exe:*:Enabled:Microsoft ® HTML Application host"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\NCH Swift Sound\\Switch\\switch.exe"="C:\\Program Files\\NCH Swift Sound\\Switch\\switch.exe:*:Enabled:switch"
"C:\\Documents and Settings\\tom\\My Documents\\utorrent\\utorrent.exe"="C:\\Documents and Settings\\tom\\My Documents\\utorrent\\utorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\system32\\p0twlg8i213.exe"="C:\\WINDOWS\\system32\\p0twlg8i213.exe:*:Disabled:p0twlg8i213"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\tom\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
COLLECTIONID=COL8143
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HUGH-P4
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA6
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\tom
ITEMID=dj-22741-15
LANG=2057
LOGONSERVER=\\HUGH-P4
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=c:\program files\imagemagick-6.3.8-q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0207
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.0_03\lib\ext\QTJava.zip
SESSIONID=1159022799224htx6056188e507:10ddb23eab3:2643
SESSIONNAME=Console
SWUTVER=1.0.18.30716
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\tom\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\tom\LOCALS~1\Temp
TOOLPATH=/C:\Program%20Files\Hewlett-Packard\HP%20Software%20Update\install.htm
UPDATEDIR=C:\DOCUME~1\tom\LOCALS~1\Temp\radA5FB3.tmp
USERDOMAIN=HUGH-P4
USERNAME=tom
USERPROFILE=C:\Documents and Settings\tom
VERSION=3.0.5.001
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
tom
(admin)Nick
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\System32\UninstIPP.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-aware 6 Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Premiere Pro 1.5 --> RunDll32 "C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{A14F7508-B784-40B8-B11A-E0E2EEB7229F}\setup.exe" -l0x0009
Adobe Reader 7.0.5 Language Support --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Audacity 1.0.0 --> "C:\Program Files\Audacity\unins000.exe"
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Belkin 802.11g Wireless PCI Card --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59C2635E-336A-4CDF-8936-994F989E67D1}\Setup.exe"
Cleaner 5 EZ --> C:\WINDOWS\unvise32.exe C:\Program Files\Cleaner 5 EZ\uninstal.log
Command & Conquer Generals --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Copy Utility --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\EPSON\Copy Utility\Uninst.isu"
Cubis Gold --> "C:\Program Files\MSN Games\Cubis Gold\Uninstall.exe" "C:\Program Files\MSN Games\Cubis Gold\install.log"
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
Easy-WebPrint --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Smart Panel --> C:\Program Files\EPSON\Smart Panel\SPUninst.exe
EPSON TWAIN 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\Setup.exe" -l0x9 UNINSTALL
Eraser 5.3 --> C:\WINDOWS\System32\stuninstall.exe C:\Program Files\Eraser\uninstall.dat
ES C60 Guide --> C:\WINDOWS\uninst.exe -f"C:\PROGRAMF\EPSON\ES C60\DeIsL1.isu"
FileSync --> C:\WINDOWS\uninst.exe -f"C:\Program Files\FileSync\DeIsL1.isu"
FLV Player 2007 --> "C:\Program Files\FLV Player\unins000.exe"
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp deskjet 3500 series --> rundll32 hpzcon09.dll,VendorJettison hp deskjet 3500 series
HP Driver Diagnostics --> MsiExec.exe /X{6314D540-E3C1-4F30-AEEB-4154C93375C3}
HP Photo and Imaging 2.0 - Deskjet Series --> MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
IKEA HomePlanner Kitchen --> MsiExec.exe /I{E215F522-2FD6-46F4-9507-747E14D71598}
ImageMagick 6.3.8-3 Q16 (02/01/08) --> "C:\Program Files\ImageMagick-6.3.8-Q16\unins000.exe"
ImageMixer VCD2 for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934E9442-D305-4ACF-AD87-A6C11D677CB9}\setup.exe"
InCD --> C:\WINDOWS\NuNInst.exe /UNINSTALL
InstallShield Express Custom Edition For Delphi4 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Installshield\InstallShield Express Custom Edition For Delphi4\DeIsL1.isu" -cC:\PROGRA~1\INSTAL~2\INSTAL~1\_ISREG32.DLL
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
iVisit 3.2.4 --> C:\PROGRA~1\iVisit\UNINSTALL.EXE C:\PROGRA~1\iVisit\INSTALL.LOG
Java 2 Runtime Environment, SE v1.4.0_03 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe" Anytext
Java Web Start --> "C:\Program Files\Java Web Start\uninst-javaws.exe"
KeyView for Lotus 97 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Verity\KVLotus\DeIsL1.isu"
LG ODD Auto Firmware Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.80 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Lotus SmartSuite Release 9.5 --> C:\WINDOWS\lunin11.exe /T SmartSuite /V 99.0 /I "c:\program files\lotus 9.5\suit.inf" /C "c:\program files\lotus 9.5\cinstall.ini" /O /L EN
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
meetingmaker --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17084458-4775-11D4-8038-000102410289}\Setup.exe" -l0x9 Remove
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office 2000 SR-1 Disc 2 --> MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MicroStaff WINASPI --> C:\MWASPI\uninst.exe
Multimedia Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton AntiVirus Corporate Edition --> MsiExec.exe /I{BD12EB47-DBDF-11D3-BEEA-00A0CC272509}
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
PrimoPDF --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0100A64F-7650-4580-9717-12F26CFF23CB}\setup.exe" -l0x9
proDAD Heroglyph 2.5 --> "C:\Program Files\proDAD\Heroglyph-2.5\uninstall.exe" uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Raize List Pack v2.0 --> C:\Program Files\Raize\ListPack20\UNWISE.EXE C:\Program Files\Raize\ListPack20\INSTALL.LOG
RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Savant Web Server --> C:\WINDOWS\IsUninst.exe -f"c:\program files\Savant\Uninst.isu"
ScanToWeb --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\Setup.exe" ADDREMOVEDLG
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Sony Ericsson PC Suite --> MsiExec.exe /I{26B5D684-75D6-44B9-BBFF-D4100F43092A}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Switch Uninstall --> C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Sygate Personal Firewall --> MsiExec.exe /X{B43BAE6D-FC7F-4351-AF39-3ABC40C992DE}
UNSimeon V 4.1 --> C:\WINDOWS\uninst.exe -f"c:\documents and settings\stephen\simeon\DeIsL1.isu"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
VirtualCloneDrive --> "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
Vodei Multimedia Processor 2.00 --> C:\Program Files\Vodei\uninst.exe
Windows Installer Clean Up --> MsiExec.exe /I{121634B0-2F4A-11D3-ADA3-00C04F52DD53}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XviD 1.1 final uninstall --> "C:\Program Files\XviD\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type12442 / Warning
Event Submitted/Written: 02/28/2008 04:06:05 PM
Event ID/Source: 32066 / Microsoft Fax
Event Description:
At least one of the devices in the outgoing routing group is not valid.
Group name: '<All devices>'
Event Record #/Type12438 / Error
Event Submitted/Written: 02/28/2008 06:32:45 AM
Event ID/Source: 5 / Norton AntiVirus
Event Description:
Virus Found!Virus name: Trojan.Startpage in File: C:\WINDOWS\system32\HPCMDTY.DLL by: Manual scan. Action: Clean failed : Leave Alone succeeded :
Event Record #/Type12437 / Error
Event Submitted/Written: 02/28/2008 06:32:45 AM
Event ID/Source: 5 / Norton AntiVirus
Event Description:
Virus Found!Virus name: W32.Mydoom.M@mm in File: message.exe by: Manual scan. Action: Clean failed : Leave Alone succeeded :
Event Record #/Type12436 / Error
Event Submitted/Written: 02/28/2008 06:32:45 AM
Event ID/Source: 5 / Norton AntiVirus
Event Description:
Virus Found!Virus name: Downloader in File: C:\Documents and Settings\tom\Local Settings\Temporary Internet Files\Content.IE5\491QE2D6\loading[1].htm by: Manual scan. Action: Clean failed : Leave Alone succeeded :
Event Record #/Type12435 / Error
Event Submitted/Written: 02/28/2008 06:32:44 AM
Event ID/Source: 5 / Norton AntiVirus
Event Description:
Virus Found!Virus name: Downloader in File: C:\Documents and Settings\tom\Local Settings\Temporary Internet Files\Content.IE5\88BOX09H\control[1].htm by: Manual scan. Action: Clean failed : Leave Alone succeeded :
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type104401 / Error
Event Submitted/Written: 02/28/2008 07:34:28 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The iPod Service service failed to start due to the following error:
%%1053
Event Record #/Type104400 / Error
Event Submitted/Written: 02/28/2008 07:34:27 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
Event Record #/Type104394 / Error
Event Submitted/Written: 02/28/2008 07:34:27 PM
Event ID/Source: 7022 / Service Control Manager
Event Description:
The Windows Image Acquisition (WIA) service hung on starting.
Event Record #/Type104392 / Error
Event Submitted/Written: 02/28/2008 07:34:09 PM / 02/28/2008 07:34:11 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1053" attempting to start the service iPod Service with arguments "-Service"
in order to run the server:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
Event Record #/Type104391 / Error
Event Submitted/Written: 02/28/2008 07:32:00 PM / 02/28/2008 07:33:06 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {7D8C9B6E-B0A6-433A-90D7-D44D080013D8} did not register with DCOM within the required timeout.
-- End of Deckard's System Scanner: finished at 2008-02-28 21:39:52 ------------