From main.txt:
Deckard's System Scanner v20071014.68
Run by Jenny Zhao on 2008-04-03 18:14:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
19: 2008-04-03 22:14:41 UTC - RP29 - Deckard's System Scanner Restore Point
18: 2008-04-03 19:17:09 UTC - RP28 - Last known good configuration
17: 2008-04-03 19:16:44 UTC - RP27 - ComboFix created restore point
16: 2008-04-03 19:16:42 UTC - RP26 - Installed Adobe Reader 8.1.2
15: 2008-04-03 19:16:40 UTC - RP25 - Installed Ad-Aware 2007
-- First Restore Point --
1: 2008-04-03 19:16:17 UTC - RP11 - Restore April 2/2008 Jenny
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Jenny Zhao.exe) ------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:15:22 PM, on 4/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Jenny Zhao\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jenny Zhao.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2FFAA860-7F57-4242-95C6-74A8C7188653} - C:\WINDOWS\system32\vtUmNEXq.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1206999929953O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: rqRKATMf - C:\WINDOWS\SYSTEM32\rqRKATMf.dll
O20 - Winlogon Notify: ssqOEUkK - ssqOEUkK.dll (file missing)
O20 - Winlogon Notify: urqOGASJ - urqOGASJ.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 6839 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 si3112r (Silicon Image SiI 3112 SATARaid Controller) - c:\windows\system32\drivers\si3112r.sys <Not Verified; Silicon Image, Inc; SATARaid>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R2 BT848 (WinFast TV2000 XP WDM Video Capture) - c:\windows\system32\drivers\wf2kvcap.sys <Not Verified; Leadtek Research Inc.; WinFast TV2000 XP WDM Video Capture Driver.>
R2 DgiVecp (Team MFP Comm Driver) - c:\windows\system32\drivers\dgivecp.sys <Not Verified; DeviceGuys, Inc.; DeviceGuys, Inc. Team MFP for Windows NT, 9x, and 3.1>
R2 tv2ktunr (WinFast TV2000 XP WDM TVTuner) - c:\windows\system32\drivers\wf2ktunr.sys <Not Verified; Leadtek Research Inc.; WinFast TV2000 XP WDM Tuner Driver.>
R2 Tv2kXbar (WinFast TV2000 XP WDM Crossbar) - c:\windows\system32\drivers\wf2kxbar.sys <Not Verified; Leadtek Research Inc.; WinFast TV2000 XP WDM XBar Crossbar Driver.>
R3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
R3 WFIOCTL - c:\program files\winfast\wftvfm\wfioctl.sys <Not Verified; Leadtek Research Inc.; WinFast MultiMedia Device Driver (Windows 2000/XP)>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-03-03 and 2008-04-03 -----------------------------
2008-04-03 18:15:47 88640 --a------ C:\WINDOWS\system32\sqqqggjo.dll
2008-04-03 18:14:30 320 --ahs---- C:\WINDOWS\system32\qXENmUtv.ini2
2008-04-03 18:14:28 268288 --a------ C:\WINDOWS\system32\vtUmNEXq.dll
2008-04-03 18:08:58 53248 --a------ C:\WINDOWS\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-04-03 18:03:25 38912 --a------ C:\WINDOWS\system32\rqRKATMf.dll
2008-04-03 14:45:00 68096 --a------ C:\WINDOWS\zip.exe
2008-04-03 14:45:00 49152 --a------ C:\WINDOWS\VFind.exe
2008-04-03 14:45:00 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-04-03 14:45:00 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-04-03 14:45:00 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-04-03 14:45:00 98816 --a------ C:\WINDOWS\sed.exe
2008-04-03 14:45:00 80412 --a------ C:\WINDOWS\grep.exe
2008-04-03 14:45:00 73728 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-04-02 23:33:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-04-02 23:32:55 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-02 23:05:57 0 d-------- C:\Program Files\Lavasoft
2008-04-02 21:24:48 0 d-------- C:\WINDOWS\system32\appmgmt
2008-04-02 19:02:45 0 d-------- C:\Program Files\Trend Micro
2008-04-02 18:39:45 0 d-------- C:\Program Files\Panda Security
2008-04-02 18:39:44 1859 --a------ C:\WINDOWS\mozver.dat
2008-04-02 17:38:22 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-02 17:38:15 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-02 17:38:15 0 d-------- C:\Documents and Settings\Jenny Zhao\Application Data\SUPERAntiSpyware.com
2008-04-02 17:04:44 0 d-------- C:\Documents and Settings\Jenny Zhao\Application Data\Grisoft
2008-04-02 17:04:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-02 16:43:42 0 d-------- C:\VundoFix Backups
2008-04-02 06:31:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-02 06:30:56 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-31 23:37:27 0 d-------- C:\Documents and Settings\Jenny Zhao\Contacts
2008-03-31 23:35:15 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-31 23:34:44 0 d-------- C:\Program Files\Windows Live
2008-03-31 23:34:38 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-31 19:57:32 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-31 19:57:25 0 d-------- C:\Documents and Settings\Jenny Zhao\Application Data\Mozilla
2008-03-31 19:56:10 0 d-------- C:\Program Files\Common Files\Ulead Systems
2008-03-31 19:55:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-03-31 19:54:55 49152 --a------ C:\WINDOWS\system32\TempDel.EXE <Not Verified; Leadtek Research Inc.; Leadtek Research Inc. TempDel>
2008-03-31 19:54:52 0 d-------- C:\WFDB
2008-03-31 19:54:49 9446 --a------ C:\WINDOWS\system32\drivers\WFIOCTL.sys <Not Verified; Leadtek Research Inc.; WinFast MultiMedia Device Driver (Windows 2000/XP)>
2008-03-31 19:54:46 0 d-------- C:\Program Files\WinFast
2008-03-31 19:54:42 0 d-------- C:\WinFast WorkArea
2008-03-31 19:46:23 9600 --a------ C:\WINDOWS\system32\drivers\wf2kXbar.sys <Not Verified; Leadtek Research Inc.; WinFast TV2000 XP WDM XBar Crossbar Driver.>
2008-03-31 19:46:23 59776 --a------ C:\WINDOWS\system32\drivers\wf2kvcap.sys <Not Verified; Leadtek Research Inc.; WinFast TV2000 XP WDM Video Capture Driver.>
2008-03-31 19:46:23 19456 --a------ C:\WINDOWS\system32\drivers\wf2ktunr.sys <Not Verified; Leadtek Research Inc.; WinFast TV2000 XP WDM Tuner Driver.>
2008-03-31 19:32:29 0 d-------- C:\Program Files\Microsoft Works
2008-03-31 19:28:36 0 d-------- C:\WINDOWS\SHELLNEW
2008-03-31 19:27:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-31 19:27:05 0 dr-h----- C:\MSOCache
2008-03-31 18:59:47 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-03-31 18:58:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
2008-03-31 18:58:31 0 d-------- C:\Program Files\Common Files\LogiShrd
2008-03-31 18:58:29 0 d-------- C:\Program Files\Logitech
2008-03-31 18:58:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-03-31 18:55:44 204800 -----n--- C:\WINDOWS\system32\SSRemove.exe <Not Verified; Samsung Electronics Co., Ltd.; DeleteFilesAfterReboot Application>
2008-03-31 18:55:23 40448 -----n--- C:\WINDOWS\system32\drivers\DGIVECP.SYS <Not Verified; DeviceGuys, Inc.; DeviceGuys, Inc. Team MFP for Windows NT, 9x, and 3.1>
2008-03-31 18:55:20 0 d-------- C:\WINDOWS\Samsung
2008-03-31 18:22:09 30208 --a------ C:\WINDOWS\system32\wdmioctl.dll <Not Verified; Analog Devices Inc.; Analog Devices Inc. wdmioctl>
2008-03-31 18:22:09 1285632 --a------ C:\WINDOWS\system32\SMMedia.dll <Not Verified; Analog Devices; SoundMAX Integrated Digital Audio>
2008-03-31 18:22:08 962560 --a------ C:\WINDOWS\SynthCoreA.Dll <Not Verified; Analog Devices, Inc.; SoundMAX Wavetable>
2008-03-31 18:22:08 368640 --a------ C:\WINDOWS\SynCor.exe <Not Verified; Analog Devices, Inc.; SynthCore>
2008-03-31 18:22:07 45056 --a------ C:\WINDOWS\system32\SynthCore11Resources.dll <Not Verified; Staccato Systems, Inc.; Staccato Systems, Inc. SynthCore11Resources>
2008-03-31 18:22:07 40820 --a------ C:\WINDOWS\system32\Syncor11.dll <Not Verified; SoundMAX; Staccato Systems SynthCore R2.0 Synthesizer>
2008-03-31 18:22:07 49152 --a------ C:\WINDOWS\system32\S11thk32.dll <Not Verified; SoundMAX; Staccato Systems SynthCore R2.0 Synthesizer>
2008-03-31 18:22:06 765952 --a------ C:\WINDOWS\system\crlds3d.dll <Not Verified; Sensaura Ltd; Sensaura 3DPA>
2008-03-31 18:22:05 0 d-------- C:\WINDOWS\VirtualEar
2008-03-31 18:22:03 45056 --a------ C:\WINDOWS\system32\DSndUp.exe <Not Verified; Analog Devices Inc.; adi DSndUp>
2008-03-31 18:22:03 45056 --a------ C:\WINDOWS\system32\CleanUp.exe <Not Verified; adi; adi CleanUp>
2008-03-31 18:22:03 0 d-------- C:\Program Files\Analog Devices
2008-03-31 18:21:25 0 d-------- C:\WINDOWS\network diagnostic
2008-03-31 18:20:25 0 d-------- C:\Program Files\Intel
2008-03-31 18:20:12 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-03-31 18:20:11 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-31 18:20:09 0 d-------- C:\Program Files\Common Files\InstallShield
2008-03-31 18:13:47 0 d-------- C:\Documents and Settings\Jenny Zhao\Application Data\Identities
2008-03-31 18:13:40 0 d--h----- C:\Documents and Settings\Jenny Zhao\Templates
2008-03-31 18:13:40 0 dr------- C:\Documents and Settings\Jenny Zhao\Start Menu
2008-03-31 18:13:40 0 dr-h----- C:\Documents and Settings\Jenny Zhao\SendTo
2008-03-31 18:13:40 0 dr-h----- C:\Documents and Settings\Jenny Zhao\Recent
2008-03-31 18:13:40 0 d--h----- C:\Documents and Settings\Jenny Zhao\PrintHood
2008-03-31 18:13:40 1835008 --ah----- C:\Documents and Settings\Jenny Zhao\NTUSER.DAT
2008-03-31 18:13:40 0 d--h----- C:\Documents and Settings\Jenny Zhao\NetHood
2008-03-31 18:13:40 0 dr------- C:\Documents and Settings\Jenny Zhao\My Documents
2008-03-31 18:13:40 0 d--h----- C:\Documents and Settings\Jenny Zhao\Local Settings
2008-03-31 18:13:40 0 dr------- C:\Documents and Settings\Jenny Zhao\Favorites
2008-03-31 18:13:40 0 d-------- C:\Documents and Settings\Jenny Zhao\Desktop
2008-03-31 18:13:40 0 d--hs---- C:\Documents and Settings\Jenny Zhao\Cookies
2008-03-31 18:13:40 0 dr-h----- C:\Documents and Settings\Jenny Zhao\Application Data
2008-03-31 18:10:42 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-03-31 18:10:41 0 d-------- C:\WINDOWS\Prefetch
2008-03-31 18:10:40 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-03-31 18:10:40 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-03-31 18:10:40 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-03-31 18:10:40 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-03-31 18:10:40 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-03-31 18:10:40 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-03-31 18:10:33 225280 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-03-31 18:10:33 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-03-31 18:10:33 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-03-31 18:10:33 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-03-31 18:10:33 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-03-31 18:07:19 0 d-------- C:\WINDOWS\system32\xircom
2008-03-31 18:07:19 0 d-------- C:\Program Files\microsoft frontpage
2008-03-31 18:07:06 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-03-31 18:07:04 0 -rahs---- C:\MSDOS.SYS
2008-03-31 18:07:04 0 -rahs---- C:\IO.SYS
2008-03-31 18:07:04 0 --a------ C:\CONFIG.SYS
2008-03-31 18:07:04 0 --a------ C:\AUTOEXEC.BAT
2008-03-31 18:06:19 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-03-31 18:06:10 0 dr------- C:\WINDOWS\Offline Web Pages
2008-03-31 18:06:10 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-03-31 18:06:02 0 d--h----- C:\Program Files\WindowsUpdate
2008-03-31 18:05:44 0 d-------- C:\WINDOWS\system32\DirectX
2008-03-31 18:05:03 0 d---s---- C:\WINDOWS\Tasks
2008-03-31 18:05:02 0 d-------- C:\Program Files\Common Files\MSSoap
2008-03-31 18:04:58 0 d-------- C:\WINDOWS\system32\Macromed
2008-03-31 18:04:58 0 d-------- C:\WINDOWS\srchasst
2008-03-31 18:04:49 0 d-------- C:\Program Files\Movie Maker
2008-03-31 18:04:41 0 d-------- C:\WINDOWS\system32\Restore
2008-03-31 18:04:01 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-31 18:03:58 0 d-------- C:\WINDOWS\Registration
2008-03-31 18:03:56 0 d-------- C:\Program Files\Online Services
2008-03-31 18:03:53 0 d-------- C:\Program Files\Messenger
2008-03-31 18:03:49 0 d-------- C:\Program Files\MSN Gaming Zone
2008-03-31 18:03:05 0 d-------- C:\Program Files\Windows NT
2008-03-31 18:03:01 0 d-------- C:\WINDOWS\system32\MsDtc
2008-03-31 18:02:59 0 d-------- C:\WINDOWS\system32\Com
2008-03-31 17:58:34 0 d-------- C:\Documents and Settings\Jenny Zhao\Application Data\Macromedia
2008-03-31 17:58:18 0 d-------- C:\Documents and Settings\Jenny Zhao\Application Data\Adobe
2008-03-31 17:57:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-03-31 17:53:27 0 d-------- C:\WINDOWS\system32\PreInstall
2008-03-31 17:53:26 0 d--h----- C:\WINDOWS\$hf_mig$
2008-03-31 17:46:06 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-03-31 17:45:14 0 d--hs---- C:\Documents and Settings\Jenny Zhao\UserData
2008-03-31 17:32:27 0 d-------- C:\WINDOWS\RegisteredPackages
2008-03-31 17:32:22 0 d-------- C:\Program Files\Symantec
2008-03-31 17:32:19 0 d-------- C:\Program Files\Symantec AntiVirus
2008-03-31 17:32:19 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-03-31 17:32:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-31 12:59:21 0 d--hs---- C:\WINDOWS\Installer
2008-03-31 12:59:21 0 d-------- C:\Program Files\Common Files\ODBC
2008-03-31 12:59:18 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-03-31 12:59:17 0 dr------- C:\Program Files
2008-03-31 12:59:17 0 d-------- C:\Program Files\Common Files
2008-03-31 12:58:54 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-03-31 12:58:54 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-03-31 12:58:54 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-03-31 12:58:54 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-03-31 12:58:54 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-03-31 12:58:54 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-03-31 12:58:54 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-03-31 12:58:54 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-03-31 12:58:54 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-03-31 12:58:54 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-03-31 12:58:54 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-03-31 12:58:54 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-03-31 12:58:54 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-03-31 12:58:54 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-03-31 12:58:54 0 dr------- C:\Documents and Settings\All Users\Documents
2008-03-31 12:58:54 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-03-31 12:58:40 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-03-31 12:58:40 0 d-------- C:\WINDOWS\system32\CatRoot
2008-03-31 12:58:35 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-03-31 12:58:35 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-03-31 12:58:35 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-03-31 12:58:35 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-03-31 12:58:13 0 d--hs---- C:\System Volume Information
2008-03-31 12:58:13 0 d-------- C:\Documents and Settings
2008-03-31 12:52:47 0 d-------- C:\WINDOWS\OemDir
2008-03-31 12:52:42 0 d-------- C:\WINDOWS
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\WinSxS
2008-03-31 12:52:42 0 dr------- C:\WINDOWS\Web
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\twain_32
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\wins
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\wbem
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\usmt
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\spool
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\ShellExt
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\Setup
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\ras
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\oobe
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\npp
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\mui
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\inetsrv
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\IME
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\icsxml
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\ias
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\export
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\drivers
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-03-31 12:52:42 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\dhcp
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\config
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\3076
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\2052
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1054
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1042
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1041
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1037
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1033
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1031
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1028
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system32\1025
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\system
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\security
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Resources
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\repair
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Provisioning
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\PeerNet
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\pchealth
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\mui
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\msapps
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\msagent
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Media
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\java
2008-03-31 12:52:42 0 d--h----- C:\WINDOWS\inf
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\ime
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Help
2008-03-31 12:52:42 0 dr--s---- C:\WINDOWS\Fonts
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\ehome
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Driver Cache
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Debug
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Cursors
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Connection Wizard
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\Config
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\AppPatch
2008-03-31 12:52:42 0 d-------- C:\WINDOWS\addins
-- Find3M Report ---------------------------------------------------------------
2008-03-31 12:58:54 62 --ahs---- C:\Documents and Settings\Jenny Zhao\Application Data\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2FFAA860-7F57-4242-95C6-74A8C7188653}]
04/03/2008 06:14 PM 268288 --a------ C:\WINDOWS\system32\vtUmNEXq.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\Smtray.exe" [03/19/2002 12:01 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [07/19/2006 08:26 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [09/27/2006 09:33 PM]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [10/25/2007 04:33 PM]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [10/25/2007 04:37 PM]
"WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [10/18/2007 01:47 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [08/01/2007 05:16 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"BMbbac1797"="C:\WINDOWS\system32\sqqqggjo.dll" [04/03/2008 06:15 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [04/02/2008 07:24 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
"{BFA7416F-6EBA-43E5-B485-D32C6C78E1DB}"= C:\WINDOWS\system32\rqRKATMf.dll [04/03/2008 06:03 PM 38912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 04/02/2008 07:24 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqRKATMf]
rqRKATMf.dll 04/03/2008 06:03 PM 38912 C:\WINDOWS\system32\rqRKATMf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqOEUkK]
ssqOEUkK.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqOGASJ]
urqOGASJ.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vtUmNEXq
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
-- End of Deckard's System Scanner: finished at 2008-04-03 18:16:51 ------------
From extra.txt:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.53GHz
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 1022.8 MiB / 547.09 MiB
Pagefile Memory (total/avail): 2463.22 MiB / 1976.39 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.88 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 114.48 GiB total, 107.19 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - SiI RAID 1 Set 0 SCSI Disk Device - 114.49 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 114.48 GiB - C:
-- Security Center -------------------------------------------------------------
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AV: Symantec AntiVirus Corporate Edition v10.1.5.5000 (Symantec Corporation)
Disabled[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Jenny Zhao\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NONE-2899A6686E
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Jenny Zhao
LOGONSERVER=\\NONE-2899A6686E
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0207
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\JENNYZ~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\JENNYZ~1\LOCALS~1\Temp
USERDOMAIN=NONE-2899A6686E
USERNAME=Jenny Zhao
USERPROFILE=C:\Documents and Settings\Jenny Zhao
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Jenny Zhao
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel® PRO Ethernet Adapter and Software --> Prounstl.exe
LiveUpdate 3.1 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech QuickCam --> MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
Logitech QuickCam Driver Package --> "C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2007 --> MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Samsung ML-1740 Series --> C:\WINDOWS\Samsung\ML-1740\SETUP.EXE
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Symantec AntiVirus --> MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
WinFast PVR --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934519A2-4D50-4B83-A459-92D90E9E3188}\setup.exe" -l0x9 -removeonly
-- Application Event Log -------------------------------------------------------
Event Record #/Type808 / Warning
Event Submitted/Written: 04/03/2008 02:01:32 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam', component '{B52C7B4D-F46F-438C-ADF2-05A138C57757}' failed. The resource 'HKEY_CURRENT_USER\Software\Logitech\InstallerKeys\QCDesktopShortcutKey' does not exist.
Event Record #/Type807 / Warning
Event Submitted/Written: 04/03/2008 02:00:43 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam' failed during request for component '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'
Event Record #/Type806 / Warning
Event Submitted/Written: 04/03/2008 02:00:43 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam', component '{B52C7B4D-F46F-438C-ADF2-05A138C57757}' failed. The resource 'HKEY_CURRENT_USER\Software\Logitech\InstallerKeys\QCDesktopShortcutKey' does not exist.
Event Record #/Type804 / Warning
Event Submitted/Written: 04/03/2008 01:59:50 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam' failed during request for component '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'
Event Record #/Type803 / Warning
Event Submitted/Written: 04/03/2008 01:59:50 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam', component '{B52C7B4D-F46F-438C-ADF2-05A138C57757}' failed. The resource 'HKEY_CURRENT_USER\Software\Logitech\InstallerKeys\QCDesktopShortcutKey' does not exist.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type776 / Warning
Event Submitted/Written: 04/03/2008 05:19:25 PM
Event ID/Source: 52 / Disk
Event Description:
The driver has detected that device \Device\Harddisk0\DR0 has predicted that it will fail.
Immediately back up your data and replace your hard disk drive. A failure
may be imminent.
Event Record #/Type704 / Error
Event Submitted/Written: 04/03/2008 02:47:10 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the Symantec AntiVirus service.
Event Record #/Type699 / Error
Event Submitted/Written: 04/03/2008 02:10:28 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {D0B7C734-2D1B-461D-93C6-8264DA4F038B} did not register with DCOM within the required timeout.
Event Record #/Type672 / Error
Event Submitted/Written: 04/03/2008 02:02:37 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The IMAPI CD-Burning COM Service service failed to start due to the following error:
%%1053
Event Record #/Type671 / Error
Event Submitted/Written: 04/03/2008 02:02:37 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
-- End of Deckard's System Scanner: finished at 2008-04-03 18:16:51 ------------