I dont know why norton was running at all as ive never actually told it to do anything but for some reason it wont allow me to disable it so Avast is now disabled. Here are the logs you require:
OTMoveit LogC:\Windows\system32\pobetuvy.exe moved successfully.
< Purity >
OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 04122008_065745
Deckard's System Scanner v20071014.68Run by Indoctrin on 2008-04-12 17:29:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 2 Restore Point(s) --
2: 2008-04-12 07:11:07 UTC - RP395 - Scheduled Checkpoint
1: 2008-04-11 06:31:00 UTC - RP394 - Installed BBC iPlayer Download Manager
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 894 MiB (1024 MiB recommended).-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-12 17:32:19
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\System32\dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\aol\1162935776\ee\aolsoftware.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Windows\explorer.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Users\Indoctrin\Desktop\dss.exe
C:\Windows\System32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://home.microsof...search.asp?p=%sR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.microsoft...amp;ar=iesearchO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1162935776\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T\wlan111t.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cabO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cabO16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) -
http://apps.corel.co...IEGetPlugin.ocxO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1006.cabO16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -
http://fpdownload.ma...t/ultrashim.cabO16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) -
http://upload.facebo...Uploader4_5.cabO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\aol\acs\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: dlbc_device - Unknown owner - C:\Windows\System32\dlbccoms.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 10841 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SASDIFSV - \??\c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - \??\c:\program files\superantispyware\saskutil.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.2.0.3) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
R3 SASENUM - \??\c:\program files\superantispyware\sasenum.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-04-12 17:31:14 426 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{B2764A3E-C2C1-4C70-B3B3-63C67D57106A}.job
2008-04-12 17:31:10 348 --a------ C:\Windows\Tasks\Recovery DVD Creator.job
-- Files created between 2008-03-12 and 2008-04-12 -----------------------------
2008-04-11 07:32:47 0 d-------- C:\Users\All Users\Kontiki
2008-04-11 07:32:47 0 d-------- C:\Program Files\Kontiki
2008-04-11 07:32:18 0 d-------- C:\logs3
2008-04-11 07:08:51 0 d-------- C:\Program Files\Panda Security
2008-04-09 19:30:16 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-04-09 19:27:39 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-09 19:08:13 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-09 08:38:00 0 d-a------ C:\Users\All Users\TEMP
2008-04-09 07:47:52 5212 --a------ C:\Windows\system32\tmp.reg
2008-04-09 07:47:26 25600 --a------ C:\Windows\system32\WS2Fix.exe
2008-04-09 07:47:26 289144 --a------ C:\Windows\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-04-09 07:47:26 86528 --a------ C:\Windows\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-04-09 07:47:26 288417 --a------ C:\Windows\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-04-09 07:47:26 53248 --a------ C:\Windows\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-04-09 07:47:26 82432 --a------ C:\Windows\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-09 07:47:26 51200 --a------ C:\Windows\system32\dumphive.exe
2008-04-08 07:33:11 0 d-------- C:\Users\All Users\Grisoft
2008-04-08 06:48:08 227840 --a------ C:\Windows\system32\Deco_32.dll <Not Verified; Iterated Systems, Inc.; Fractal Image Decoder>
2008-04-08 06:48:06 0 d-------- C:\Program Files\onOne Software
2008-04-08 06:27:00 0 d-------- C:\Users\All Users\Adobe Systems
2008-04-07 23:32:51 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-04-07 22:31:34 188416 --a------ C:\Windows\qdnkewfa.dll
2008-04-07 22:30:49 4096 --a------ C:\Windows\userconfig9x.dll
2008-04-07 22:30:49 4096 --a------ C:\Windows\system32winlogonpc.exe
2008-04-07 22:30:49 4096 --a------ C:\Windows\system32hoproxy.dll
2008-04-07 22:30:49 4096 --a------ C:\Windows\FVProtect.exe
2008-04-07 22:30:47 4096 --a------ C:\Windows\system32taack.exe
2008-04-07 22:30:47 4096 --a------ C:\Windows\system32taack.dat
2008-04-07 22:30:47 4096 --a------ C:\Windows\system32sncntr.exe
2008-04-07 22:30:47 4096 --a------ C:\Windows\system32psoft1.exe
2008-04-07 22:30:47 4096 --a------ C:\Windows\system32mwin32.exe
2008-04-07 22:30:47 4096 --a------ C:\Windows\system32hxiwlgpm.exe
2008-04-07 22:30:47 4096 --a------ C:\Windows\system32hxiwlgpm.dat
2008-04-07 22:30:47 4096 --a------ C:\Windows\iTunesMusic.exe
2008-04-07 22:30:47 4096 --a------ C:\Windows\a.bat
2008-04-07 22:30:47 0 d-------- C:\Users\Indoctrin\Desktopvirii
2008-04-07 22:30:46 4096 --a------ C:\Windows\system32ssurf022.dll
2008-04-07 22:30:46 4096 --a------ C:\Windows\system32psof1.exe
2008-04-07 22:30:46 4096 --a------ C:\Windows\system32ps1.exe
2008-04-07 22:30:46 4096 --a------ C:\Windows\system32msnbho.dll
2008-04-07 22:30:46 4096 --a------ C:\Windows\system32medup020.dll
2008-04-07 22:30:46 4096 --a------ C:\Windows\system32bsva-egihsg52.exe
2008-04-07 22:30:45 0 d-------- C:\Windows\system32smp
2008-04-07 22:30:45 4096 --a------ C:\Windows\system32netode.exe
2008-04-07 22:30:45 4096 --a------ C:\Windows\system32mtr2.exe
2008-04-07 22:30:45 4096 --a------ C:\Windows\system32msgp.exe
2008-04-07 22:30:45 4096 --a------ C:\Windows\system32medup012.dll
2008-04-07 22:30:35 4096 --a------ C:\Windows\system32temp#01.exe
2008-04-07 22:30:35 0 d-------- C:\Program Files\Inet Delivery
2008-04-07 22:30:33 4096 --a------ C:\Windows\system32h@tkeysh@@k.dll
2008-04-07 22:30:29 4096 --a------ C:\Windows\system32ssvchost.exe
2008-04-07 22:30:29 4096 --a------ C:\Windows\system32ssvchost.com
2008-04-07 22:30:29 4096 --a------ C:\Windows\system32regm64.dll
2008-04-07 22:30:29 4096 --a------ C:\Windows\system32regc64.dll
2008-04-07 22:30:29 4096 --a------ C:\Windows\system32msvchost.exe
2008-04-07 22:30:29 4096 --a------ C:\Windows\system32dpcproxy.exe
2008-04-07 22:30:27 4096 --a------ C:\Windows\system32thun32.dll
2008-04-07 22:30:27 4096 --a------ C:\Windows\system32thun.dll
2008-04-07 22:30:26 4096 --a------ C:\Windows\system32Rundl1.exe
2008-04-07 22:30:21 4096 --a------ C:\Windows\system32winsystem.exe
2008-04-07 22:30:21 4096 --a------ C:\Windows\system32vcatchpi.dll
2008-04-07 22:30:21 4096 --a------ C:\Windows\system32newsd32.exe
2008-04-07 22:30:21 4096 --a------ C:\Windows\system32emesx.dll
2008-04-07 22:30:21 4096 --a------ C:\Windows\system32anticipator.dll
2008-04-07 22:30:21 4096 --a------ C:\Windows\system32akttzn.exe
2008-04-07 22:30:21 4096 --a------ C:\Windows\mssecu.exe
2008-04-07 22:30:21 4096 --a------ C:\Windows\bdn.com
2008-04-07 22:30:19 4096 --a------ C:\Windows\system32mssecu.exe
2008-04-07 22:30:19 4096 --a------ C:\Windows\system32bdn.com
2008-04-07 22:30:18 4096 --a------ C:\Windows\system32WINWGPX.EXE
2008-04-07 22:30:18 4096 --a------ C:\Windows\system32sysreq.exe
2008-04-07 22:30:14 4096 --a------ C:\Windows\system32awtoolb.dll
2008-04-07 22:30:14 0 d-------- C:\Windows\mslagent
2008-04-07 22:30:13 4096 --a------ C:\Windows\system32vbsys2.dll
2008-04-07 22:29:48 0 d-------- C:\Users\All Users\zotytkpm
2008-04-02 06:29:21 0 d-------- C:\Windows\system32\Adobe
2008-03-24 16:40:24 0 d-------- C:\Users\Indoctrin\{d785cb61-4214-4be8-ac55-d938e9fd6c3c}
2008-03-24 16:33:37 0 d-------- C:\dell
2008-03-18 17:04:54 0 d--h----- C:\Users\All Users\{BC173CC7-3433-419A-9DBA-27B24C969187}
2008-03-18 17:04:35 0 d-------- C:\Program Files\SafeIT Security
2008-03-18 17:04:35 0 d-------- C:\Program Files\Common Files\SafeIT Security
-- Find3M Report ---------------------------------------------------------------
2008-04-12 17:32:27 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-12 17:23:29 0 d-------- C:\Program Files\Norton Internet Security
2008-04-12 17:18:53 0 d-------- C:\Program Files\Symantec
2008-04-12 06:37:51 0 d-------- C:\Program Files\Common Files
2008-04-09 19:27:39 0 d-------- C:\Users\Indoctrin\AppData\Roaming\SUPERAntiSpyware.com
2008-04-09 07:56:54 35 --a------ C:\Users\Indoctrin\AppData\Roaming\SetValue.bat
2008-04-09 07:56:54 691 --a------ C:\Users\Indoctrin\AppData\Roaming\GetValue.vbs
2008-04-08 07:33:56 0 d-------- C:\Users\Indoctrin\AppData\Roaming\Grisoft
2008-04-08 06:57:39 0 d-------- C:\Users\Indoctrin\AppData\Roaming\onOne Software
2008-04-08 06:48:03 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-08 06:28:14 0 d-------- C:\Users\Indoctrin\AppData\Roaming\Adobe
2008-04-07 23:35:09 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-06 21:06:00 0 d-------- C:\Users\Indoctrin\AppData\Roaming\gtk-2.0
2008-04-03 18:39:50 0 d-------- C:\Program Files\Java
2008-03-19 03:22:40 0 d-------- C:\Users\Indoctrin\AppData\Roaming\SafeIT Security
2008-03-01 08:46:44 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-02-29 14:50:33 0 d-------- C:\Program Files\Windows Live
2008-02-29 14:46:14 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-29 09:09:32 0 d-------- C:\Program Files\Alwil Software
2008-02-27 23:32:26 0 d-------- C:\Program Files\iTunes
2008-02-27 23:32:15 0 d-------- C:\Program Files\iPod
2008-02-27 23:30:24 0 d-------- C:\Program Files\QuickTime
2008-02-19 21:43:44 0 d-------- C:\Users\Indoctrin\AppData\Roaming\Real
2008-01-22 17:59:16 43520 --a------ C:\Windows\system32\CmdLineExt03.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [02/11/2006 13:34]
"RtHDVCpl"="RtHDVCpl.exe" [01/11/2006 09:37 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [16/11/2006 07:45]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [11/07/2006 18:12]
"HostManager"="C:\Program Files\Common Files\AOL\1162935776\ee\AOLSoftware.exe" [14/11/2006 15:01]
"@"="" []
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [20/11/2006 22:08]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [25/08/2006 12:11]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/06/2005 10:44]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [24/10/2006 22:08]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [27/10/2006 00:18]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [26/09/2007 20:22]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [13/06/2007 08:16]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [01/02/2008 00:13]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [19/02/2008 14:10]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [29/03/2008 18:37]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 10:25]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [29/01/2008 17:38]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" [23/10/2006 15:49]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18/10/2007 12:34]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 13:35]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 13:36]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [27/02/2007 11:39]
"kdx"="C:\Program Files\Kontiki\KHost.exe" [27/02/2008 17:56]
C:\Users\Indoctrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 19:16:50]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [21/01/2000 09:15:54]
NETGEAR WG111T Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111T\wlan111t.exe [11/03/2007 22:30:44]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 27/02/2007 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-04-12 17:37:00 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: Genuine Intel® CPU T2060 @ 1.60GHz
Percentage of Memory in Use: 68%
Physical Memory (total/avail): 893.56 MiB / 278.44 MiB
Pagefile Memory (total/avail): 2042.91 MiB / 1108.94 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1924.41 MiB
C: is Fixed (NTFS) - 66.52 GiB total, 12.29 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST980811AS ATA Device - 74.53 GiB - 2 partitions
\PARTITION0 - Unknown - 8.01 GiB
\PARTITION1 (bootable) - Installable File System - 66.52 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: Norton Internet Security v2007 (Symantec Corporation)
AV: avast! antivirus 4.8.1169 [VPS 080412-0] v4.8.1169 (ALWIL Software)
DisabledAV: Norton Internet Security v2007 (Symantec Corporation)
OutdatedAS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.)
Disabled OutdatedAS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Norton Internet Security v2007 (Symantec Corporation)
OutdatedAS: avast! antivirus 4.8.1169 [VPS 080412-0] v4.8.1169 (ALWIL Software)
Disabled[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Indoctrin\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=INDOCTRINATION
ComSpec=C:\Windows\system32\cmd.exe
DEFAULT_CA_NR=CA8
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Indoctrin
LOCALAPPDATA=C:\Users\Indoctrin\AppData\Local
LOGONSERVER=\\INDOCTRINATION
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 12, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e0c
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\INDOCT~1\AppData\Local\Temp
TMP=C:\Users\INDOCT~1\AppData\Local\Temp
USERDOMAIN=Indoctrination
USERNAME=Indoctrin
USERPROFILE=C:\Users\Indoctrin
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Indoctrin
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
--> MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
--> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
--> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
--> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
--> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
--> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
--> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Acoustica Beatcraft --> C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG
Acoustica Effects Pack --> C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11 --> C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AOL 9.5 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AOL*
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Catalyst Control Center Ex --> MsiExec.exe /I{FD16AF46-C8A6-4409-5F0A-66390ECB8ED7}
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
BBC iPlayer Download Manager --> MsiExec.exe /I {D466F3D9-510C-4729-B7D4-2E70490E4CDF}
British Telecom --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *BT_GB*
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Corel Paint Shop Pro X --> MsiExec.exe /I{1A15507A-8551-4626-915D-3D5FA095CC1B}
Creator 9 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*
Flash Player plugins 9 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*
FM Modifier 2.21 --> MsiExec.exe /X{4E98357D-C2CB-4B3C-909A-8D7A40E4F575}
FM Modifier 2.24 --> MsiExec.exe /I{AE86AE81-CD7F-496F-A39F-0210C985E71B}
Football Manager 2008 --> "C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe"
Football Manager 2008 Gold Demo --> "C:\Program Files\Sports Interactive\Football Manager 2008 Gold Demo\Uninstall_Football Manager 2008 Gold Demo\Uninstall Football Manager 2008 Gold Demo.exe"
Genuine Fractals 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC38B36B-90F8-4C1F-8AC9-236B851B8871}\setup.exe" -l0x9 -uninst -removeonly
GIMP 2.4.2 --> "C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
GTK+ 2.10.11 runtime environment --> "C:\Program Files\Common Files\GTK\2.0\setup\unins000.exe"
HDReg --> MsiExec.exe /I{AB7032FF-AFED-4C58-AA5C-8473B273793A}
Infocentre Rev. 2.0 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
Internet from BT --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5187CE38-4730-404E-8700-3841F19A058C}\Setup.exe"
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Jetcast 1.1.1 --> C:\Program Files\Jetcast\uninst.exe
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Locomotion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77F45E76-E897-42CA-A9FE-5F56817D875C}\Setup.exe" -l0x9
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft Office 2000 SR-1 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51123D42-6B9C-4B93-900C-29F9EC5963C9}\Setup.exe"
NIS2007 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NIS2007_GB*
Norton AntiVirus --> MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security --> MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security --> MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Protection Center --> MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
OpenTTD 0.5.2 --> C:\Program Files\OpenTTD\uninstall.exe
Packard Bell - Skype 2.5 --> "C:\Program Files\Skype\Phone\unins000.exe"
Packard Bell Updator --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista --> C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Roxio Creator 9 LE --> MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
RTC Client API v1.2 --> MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
SafeIT Digital Security Suite --> "C:\ProgramData\{BC173CC7-3433-419A-9DBA-27B24C969187}\SafeITSecuritySuite.exe" REMOVE=TRUE MODIFY=FALSE
SafeIT Digital Security Suite --> C:\ProgramData\{BC173CC7-3433-419A-9DBA-27B24C969187}\SafeITSecuritySuite.exe
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SetUp My PC --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_GB*
Skype 2.5.2.151 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Sony Ericsson Device Data --> MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson Drivers --> MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Sony Ericsson PC Suite --> C:\Windows\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall
Sony Ericsson PC Suite --> MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Transport Tycoon Deluxe --> C:\Windows\UniFISH.exe Transport Tycoon Deluxe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type60668 / Error
Event Submitted/Written: 04/12/2008 05:28:27 PM
Event ID/Source: 11 / Microsoft-Windows-CAPI2
Event Description:
http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Event Record #/Type60660 / Error
Event Submitted/Written: 04/12/2008 05:26:46 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application epmworker.exe, version 1.2.0.1236, time stamp 0x4694e1d2, faulting module epmworker.exe, version 1.2.0.1236, time stamp 0x4694e1d2, exception code 0xc0000005, fault offset 0x00026f6a,
process id 0xfe4, application start time 0xepmworker.exe0.
Event Record #/Type60655 / Success
Event Submitted/Written: 04/12/2008 05:24:49 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type60654 / Success
Event Submitted/Written: 04/12/2008 05:24:45 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type60648 / Success
Event Submitted/Written: 04/12/2008 05:23:55 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type130013 / Warning
Event Submitted/Written: 04/12/2008 05:34:08 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Indoctrination27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Indoctrination27 can't undo changes that you allow.
For more information please see the following:
%Indoctrination275
Scan ID: {C315869F-3ED7-4B51-B9F4-2C056931F630}
User: Indoctrination\Indoctrin
Name: %Indoctrination271
ID: %Indoctrination272
Severity ID: %Indoctrination273
Category ID: %Indoctrination274
Path Found: %Indoctrination276
Alert Type: %Indoctrination278
Detection Type: 1.1.1505.02
Event Record #/Type130012 / Warning
Event Submitted/Written: 04/12/2008 05:34:05 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Indoctrination27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Indoctrination27 can't undo changes that you allow.
For more information please see the following:
%Indoctrination275
Scan ID: {9AA4DC41-DF2A-40C8-A6CC-BF031049DF5C}
User: Indoctrination\Indoctrin
Name: %Indoctrination271
ID: %Indoctrination272
Severity ID: %Indoctrination273
Category ID: %Indoctrination274
Path Found: %Indoctrination276
Alert Type: %Indoctrination278
Detection Type: 1.1.1505.02
Event Record #/Type130011 / Warning
Event Submitted/Written: 04/12/2008 05:34:02 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Indoctrination27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Indoctrination27 can't undo changes that you allow.
For more information please see the following:
%Indoctrination275
Scan ID: {19734E8A-F15C-4C55-B2EC-8CA88A0A366E}
User: Indoctrination\Indoctrin
Name: %Indoctrination271
ID: %Indoctrination272
Severity ID: %Indoctrination273
Category ID: %Indoctrination274
Path Found: %Indoctrination276
Alert Type: %Indoctrination278
Detection Type: 1.1.1505.02
Event Record #/Type130010 / Warning
Event Submitted/Written: 04/12/2008 05:34:02 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Indoctrination27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Indoctrination27 can't undo changes that you allow.
For more information please see the following:
%Indoctrination275
Scan ID: {CF9D3BBA-0983-448A-8A07-C2244F9C6929}
User: Indoctrination\Indoctrin
Name: %Indoctrination271
ID: %Indoctrination272
Severity ID: %Indoctrination273
Category ID: %Indoctrination274
Path Found: %Indoctrination276
Alert Type: %Indoctrination278
Detection Type: 1.1.1505.02
Event Record #/Type130009 / Warning
Event Submitted/Written: 04/12/2008 05:34:02 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Indoctrination27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Indoctrination27 can't undo changes that you allow.
For more information please see the following:
%Indoctrination275
Scan ID: {BCFF2A33-F8BD-46AD-82B0-D9CD660E6C28}
User: Indoctrination\Indoctrin
Name: %Indoctrination271
ID: %Indoctrination272
Severity ID: %Indoctrination273
Category ID: %Indoctrination274
Path Found: %Indoctrination276
Alert Type: %Indoctrination278
Detection Type: 1.1.1505.02
-- End of Deckard's System Scanner: finished at 2008-04-12 17:37:00 ------------