-yahoo messenger wouldn't sign in--
-I'm starting to get insufficient memory and KVXO.exe errors on start up.
I downloaded the DSS and this is what it generated: Please help!
Deckard's System Scanner v20071014.68
Run by Blue on 2008-04-23 15:36:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
23: 2008-04-23 07:37:11 UTC - RP257 - Deckard's System Scanner Restore Point
22: 2008-04-23 05:57:02 UTC - RP256 - Software Distribution Service 3.0
21: 2008-04-23 02:06:40 UTC - RP255 - Software Distribution Service 3.0
20: 2008-04-22 15:43:38 UTC - RP254 - Software Distribution Service 3.0
19: 2008-04-22 06:04:06 UTC - RP253 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-04-02 05:18:27 UTC - RP235 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 504 MiB (512 MiB recommended).
System Drive C: has 1.38 GiB (less than 15%) free.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-23 15:43:50
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\GPRS WLAN dongle\Wlan.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\A!K Research Labs\NotesHolder\NotesHolder.exe
F:\sql server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
F:\sql analysis\Bin\msmdsrv.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\winvnc4.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\svchost.exe
E:\Temp\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\ieso0.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [WLAN Monitor] C:\Program Files\GPRS WLAN dongle\Wlan.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [kxva] C:\WINDOWS\system32\kxvo.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife\HDDlifePro.exe
O4 - Startup: NotesHolder.lnk = C:\Program Files\A!K Research Labs\NotesHolder\NotesHolder.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IIS Admin (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: FTP Publishing (MSFtpsvc) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\winvnc4.exe
--
End of file - 11447 bytes
-- File Associations -----------------------------------------------------------
.chm - Compiled Help Module - DefaultIcon - unable to read value
.chm - Compiled Help Module - shell\open\command - unable to read value
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.10.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.10.0>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 GoProto (GoProto Protocol Driver) - c:\windows\system32\drivers\goprot51.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics Network Module>
S3 GtVUsb (GlobeTrotter Module 3G+ Filter) - c:\windows\system32\drivers\gtvusb.sys (file missing)
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 Scfilter - c:\windows\system32\drivers\scfilter.sys <Not Verified; Your Corporation; Your Product Name>
S3 SDDMI2 - c:\windows\system32\ddmi2.sys <Not Verified; Gteko Ltd.; DDMI>
S3 SOLOMONFastUSB® (SOLOMON FastUSB® Service for SOLOMON Scwi211b USB Wireless Lan) - c:\windows\system32\drivers\scwi211bx.sys <Not Verified; ATMEL; 802.11b Compliant USB Wireless Network Adapter>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 MSSQLServerOLAPService - f:\sql analysis\bin\msmdsrv.exe <Not Verified; Microsoft Corporation; Microsoft SQL Server Analysis Services>
R2 MySQL - "c:\program files\mysql\mysql server 5.0\bin\mysqld-nt" --defaults-file="c:\program files\mysql\mysql server 5.0\my.ini" mysql (file missing)
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S2 IISADMIN (IIS Admin) - c:\windows\system32\inetsrv\inetinfo.exe (file missing)
S2 MSFtpsvc (FTP Publishing) - c:\windows\system32\inetsrv\inetinfo.exe (file missing)
S2 SMTPSVC (Simple Mail Transfer Protocol (SMTP)) - c:\windows\system32\inetsrv\inetinfo.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia E65
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia E65
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
-- Scheduled Tasks -------------------------------------------------------------
2008-04-22 09:43:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-03-23 and 2008-04-23 -----------------------------
2008-04-23 14:41:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-23 14:33:14 0 d-------- C:\WINDOWS\LastGood
2008-04-23 00:06:31 0 d-------- C:\iView_Installer_Files
2008-04-21 10:18:00 158813 -r-hs---- C:\oalvm.com
2008-04-18 10:49:03 91648 -r-hs---- C:\WINDOWS\system32\fool1.dll
2008-04-18 10:47:58 158168 -r-hs---- C:\ig.bat
2008-04-18 10:47:30 91648 -r-hs---- C:\WINDOWS\system32\fool0.dll
2008-04-18 10:47:29 158813 -r-hs---- C:\WINDOWS\system32\kxvo.exe
2008-04-17 23:44:46 0 d-------- C:\Program Files\Alwil Software
2008-04-17 23:22:16 0 d-------- C:\Program Files\MSXML 6.0
2008-04-17 23:12:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-04-12 23:52:30 0 d-------- C:\Program Files\MSBuild
2008-04-12 23:49:56 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-04-12 23:48:36 0 d-------- C:\Program Files\Reference Assemblies
2008-03-26 10:52:55 14 --a------ C:\WINDOWS\mscnsig.dll
2008-03-26 10:48:38 0 d-------- C:\Program Files\snapTech Inc
-- Find3M Report ---------------------------------------------------------------
2008-04-23 14:41:28 0 dr-h----- C:\Documents and Settings\Blue\Application Data\yahoo!
2008-04-23 13:56:32 0 d-------- C:\Documents and Settings\Blue\Application Data\NotesHolder
2008-04-23 00:05:32 0 d-------- C:\Documents and Settings\Blue\Application Data\Adobe
2008-04-22 10:45:05 0 d-------- C:\Program Files\Yahoo!
2008-04-21 16:19:26 0 d-------- C:\Program Files\The Rosetta Stone
2008-04-21 15:54:01 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-21 15:52:33 0 d-------- C:\Program Files\Peachtree
2008-04-21 15:52:31 0 d-------- C:\Program Files\Common Files\Peach
2008-04-21 09:37:10 75688 --a------ C:\Documents and Settings\Blue\Application Data\GDIPFONTCACHEV1.DAT
2008-04-12 23:55:52 0 d-------- C:\Program Files\Nokia
2008-04-09 23:28:48 0 d-------- C:\Program Files\Common Files
2008-03-11 19:51:35 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-10 16:30:09 103535 --a------ C:\WINDOWS\hpoins04.dat
2008-03-05 16:16:42 0 d--h----- C:\Program Files\Zero G Registry
2008-03-05 11:47:36 0 d-------- C:\Program Files\Microsoft Analysis Services
2008-03-05 11:11:58 0 d-------- C:\Program Files\Microsoft SQL Server
2008-03-05 11:02:38 0 d-------- C:\Program Files\RealVNC
2008-03-05 09:49:44 0 d-------- C:\Program Files\CompeGPS
2008-03-05 07:43:47 108 --a------ C:\WINDOWS\system32\msjatdat
2008-02-26 23:27:46 0 d-------- C:\Documents and Settings\Blue\Application Data\Skype
2008-02-13 11:31:50 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/28/2005 01:55 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/28/2005 01:52 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/28/2005 01:55 PM]
"RTHDCPL"="RTHDCPL.EXE" [12/09/2005 07:49 AM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 12:00 PM C:\WINDOWS\Alcmtr.exe]
"SMSERIAL"="sm56hlpr.exe" [11/10/2005 03:44 AM C:\WINDOWS\sm56hlpr.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [08/25/2005 03:25 PM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 11:50 AM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/02/2004 08:24 PM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [04/14/2006 11:51 AM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [04/14/2006 11:52 AM]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [04/14/2006 11:56 AM]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [11/28/2006 02:12 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/19/2006 02:41 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]
"WLAN Monitor"="C:\Program Files\GPRS WLAN dongle\Wlan.exe" [05/12/2004 11:42 AM]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 08:00 PM C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [10/19/2007 08:16 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/02/2007 06:36 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/30/2008 02:37 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 PM]
"EasyLinkAdvisor"="C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" [10/30/2006 11:01 AM]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [11/09/2006 05:15 PM]
"kxva"="C:\WINDOWS\system32\kxvo.exe" [04/21/2008 10:17 AM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 05:43 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLogOff"=0 (0x0)
"NoSetFolders"=0 (0x0)
"DisallowRun"=0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b1d1bcf-6012-11dc-8209-00130215849f}]
AutoRun\command- EXPLORER.EXE
explore\Command- EXPLORER.EXE
open\Command- EXPLORER.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2534f8cb-e9a6-11dc-938c-00130215849f}]
AutoRun\command- H:\SilentSoftech.exe
explore\command- H:\SilentSoftech.exe
open\command- H:\SilentSoftech.exe
var1\command- H:\SilentSoftech.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{38d8148d-a2ed-11dc-9353-00130215849f}]
AutoRun\command- SilentSoftech.exe
explore\command- SilentSoftech.exe
open\command- SilentSoftech.exe
var1\command- SilentSoftech.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46d86002-ce66-11dc-9378-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46d86004-ce66-11dc-9378-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b4b2f07-5dd6-11dc-8208-00130215849f}]
AutoRun\command- I:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5dbd5bb8-e4ee-11dc-9389-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71b9ca82-d5fb-11dc-937d-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71b9ca86-d5fb-11dc-937d-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71b9ca87-d5fb-11dc-937d-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98cd4416-ea9e-11dc-9399-00130215849f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ICON.msi /qr AUTORUN=1
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af40e73f-376e-11dc-ac5a-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af40e74b-376e-11dc-ac5a-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{beda7eb7-b347-11dc-9361-00130215849f}]
AutoRun\command- H:\SCVVHSOT.exe
Open\command- H:\SCVVHSOT.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf147a9d-2932-11dc-ac50-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf147bd1-2932-11dc-ac50-00130215849f}]
AutoRun\command- H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6c9a328-68d9-11dc-820c-00130215849f}]
AutoRun\command- H:\
explore\Command- H:\RECYCLER\INFO.exe
open\Command- H:\RECYCLER\INFO.exe
-- End of Deckard's System Scanner: finished at 2008-04-23 15:44:38 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Genuine Intel® CPU T2300 @ 1.66GHz
CPU 1: Genuine Intel® CPU T2300 @ 1.66GHz
Percentage of Memory in Use: 62%
Physical Memory (total/avail): 503.36 MiB / 190.69 MiB
Pagefile Memory (total/avail): 1226.55 MiB / 666.52 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1906.4 MiB
C: is Fixed (NTFS) - 19.53 GiB total, 1.38 GiB free.
D: is CDROM (CDFS)
E: is Fixed (NTFS) - 29.3 GiB total, 18.86 GiB free.
F: is Fixed (NTFS) - 19.53 GiB total, 17.29 GiB free.
G: is Fixed (NTFS) - 6.16 GiB total, 5.65 GiB free.
\\.\PHYSICALDRIVE0 - Hitachi HTS541280H9SA00 - 74.53 GiB - 4 partitions
\PARTITION0 (bootable) - Installable File System - 19.53 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 54.99 GiB - E: - F: - G:
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AV: avast! antivirus 4.8.1169 [VPS 080422-1] v4.8.1169 (ALWIL Software)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Blue\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BLUE-AFF0703525
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Blue
INCLUDE=C:\Program Files\Microsoft Visual Studio .NET 2003\SDK\v1.1\include\;C:\Program Files\Microsoft Visual Studio\VC98\atl\include;C:\Program Files\Microsoft Visual Studio\VC98\mfc\include;C:\Program Files\Microsoft Visual Studio\VC98\include
LIB=C:\Program Files\Microsoft Visual Studio .NET 2003\SDK\v1.1\Lib\;C:\Program Files\Microsoft Visual Studio\VC98\mfc\lib;C:\Program Files\Microsoft Visual Studio\VC98\lib
LOGONSERVER=\\BLUE-AFF0703525
MSDevDir=C:\Program Files\Microsoft Visual Studio\Common\MSDev98
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\80\Tools\BINN;C:\Program Files\Microsoft Visual Studio\Common\Tools\WinNT;C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin;C:\Program Files\Microsoft Visual Studio\Common\Tools;C:\Program Files\Microsoft Visual Studio\VC98\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Blue\LOCALS~1\Temp
TMP=C:\DOCUME~1\Blue\LOCALS~1\Temp
USERDOMAIN=BLUE-AFF0703525
USERNAME=Blue
USERPROFILE=C:\Documents and Settings\Blue
VS71COMNTOOLS=C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools\
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Blue (admin)
Guest (guest)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{798CA202-699B-49CC-95EE-BD01411A42E4}\setup.exe"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Home Architect Home Design Deluxe 6 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D781A6EC-12AC-4993-BF13-B4CF12F1F20C}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 6.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe SVG Viewer --> C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CompeGPS LAND 6.6 --> "C:\Program Files\CompeGPS\unins000.exe"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FileZilla (remove only) --> "C:\Program Files\FileZilla\uninstall.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP PSC & OfficeJet 4.2 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
iTunes --> MsiExec.exe /I{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Linksys EasyLink Advisor 1.5 (1045) --> rundll32 C:\PROGRA~1\LINKSY~1\AUInst.dll,ExUninstall
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mEoU --> MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Project MUI (English) 2007 --> MsiExec.exe /X{90120000-00B4-0409-0000-0000000FF1CE}
Microsoft Office Project Professional 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL
Microsoft Office Project Professional 2007 --> MsiExec.exe /X{90120000-003B-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server 2000 --> C:\WINDOWS\IsUninst.exe -f"f:\sql server\MSSQL\Uninst.isu" -c"f:\sql server\MSSQL\sqlsun.dll" -msql.mif i=MSSQLSERVER
Microsoft SQL Server 2000 Analysis Services --> C:\WINDOWS\ISUNINST.EXE -f"f:\sql analysis\uninst.isu" -c"f:\sql analysis\uninst.dll"
Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual J# .NET Redistributable Package 1.1 --> MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}
Microsoft Visual Studio .NET Professional 2003 - English --> "C:\Program Files\Microsoft Visual Studio .NET 2003\Setup\Visual Studio .NET Professional 2003 - English\setup.exe" /MaintMode
Microsoft Visual Studio 6.0 Enterprise Edition --> "C:\Program Files\Microsoft Visual Studio\Common\Setup\1033\Setup.exe"
Microsoft Web Publishing Wizard 1.53 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mobile Connect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}\setup.exe" -l0x9 -removeonly
Moffsoft FreeCalc --> "C:\Program Files\Moffsoft FreeCalc\unins000.exe"
Motorola SM56 Data Fax Modem --> rundll32.exe sm56co.dll,SM56UnInstaller
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
MySQL Connector/ODBC 3.51 --> MsiExec.exe /I{FA9695CC-BFC6-4E17-8DFC-150EB43DD7E6}
MySQL Server 5.0 --> MsiExec.exe /I{8FF05090-21D9-41E8-9403-A464F9D0C825}
MySQL Tools for 5.0 --> MsiExec.exe /I{98FA9751-E7E0-4509-BE22-0E66BE8592B4}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nokia Connectivity Cable Driver --> MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
Nokia Map Loader --> MsiExec.exe /I{03528A01-7E5E-4C5F-94DF-1D8012E969EF}
Nokia PC Suite --> MsiExec.exe /I{02091327-B124-4216-9D71-58C0E24F5392}
Nokia Software Updater --> MsiExec.exe /X{57CEA991-6F11-4E7E-B67C-2F02168CED6B}
Norton PartitionMagic 8.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{21DBBDD6-93A5-4326-9A04-C9A5C9148502}
NotesHolder 1.05 Lite --> "C:\Program Files\A!K Research Labs\NotesHolder\unins000.exe"
PC Connectivity Solution --> MsiExec.exe /I{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}
PDFCreator 0.8.0 --> C:\Program Files\PDFCreator\unins000.exe
PL-2303 USB-to-Serial --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Skype™ 3.2 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
USB GPRS / WLAN dongle --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6A0FA26E-7B5D-4EEA-A6D8-D5EB660C3FA6}\setup.exe" -l0x9
VNC Enterprise Edition 4.1.9 --> "C:\Program Files\RealVNC\VNC4\unins000.exe"
Wavecom Open AT --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE60D2A-0511-460E-B46A-C0C42275CF65}\setup.exe" -uninst
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_6B630EE2E66584353C6CD8683D447072872F34D8\pccswpddriver.inf
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Pack 1.0 -->
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! ¤u¨ã¦C --> C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type5022 / Error
Event Submitted/Written: 04/23/2008 02:32:45 PM
Event ID/Source: 489 / ESENT
Event Description:
wuauclt (3488) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Event Record #/Type5021 / Error
Event Submitted/Written: 04/23/2008 02:32:35 PM
Event ID/Source: 490 / ESENT
Event Description:
wuauclt (3488) An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Event Record #/Type5010 / Warning
Event Submitted/Written: 04/23/2008 01:59:45 PM
Event ID/Source: 19011 / MSSQLServer
Event Description:
SuperSocket info: (SpnRegister) : Error 1355.
Event Record #/Type4990 / Warning
Event Submitted/Written: 04/23/2008 00:21:06 PM
Event ID/Source: 19011 / MSSQLServer
Event Description:
SuperSocket info: (SpnRegister) : Error 1355.
Event Record #/Type4975 / Error
Event Submitted/Written: 04/23/2008 00:13:41 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iview.exe, version 1.2.0.0, faulting module iview.exe, version 1.2.0.0, fault address 0x0006fc0c.
Processing media-specific event for [iview.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type108706 / Error
Event Submitted/Written: 04/16/2008 08:43:53 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The PCAMPR5 NDIS Protocol Driver service failed to start due to the following error:
%%2
Event Record #/Type108705 / Error
Event Submitted/Written: 04/16/2008 08:43:53 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The PCAMPR5 NDIS Protocol Driver service failed to start due to the following error:
%%2
Event Record #/Type108704 / Error
Event Submitted/Written: 04/16/2008 08:43:52 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The PCAMPR5 NDIS Protocol Driver service failed to start due to the following error:
%%2
Event Record #/Type108703 / Error
Event Submitted/Written: 04/16/2008 08:43:52 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The PCAMPR5 NDIS Protocol Driver service failed to start due to the following error:
%%2
Event Record #/Type108702 / Error
Event Submitted/Written: 04/16/2008 08:43:52 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The PCAMPR5 NDIS Protocol Driver service failed to start due to the following error:
%%2
-- End of Deckard's System Scanner: finished at 2008-04-23 15:44:38 ------------