here you go:
main.txtDeckard's System Scanner v20071014.68
Run by Mark on 2008-05-02 00:40:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
71: 2008-05-02 03:41:01 UTC - RP92 - Deckard's System Scanner Restore Point
70: 2008-05-01 23:33:15 UTC - RP91 - System Checkpoint
69: 2008-04-30 21:47:13 UTC - RP90 - System Checkpoint
68: 2008-04-29 21:33:23 UTC - RP89 - System Checkpoint
67: 2008-04-28 20:33:23 UTC - RP88 - System Checkpoint
-- First Restore Point --
1: 2008-02-22 17:59:23 UTC - RP22 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Mark.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:11 AM, on 02/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Mark\Desktop\anti-spyware stuff\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Mark.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [fnjvrob] c:\documents and settings\mark\local settings\application data\fnjvrob.exe fnjvrob
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cabO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitd...can8/oscan8.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1202866419437O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.nvidia.co.../sysreqlab2.cabO16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) -
http://www.superadbl...ivex/sabspx.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
--
End of file - 6359 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
S3 SABProcEnum - c:\program files\internet explorer\sabprocenum.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 O&O Defrag - c:\windows\system32\oodag.exe <Not Verified; O&O Software GmbH; O&O Defrag>
S3 AresChatServer (Ares Chatroom server) - c:\program files\ares\chatserver.exe <Not Verified; Ares Development Group; Ares Chat Server>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-04-02 and 2008-05-02 -----------------------------
2008-05-01 18:26:32 0 d-------- C:\Program Files\Buildalot 2 Town Of The Year
2008-04-26 03:07:14 0 d-------- C:\Program Files\Panda Security
2008-04-26 00:35:48 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-26 00:35:21 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-26 00:35:21 0 d-------- C:\Documents and Settings\Mark\Application Data\SUPERAntiSpyware.com
2008-04-25 23:57:15 0 d-------- C:\Documents and Settings\Mark\Application Data\Malwarebytes
2008-04-25 23:56:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-25 23:56:53 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-25 23:55:57 0 d-------- C:\Program Files\Common Files\Download Manager
2008-04-25 23:31:06 0 d-------- C:\Program Files\Trend Micro
2008-04-18 04:17:22 0 d-------- C:\Program Files\Airport Mania
2008-04-10 22:58:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Playtonium Games
2008-04-10 22:57:01 0 d-------- C:\Program Files\Pat Sajaks Lucky Letters TV Guide Edition
2008-04-04 19:40:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Reflexivev1005
2008-04-04 19:38:04 0 d-------- C:\Program Files\Amazing Adventures The Lost Tomb
2008-04-03 21:32:35 0 d-------- C:\Program Files\iWin
-- Find3M Report ---------------------------------------------------------------
2008-05-02 00:39:47 0 d-------- C:\Documents and Settings\Mark\Application Data\uTorrent
2008-05-01 04:19:24 0 d-------- C:\Documents and Settings\Mark\Application Data\AVG7
2008-04-26 00:34:41 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-25 23:55:57 0 d-------- C:\Program Files\Common Files
2008-04-17 06:48:17 0 d-------- C:\Program Files\Casino Island To Go
2008-04-06 23:06:05 0 d-------- C:\Program Files\nesten
2008-04-02 02:37:16 0 d-------- C:\Program Files\Nanny Mania
2008-03-27 19:02:06 0 d-------- C:\Program Files\Fishing Craze
2008-03-27 18:55:25 4096 --a------ C:\WINDOWS\d3dx.dat
2008-03-25 18:37:13 0 d-------- C:\Program Files\Fashion Solitaire
2008-03-24 21:28:53 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-12 00:07:32 0 d-------- C:\Program Files\Penguins Journey
2008-03-11 22:20:01 0 d-------- C:\Program Files\Blast Miner
2008-03-08 19:01:28 0 d-------- C:\Program Files\GamesBar
2008-03-08 19:01:00 0 d-------- C:\Program Files\NBC Heads Up Poker
2008-03-06 18:56:21 0 d-------- C:\Program Files\Oberon Media
2008-03-06 16:34:08 0 d-------- C:\Documents and Settings\Mark\Application Data\Macromedia
2008-03-04 13:33:22 0 d-------- C:\Program Files\Super Granny 3
2008-03-04 13:30:02 0 d-------- C:\Program Files\Common Files\Sandlot Shared
2008-03-04 13:29:41 0 d-------- C:\Program Files\Super Granny 4
2008-03-04 10:33:40 0 d-------- C:\Program Files\Fashion Fits
2008-03-02 09:47:21 0 d-------- C:\Program Files\Buildalot
2008-03-02 09:18:53 0 d-------- C:\Program Files\Real
2008-03-02 09:18:34 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-02 09:18:18 0 d-------- C:\Program Files\Common Files\InstallShield
2008-03-02 08:44:52 0 d-------- C:\Program Files\Core Design
2008-02-12 22:32:22 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-02-12 21:48:45 0 -rahs---- C:\MSDOS.SYS
2008-02-12 21:48:45 0 -rahs---- C:\IO.SYS
2008-02-12 21:48:45 0 --a------ C:\CONFIG.SYS
2008-02-12 21:48:45 0 --a------ C:\AUTOEXEC.BAT
2008-02-12 21:41:45 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-02-12 17:26:55 62 --ahs---- C:\Documents and Settings\Mark\Application Data\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/12/2007 02:41 AM]
"nwiz"="nwiz.exe" [05/12/2007 02:41 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/12/2007 02:41 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 11:16 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [15/04/2008 09:43 AM]
"Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [24/01/2008 10:22 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 09:00 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [01/05/2008 05:26 PM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [30/08/2007 06:43 PM]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [13/02/2008 02:59 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [26/04/2008 02:51 AM]
"fnjvrob"="c:\documents and settings\mark\local settings\application data\fnjvrob.exe" [26/04/2008 02:52 AM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 26/04/2008 02:51 AM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8004 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-05-02 00:42:52 ------------
extra.txtDeckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel Pentium III processor
Percentage of Memory in Use: 39%
Physical Memory (total/avail): 511.42 MiB / 311.14 MiB
Pagefile Memory (total/avail): 1250.16 MiB / 991.58 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1931.9 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 19 GiB total, 12.48 GiB free.
D: is Fixed (NTFS) - 27.95 GiB total, 11.35 GiB free.
E: is CDROM (CDFS)
\\.\PHYSICALDRIVE0 - QUANTUM FIREBALLlct20 20 - 19.01 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 19 GiB - C:
\\.\PHYSICALDRIVE1 - WDC WD300BB-00AUA1 - 27.95 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 27.95 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.
AV: AVG 7.5.524 v7.5.524 (Grisoft)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Mark\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BLAH
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Mark
LOGONSERVER=\\BLAH
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 10, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=080a
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Mark\LOCALS~1\Temp
TMP=C:\DOCUME~1\Mark\LOCALS~1\Temp
USERDOMAIN=BLAH
USERNAME=Mark
USERPROFILE=C:\Documents and Settings\Mark
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Mark
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
3D Ultra Pinball Thrillride --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1AB76C0-333F-11D5-BF46-0002B306C443}\Setup.exe"
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Amazing Adventures The Lost Tomb --> "C:\Program Files\Amazing Adventures The Lost Tomb\ReflexiveArcade\unins000.exe"
Ares 2.0.9 --> "C:\Program Files\Ares\uninstall.exe"
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Buildalot --> "C:\Program Files\Buildalot\ReflexiveArcade\unins000.exe"
Buildalot 2 Town Of The Year --> "C:\Program Files\Buildalot 2 Town Of The Year\ReflexiveArcade\unins000.exe"
Fairway Solitaire --> "C:\Program Files\Fairway Solitaire\ReflexiveArcade\unins000.exe"
FamilyFeudOnlineParty (remove only) --> "C:\Program Files\iWin\FamilyFeudOnlineParty\Uninstall.exe"
Fashion Solitaire --> "C:\Program Files\Fashion Solitaire\ReflexiveArcade\unins000.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Intel® Network Connections Drivers --> Prounstl.exe
K-Lite Codec Pack 3.7.5 Standard --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mystery Solitaire Secret Island --> "C:\Program Files\Mystery Solitaire Secret Island\ReflexiveArcade\unins000.exe"
Nanny Mania --> "C:\Program Files\Nanny Mania\ReflexiveArcade\unins000.exe"
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
O&O Defrag Professional Edition --> MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31}
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Pat Sajaks Lucky Letters TV Guide Edition --> "C:\Program Files\Pat Sajaks Lucky Letters TV Guide Edition\ReflexiveArcade\unins000.exe"
Penguins Journey --> "C:\Program Files\Penguins Journey\ReflexiveArcade\unins000.exe"
Sandlot Games Client Services 1.2.2 --> "C:\Program Files\Common Files\Sandlot Shared\unins000.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Super Granny 3 --> "C:\Program Files\Super Granny 3\ReflexiveArcade\unins000.exe"
Super Granny 4 --> "C:\Program Files\Super Granny 4\ReflexiveArcade\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
The Tuttles --> "C:\Program Files\The Tuttles\ReflexiveArcade\unins000.exe"
Tomb Raider Chronicles --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Core Design\Tomb Raider Chronicles\Uninst.isu"
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
VNC Free Edition 4.1.2 --> "C:\Program Files\RealVNC\VNC4\unins000.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
-- Application Event Log -------------------------------------------------------
Event Record #/Type647 / Error
Event Submitted/Written: 05/02/2008 00:33:43 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application 3dp.exe, version 1.1.1.0, faulting module unknown, version 0.0.0.0, fault address 0x737816d4.
Processing media-specific event for [3dp.exe!ws!]
Event Record #/Type641 / Error
Event Submitted/Written: 05/01/2008 06:18:45 PM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 117100610.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.
Event Record #/Type640 / Error
Event Submitted/Written: 05/01/2008 06:18:41 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application 3dp.exe, version 1.1.1.0, faulting module unknown, version 0.0.0.0, fault address 0x737816d4.
Processing media-specific event for [3dp.exe!ws!]
Event Record #/Type639 / Error
Event Submitted/Written: 05/01/2008 04:38:26 PM
Event ID/Source: 1 / WinVNC4
Event Description:
SocketManager: unknown listener event: 0
Event Record #/Type635 / Error
Event Submitted/Written: 05/01/2008 02:59:57 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 452615105.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type2073 / Warning
Event Submitted/Written: 05/01/2008 08:22:33 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2072 / Warning
Event Submitted/Written: 05/01/2008 04:41:28 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2071 / Warning
Event Submitted/Written: 05/01/2008 02:01:30 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2070 / Warning
Event Submitted/Written: 05/01/2008 01:05:15 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2069 / Warning
Event Submitted/Written: 05/01/2008 00:26:27 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
-- End of Deckard's System Scanner: finished at 2008-05-02 00:42:52 ------------