Deckard's System Scanner v20071014.68
Run by DANIEL on 2008-05-02 19:54:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 5 Restore Point(s) --
104: 2008-05-02 23:37:49 UTC - RP1184 - Deckard's System Scanner Restore Point
103: 2008-05-02 06:52:36 UTC - RP1183 - Software Distribution Service 3.0
102: 2008-05-02 05:53:06 UTC - RP1182 - System Checkpoint
101: 2008-05-01 05:52:11 UTC - RP1181 - System Checkpoint
100: 2008-04-30 05:39:57 UTC - RP1180 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-02-02 22:41:42 UTC - RP1081 - Installed TaxCut Premium + State 2007.
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 9.84 GiB (less than 15%) free.-- HijackThis (run as DANIEL.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:46 PM, on 5/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
F:\adware remover\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\zHotkey.exe
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Common Files\AOL\1127171577\ee\AOLHostManager.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\AOL\1127171577\ee\AOLServiceHost.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\WINDOWS\system32\Hummbird\inetd32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WorkPad\HOTSYNC.EXE
C:\lotus\wordpro\ltsstart.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS Wireless LAN\ZDConfig.exe
C:\lotus\register\remind32.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\OPLIMIT\ocrawr32.exe
C:\WINDOWS\system32\RioMSC.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
F:\hijack\dss.exe
F:\hijack\DANIEL.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c.../search/ie.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ebay.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.rr.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy-server:8080;https=proxy-server:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;ams-server*
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {A5011BFB-B3EF-4FF7-8C16-32DD02F54EBE} - C:\WINDOWS\system32\adsnr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127171577\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB002" /M "Stylus CX4600"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - S-1-5-18 Startup: Lotus SmartSuite 97 Registration.lnk = C:\lotus\register\remind32.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Lotus SmartSuite 97 Registration.lnk = C:\lotus\register\remind32.exe (User 'Default user')
O4 - .DEFAULT Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE (User 'Default user')
O4 - Startup: Lotus SmartSuite 97 Registration.lnk = C:\lotus\register\remind32.exe
O4 - Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: HotSync Manager.lnk = C:\WorkPad\HOTSYNC.EXE
O4 - Global Startup: Lotus QuickStart.lnk = C:\lotus\wordpro\ltsstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: ZDConfig.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS Wireless LAN\ZDConfig.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\aim\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.rr.com
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) -
http://supportcenter...oad/tgctlcm.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.t...ivex/hcImpl.cabO16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) -
http://web1.shutterf...ds/Uploader.cabO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - F:\adware remover\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Contivity VPN Service (ExtranetAccess) - Nortel Networks NA, Inc. - C:\lockheed\Nortel Networks\Extranet_serv.exe
O23 - Service: Hummingbird Inetd (HCLInetd) - Hummingbird Communications Ltd. - C:\WINDOWS\system32\Hummbird\inetd32.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PPCtlPriv - Unknown owner - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe (file missing)
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
--
End of file - 11886 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys <Not Verified; Protection Technology; StarForce Protection System>
R3 Eacfilt (Eacfilt Miniport) - c:\windows\system32\drivers\eacfilt.sys <Not Verified; Nortel Networks; Filter Driver for CVC>
R3 IPSECSHM (Nortel IPSECSHM Adapter) - c:\windows\system32\drivers\ipsecw2k.sys <Not Verified; Nortel Networks; Contivity VPN Client>
R3 ZDNDIS5 (ZDNDIS5 Protocol Driver) - c:\windows\system32\zdndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S2 IPSECEXT (Nortel Extranet Access Protocol) - c:\windows\system32\drivers\ipsecw2k.sys <Not Verified; Nortel Networks; Contivity VPN Client>
S3 DLKRTS (D-Link DFE-530TX+ PCI Adapter) - c:\windows\system32\drivers\dlkrts.sys <Not Verified; D-Link Corporation; D-Link DFE-530TX+ PCI Adapter>
S3 giveio - c:\windows\system32\giveio.sys
S3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys (file missing)
S3 nvax (Service for NVIDIA® nForce Audio Enumerator) - c:\windows\system32\drivers\nvax.sys (file missing)
S3 NVENET (NVIDIA nForce MCP Networking Controller Driver) - c:\windows\system32\drivers\nvenet.sys (file missing)
S3 nvnforce (Service for NVIDIA® nForce Audio) - c:\windows\system32\drivers\nvapu.sys (file missing)
S3 pohci13F - c:\docume~1\daniel\locals~1\temp\pohci13f.sys (file missing)
S3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys (file missing)
S3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys (file missing)
S3 RioS35 (RioS35S driver) - c:\windows\system32\drivers\rios35.sys <Not Verified; SonicBlue Inc.; RioS35.sys>
S3 ZD1201U (ZyDAS ZD1201 IEEE 802.11b Wireless LAN Driver (USB)) - c:\windows\system32\drivers\zd1201u.sys <Not Verified; ZyDAS Technology Corporation; ZD1201 802.11b USB LAN Adapter>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 HCLInetd (Hummingbird Inetd) - c:\windows\system32\hummbird\inetd32.exe <Not Verified; Hummingbird Communications Ltd.; Hummingbird Shared Components for Win32>
R2 RioMSC (Rio MSC Manager) - c:\windows\system32\riomsc.exe <Not Verified; Digital Networks North America, Inc.; Rio Mass Storage Class Device Manager>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
S3 ExtranetAccess (Contivity VPN Service) - "c:\lockheed\nortel networks\extranet_serv.exe" <Not Verified; Nortel Networks NA, Inc.; ISAKMPD Application>
S3 PPCtlPriv - "c:\program files\ca\ca internet security suite\ca anti-spyware\ppctlpriv.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce MCP Networking Controller
Device ID: PCI\VEN_10DE&DEV_0066&SUBSYS_904D1509&REV_A1\3&13C0B0C5&0&20
Manufacturer: Nvidia
Name: NVIDIA nForce MCP Networking Controller
PNP Device ID: PCI\VEN_10DE&DEV_0066&SUBSYS_904D1509&REV_A1\3&13C0B0C5&0&20
Service: NVENET
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA® nForce Audio Codec Interface
Device ID: PCI\VEN_10DE&DEV_006A&SUBSYS_904D1509&REV_A1\3&13C0B0C5&0&30
Manufacturer: NVIDIA Corporation
Name: NVIDIA® nForce Audio Codec Interface
PNP Device ID: PCI\VEN_10DE&DEV_006A&SUBSYS_904D1509&REV_A1\3&13C0B0C5&0&30
Service: nvax
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (Network Monitor)
Device ID: ROOT\MS_NDISWANBH\0000
Manufacturer: Microsoft
Name: WAN Miniport (Network Monitor)
PNP Device ID: ROOT\MS_NDISWANBH\0000
Service: NdisWan
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (IP)
Device ID: ROOT\MS_NDISWANIP\0000
Manufacturer: Microsoft
Name: WAN Miniport (IP)
PNP Device ID: ROOT\MS_NDISWANIP\0000
Service: NdisWan
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (IPX)
Device ID: ROOT\MS_NDISWANIPX\0000
Manufacturer: Microsoft
Name: WAN Miniport (IPX)
PNP Device ID: ROOT\MS_NDISWANIPX\0000
Service: NdisWan
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (PPPOE)
Device ID: ROOT\MS_PPPOEMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (PPPOE)
PNP Device ID: ROOT\MS_PPPOEMINIPORT\0000
Service: RasPppoe
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: WAN Miniport (PPTP)
Device ID: ROOT\MS_PPTPMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (PPTP)
PNP Device ID: ROOT\MS_PPTPMINIPORT\0000
Service: PptpMiniport
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Direct Parallel
Device ID: ROOT\MS_PTIMINIPORT\0000
Manufacturer: Microsoft
Name: Direct Parallel
PNP Device ID: ROOT\MS_PTIMINIPORT\0000
Service: Raspti
-- Scheduled Tasks -------------------------------------------------------------
2008-05-02 19:54:07 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-05-02 19:50:58 414 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
-- Files created between 2008-04-02 and 2008-05-02 -----------------------------
2008-04-25 10:37:42 0 d-------- C:\finch
2008-04-25 10:34:09 0 d-------- C:\Documents and Settings\DANIEL\Application Data\pdf995
2008-04-08 17:53:37 0 d-------- C:\grad
2008-04-06 18:03:30 0 d-------- C:\Documents and Settings\DANIEL\.housecall6.6
-- Find3M Report ---------------------------------------------------------------
2008-03-29 12:48:54 0 d-------- C:\Program Files\Common Files\LogiShrd
2008-03-29 12:44:21 0 d-------- C:\Program Files\Common Files
2008-03-29 12:44:18 0 d-------- C:\Program Files\Logitech
2008-03-28 18:02:54 0 d-------- C:\Documents and Settings\DANIEL\Application Data\Nero
2008-03-08 11:55:03 0 d-------- C:\Documents and Settings\DANIEL\Application Data\Adobe
2008-03-05 21:51:08 0 d-------- C:\Program Files\Common Files\Cisco Systems
2008-03-05 21:51:07 0 d-------- C:\Program Files\McAfee
2008-03-05 21:50:16 0 d-------- C:\Program Files\Common Files\McAfee
2008-03-05 21:49:00 0 d-------- C:\Program Files\Network Associates
2008-03-05 21:42:45 0 d-------- C:\Documents and Settings\DANIEL\Application Data\U3
2008-03-03 17:59:11 0 d-------- C:\Program Files\ICQ
2008-02-23 15:10:46 718 --a------ C:\Documents and Settings\DANIEL\Application Data\AdobeDLM.log
2008-02-11 13:12:20 249856 --a------ C:\WINDOWS\system32\pdfmona.dll <Not Verified; TODO: <Company name>; TODO: <Product name>>
2008-02-11 13:12:20 51716 --a------ C:\WINDOWS\system32\pdf995mon.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A5011BFB-B3EF-4FF7-8C16-32DD02F54EBE}]
08/04/2004 03:56 AM 88064 --a------ C:\WINDOWS\system32\adsnr.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [05/02/2003 03:19 AM]
"nwiz"="nwiz.exe" [05/02/2003 03:19 AM C:\WINDOWS\system32\nwiz.exe]
"CHotkey"="zHotkey.exe" [06/03/2003 02:01 PM C:\WINDOWS\zHotkey.exe]
"InstantAccess"="C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.exe" [07/07/1998 05:04 PM]
"RegisterDropHandler"="C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE" [07/07/1998 05:20 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/30/2004 08:09 PM]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [04/17/2002 11:42 AM]
"CamMonitor"="C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [06/04/2002 05:36 PM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/25/2004 01:52 PM]
"HostManager"="C:\Program Files\Common Files\AOL\1127171577\ee\AOLHostManager.exe" [08/02/2005 03:33 PM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/07/2005 12:46 AM]
"EPSON Stylus CX4600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.exe" [03/04/2004 04:00 AM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 11:50 AM]
"@"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe" [02/23/2004 12:44 AM]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 08:20 PM]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [02/22/2007 09:50 PM]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [12/19/2006 12:27 PM]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [10/25/2007 04:33 PM]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [10/25/2007 04:37 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nero PhotoShow Media Manager"="C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe" [04/27/2007 02:16 PM]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [07/17/2002 02:00 PM]
"MSI Configuration"="msiconf.exe" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"RegisterDropHandler"=C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
C:\Documents and Settings\DANIEL\Start Menu\Programs\Startup\
Lotus SmartSuite 97 Registration.lnk - C:\lotus\register\remind32.exe [11/6/1995 9:23:00 PM]
OCRAWARE.lnk - C:\OPLIMIT\OCRAWARE.EXE [4/5/2004 5:36:23 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [3/7/2004 12:13:29 PM]
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [12/30/2004 2:17:24 PM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]
BigFix.lnk - C:\Program Files\BigFix\BigFix.exe [9/15/2003 4:20:37 PM]
HotSync Manager.lnk - C:\WorkPad\HOTSYNC.EXE [3/7/2004 3:42:23 PM]
Lotus QuickStart.lnk - C:\lotus\wordpro\ltsstart.exe [1/10/1997 9:23:00 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [3/21/1999 9:00:00 PM]
Microsoft Works Calendar Reminders.lnk - C:\WINDOWS\Installer\{0CD3BB5C-BBCA-11D2-8C20-00C04FBBCFF9}\A94AAB13.exe [3/3/2004 8:29:23 PM]
ZDConfig.lnk - C:\Program Files\ZyDAS Technology Corporation\ZyDAS Wireless LAN\ZDConfig.exe [2/28/2004 3:11:11 PM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- End of Deckard's System Scanner: finished at 2008-05-02 19:59:19 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon XP 1500+
Percentage of Memory in Use: 45%
Physical Memory (total/avail): 1023.48 MiB / 554.79 MiB
Pagefile Memory (total/avail): 2465.16 MiB / 2060.03 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.41 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 74.53 GiB total, 9.84 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Fixed (NTFS) - 111.79 GiB total, 52.64 GiB free.
G: is Removable (FAT)
\\.\PHYSICALDRIVE1 - WDC WD1200JB-00GVC0 - 111.79 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 111.79 GiB - F:
\\.\PHYSICALDRIVE0 - WDC WD800EB-00DJF0 - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.53 GiB - C:
\\.\PHYSICALDRIVE2 - Lexar MMC/SD USB Device - 117.66 MiB - 1 partition
\PARTITION0 (bootable) - MS-DOS V4 Huge - 120.08 MiB - G:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AntivirusOverride is set.
AV: McAfee VirusScan Enterprise v8.5.0.781 (McAfee, Inc.)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\1127171577\\ee\\aolservicehost.exe"="C:\\Program Files\\Common Files\\AOL\\1127171577\\ee\\aolservicehost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\aim\\aim.exe"="C:\\Program Files\\aim\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\WS_FTP\\WS_FTP95.exe"="C:\\Program Files\\WS_FTP\\WS_FTP95.exe:*:Enabled:WS_FTP 95"
"C:\\Program Files\\microsoft frontpage\\bin\\fpexplor.exe"="C:\\Program Files\\microsoft frontpage\\bin\\fpexplor.exe:*:Disabled:Microsoft FrontPage Explorer"
"C:\\Program Files\\Exceed.nt\\exceed.exe"="C:\\Program Files\\Exceed.nt\\exceed.exe:*:Disabled:Exceed for Win32"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Program Files\\SSI\\Silent Hunter II\\Shell\\SH2.exe"="C:\\Program Files\\SSI\\Silent Hunter II\\Shell\\SH2.exe:*:Disabled:SH2"
"C:\\WINDOWS\\system32\\lshosts32.exe"="C:\\WINDOWS\\system32\\lshosts32.exe:*:Enabled:lshosts32"
"C:\\Valve\\Condition Zero\\czero.exe"="C:\\Valve\\Condition Zero\\czero.exe:*:Disabled:Condition Zero Launcher"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\ScanSoft\\PaperPort\\NAVBrowser.exe"="C:\\Program Files\\ScanSoft\\PaperPort\\NAVBrowser.exe:*:Disabled:NAVBrowser"
"C:\\Program Files\\Common Files\\AOL\\1127171577\\ee\\aolservicehost.exe"="C:\\Program Files\\Common Files\\AOL\\1127171577\\ee\\aolservicehost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE:*:Disabled:SAgent4"
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\DANIEL\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EMACHINE1
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFLOGDIR=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\DANIEL
LOGONSERVER=\\EMACHINE1
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;;C:\Program Files\Asymetrix\DVP50
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\DANIEL\LOCALS~1\Temp
TMP=C:\DOCUME~1\DANIEL\LOCALS~1\Temp
USERDOMAIN=EMACHINE1
USERNAME=DANIEL
USERPROFILE=C:\Documents and Settings\DANIEL
VSEDEFLOGDIR=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopProtection
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
DANIEL
(admin)Administrator
(new local, admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\ahead\newnero\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
56Kbps Internal Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Download Manager 2.0 (Remove Only) --> "C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Elements 2.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements 2\Uninst.dll"
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AOL Explorer --> C:\Program Files\Common Files\AOL\1127171577\ee\services\browser\ver1_1_1042\uninst.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Asymetrix Digital Video Producer 5.0 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Asymetrix\DVP50\DeIsL1.isu"
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
CompuServe --> C:\Program Files\Common Files\csshare\csunins_us.exe
Corel Uninstaller --> C:\WINDOWS\Corel\uninst32.exe
Data Lifeguard Tools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}\Setup.exe"
DeductionPro 2007 --> "C:\Program Files\InstallShield Installation Information\{8A5EBB62-ADE7-41E2-8884-1517DE3505D1}\setup.exe" -runfromtemp -l0x0009 -removeonly
Digital Photo Recovery 2.0.3 --> C:\emetrixdotcom\Digital Photo Recovery\uninst.exe
EPSON CardMonitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\Setup.exe" -l0x9 uninst
EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x9 -UnInstall
EPSON PhotoStarter3.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE704636-ECD0-426C-952E-05B8DABD1949}\Setup.exe" -l0x9 uninst
EPSON Print CD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\Setup.exe" -l0x9 -SYSTEM
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Smart Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\setup.exe" -l0x9 Uninstall
EPSON Stylus Photo R380 User's Guide --> C:\Program Files\epson\guide\spr380_e\uninstall.exe
Family Tree Maker 9.0 --> C:\WINDOWS\IsUninst.exe -fC:\FTW\Uninst.isu
HijackThis 2.0.2 --> "F:\hijack\HijackThis.exe" /uninstall
HostExplorer for Windows NT --> f:\Hostexplorer.95\hcremove.exe
hp instant support --> C:\PROGRA~1\HEWLET~1\HPINST~1\Uninstall.exe CeS
HP Photo and Imaging 1.1 - Photosmart Cameras --> MsiExec.exe /X{1C6882E4-E95A-4019-A3B9-0BC14565C997}
ICQ --> C:\PROGRA~1\ICQ\ICQUninstall.EXE
interneTIFF 6.0-FREE (IE Browser) --> C:\WINDOWS\ISUninst.exe -f"C:\Program Files\Innomage\interneTIFFX\Uninst.isu" -c"C:\Program Files\Innomage\interneTIFFX\U_ITIFFFREE.dll"
IP Address Lookup v1.0.090604 --> "F:\isplookup\IP Address Lookup\unins000.exe"
Java 2 Runtime Environment Standard Edition v1.3.1 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JavaSoft\JRE\1.3.1\Uninst.isu"
Java 2 Runtime Environment Standard Edition v1.3.1_02 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JavaSoft\JRE\1.3.1_02\Uninst.isu"
Java 2 Runtime Environment, SE v1.4.2_04 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142040}
LiveUpdate 1.80 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Logitech QuickCam --> MsiExec.exe /X{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}
Logitech QuickCam Driver Package --> "C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Lotus SmartSuite 97 --> C:\WINDOWS\lunin10.exe /T SmartSuite /V 97.0 /I "c:\lotus\suit.inf" /C "c:\lotus\cinstall.ini" /O /L EN
Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
McAfee VirusScan Enterprise --> MsiExec.exe /I{35C03C04-3F1F-42C2-A989-A757EE691F65}
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft FrontPage 98 --> "C:\Program Files\Microsoft FrontPage\bin\fpuninst.exe" C:\WINDOWS\UNINST.EXE -f"C:\Program Files\Microsoft FrontPage\DeIsL1.isu"
Microsoft Home Publishing 2000 --> MsiExec.exe /I{0CD3BB5C-BBCA-11D2-8C20-00C04FBBCFF9}
Microsoft Image Composer 1.5 --> C:\Program Files\Microsoft Image Composer\setup\acmsetup.exe /t setup.stf
Microsoft Money 2003 --> MsiExec.exe /I{01F9D88C-3C86-4E82-840A-101A3221F67A}
Microsoft Money 2003 System Pack --> MsiExec.exe /I{02B42D23-10F2-4862-ADA4-3DF1EA0021B2}
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{91E30409-6000-11D3-8CFE-0150048383C9}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTS.inf, Uninstall
Microsoft Works 6.0 --> MsiExec.exe /I{F8D0829C-9C6F-11D3-8080-00C04FA329AA}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\DANIEL\Application Data\Move Networks\ie_bin\Uninst.exe
Multimedia Keyboard Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x9
Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Nero PhotoShow Deluxe 5 --> "C:\Program Files\Nero\PhotoShow 5\data\Xtras\Uninstall.exe"
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""
NeroMediaPlayer --> C:\WINDOWS\uninNMP.exe C:\PROGRA~1\ahead\NEROME~1\NEROME~1.EXE|C:\WINDOWS\UNINST.EXE|-fC:\PROGRA~1\ahead\NEROME~1\DeIsL1.isu
Netflix Movie Viewer --> MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
Nortel Networks Contivity VPN Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF964A78-078C-11D1-B7A7-0000C0134CE6}\setup.exe" Uninstall
NVIDIA nForce Drivers --> C:\WINDOWS\System32\nvuninst.exe Uninstall C:\WINDOWS\System32\NVU001.nvu,NVIDIA nForce Drivers
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
Oregon Trail 3 --> C:\WINDOWS\uninst.exe -f"C:\program files\TLC\Oregon Trail 3\DeIsL2.isu"
Palm Desktop for IBM WorkPad --> C:\WINDOWS\IsUninst.exe -fC:\WorkPad\Palm.isu -cC:\WorkPad\Palmuni.dll
PaperPort 7.02 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ScanSoft\PaperPort\Config\DeIsL1.isu" -y -c"C:\Program Files\ScanSoft\PaperPort\UnInstl2.dll"
Pdf995 (installed by TaxCut) --> C:\Program Files\pdf995\setup.exe uninstall
PdfEdit995 (installed by TaxCut) --> C:\Program Files\pdf995\res\utilities\thinsetup.exe - uninstall
Personal Ancestral File 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D94A8E22-DF2B-4107-9E51-608A60A7671D}\Setup.exe"
PhotoMAX Pro 2.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Polaroid\PhotoMAX\Uninst.isu"
PhotoPrinter 2.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoPrinter\Uninst.isu"
PhotoRescue 3.0 Demo Version (build 9132) --> "C:\Program Files\PhotoRescue\unins000.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Presto! PageManager --> C:\WINDOWS\uninst.exe -f"C:\Program Files\NewSoft\PageManager\DeIsL1.isu"
Presto! PageType --> C:\WINDOWS\uninst.exe -f"C:\Program Files\NewSoft\PageManager\PageType\DeIsL1.isu"
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rio Internet Update --> MsiExec.exe /X{493F2531-C2E5-4B73-8B11-66E9CFDA9AFA}
Rio Music Manager --> MsiExec.exe /X{282EF7E3-AE54-48AE-A11D-27F512F23AB3}
ScanToWeb --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
Shipping Assistant 3.2 --> MsiExec.exe /X{15C77FC3-8137-4A5E-8F81-F559045DD6B0}
Shutterfly Studio --> C:\Program Files\Shutterfly\Studio\SFlyStudioUninstall.exe
Silent Hunter 1.31 Commander's Edition --> C:\WINDOWS\IsUninst.exe -f"f:\Program Files\SSI\Silent Hunter CE\Uninst.isu"
Silent Hunter II --> C:\WINDOWS\Silent Hunter II remove.exe remove
Silent Hunter III --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}
Spybot - Search & Destroy 1.2 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Street Atlas USA 2004 Plus --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63E2BB4E-4DF2-48F3-8DBF-EBE683DB2724}\setup.exe" -l0x9 NoMode
Street Atlas USA 2004 Plus Data --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BE3E352-2D2A-4056-95D0-0FA977D09006}\Setup.exe" -l0x9 NoMode
SureThing CD Labeler - Stomper Edition 32 bit --> C:\WINDOWS\MVUNINST\App1\unwise.exe C:\WINDOWS\MVUNINST\APP1\INSTALL.LOG "SureThing CD Labeler - Stomper Edition Uninstall"
TaxCut Deluxe 2005 --> C:\PROGRA~1\TaxCut05\Program\removetc.exe
TaxCut New York 2007 --> MsiExec.exe /X{58381EE3-A57D-448F-BC8E-FFC66987615E}
TaxCut Premium + State 2007 --> MsiExec.exe /X{663E217E-FC26-4249-9E8E-F190CD63E737}
TaxCut Premium 2006 --> C:\PROGRA~1\TaxCut06\Program\removetc.exe
TextBridge Classic 2.0 --> "C:\Program Files\TextBridge Classic 2.0\bin\setup.exe" -funinst.ins
Videora iPod Converter 0.91 --> C:\Program Files\VideoraiPodConverter\uninst.exe
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Vstascan --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{314C19E0-7FA5-11D5-A6B4-0050BA724CB6}\Setup.exe"
WildTangent Multiplayer Library --> C:\WINDOWS\wt\updater\wcmdmgr.exe -uninstall wtdmmp
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Yahoo! Anti-Spy --> C:\PROGRA~1\Yahoo!\common\unypsr.exe
ZyDAS Wireless LAN - USB --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{581CE7EA-A30D-11D6-8496-000000120103}\Setup.exe" -l0x9
-- Application Event Log -------------------------------------------------------
Event Record #/Type16333 / Warning
Event Submitted/Written: 05/02/2008 07:53:02 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam' failed during request for component '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'
Event Record #/Type16332 / Warning
Event Submitted/Written: 05/02/2008 07:53:02 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam', component '{B52C7B4D-F46F-438C-ADF2-05A138C57757}' failed. The resource 'HKEY_CURRENT_USER\Software\Logitech\InstallerKeys\QCDesktopShortcutKey' does not exist.
Event Record #/Type16331 / Warning
Event Submitted/Written: 05/02/2008 07:53:02 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam' failed during request for component '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'
Event Record #/Type16330 / Warning
Event Submitted/Written: 05/02/2008 07:53:02 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam', component '{B52C7B4D-F46F-438C-ADF2-05A138C57757}' failed. The resource 'HKEY_CURRENT_USER\Software\Logitech\InstallerKeys\QCDesktopShortcutKey' does not exist.
Event Record #/Type16328 / Warning
Event Submitted/Written: 05/02/2008 07:51:07 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}', feature 'QuickCam' failed during request for component '{62BA7C13-20BB-41F7-A6A4-482632CE53D4}'
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type72123 / Warning
Event Submitted/Written: 05/02/2008 07:58:27 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%EMACHINE127 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %EMACHINE127 can't undo changes that you allow.
For more information please see the following:
%EMACHINE1275
Scan ID: {62CAC4A5-2305-4FEB-9294-BEDEE6704416}
User: EMACHINE1\DANIEL
Name: %EMACHINE1271
ID: %EMACHINE1272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %EMACHINE1276
Alert Type: %EMACHINE1278
Detection Type: 1.1.1593.02
Event Record #/Type72122 / Warning
Event Submitted/Written: 05/02/2008 07:58:27 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%EMACHINE127 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %EMACHINE127 can't undo changes that you allow.
For more information please see the following:
%EMACHINE1275
Scan ID: {8DE30B19-ED56-466E-B412-824B6A2E34F3}
User: EMACHINE1\DANIEL
Name: %EMACHINE1271
ID: %EMACHINE1272
Severity: 1.1.1593.05
Category: 1.1.1593.06
Path Found: %EMACHINE1276
Alert Type: %EMACHINE1278
Detection Type: 1.1.1593.02
Event Record #/Type72121 / Warning
Event Submitted/Written: 05/02/2008 07:58:27 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%EMACHINE127 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from