hey! sorry for the late reply.
Deckard's System Scanner v20071014.68
Run by Bryan on 2008-06-02 19:54:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
10: 2008-06-03 00:54:20 UTC - RP10 - Deckard's System Scanner Restore Point
9: 2008-06-01 21:16:18 UTC - RP9 - ComboFix created restore point
8: 2008-06-01 18:48:00 UTC - RP8 - Installed Kaspersky Internet Security 7.0.
7: 2008-06-01 18:42:17 UTC - RP7 - Removed Kaspersky Internet Security 7.0.
6: 2008-06-01 17:24:19 UTC - RP6 - ComboFix created restore point
-- First Restore Point --
1: 2008-05-31 19:48:58 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Bryan.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:55:03 PM, on 6/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Saitek\Software\SaiMfd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Saitek\Software\ProfilerU.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\AGRSMMSG.exe
D:\Programs\Free Download Manager\FUM\fumoei.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Bryan\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Bryan.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programs\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {487C9905-26A8-42C8-8033-C58AD3D2AEC3} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programs\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)
O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Programs\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Profiler] C:\Program Files\Saitek\Software\ProfilerU.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\acledith.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Programs\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Free Uploader Oe Integration] D:\Programs\Free Download Manager\FUM\fumoei.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Programs\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Programs\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Programs\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Programs\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - D:\Programs\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by108fd.bay10...es/MsnPUpld.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1185981081156O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: wvUnKecb - C:\WINDOWS\
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5820 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080531-174457-485 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
backup-20080531-174458-101 O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
backup-20080531-174458-216 O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)
backup-20080531-174458-227 O2 - BHO: (no name) - {487C9905-26A8-42C8-8033-C58AD3D2AEC3} - (no file)
backup-20080531-174458-235 O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\acledith.exe
backup-20080531-174458-368 O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\acledith.exe
backup-20080531-174458-401 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20080531-174458-567 O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\acledith.exe
backup-20080531-174458-796 O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\acledith.exe
backup-20080531-181201-490 O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\acledith.exe
backup-20080531-181201-710 O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\acledith.exe
backup-20080531-181201-885 O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\acledith.exe
backup-20080531-181201-918 O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\acledith.exe
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - unable to read value-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 papycpu2 - c:\windows\system32\drivers\papycpu2.sys
R1 papyjoy - c:\windows\system32\drivers\papyjoy.sys
R3 AgereSoftModem (Agere Systems Soft Modem) - c:\windows\system32\drivers\agrsm.sys <Not Verified; Agere Systems; Agere SoftModem Driver>
R3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
R3 SaiMini - c:\windows\system32\drivers\saimini.sys <Not Verified; Saitek; Configuration Software>
R3 SaiNtBus - c:\windows\system32\drivers\saibus.sys <Not Verified; Saitek; Configuration Software>
S0 viaagp1 (VIA AGP Filter) - c:\windows\system32\drivers\viaagp1.sys (file missing)
S3 CM1083264 (C-Media CM108 Like Sound UDAX Interface) - c:\windows\system32\drivers\cm108.sys (file missing)
S3 PciCon - f:\pcicon.sys (file missing)
S3 SE27bus (Sony Ericsson Device 039 Driver driver (WDM)) - c:\windows\system32\drivers\se27bus.sys <Not Verified; MCCI; Sony Ericsson Device 039 Driver>
S3 SE27mdfl (Sony Ericsson Device 039 USB WMC Modem Filter) - c:\windows\system32\drivers\se27mdfl.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Modem Filter Driver>
S3 SE27mdm (Sony Ericsson Device 039 USB WMC Modem Driver) - c:\windows\system32\drivers\se27mdm.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Data Modem>
S3 SE27mgmt (Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se27mgmt.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC Device Management>
S3 se27nd5 (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)) - c:\windows\system32\drivers\se27nd5.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB Ethernet Emulation>
S3 SE27obex (Sony Ericsson Device 039 USB WMC OBEX Interface) - c:\windows\system32\drivers\se27obex.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB WMC OBEX Interface>
S3 se27unic (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)) - c:\windows\system32\drivers\se27unic.sys <Not Verified; MCCI; Sony Ericsson Device 039 USB Ethernet Emulation>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Process Modules -------------------------------------------------------------
C:\WINDOWS\system32\winlogon.exe (pid 1032)
2007-04-19 13:41:36 294912 --a------ C:\Program Files\SUPERAntiSpyware\SASWINLO.dll <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware WinLogon Processor>
C:\WINDOWS\explorer.exe (pid 356)
2005-09-23 07:28:38 83456 --a------ C:\WINDOWS\system32\dfshim.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:52 270848 --a------ C:\WINDOWS\system32\mscoree.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2008-05-13 10:13:36 77824 --a------ C:\Program Files\SUPERAntiSpyware\SASSEH.DLL <Not Verified; SuperAdBlocker.com; SuperAntiSpyware>
2007-06-27 15:21:20 86016 --a------ D:\Programs\Free Download Manager\FUM\fumshext.dll
2007-02-27 12:39:26 61440 --a------ C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware Context Menu Extension>
2002-05-14 18:22:34 122880 --a------ C:\Program Files\WinRAR\RarExt.dll
2006-06-05 14:06:22 20992 --a------ D:\Programs\MagicISO\misosh.dll <Not Verified; MagicISO, Inc.; MagicISO Shell Extension Module>
C:\WINDOWS\system32\rundll32.exe (pid 1920)
2007-04-19 13:26:00 212992 --a------ C:\WINDOWS\system32\nvapi.dll
-- Files created between 2008-05-02 and 2008-06-02 -----------------------------
2008-06-01 18:24:28 0 d-------- C:\Documents and Settings\Bryan\Application Data\Malwarebytes
2008-06-01 18:24:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-01 18:24:25 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-01 16:41:13 90 ---hs---- C:\WINDOWS\cnerolf.dat
2008-06-01 13:48:51 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-06-01 13:48:51 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-06-01 13:48:09 31008 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-01 13:48:09 2429984 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-01 13:48:09 0 d-------- C:\Program Files\Kaspersky Lab
2008-06-01 13:48:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-31 18:15:13 68096 --a------ C:\WINDOWS\zip.exe
2008-05-31 18:15:13 49152 --a------ C:\WINDOWS\VFind.exe
2008-05-31 18:15:13 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-05-31 18:15:13 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-05-31 18:15:13 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-05-31 18:15:13 98816 --a------ C:\WINDOWS\sed.exe
2008-05-31 18:15:13 80412 --a------ C:\WINDOWS\grep.exe
2008-05-31 18:15:13 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-05-31 18:00:01 0 d-------- C:\WINDOWS\setup.pss
2008-05-31 17:59:36 0 d-------- C:\WINDOWS\setupupd
2008-05-31 16:39:47 0 d-------- C:\Program Files\Trend Micro
2008-05-31 15:39:36 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-05-31 15:39:10 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-05-31 15:39:10 0 d-------- C:\Documents and Settings\Bryan\Application Data\SUPERAntiSpyware.com
2008-05-31 15:38:55 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-31 14:38:42 2692 --a------ C:\WINDOWS\system32\tmp.reg
2008-05-31 09:12:08 0 d-------- C:\!KillBox
2008-05-31 08:20:19 0 d-------- C:\Documents and Settings\LocalService\Application Data\Macromedia
2008-05-31 08:20:13 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-05-17 20:34:09 0 d-------- C:\Digital Aviation
-- Find3M Report ---------------------------------------------------------------
2008-06-01 20:32:01 0 d-------- C:\Documents and Settings\Bryan\Application Data\Free Download Manager
2008-06-01 18:55:14 0 d-------- C:\Program Files\Microsoft Games
2008-06-01 16:40:19 0 d-------- C:\Program Files\FSBuild
2008-06-01 15:24:53 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-05-31 20:17:45 0 d-------- C:\Documents and Settings\Bryan\Application Data\teamspeak2
2008-05-31 19:25:13 0 d-------- C:\Documents and Settings\Bryan\Application Data\Azureus
2008-05-31 15:38:55 0 d-------- C:\Program Files\Common Files
2008-05-30 20:10:59 0 d-------- C:\Program Files\TOPCAT
2008-05-20 16:12:08 0 d-------- C:\Program Files\Messenger Plus! Live
2008-05-20 16:12:07 0 d-------- C:\Program Files\MSN Messenger
2008-04-26 09:12:04 0 d-------- C:\Program Files\MagicDisc
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{487C9905-26A8-42C8-8033-C58AD3D2AEC3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98dbbf16-ca43-4c33-be80-99e6694468a4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc97b254-b2b9-4d40-971d-78e0978f5f26}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"SaiMfd"="C:\Program Files\Saitek\Software\SaiMfd.exe" [11/03/2005 11:09 AM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [01/12/2005 03:01 AM]
"Profiler"="C:\Program Files\Saitek\Software\ProfilerU.exe" [10/18/2005 02:34 PM]
"nwiz"="nwiz.exe" [04/19/2007 01:26 PM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [04/19/2007 01:26 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/19/2007 01:26 PM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 10:50 AM]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [04/11/2007 03:32 PM C:\WINDOWS\KHALMNPR.Exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [04/11/2007 03:32 PM C:\WINDOWS\KHALMNPR.Exe]
"AGRSMMSG"="AGRSMMSG.exe" [10/07/2004 09:50 PM C:\WINDOWS\AGRSMMSG.exe]
"IEUpdate"="C:\WINDOWS\system32\acledith.exe" []
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [02/08/2008 06:36 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="D:\Programs\Spybot - Search & Destroy\TeaTimer.exe" [05/31/2005 01:04 AM]
"Free Uploader Oe Integration"="D:\Programs\Free Download Manager\FUM\fumoei.exe" [06/10/2007 07:02 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [05/13/2008 12:43 PM]
C:\Documents and Settings\Bryan\Start Menu\Programs\Startup\
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [4/26/2008 9:11:55 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 3:05:56 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUnKecb]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC"
-- End of Deckard's System Scanner: finished at 2008-06-02 19:56:25 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Sempron 2400+
Percentage of Memory in Use: 35%
Physical Memory (total/avail): 767.48 MiB / 493.09 MiB
Pagefile Memory (total/avail): 1874.29 MiB / 1613.03 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1920.1 MiB
C: is Fixed (NTFS) - 74.52 GiB total, 25.43 GiB free.
D: is Fixed (NTFS) - 37.24 GiB total, 16.89 GiB free.
E: is CDROM (CDFS)
F: is CDROM (No Media)
G: is CDROM (No Media)
\\.\PHYSICALDRIVE1 - ST380215A - 74.53 GiB - 1 partition
\PARTITION0 - Installable File System - 74.52 GiB - C:
\\.\PHYSICALDRIVE0 - WDC WD400BB-18DEA0 - 37.25 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.24 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.
FW: Kaspersky Internet Security v7.0.1.325 (Kaspersky Lab)
DisabledAV: Kaspersky Internet Security v7.0.1.325 (Kaspersky Lab)
Disabled[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\FS9.EXE"="C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Bryan\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HOME-B05B31F042
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Bryan
LOGONSERVER=\\HOME-B05B31F042
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Bryan\LOCALS~1\Temp
TMP=C:\DOCUME~1\Bryan\LOCALS~1\Temp
USERDOMAIN=HOME-B05B31F042
USERNAME=Bryan
USERPROFILE=C:\Documents and Settings\Bryan
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Bryan
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> D:\Programs\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> D:\Programs\DivX\ConverterUninstall.exe /CONVERTER
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
737-300 Pilot in Command --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_737-300PIC.exe
737 Pilot in Command - 400/500 Upgrade --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_737PIC.exe
A310 The Master's Edition --> C:\Program Files\Microsoft Games\Flight Simulator 9\ssw.a310.Uninstal.exe
A310 The Master's Edition v1.5 Update --> 0:\Program Files\Microsoft Games\Flight Simulator 9\A310.Patch.1.5.Uninstal.exe
ActiveSky Version 6 and ActiveSky Graphics --> MsiExec.exe /X{1819F22A-8B42-4CF5-88C1-97B6F4A7849A}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 6.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7646-000000000001}
Advanced Voice Client 1.0 --> "C:\Program Files\Advanced Voice Client\unins000.exe"
aerosoft's - Balearen-Gibraltar - FS2004 --> "C:\Program Files\Microsoft Games\Flight Simulator 9\aerosoft\Uninstall.exe" "uninstall_Balearen-Gibraltar.ini" "C:\Program Files\Microsoft Games\Flight Simulator 9"
aerosoft's - Budapest 2007 - FS2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0976C02C-0F73-447D-9657-5318C0C45A05}\Setup.exe" -uninst
aerosoft's - Wonderful Madeira - FS2004 --> "C:\Program Files\Microsoft Games\Flight Simulator 9\uninstall_Wonderful Madeira.exe"
Agere Systems PCI Soft Modem --> agrsmdel
Airbus Series Vol.2 (FS2004) --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_Airbus2_wilco.exe
AVC Tuner --> C:\Program Files\Advanced Voice Client Tuner\Uninstal.exe
Azureus --> D:\Programs\Azureus\Uninstall.exe
BearShare --> D:\Programs\BEARSH~1\UNWISE.EXE D:\Programs\BEARSH~1\INSTALL.LOG
Ben Gurion Airport 2006 --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
BF-Quito 2005 --> C:\Program Files\Microsoft Games\Flight Simulator 9\Addon Scenery\Forero\Quito2005\UnInstall_quito2005.exe
Call of Duty --> D:\Programs\CALLOF~1\Uninstall\Unwise.exe /u D:\Programs\CALLOF~1\Uninstall\Install.log
CCleaner (remove only) --> "D:\Programs\CCleaner\uninst.exe"
China-Macau scenery for FS2004 --> c:\Program Files\Microsoft Games\Flight Simulator 9\Addon Scenery\macau2005\Uninstal.exe
COLOMBIA VIRTUAL P.E. 2005 --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
CRJ Experience --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
CRJ New Generation --> C:\Program Files\Microsoft Games\Flight Simulator 9\crjng_uninstal.exe
DivX Codec --> D:\Programs\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> D:\Programs\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> D:\Programs\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> D:\Programs\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> D:\Programs\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EditVoicepack --> MsiExec.exe /I{1EC65D1D-3911-4F7D-8B6A-63C69EDBFC6E}
eMule --> "D:\Programs\eMule\Uninstall.exe"
Eusing Free Registry Cleaner --> C:\PROGRA~1\EUSING~1\UNWISE.EXE C:\PROGRA~1\EUSING~1\INSTALL.LOG
Flight One ATR 72-500 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\ATR_Beta.ini"
Fly the MADDOG 2006 --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall Fly the Maddog 2006.exe
Fly the MADDOG 2006 liveries --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall Liveries.exe
Fly to Brazil #6 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\irunin.ini"
Fokker 70-100 --> C:\Program Files\Microsoft Games\Flight Simulator 9\UnFokker70-FS9.exe
Follow Me Multiplayer --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
Free Download Manager 2.5 --> "D:\Programs\Free Download Manager\unins000.exe"
FS Global 2005 --> C:\PROGRA~1\MICROS~4\FLIGHT~1\pilotsSW\fsg2k5\uninstal.exe C:\PROGRA~1\MICROS~4\FLIGHT~1\pilotsSW\fsg2k5
FS Real Time v1.62.2 --> C:\WINDOWS\iun6002.exe "C:\Program Files\FS Real Time\irunin.ini"
FSBuild 2 --> C:\Program Files\FSBuild\UnInstall_19636.exe
FSNavigator --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F76FF6D-B992-4FD9-8686-F09F868B2C58}\Setup.exe" -l0x9
FSPause12 --> MsiExec.exe /I{94147A93-0288-42D6-8DCC-D35CBA84FC3A}
Fuel Loader --> C:\Program Files\Simulation Hardware\Fuel Loader\Uninstal.exe
Greatest Airliners: 727 --> "C:\Program Files\Microsoft Games\Flight Simulator 9\uninstall_GA727.exe" "/U:C:\Program Files\Microsoft Games\Flight Simulator 9\F1DF_GA727.xml"
GUARULHOS INTERNATIONAL AIRPORT --> C:\WINDOWS\iun6002.exe "C:\Documents and Settings\Bryan\Desktop\Fs2004 - WorldSceneries - Guarulhos Sao Paulo\wsuninstall\irunin_GR.ini"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
IFSD Irish Scenery --> C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\Addon Scenery\ifsd_scenery\IFSD\installer\irunin.ini"
Ivalo 2.0 --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal_Ivalo2.exe
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
KEWR Newark --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KEWR.exe
KLGA La Guardia --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall KLGA.exe
LAGO Male Scenery FS2004 2.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35E853C8-8E86-4259-B4D6-E2B5BEDDABCD}\Setup.exe" -l0x9
LAGO Twin Otter Version 2.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0663708C-35D2-4A9B-AD98-2D49FB6729B6}\Setup.exe" -l0x9
Legendary C-130 --> C:\Program Files\Microsoft Games\Flight Simulator 9\csC130_uninstall.exe
Level-D Simulations 767-300 --> C:\Program Files\Microsoft Games\Flight Simulator 9\UnLvld767.exe
Magic ISO Maker v5.4 (build 0237) --> D:\Programs\MagicISO\UNWISE.EXE D:\Programs\MagicISO\INSTALL.LOG
MagicDisc 2.6.93 --> C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Converter SA Edition 0.8 --> D:\Programs\Media Converter SA Edition\uninst.exe
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Flight Simulator 2004 A Century of Flight --> "C:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 --> MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NCalc 5.1.0 --> "C:\Program Files\NCalc5\unins000.exe"
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OCS PT-154 --> C:\WINDOWS\OCS PT-154 Uninstaller.exe
Photohands 1.0E --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{544FB392-069D-4BA5-9DC7-FFD47230AEE5}\Setup.exe"
PMDG 747-400 FS9 Update V1R12 (Unifies to FSX) --> C:\Program Files\InstallShield Installation Information\{304DAE83-906F-4005-BA09-2870349ABD14}\setup.exe -runfromtemp -l0x0009 -removeonly
PMDG 747-400F GE Atlas --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{044DB990-522B-4E0E-90E0-9868576D567A}\setup.exe" -l0x9 -removeonly
PMDG 747-400F GE Polar Air Cargo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F091397A-BAF6-428D-B278-19541A83BBAE}\setup.exe" -l0x9 -removeonly
PMDG 747-400F PW FedEx --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9CDD8DA2-7BFE-40FD-AEC8-5A48B7C88BFB}\setup.exe" -l0x9 -removeonly
PMDG 747-400F RR Cargolux VCV --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0781BF9-33E6-442B-8167-D60F01E34F6E}\setup.exe" -l0x9 -removeonly
PMDG_747-400_Sound_Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2758F387-D016-4725-9D03-AB039364DF3D}\setup.exe" -l0x9 -removeonly
PMDG747_400 Queen of the Skies --> C:\Program Files\InstallShield Installation Information\{97679567-0095-464E-B5F2-E218A1CF3421}\setup.exe -runfromtemp -l0x0009 -removeonly
PMDG747_400_PW_Singapore --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1BF1967F-7879-494C-BB0A-493653C90857}\setup.exe" -l0x9 -removeonly
PMDG747_400F --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{164360E5-0AAD-48AD-8A36-3F8A859FAB6F}\setup.exe" -l0x9 -removeonly
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PSS B777 Professional 2004 (777-200 LR) 2.1 --> C:\WINDOWS\iun6002.exe "C:\Documents and Settings\Bryan\Desktop\777\PSS\772LR_uni.ini"
PSS Boeing 757 Pro 2006 1.3 --> C:\WINDOWS\iun6002.exe "C:\Documents and Settings\Bryan\Desktop\757\PSS\757_ALL.ini"
PT Tu154M --> MsiExec.exe /I{9A9DC850-9444-4DB0-A364-B0F6B555A647}
Radar Contact Version 4.0 --> "C:\Program Files\rcv4\unins000.exe"
Radar Contact Version 4.01 --> "C:\Program Files\rcv4\unins001.exe"
Ready for Pushback V2_10 Full Version --> C:\Program Files\Microsoft Games\Flight Simulator 9\RFP_V2_Upgrade_Unistaller.exe
Remove UK2000 Part 1 files --> C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\uk2000 scenery\UK2000 Part 1\irunin.ini
Remove UK2000 Part 2 files --> C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\uk2000 scenery\UK2000 Part 2\irunin.ini
Remove UK2000 Part 3 files --> C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\uk2000 scenery\UK2000 Part 3\irunin.ini
Remove UK2000 Part 4 files --> C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\uk2000 scenery\UK2000 Part 4\irunin.ini
Remove UK2000 Part 5 files --> C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\uk2000 scenery\UK2000 Part 5\irunin.ini
Remove UK2000 Part 6 files --> C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\uk2000 scenery\UK2000 Part 6\irunin.ini
Remove UK2000 Part7 files --> C:\WINDOWS\iun506.exe C:\Program Files\Microsoft Games\Flight Simulator 9\uk2000 scenery\UK2000 Part7\irunin.ini
Rovaniemi 4.1 --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall_Rovaniemi41.exe
Saitek SST Programming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{967FB80D-56BD-42EF-A942-9E8C78F984A4}\Setup.exe" -l0x9 -removeonly
SimCharts 3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61812F6F-0705-4B20-B914-32C1E3C155C7}\Setup.exe" -l0x9
Spybot - Search & Destroy 1.4 --> "D:\Programs\Spybot - Search & Destroy\unins000.exe"
SquawkBox 3 --> C:\Program Files\SquawkBox3\sbuninstall.exe SquawkBox 3
SSTSIM --> "C:\WINDOWS\SSTSIM\uninstall.exe" "/U:C:\Program Files\Microsoft Games\Flight Simulator 9\SSTSIM\data\Uninstall\uninstall.xml"
SUPERAntiSpyware Professional --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SWAT 4 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
São Paulo - Congonhas Airport X-Generation --> C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\sbspx9unin.ini"
TeamSpeak 2 RC2 --> D:\Programs\Teamspeak2_RC2\unins000.exe
TeamSpeak 2 Server RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
TJSJ San Juan --> C:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall TJSJ.exe
TOPCAT 2.20 (26MAR08) --> C:\Program Files\TOPCAT\uninst.exe
TTS_Technology --> MsiExec.exe /I{AC696733-F8C5-4EAD-B165-AC8AB8C2A755}
Ultimate Traffic --> C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9\UT13.ini"
UPDATE 01 COLVIRTUAL PE 2005 --> C:\Program Files\Microsoft Games\Flight Simulator 9\desinstalar_colvape2k5.exe
UPDATE 02 COLVIRTUAL PE 2005 --> C:\Program Files\Microsoft Games\Flight Simulator 9\uninstallupd2.exe
UPDATE 03 COLVIRTUAL PE 2005 (FS2004) --> C:\Program Files\Microsoft Games\Flight Simulator 9\uninstallupd2.exe
VRC --> "C:\Program Files\VRC\uninstall.exe"
vroute.info --> rundll32.exe dfshim.dll,ShArpMaintain vroute.info.application, Culture=en, PublicKeyToken=5accc01de4247373, processorArchitecture=msil
Winamp --> "D:\Programs\Winamp\UninstWA.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Wonderful Rio Full Pack --> C:\WINDOWS\iun6002.exe "C:\Program Files\Microsoft Games\Flight Simulator 9/wsuninstall\Wonderful Rio Full Packirunin.ini"
-- Application Event Log -------------------------------------------------------
Event Record #/Type14868 / Warning
Event Submitted/Written: 06/02/2008 07:49:36 PM
Event ID/Source: 1015 / EvntAgnt
Event Description:
TraceLevel parameter not located in registry;
Default trace level used is 32.
Event Record #/Type14867 / Warning
Event Submitted/Written: 06/02/2008 07:49:36 PM
Event ID/Source: 1003 / EvntAgnt
Event Description:
TraceFileName parameter not located in registry;
Default trace file used is .
Event Record #/Type14865 / Error
Event Submitted/Written: 06/01/2008 07:03:17 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application FS9.EXE, version 9.0.0.30612, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type14864 / Error
Event Submitted/Written: 06/01/2008 07:01:45 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application FS9.EXE, version 9.0.0.30612, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type14863 / Error
Event Submitted/Written: 06/01/2008 07:01:44 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application FS9.EXE, version 9.0.0.30612, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type37496 / Error
Event Submitted/Written: 06/01/2008 04:16:43 PM
Event ID/Source: 7031 / Service Control Manager
Event Description:
The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Event Record #/Type37495 / Error
Event Submitted/Written: 06/01/2008 04:16:43 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type37494 / Error
Event Submitted/Written: 06/01/2008 04:16:43 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The SNMP Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type37493 / Error
Event Submitted/Written: 06/01/2008 04:16:43 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type37492 / Error
Event Submitted/Written: 06/01/2008 04:16:43 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The Messenger Sharing Folders USN Journal Reader service service terminated unexpectedly. It has done this 1 time(s).
-- End of Deckard's System Scanner: finished at 2008-06-02 19:56:25 ------------
You might notice the windows firewall has been disabled, i did that because im already running a firewall.