Malwarebytes' Anti-Malware- Nothing
Superantispyware- Nothing
Panda scan at the moment seems to be down, heres the error i got: Reference #97.c430dbc3.1213803122.54f2832
Heres is an older scan, it might help:
;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-27 16:49:46
PROTECTIONS: 1
MALWARE: 20
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
Norton 360 2007 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@doubleclick[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@clickbank[1].txt
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@findwhat[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\eric@statcounter[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@burstnet[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@realmedia[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@zedo[3].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@adrevolver[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@atwola[1].txt
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@enhance[1].txt
02913340 Adware/InternetSpeedMonitor Adware No 0 No No C:\Windows\two222222.exe[ism.exe]
02938171 Spyware/Virtumonde Spyware No 1 No No C:\Windows\four444444.exe[■%%\²¬Ç]
02938552 Adware/InternetSpeedMonitor Adware No 0 No No C:\Program Files\VnrPack\ilaupd.exe[qdrloader.exe]
02938552 Adware/InternetSpeedMonitor Adware No 0 No No C:\Windows\two222222.exe[qdrloader.exe]
02941449 Generic Trojan Virus/Trojan No 0 Yes No C:\Users\Eric\Documents\LimeWire\Saved\COMMAND.AND.CONQUER.GENERALS.ZERO.HOUR-DEViANCE-www.softzone.org-Crack.zip[COMMAND.AND.CONQUER.GENERALS.ZERO.HOUR-DEViANCE-www.softzone.org-Crack.exe]
02974527 Adware/InternetSpeedMonitor Adware No 0 Yes No C:\Windows\two222222.exe
02974528 Spyware/Virtumonde Spyware No 1 Yes No C:\Windows\four444444.exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location ����
3
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description ����
3
;===============================================================================
=================================================================================
===================
184379 MEDIUM MS08-001 ����
3
182048 HIGH MS07-069 ����
3
176382 HIGH MS07-057 ����
3
170906 HIGH MS07-045 ����
3
164913 HIGH MS07-033 ����
3
160623 HIGH MS07-027 ����
3
;===============================================================================
=================================================================================
===================
Windows update: Up to date.
OK, I was told the last time I had problems to perform an additional test, here are its results:
Deckard's System Scanner v20071014.68
Run by Eric on 2008-06-18 10:19:59
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
18: 2008-06-16 22:09:42 UTC - RP194 - Windows Backup
17: 2008-06-08 18:13:18 UTC - RP193 - Windows Update
16: 2008-06-08 04:00:09 UTC - RP192 - Windows Backup
15: 2008-06-07 04:00:15 UTC - RP191 - Scheduled Checkpoint
14: 2008-06-06 04:00:13 UTC - RP190 - Scheduled Checkpoint
-- First Restore Point --
1: 2008-05-14 07:00:36 UTC - RP176 - Windows Update
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 76% (more than 75%).
Total Physical Memory: 894 MiB (1024 MiB recommended).
-- HijackThis (run as Eric.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:46 AM, on 6/18/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Windows\System32\notepad.exe
C:\Users\Eric\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Eric.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {3814DEE6-F161-4E41-B4F1-06CCE04D14EE} - C:\Program Files\Windows NT\fery66225.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7991 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080524-221956-127 O4 - HKCU\..\Run: [VnrPack15] "C:\Program Files\VnrPack\VnrPack15.exe"
backup-20080524-221956-679 O4 - HKCU\..\Run: [VnrPack16] "C:\Program Files\VnrPack\VnrPack16.exe"
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Compact Flash
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20021111153705700&0#
Manufacturer: Generic-
Name: Compact Flash
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20021111153705700&0#
Service: WUDFRd
-- Scheduled Tasks -------------------------------------------------------------
2008-06-16 20:00:01 544 --a------ C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Eric.job
-- Files created between 2008-05-18 and 2008-06-18 -----------------------------
2008-05-24 21:58:17 0 d-------- C:\Users\All Users\Malwarebytes
2008-05-24 21:58:16 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-24 20:28:38 0 d-------- C:\Program Files\Panda Security
2008-05-24 20:18:39 0 d-------- C:\Program Files\Trend Micro
-- Find3M Report ---------------------------------------------------------------
2008-06-10 12:49:58 0 d-------- C:\Users\Eric\AppData\Roaming\LimeWire
2008-06-08 22:31:46 0 d-------- C:\Program Files\SwiftKit
2008-06-08 17:04:21 0 d-------- C:\Program Files\Norton 360
2008-06-08 17:03:51 0 d-------- C:\Program Files\Symantec
2008-05-24 21:58:29 0 d-------- C:\Users\Eric\AppData\Roaming\Malwarebytes
2008-05-24 21:57:44 0 d-------- C:\Users\Eric\AppData\Roaming\Download Manager
2008-05-16 21:42:45 0 d-------- C:\Program Files\Windows NT
2008-05-16 21:22:54 0 d-------- C:\Program Files\Lavasoft
2008-05-16 21:21:49 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-15 15:32:37 0 d-------- C:\Program Files\MSBuild
2008-05-15 15:32:31 399943 --a------ C:\Windows\four444444.exe
2008-05-15 15:32:29 266607 --a------ C:\Windows\two222222.exe
2008-05-15 15:31:39 0 d-------- C:\Program Files\VnrPack
2008-05-14 03:01:26 0 d-------- C:\Program Files\Windows Mail
2008-05-13 15:54:45 0 d-------- C:\Program Files\Java
2008-05-13 15:52:30 0 d-------- C:\Program Files\Common Files
2008-05-13 15:52:30 0 d-------- C:\Program Files\Common Files\Java
2008-05-13 15:49:36 0 d-------- C:\Program Files\LimeWire
2008-05-05 21:24:33 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-05 21:24:31 611 --a------ C:\Windows\eReg.dat
2008-05-05 21:01:29 0 d-------- C:\Program Files\EA Games
2008-05-01 19:30:54 0 d-------- C:\Users\Eric\AppData\Roaming\My Battle for Middle-earth II Files
2008-04-25 19:48:51 0 d-------- C:\Program Files\Electronic Arts
2008-04-25 19:43:43 0 d-------- C:\Users\Eric\AppData\Roaming\WinRAR
2008-04-18 22:56:22 0 d-------- C:\Program Files\Battleships Forever
2008-04-06 20:59:33 0 --a------ C:\Windows\nsreg.dat
2008-04-06 20:27:45 174 --ahs---- C:\Program Files\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3814DEE6-F161-4E41-B4F1-06CCE04D14EE}]
C:\Program Files\Windows NT\fery66225.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/06/2008 08:09 PM]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [09/28/2006 09:42 AM]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [02/15/2007 06:59 AM]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [02/10/2007 08:18 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [02/10/2007 08:18 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [02/10/2007 08:18 PM]
"RtHDVCpl"="RtHDVCpl.exe" [03/01/2007 11:38 AM C:\Windows\RtHDVCpl.exe]
"@"="" []
"SnapfishMediaDetector"="C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe" [03/02/2007 05:55 PM]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/17/2005 02:11 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/10/2007 01:59 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [01/29/2008 05:38 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [04/06/2008 08:00 PM]
"HPAdvisor"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" []
"Uniblue RegistryBooster 2"="c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe" [12/05/2007 04:51 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"Launcher"=%WINDIR%\SMINST\launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish Media Detector.lnk - C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe [3/2/2007 5:55:02 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a943dfd8-f5b0-11db-a717-806e6f6e6963}]
AutoRun\command- E:\autorun.exe
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-06-18 10:24:56 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: AMD Athlon 64 X2 Dual Core Processor 3800+
Percentage of Memory in Use: 84%
Physical Memory (total/avail): 893.94 MiB / 137.34 MiB
Pagefile Memory (total/avail): 2910.23 MiB / 1385.84 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.08 MiB
C: is Fixed (NTFS) - 224.12 GiB total, 149.99 GiB free.
D: is Fixed (NTFS) - 8.76 GiB total, 0.24 GiB free.
E: is CDROM (UDF)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
\\.\PHYSICALDRIVE0 - Hitachi HDT725025VLA SCSI Disk Device - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 224.12 GiB - C:
\PARTITION1 - Installable File System - 8.76 GiB - D:
\\.\PHYSICALDRIVE1 - Generic- Compact Flash USB Device
\\.\PHYSICALDRIVE4 - Generic- MS/MS-Pro USB Device
\\.\PHYSICALDRIVE3 - Generic- SD/MMC USB Device
\\.\PHYSICALDRIVE2 - Generic- SM/xD-Picture USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: Norton 360 v2007 (SYMANTEC Corporation)
AV: Norton 360 v2007 (SYMANTEC Corperation)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Norton 360 v2007 (Symantec Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Eric\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ERIC-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Eric
LOCALAPPDATA=C:\Users\Eric\AppData\Local
LOGONSERVER=\\ERIC-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Presario
PLATFORM=HPD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4b02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=c:\windows\temp
TMP=c:\windows\temp
USERDOMAIN=Eric-PC
USERNAME=Eric
USERPROFILE=C:\Users\Eric
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Eric
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
--> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
--> "C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
--> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
--> "C:\Program Files\HP Games\Cue Master\Uninstall.exe"
--> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
--> "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
--> "C:\Program Files\HP Games\FATE\Uninstall.exe"
--> "C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
--> "C:\Program Files\HP Games\Flip Words\Uninstall.exe"
--> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
--> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
--> "C:\Program Files\HP Games\Otto\Uninstall.exe"
--> "C:\Program Files\HP Games\Overball\Uninstall.exe"
--> "C:\Program Files\HP Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\HP Games\Phoenix Assault\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Tubing\Uninstall.exe"
--> "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
--> "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
--> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
--> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
--> "C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
--> "C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Age of Empires III --> C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\setup.exe -runfromtemp -l0x0409
AMD Power Monitor --> MsiExec.exe /X{9DD3BF8E-0399-4B15-878B-CE48CE4961F9}
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Battleships Forever v0.88 --> "C:\Users\Eric\Battleships Forever\unins000.exe"
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Command & Conquer Generals --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
GearDrvs --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
GPGNet --> MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
Hardware Diagnostic Tools --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Feedback --> MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP On-Screen Cap/Num/Scroll Lock Indicator --> C:\Windows\system32\OsdRemove.exe
HP Photosmart Essential 2.0 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
LimeWire 4.16.7 --> "C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 6.0 --> C:\Program Files\InstallShield Installation Information\{6AF49698-949A-4C89-9B31-041D2CCB5FBD}\setup.exe -runfromtemp -l0x0009 -removeonly
My HP Games --> "C:\Program Files\HP Games\Uninstall.exe"
Norton 360 --> MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360 --> MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360 --> MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton 360 --> MsiExec.exe /I{F413B69D-4AD6-42ab-AEA5-0548989FAD50}
Norton 360 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X
Norton 360 Help --> MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Authentification Component --> MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Python 2.4.3 --> MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Rhapsody --> C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Roxio Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio --> MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9 --> MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy --> MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive --> MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools --> MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3 --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9 --> MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
Snapfish Media Detector --> MsiExec.exe /X{4EF6FDB0-3B11-4820-9860-8E08E9965195}
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.inf
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Star Wars Empire at War --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe" -l0x9 -removeonly
Star Wars Empire at War Forces of Corruption --> C:\Program Files\InstallShield Installation Information\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}\setup.exe -runfromtemp -l0x0009 -removeonly
Star Wars Galactic Battlegrounds: Saga --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10133CDD-50B9-4783-B336-8B48F3653715}\Setup.exe" -l0x9
SuppSoft --> MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}
Supreme Commander --> C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x0009 -removeonly
SwiftKit --> C:\Program Files\SwiftKit\Uninstall.exe
Symantec Technical Support Controls --> MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
The Battle for Middle-earth II --> C:\Program Files\Electronic Arts\The Battle for Middle-earth II\EAUninstall.exe
Uniblue RegistryBooster 2 --> "C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Toolbar for Internet Explorer --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type51241 / Success
Event Submitted/Written: 06/16/2008 05:59:36 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type51240 / Success
Event Submitted/Written: 06/16/2008 05:59:36 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type51236 / Success
Event Submitted/Written: 06/16/2008 05:59:32 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
Event Record #/Type51213 / Success
Event Submitted/Written: 06/15/2008 00:43:12 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type51212 / Success
Event Submitted/Written: 06/15/2008 00:43:11 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type34899 / Warning
Event Submitted/Written: 06/18/2008 10:23:39 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB951376(Security Update) is not applicable for this system
Event Record #/Type34880 / Warning
Event Submitted/Written: 06/18/2008 10:23:22 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB905866(Update) is not applicable for this system
Event Record #/Type34860 / Warning
Event Submitted/Written: 06/18/2008 10:22:22 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB950762(Security Update) is not applicable for this system
Event Record #/Type34843 / Warning
Event Submitted/Written: 06/18/2008 10:21:35 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB951698(Security Update) is not applicable for this system
Event Record #/Type34734 / Warning
Event Submitted/Written: 06/18/2008 10:18:14 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB950759(Security Update) i