I'm not trying to bump this post but I thought I'd better include the "Deckard's System Scanner" results as I see this is generally asked for. After completing the scan I can see quite a few issues with the result relating to "Antivirus XP 2008", but I will not attemp to remove anything untill I get further instructions.
Here are the scan results:
Deckard's System Scanner v20071014.68
Run by woody on 2008-07-10 09:25:59
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 4 Restore Point(s) --
4: 2008-07-10 08:26:03 UTC - RP890 - Deckard's System Scanner Restore Point
3: 2008-07-10 08:20:43 UTC - RP889 - Software Distribution Service 3.0
2: 2008-07-07 12:13:02 UTC - RP888 - Last good restore point
1: 2008-07-07 12:12:55 UTC - RP887 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as woody.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27:24, on 10/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\ALCWZRD.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Documents and Settings\woody\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\woody.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://format.packar...i...&key=SEARCHR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.directoryfind.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.ntlworld.com/broadbandR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Trellian BHO Impl - {24180B00-2EB6-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - C:\WINDOWS\system32\SHDOCVW.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Trellian &Toolbar - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - C:\Program Files\TRELLIAN\Toolbar\toolbar.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Exif Launcher 2.lnk = ?
O8 - Extra context menu item: Alexa Web Search -
http://client.alexa....ions/search.htmO8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Get Alexa Data -
http://client.alexa....ns/sitedata.htmO8 - Extra context menu item: Mail to a Friend... -
http://client.alexa....ions/mailto.htmO8 - Extra context menu item: See Related Links -
http://client.alexa....ons/related.htmO8 - Extra context menu item: Write a Review... -
http://client.alexa....ions/review.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 12359 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
S3 actser - c:\windows\system32\drivers\actser.sys <Not Verified; Siemens AG; Actser Filter Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\apps\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>
R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\apps\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>
R2 CyberLink Media Library Service - "c:\program files\cyberlink\shared files\clml_ntservice\clmlserver.exe" <Not Verified; Cyberlink; Cyberlink Media Library Server>
R2 GenericHidService (Generic Service for HID Keyboard Input Collections) - c:\apps\hidservice\hidservice.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-06-10 and 2008-07-10 -----------------------------
2008-07-10 09:24:51 0 d-------- D:\Deckard
2008-07-10 09:20:49 0 d-------- C:\WINDOWS\LastGood
2008-07-09 09:33:55 0 d-------- C:\Program Files\Trend Micro
2008-07-07 19:42:21 0 d-------- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-07 15:53:49 0 d-------- C:\WINDOWS\pss
2008-07-07 15:28:44 0 d--h----- D:\Documents and Settings\Administrator\Templates
2008-07-07 15:28:44 0 dr------- D:\Documents and Settings\Administrator\Start Menu
2008-07-07 15:28:44 0 dr-h----- D:\Documents and Settings\Administrator\SendTo
2008-07-07 15:28:44 0 dr-h----- D:\Documents and Settings\Administrator\Recent
2008-07-07 15:28:44 0 d--h----- D:\Documents and Settings\Administrator\PrintHood
2008-07-07 15:28:44 0 d--h----- D:\Documents and Settings\Administrator\NetHood
2008-07-07 15:28:44 0 dr------- D:\Documents and Settings\Administrator\My Documents
2008-07-07 15:28:44 0 d--h----- D:\Documents and Settings\Administrator\Local Settings
2008-07-07 15:28:44 0 dr------- D:\Documents and Settings\Administrator\Favorites
2008-07-07 15:28:44 0 dr------- D:\Documents and Settings\Administrator\Desktop
2008-07-07 15:28:44 0 d--hs---- D:\Documents and Settings\Administrator\Cookies
2008-07-07 15:28:44 0 dr-h----- D:\Documents and Settings\Administrator\Application Data
2008-07-07 15:28:44 0 d-------- D:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2008-07-07 15:28:44 0 d-------- D:\Documents and Settings\Administrator\Application Data\Symantec
2008-07-07 15:28:44 0 d-------- D:\Documents and Settings\Administrator\Application Data\Real
2008-07-07 15:28:44 0 d---s---- D:\Documents and Settings\Administrator\Application Data\Microsoft
2008-07-07 15:28:44 0 d-------- D:\Documents and Settings\Administrator\Application Data\Macromedia
2008-07-07 15:28:44 0 d-------- D:\Documents and Settings\Administrator\Application Data\Identities
2008-07-07 15:28:43 1048576 --ah----- D:\Documents and Settings\Administrator\NTUSER.DAT
2008-07-07 13:12:18 0 d-------- D:\Documents and Settings\woody\Application Data\rhcnh7j0en6a
2008-07-07 13:11:54 60928 --a------ C:\WINDOWS\system32\blphcjh7j0en6a.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-06-26 11:22:21 0 d-------- C:\Program Files\TRELLIAN
-- Find3M Report ---------------------------------------------------------------
2008-07-10 09:19:58 0 d-------- D:\Documents and Settings\woody\Application Data\OpenOffice.org2
2008-06-20 07:51:32 0 d-------- D:\Documents and Settings\woody\Application Data\Adobe
2008-06-05 13:18:39 565248 --a------ C:\WINDOWS\system32\AlxTB1.dll <Not Verified; Alexa Internet; AlxTB Module>
2008-06-05 10:19:41 0 d-------- C:\Program Files\PPLive TV
2008-06-05 09:38:31 0 d-------- C:\Program Files\AVG
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [04/08/2004 14:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [04/08/2004 14:00]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [17/03/2004 15:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"SoundMan"="SOUNDMAN.EXE" [10/09/2004 18:29 C:\WINDOWS\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [15/09/2004 11:20 C:\WINDOWS\ALCWZRD.EXE]
"Alcmtr"="ALCMTR.EXE" [20/07/2004 10:22 C:\WINDOWS\ALCMTR.EXE]
"ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [05/08/2005 21:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12/07/2007 04:00]
"Ulead AutoDetector v2"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [26/11/2004 11:43]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [11/05/2005 13:48]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [04/08/2004 14:00]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [02/05/2003 11:31]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [10/09/2002 21:26]
"EPSON Stylus Photo R300 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.exe" [11/09/2003 04:00]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [13/10/2005 17:54]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 12:50]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [14/12/2004 03:12]
"@"="" []
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [13/10/2005 17:59]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [04/02/2002 22:32]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04/07/2008 15:31]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [04/08/2004 14:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24]
"PPWebCap"="C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe" [10/08/2001 11:50]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [28/10/2007 18:51]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 14:00]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43]
D:\Documents and Settings\woody\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [16/03/2005 20:16:50]
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [23/09/2005 14:36:42]
D:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [16/11/2005 09:41:50]
Exif Launcher 2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe [31/05/2007 18:48:29]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=1 (0x1)
"NoDispScrSavPage"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lphcjh7j0en6a]
C:\WINDOWS\system32\lphcjh7j0en6a.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMrhcnh7j0en6a]
C:\Program Files\rhcnh7j0en6a\rhcnh7j0en6a.exe
-- End of Deckard's System Scanner: finished at 2008-07-10 09:28:43 ------------
-------------------------------------------------------------------------
-------------------------------------------------------------------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 3.06GHz
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 1023.48 MiB / 545.07 MiB
Pagefile Memory (total/avail): 2458.74 MiB / 2083.86 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1926.09 MiB
C: is Fixed (NTFS) - 29.99 GiB total, 19.27 GiB free.
D: is Fixed (NTFS) - 150.3 GiB total, 136.73 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3200826AS - 186.31 GiB - 3 partitions
\PARTITION0 - Unknown - 6.01 GiB
\PARTITION1 (bootable) - Installable File System - 29.99 GiB - C:
\PARTITION2 - Installable File System - 150.3 GiB - D:
\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%ProgramFiles%\\AOL 9.0\\aol.exe"="%ProgramFiles%\\AOL 9.0\\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"="%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe:*:Enabled:PANDORA"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Terrapin FTP\\ftp95.exe"="C:\\Program Files\\Terrapin FTP\\ftp95.exe:*:Enabled:Terrapin FTP"
"C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
"D:\\Documents and Settings\\woody\\Local Settings\\Temporary Internet Files\\Content.IE5\\21GBM9Y5\\utorrent[1].exe"="D:\\Documents and Settings\\woody\\Local Settings\\Temporary Internet Files\\Content.IE5\\21GBM9Y5\\utorrent[1].exe:*:Enabled:utorrent[1]"
"D:\\Documents and Settings\\woody\\Local Settings\\Temporary Internet Files\\Content.IE5\\ENIPWRUT\\utorrent[1].exe"="D:\\Documents and Settings\\woody\\Local Settings\\Temporary Internet Files\\Content.IE5\\ENIPWRUT\\utorrent[1].exe:*:Enabled:utorrent[1]"
"D:\\Documents and Settings\\woody\\Desktop\\utorrent.exe"="D:\\Documents and Settings\\woody\\Desktop\\utorrent.exe:*:Enabled:utorrent"
"C:\\Program Files\\Common Files\\Synacast\\SynaLive\\PE.exe"="C:\\Program Files\\Common Files\\Synacast\\SynaLive\\PE.exe:*:Enabled:SynacastPE"
"C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=D:\Documents and Settings\All Users
APPDATA=D:\Documents and Settings\woody\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SN048758820132
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=D:
HOMEPATH=\Documents and Settings\woody
LOGONSERVER=\\SN048758820132
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\PROGRA~1\COMMON~1\SONICS~1\;C:\Program Files\Common Files\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=D:\DOCUME~1\woody\LOCALS~1\Temp
TMP=D:\DOCUME~1\woody\LOCALS~1\Temp
USERDOMAIN=SN048758820132
USERNAME=woody
USERPROFILE=D:\Documents and Settings\woody
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
woody
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> "c:\apps\skype\phone\unins000.exe"
--> "C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe" -lang="en-uk"
--> C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c
--> C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
--> C:\Program Files\Common Files\aolshare\Aolunins_uk.exe
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Learn2.com\StRunner\stuninst.exe
--> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\Modio\SLAMR2KO\Setup.exe /Remove
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
--> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
--> MsiExec.exe /I{8B543A39-9401-44F4-B572-069E64C15189}
--> Rundll32 AlxTB1.dll,Uninstall RunDll32 syssetup.dll,SetupInfObjectInstallAction DefaultUnInstall.NT 4 alexa7.inf
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.EXE" -uninstall
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9CFBD8-8F77-4DCD-8CB5-CDD5F653C872}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F1DA6BF-3614-48A1-9970-9E90F646789E}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x9
--> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat Key 7.5 --> C:\Program Files\Passware\un-acbtkey.exe
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 7.0 Professional --> msiexec /I {AC76BA86-1033-0000-7760-000000000002}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Alexa Toolbar --> C:\Program Files\Alexa Toolbar\uninstall.exe
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
CloneDVD2 --> "C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Directory Submitter 1.3 --> "C:\Program Files\DirectorySubmitter\unins000.exe"
DYMO Label Software --> C:\PROGRA~1\DYMOLA~1\UNINSTAL.EXE /U C:\PROGRA~1\DYMOLA~1\INSTALL.LOG
EPSON CardMonitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x9 uninst
EPSON PhotoQuicker3.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x9 uninst
EPSON PhotoStarter3.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x9 uninst
EPSON Print CD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x9 -SYSTEM
EPSON PRINT Image Framer Tool2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anything
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
ESPR300 Reference Guide --> C:\Program Files\EPSON\ESPR300\REF_G\DOCUNINS.EXE
ESPR300 Software Guide --> C:\Program Files\EPSON\ESPR300\PQU_G\DOCUNINS.EXE
ESPR300 Standalone Guide --> C:\Program Files\EPSON\ESPR300\STA_G\DOCUNINS.EXE
ExtractNow --> "C:\Program Files\ExtractNow\unins000.exe"
FinePixViewer Resource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE" -l0x9
FinePixViewer Ver.5.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE" -l0x9
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
ImageMixer VCD2 for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934E9442-D305-4ACF-AD87-A6C11D677CB9}\setup.exe"
ImageMixer VCD2 LE for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B093990A-AAF2-44AC-9216-14BB7A2189B6}\SETUP.EXE" -l0x9
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 8 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
JGsoft EditPad Lite 5.4.5 --> C:\WINDOWS\UnDeploy.exe "C:\Program Files\JGsoft\EditPadLite\Deploy.log"
Macromedia Shockwave Player --> MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Media Video 9 VCM --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MicroStaff WINASPI --> C:\MWASPI\uninst.exe
Mozilla Firefox (1.5.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.12 (en-GB)"
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MultiReplace v 2.2.5.0 --> "C:\Program Files\MultiReplace2\unins000.exe"
Nero Suite --> C:\Program Files\Common Files\Ahead\Uninstall\setup.exe /uninstall
OLYMPUS CAMEDIA Master 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\Setup.exe"
OpenOffice.org 2.0 --> MsiExec.exe /I{76BB7B2D-748F-4AE9-89C3-78C051833EA1}
PaperPort 7.02 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ScanSoft\PaperPort\Config\DeIsL1.isu" -y -c"C:\Program Files\ScanSoft\PaperPort\UnInstl2.dll"
PIF DESIGNER2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anything
PPLive 1.1.0.1 --> C:\PROGRA~1\PPLIVE~1\Setup.exe /remove
RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
SAMSUNG CDMA Modem Driver Set --> C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile USB Modem ^^ --> C:\WINDOWS\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software --> C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x9 -removeonly
Samsung PC Studio 3 USB Driver Installer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x9 -removeonly
ScanToWeb --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic MyDVD --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synacast Plug-in 1.1.0.1 --> C:\Program Files\Common Files\Synacast\SynaLive\uninst.exe
Terrapin FTP --> C:\Program Files\Terrapin FTP\uninst.exe
ToolbarBrowser v2.4 --> "C:\Program Files\TRELLIAN\Toolbar\unToolbarBrowser\unins000.exe"
Visioneer 4800 USB --> C:\WINDOWS\twain_32\VIZSCAN\4800\UNWISE.EXE C:\WINDOWS\twain_32\VIZSCAN\4800\INSTALL.LOG
WebLog Expert 3.6 --> "C:\Program Files\WebLog Expert\unins000.exe"
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Xenu's Link Sleuth --> "C:\Program Files\Xenu\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type14901 / Error
Event Submitted/Written: 07/07/2008 01:40:28 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application rhcnh7j0en6a.exe, version 0.0.0.0, faulting module rhcnh7j0en6a.exe, version 0.0.0.0, fault address 0x00044019.
Processing media-specific event for [rhcnh7j0en6a.exe!ws!]
Event Record #/Type14896 / Error
Event Submitted/Written: 07/07/2008 01:22:12 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application rhcnh7j0en6a.exe, version 0.0.0.0, faulting module rhcnh7j0en6a.exe, version 0.0.0.0, fault address 0x00044019.
Processing media-specific event for [rhcnh7j0en6a.exe!ws!]
Event Record #/Type14891 / Error
Event Submitted/Written: 07/07/2008 01:16:14 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application rhcnh7j0en6a.exe, version 0.0.0.0, faulting module rhcnh7j0en6a.exe, version 0.0.0.0, fault address 0x00044019.
Processing media-specific event for [rhcnh7j0en6a.exe!ws!]
Event Record #/Type14886 / Error
Event Submitted/Written: 07/07/2008 01:12:22 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application rhcnh7j0en6a.exe, version 0.0.0.0, faulting module rhcnh7j0en6a.exe, version 0.0.0.0, fault address 0x00044019.
Processing media-specific event for [rhcnh7j0en6a.exe!ws!]
Event Record #/Type14793 / Error
Event Submitted/Written: 06/27/2008 00:19:46 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16674, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type57190 / Error
Event Submitted/Written: 07/10/2008 09:27:58 AM
Event ID/Source: 7016 / Service Control Manager
Event Description:
The SmartLinkService service has reported an invalid current state 0.
Event Record #/Type57169 / Error
Event Submitted/Written: 07/10/2008 09:18:12 AM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.2.3 for the Network Card with network address 00148543E91F has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
Event Record #/Type57151 / Warning
Event Submitted/Written: 07/09/2008 09:14:42 AM
Event ID/Source: 1005 / Dhcp
Event Description:
Your computer has detected that the IP address 192.168.2.2 for the Network Card
with network address 00148543E91F is already in use on the network.
Your computer will automatically attempt to obtain a different address.
Event Record #/Type57150 / Warning
Event Submitted/Written: 07/09/2008 09:14:42 AM
Event ID/Source: 1005 / Dhcp
Event Description:
Your computer has detected that the IP address 192.168.2.2 for the Network Card
with network address 00148543E91F is already in use on the network.
Your computer will automatically attempt to obtain a different address.
Event Record #/Type57149 / Error
Event Submitted/Written: 07/09/2008 09:14:38 AM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.2.3 for the Network Card with network address 00148543E91F has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
-- End of Deckard's System Scanner: finished at 2008-07-10 09:28:43 ------------