Deckard's System Scanner v20071014.68
Run by shaevans on 2008-07-11 10:52:26
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 5 Restore Point(s) --
65: 2008-07-11 12:11:40 UTC - RP65 - Deckard's System Scanner Restore Point
64: 2008-07-10 15:09:12 UTC - RP64 - System Checkpoint
63: 2008-07-09 14:17:15 UTC - RP63 - System Checkpoint
62: 2008-07-08 13:58:30 UTC - RP62 - System Checkpoint
61: 2008-07-07 13:43:39 UTC - RP61 - System Checkpoint
-- First Restore Point --
1: 2008-04-21 13:39:14 UTC - RP1 - System Checkpoint
Backed up registry hives.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-11 10:55:57
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\DWRCS.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Intel\AMT\Lms.exe
C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Intel\AMT\Uns.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\WINDOWS\Temp\RK1013.EXE
C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
C:\kix\UTLite33.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VAV\vav.exe
C:\Program Files\SpyShredder\SpyShredder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\PrintKey2000\Printkey2000.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\shaevans\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://home.fcinternal.net/R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.google.com/search?q=%sR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://nfuse.czncorp...auth/login.aspxR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieR1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [IFXSPMGT] c:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\Pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\VAV\vav.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [SpyShredder] C:\Program Files\SpyShredder\SpyShredder.exe
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: AutoCAD LT Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Printkey2000.lnk = C:\Program Files\PrintKey2000\Printkey2000.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res:///3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=58813O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
http://fpdownload.ma...director/sw.cabO16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgree...eensActivia.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1198010915734O16 - DPF: {82B56B47-90DC-4F58-9A7D-D27BA46D3C0F} (MyPhotoAlbum Easy Upload Tool Combo Control) -
http://schleppy1975....geUploader4.cabO16 - DPF: {B4A78D29-52B1-4A7B-BAC0-1471BEDF9836} () -
http://xscanner.shre...tup/webinst.cabO16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) -
http://office.micros...ntent/opuc4.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macr...ash/swflash.cabO16 - DPF: {DC11F230-5717-4C25-BAD7-37B879C19655} (MyPhotoAlbum Easy Upload Tool Combo Control) -
http://schleppy1975....geUploader4.cabO16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD LT 2002\AcPreview.ocx
O17 - HKLM\Software\..\Telephony: DomainName = corp.pvt
O17 - HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: Domain = corp.pvt
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: Domain = corp.pvt
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: ackpbsc - C:\WINDOWS\system32\ackpbsc.dll
O20 - Winlogon Notify: acunlock - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll
O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\system32\DeviceNP.dll
O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - C:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Intel® Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CCA Agent Stub (CCAAgentStub) - Unknown owner - C:\WINDOWS\system32\CCAAgentStub.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\cwbrxd.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\system32\DWRCS.EXE
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel® Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\Lms.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
O23 - Service: Intel® Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\Uns.exe
--
End of file - 14369 bytes
-- File Associations -----------------------------------------------------------
.scr - AutoCADLTScriptFile - shell\open\command - "C:\WINDOWS\system32\notepad.exe" "%1"-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
S3 NCHSSVAD (SoundTap Recorder) - c:\windows\system32\drivers\nchssvad.sys <Not Verified; NCH Swift Sound; NCH Swift Sound Virtual Audio Device>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 DWMRCS (DameWare Mini Remote Control) - c:\windows\system32\dwrcs.exe -service <Not Verified; DameWare Development LLC; DameWare Development DWRCS>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
S2 CCAAgentStub (CCA Agent Stub) - "c:\windows\system32\ccaagentstub.exe" (file missing)
S3 Cwbrxd (iSeries Access for Windows Remote Command) - c:\windows\cwbrxd.exe <Not Verified; IBM Corporation; IBM® iSeries ™ Access for Windows>
S3 FLCDLOCK (HP ProtectTools Device Locking / Auditing) - c:\windows\system32\flcdlock.exe <Not Verified; Hewlett-Packard Ltd; Device Access Manager>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Process Modules -------------------------------------------------------------
C:\WINDOWS\system32\winlogon.exe (pid 1408)
2007-02-26 05:49:00 70144 -ra------ C:\WINDOWS\system32\APSHook.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-05-03 19:51:16 112640 --a------ C:\WINDOWS\system32\ackpbsc.dll <Not Verified; ActivIdentity; ActivClient Services>
2007-05-03 19:51:16 118784 --a------ C:\WINDOWS\system32\aclog.dll <Not Verified; ActivIdentity; Library - Logging>
2007-05-03 19:52:08 655360 --a------ C:\WINDOWS\system32\aclibeay.dll <Not Verified; ActivIdentity; The OpenSSL Toolkit>
2007-05-03 19:51:42 100864 --a------ C:\WINDOWS\system32\acevtsub.dll <Not Verified; ActivIdentity; ActivClient Services>
2007-05-03 19:51:28 325120 --a------ C:\WINDOWS\system32\asphat32.dll <Not Verified; ActivIdentity; Smart Card Middleware>
2007-05-03 19:51:16 29696 --a------ C:\WINDOWS\system32\acerrmes.dll <Not Verified; ActivIdentity; Smart Card Middleware>
2007-05-03 19:51:30 87040 --a------ C:\WINDOWS\system32\aspcom.dll <Not Verified; ActivIdentity; Smart Card Middleware>
2007-12-19 12:23:31 64512 --a------ C:\Program Files\ActivIdentity\ActivClient\Resources\Merged\acerrmrc.dll <Not Verified; ActivIdentity; Smart Card Middleware>
2007-12-19 12:23:31 53760 --a------ C:\Program Files\ActivIdentity\ActivClient\Resources\Merged\asphatrc.dll <Not Verified; ActivIdentity; Smart Card Middleware>
2007-03-14 07:03:00 74752 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-06-15 03:47:00 586240 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ItMsg.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-05-03 19:51:12 281088 --a------ C:\Program Files\ActivIdentity\ActivClient\acunlock.dll <Not Verified; ActivIdentity; ActivClient>
2007-05-03 19:49:30 224768 --a------ C:\WINDOWS\system32\aipingui.dll <Not Verified; ActivIdentity; ActivClient>
2007-12-19 12:23:36 254464 --a------ C:\Program Files\ActivIdentity\ActivClient\Resources\Merged\aipinguirc.dll <Not Verified; ActivIdentity; ActivClient>
2007-05-03 19:51:50 206848 --a------ C:\Program Files\ActivIdentity\ActivClient\Resources\acCobAPIrc.dll <Not Verified; ActivIdentity; Smart Card Middleware>
2007-12-19 12:23:37 56832 --a------ C:\Program Files\ActivIdentity\ActivClient\Resources\Merged\acunlockrc.dll <Not Verified; ActivIdentity; ActivClient>
2007-04-30 09:19:04 49152 --a------ C:\WINDOWS\system32\DeviceNP.dll <Not Verified; Hewlett-Packard Limited; HP ProtectTools Device Management>
2007-10-08 15:11:52 208896 --a------ C:\WINDOWS\system32\NetProvCredMan.dll <Not Verified; Intel Corporation; NetProvCredMan Dynamic Link Library>
C:\WINDOWS\system32\svchost.exe (pid 1684)
2007-02-26 05:49:00 70144 -ra------ C:\WINDOWS\system32\APSHook.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-03-14 07:03:00 74752 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-06-15 03:47:00 586240 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ItMsg.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2006-06-22 07:14:00 131584 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll <Not Verified; Cognizance Corporation; Cognizance Identity Manager>
2007-06-08 11:33:42 485888 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ItDAC.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-03-02 05:20:00 157184 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ItReports.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-07-20 20:00:20 512512 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\AuthWiz.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-03-29 05:31:00 263680 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ItAuth.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-01-09 04:18:00 168960 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\HPBrand.dll <Not Verified; Hewlett-Packard Company; Cognizance Identity Manager>
2007-07-20 19:38:54 224256 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\TpmAuth.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-03-22 10:23:00 142848 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ItVCServer.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-03-07 04:40:00 290816 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\ItVCard.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-02-20 01:45:00 172032 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\NetAdmin.dll <Not Verified; Cognizance Corporation; Cognizance Identity Manager>
2007-05-28 04:19:00 94208 -ra------ C:\Program Files\Hewlett-Packard\IAM\Bin\BioAuthSrv.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
C:\WINDOWS\system32\svchost.exe (pid 1712)
2007-02-26 05:49:00 70144 -ra------ C:\WINDOWS\system32\APSHook.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
C:\WINDOWS\system32\svchost.exe (pid 2008)
2007-02-26 05:49:00 70144 -ra------ C:\WINDOWS\system32\APSHook.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
C:\WINDOWS\system32\svchost.exe (pid 192)
2007-02-26 05:49:00 70144 -ra------ C:\WINDOWS\system32\APSHook.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
C:\WINDOWS\system32\svchost.exe (pid 548)
2007-02-26 05:49:00 70144 -ra------ C:\WINDOWS\system32\APSHook.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
C:\WINDOWS\explorer.exe (pid 3020)
2007-02-26 05:49:00 70144 -ra------ C:\WINDOWS\system32\APSHook.dll <Not Verified; Bioscrypt Inc.; Bioscrypt VeriSoft Single Sign On>
2007-10-08 15:11:52 208896 --a------ C:\WINDOWS\system32\NetProvCredMan.dll <Not Verified; Intel Corporation; NetProvCredMan Dynamic Link Library>
2007-02-06 15:40:54 65536 --a------ C:\WINDOWS\system32\BTNCopy.dll <Not Verified; Broadcom Corporation.; Bluetooth Software>
2007-02-06 16:19:44 77824 --a------ C:\WINDOWS\system32\BtMmHook.dll <Not Verified; Broadcom Corporation.; Bluetooth Software>
2007-02-06 16:16:06 53248 --a------ C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
2007-01-23 21:13:08 200704 --a------ C:\WINDOWS\system32\PSDShExt.dll <Not Verified; Infineon Technologies AG; Infineon TPM Software>
2007-01-23 20:22:18 2453504 --a------ C:\WINDOWS\system32\IFXSPArc.dll <Not Verified; Infineon Technologies AG; Infineon TPM Software>
2007-01-23 21:16:14 229376 --a------ C:\Program Files\Hewlett-Packard\Embedded Security Software\PsdRsUS.dll <Not Verified; Infineon Technologies AG; Infineon TPM Software>
-- Scheduled Tasks -------------------------------------------------------------
2008-06-13 07:32:31 414 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job
-- Files created between 2008-06-11 and 2008-07-11 -----------------------------
2008-07-11 08:11:06 0 d-------- V:\Deckard
2008-07-10 15:23:53 0 d-------- C:\Program Files\SpyShredder
2008-07-10 15:23:16 28672 --a------ C:\WINDOWS\xpupdate.exe
2008-07-10 14:28:48 23040 --a------ C:\WINDOWS\Sys45.exe
2008-07-10 14:28:48 23040 --a------ C:\WINDOWS\Sys44.exe
2008-07-10 14:28:48 23552 --a------ C:\WINDOWS\Sys43.exe
2008-07-10 14:28:48 0 d-------- C:\Program Files\VAV
2008-07-10 14:28:47 24064 --a------ C:\WINDOWS\Sys42.exe
2008-07-10 14:28:46 0 d-------- C:\Program Files\PCHealthCenter
2008-07-08 08:23:38 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\InstallShield
2008-07-08 08:23:38 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Infineon
2008-07-08 08:23:38 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Identities
2008-07-08 08:23:38 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\hpqLog
2008-07-08 08:23:38 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\CiscoCAA
2008-07-08 08:23:38 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\AdobeUM
2008-07-08 08:23:38 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Adobe
2008-07-08 08:23:37 0 dr-h----- C:\Documents and Settings\SMSCliSvcAcct&\Recent
2008-07-08 08:23:37 0 d--h----- C:\Documents and Settings\SMSCliSvcAcct&\PrintHood
2008-07-08 08:23:37 0 d--h----- C:\Documents and Settings\SMSCliSvcAcct&\NetHood
2008-07-08 08:23:37 0 dr------- C:\Documents and Settings\SMSCliSvcAcct&\My Documents
2008-07-08 08:23:37 0 d--h----- C:\Documents and Settings\SMSCliSvcAcct&\Local Settings
2008-07-08 08:23:37 0 dr------- C:\Documents and Settings\SMSCliSvcAcct&\Favorites
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Desktop
2008-07-08 08:23:37 0 d---s---- C:\Documents and Settings\SMSCliSvcAcct&\Cookies
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Bluetooth Software
2008-07-08 08:23:37 0 dr-h----- C:\Documents and Settings\SMSCliSvcAcct&\Application Data
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Sun
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\OfficeUpdate12
2008-07-08 08:23:37 0 d---s---- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Microsoft
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Microsoft Web Folders
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Macromedia
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\InterVideo
2008-07-08 08:23:37 0 d-------- C:\Documents and Settings\SMSCliSvcAcct&\Application Data\Intel
2008-07-08 08:23:36 0 d---s---- C:\Documents and Settings\SMSCliSvcAcct&\UserData
2008-07-08 08:23:36 0 d--h----- C:\Documents and Settings\SMSCliSvcAcct&\Templates
2008-07-08 08:23:36 0 dr------- C:\Documents and Settings\SMSCliSvcAcct&\Start Menu
2008-07-08 08:23:36 0 dr-h----- C:\Documents and Settings\SMSCliSvcAcct&\SendTo
2008-07-08 08:23:36 1572864 --ah----- C:\Documents and Settings\SMSCliSvcAcct&\NTUSER.DAT
2008-07-07 16:01:26 0 d-------- C:\WINDOWS\system32\NtmsData
2008-07-07 14:41:33 0 d-------- C:\Documents and Settings\shaevans\.housecall6.6
2008-07-07 07:27:18 0 dr-h----- C:\Documents and Settings\shaevans\Recent
2008-06-19 10:15:36 94208 --a------ C:\WINDOWS\system32\pskill.exe <Not Verified; Sysinternals - www.sysinternals.com; Systems Internals pkill>
2008-06-19 10:15:36 94720 --a------ C:\WINDOWS\system32\MsiZap.exe <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2008-06-19 10:15:36 43 --a------ C:\WINDOWS\system32\2.bat
2008-06-13 07:32:27 0 d-------- C:\Program Files\Norton Security Scan
2008-06-13 07:31:29 0 d-------- C:\WINDOWS\system32\Adobe
2008-06-12 15:47:42 0 d-------- C:\Documents and Settings\shaevans\Application Data\Snapfish
-- Find3M Report ---------------------------------------------------------------
2008-07-10 21:46:52 0 d-------- C:\Program Files\Trillian
2008-07-09 13:54:33 0 d-------- C:\Documents and Settings\shaevans\Application Data\U3
2008-07-02 07:55:51 0 d-------- C:\Program Files\Java
2008-06-20 13:12:49 0 d-------- C:\Program Files\ADTRAN DSL Assistant
2008-06-13 10:47:56 0 d-------- C:\Documents and Settings\shaevans\Application Data\Amazon
2008-06-09 17:03:27 45964 -----n--- V:\warwickpricing
2008-06-09 16:04:32 0 d-------- C:\Program Files\Common Files
2008-06-01 19:49:35 0 d-------- C:\Program Files\NCH Swift Sound
2008-06-01 19:48:45 0 d-------- C:\Program Files\NCH Software
2008-06-01 19:48:14 0 d-------- C:\Documents and Settings\shaevans\Application Data\NCH Swift Sound
2008-05-13 15:02:06 0 d-------- C:\Documents and Settings\shaevans\Application Data\Autodesk
2008-05-13 14:41:10 0 d-------- C:\Program Files\Common Files\L&H
2008-05-13 14:40:39 0 d-------- C:\Program Files\Microsoft.NET
2008-05-13 14:35:05 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2008-05-13 14:35:04 0 d-------- C:\Program Files\AutoCAD LT 2002
2008-05-13 14:25:57 0 d-------- C:\Program Files\AutoCAD LT 2006
2008-05-13 14:25:41 0 d-------- C:\Program Files\AnswerWorks 4.0
2008-05-13 14:20:26 0 d-------- C:\Program Files\Autodesk
2008-05-12 09:17:54 0 d--h----- C:\Program Files\Zero G Registry
2008-05-12 09:16:54 0 d-------- C:\Program Files\Actelis Networks
2008-05-09 14:18:38 23408 --a------ C:\Documents and Settings\shaevans\Application Data\Comma Separated Values (Windows).ADR
2008-05-06 16:16:48 9405 --a------ C:\Documents and Settings\shaevans\Application Data\Comma Separated Values (Windows).EML
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [09/15/2007 03:29 AM]
"atchk"="C:\Program Files\Intel\AMT\atchk.exe" [05/01/2007 05:52 PM]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [03/01/2007 02:18 PM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [10/08/2007 03:18 PM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [10/08/2007 03:13 PM]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [07/13/2006 09:12 AM]
"PTHOSTTR"="c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.exe" [01/09/2007 04:52 PM]
"CognizanceTS"="c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [12/22/2003 07:12 PM]
"IFXSPMGT"="c:\WINDOWS\system32\ifxspmgt.exe" [02/15/2007 02:00 PM]
"@"="" []
"accrdsub"="c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [05/03/2007 07:51 PM]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [01/05/2007 06:36 PM]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [01/02/2007 04:46 PM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [05/18/2007 10:50 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [05/18/2007 10:50 PM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [05/18/2007 10:50 PM]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [11/06/2007 05:34 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"Client Access Service"="C:\Program Files\IBM\Client Access\cwbsvstr.exe" [05/07/2002 06:20 AM]
"Client Access Help Update"="C:\Program Files\IBM\Client Access\cwbinhlp.exe" [05/07/2002 06:20 AM]
"Client Access Check Version"="C:\Program Files\IBM\Client Access\cwbckver.exe" [05/07/2002 06:20 AM]
"Client Access Express Welcome"="C:\Program Files\IBM\Client Access\cwbwlwiz.exe" [05/07/2002 06:20 AM]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/2002 01:28 PM]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\OfficeScan Client\Pccntmon.exe" [12/11/2007 07:31 PM]
"Antivirus"="C:\Program Files\VAV\vav.exe" [07/10/2008 01:33 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [03/30/2006 05:45 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [04/30/2008 08:16 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
"Antivirus"="C:\Program Files\VAV\vav.exe" [07/10/2008 01:33 AM]
"Windows update loader"="C:\Windows\xpupdate.exe" [07/10/2008 03:23 PM]
"SpyShredder"="C:\Program Files\SpyShredder\SpyShredder.exe" [07/10/2008 03:23 PM]
C:\Documents and Settings\shaevans\Start Menu\Programs\Startup\
Trillian.lnk - C:\Program Files\Trillian\trillian.exe [5/19/2008]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AutoCAD LT Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [3/5/2005 9:18:22 AM]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2/6/2007 4:14:00 PM]
Clean Access Agent.lnk - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe [9/7/2007 12:13:06 AM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [4/30/2008 8:16:50 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 4:15:54 AM]
Printkey2000.lnk - C:\Program Files\PrintKey2000\Printkey2000.exe [4/22/2008 10:52:10 AM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"Wallpaper"=
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceStartMenuLogOff"=1 (0x1)
"NoWelcomeScreen"=1 (0x1)
"ForceActiveDesktopOn"=1 (0x1)
"NoActiveDesktop"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ackpbsc]
c:\WINDOWS\system32\ackpbsc.dll 05/03/2007 07:51 PM 112640 c:\WINDOWS\system32\ackpbsc.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acunlock]
c:\Program Files\ActivIdentity\ActivClient\acunlock.dll 05/03/2007 07:51 PM 281088 c:\Program Files\ActivIdentity\ActivClient\acunlock.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
DeviceNP.dll 04/30/2007 09:19 AM 49152 C:\WINDOWS\system32\DeviceNP.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll 03/14/2007 07:03 AM 74752 c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=APSHook.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
Cognizance ASBroker ASChannel
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57bd5546-adaa-11dc-bbbe-b02c9a8bec2e}]
AutoRun\command- E:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-07-11 10:58:29 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Core™2 Duo CPU T7700 @ 2.40GHz
CPU 1: Intel® Core™2 Duo CPU T7700 @ 2.40GHz
Percentage of Memory in Use: 42%
Physical Memory (total/avail): 2039.23 MiB / 1172.77 MiB
Pagefile Memory (total/avail): 3931.61 MiB / 3200.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1886.88 MiB
C: is Fixed (NTFS) - 74.53 GiB total, 52.28 GiB free.
D: is CDROM (No Media)
K: is Network (NTFS)
M: is Network (NTFS)
N: is Network (NTFS)
S: is Network (NTFS)
T: is Network (NTFS)
U: is Network (NTFS)
V: is Network (NTFS)
\\.\PHYSICALDRIVE0 - Hitachi HTS722080K9SA00 - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.53 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AV: Trend Micro OfficeScan Antivirus v8.0 (TrendAntiVirus)
AV: Trend Micro OfficeScan Antivirus v8.0 (TrendAntiVirus)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office\\OUTLOOK.EXE:*:Enabled:OUTLOOK.EXE"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:conf.exe"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\SMSADMIN\\bin\\i386\\statview.exe"="C:\\SMSADMIN\\bin\\i386\\statview.exe:*:Enabled:SMS 2.0 Utility - Status Message Viewer"
"C:\\SMSADMIN\\bin\\i386\\SETUP.EXE"="C:\\SMSADMIN\\bin\\i386\\SETUP.EXE:*:Enabled:SMS Setup"
"C:\\WINDOWS\\system32\\wbem\\unsecapp.exe"="C:\\WINDOWS\\system32\\wbem\\unsecapp.exe:*:Enabled:unsecapp.exe"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\WINDOWS\\system32\\VoissAssistant.exe"="C:\\WINDOWS\\system32\\VoissAssistant.exe:*:Enabled:VoissAssistant"
"C:\\Program Files\\Microsoft Office\\OFFICE11\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\OFFICE11\\OUTLOOK.EXE:*:Enabled:OUTLOOK.EXE"
"C:\\Program Files\\NET6\\net6vpn.exe"="C:\\Program Files\\NET6\\net6vpn.exe:*:Enabled:Citrix Secure Access Agent"
"C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\javaw.exe"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\javaw.exe:*:Enabled:javaw"
"C:\\Program Files\\Viryanet\\MicroServer\\VCM.exe"="C:\\Program Files\\Viryanet\\MicroServer\\VCM.exe:*:Enabled:VCM"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Disabled:Windows Explorer"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\SmartFTP\\SmartFTP.exe"="C:\\Program Files\\SmartFTP\\SmartFTP.exe:*:Enabled:SmartFTP"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:conf.exe"
"C:\\Program Files\\Microsoft Office\\Office\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office\\OUTLOOK.EXE:*:Enabled:OUTLOOK.EXE"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Documents and Settings\\mwj974\\Local Settings\\Temporary Internet Files\\Content.IE5\\0L6VGXAV\\CitrixSAClient[1].exe"="C:\\Documents and Settings\\mwj974\\Local Settings\\Temporary Internet Files\\Content.IE5\\0L6VGXAV\\CitrixSAClient[1].exe:*:Enabled:Citrix Secure Access Agent"
"C:\\Program Files\\NET6\\net6vpn.exe"="C:\\Program Files\\NET6\\net6vpn.exe:*:Enabled:Citrix Secure Access Agent"
"C:\\WINDOWS\\system32\\wbem\\unsecapp.exe"="C:\\WINDOWS\\system32\\wbem\\unsecapp.exe:*:Enabled:WMI"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\shaevans\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NYMTJSLXP041364
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=V:
HOMEPATH=\
HOMESHARE=\\nymt00s2kfp01\ShaEvans$
LOGONSERVER=\\PAWB00S03DC01
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Program Files\Hewlett-Packard\IAM\bin;c:\Program Files\ActivIdentity\ActivClient\;C:\PROGRA~1\IBM\CLIENT~1;C:\PROGRA~1\IBM\CLIENT~1\Shared;C:\PROGRA~1\IBM\CLIENT~1\Emulator;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\Common Files\Autodesk Shared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SMS_LOCAL_DIR=C:\WINDOWS
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\shaevans\LOCALS~1\Temp
TMP=C:\DOCUME~1\shaevans\LOCALS~1\Temp
USERDNSDOMAIN=CORP.PVT
USERDOMAIN=CORP
USERNAME=shaevans
USERPROFILE=C:\Documents and Settings\shaevans
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
frontier
(admin)SMSCliSvcAcct&
(admin)Administrator
(admin)shaevans
(admin)gsc943
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\AFPViewr\DeIsL1.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL10.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL11.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL12.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL13.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL14.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL2.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL3.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL4.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL5.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL6.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL7.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL8.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\DeIsL9.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL1.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL2.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IBM\Client Access\Emulator\DeIsL4.isu"
--> MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
--> MsiExec.exe /X{87079BC7-1A1E-4520-B5C3-9AF582FA26FD}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ActivClient 6.1 x86 --> MsiExec.exe /I{AC194855-F7AC-4D04-B4C9-07BA46FCB697}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
ADTRAN DSL Assistant --> "C:\Program Files\ADTRAN DSL Assistant\UninstallerData\Uninstall DSLAsstistant3.exe"
Amazon MP3 Downloader 1.0.3 --> C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe
AnswerWorks Runtime --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu"
AuthenTec Fingerprint Sensor Minimum Install --> MsiExec.exe /I{EB4DF30B-102B-4F0C-927A-D50E037A325D}
AutoCAD LT 2006 - English --> MsiExec.exe /I{5783F2D7-4009-0409-0002-0060B0CE6BBA}
Autodesk Design Review 2009 - SP1 --> C:\Program Files\Autodesk\Autodesk Design Review\Setup\Setup.exe /P {450063AA-643B-417C-8CF5-405BA3F4EF40} /M ADR
Autodesk DWF Viewer --> C:\PROGRA~1\Autodesk\AUTODE~2\Setup.exe /remove
BIOS Configuration for HP ProtectTools --> MsiExec.exe /X{C74D0FA0-1D49-464F-A707-B427EE3385C1}
Broadcom 802.11 Wireless LAN Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
Cisco Clean Access Agent --> MsiExec.exe /X{41C18715-AFF0-49E9-B940-287A50532D33}
Cisco Systems VPN Client 5.0.01.0600 --> MsiExec.exe /X{14FCFE7C-AB86-428A-9D2E-BFB6F5A7AA6E}
Credential Manager for HP ProtectTools --> MsiExec.exe /X{C15F7F16-941E-414B-A676-40190CD621D5}
Device Access Manager for HP ProtectTools --> MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
Embedded Security for HP ProtectTools --> MsiExec.exe /I{20A1D306-CE83-492A-8525-D6DF50B5944A}
FLEXR 7.81 --> C:\WINDOWS\IsUninst.exe -fC:\FLEXR781\Uninst.isu
Google Earth --> MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP 3D DriveGuard --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{429E92A4-159F-4AEC-85A1-D693E1E4274D}\Setup.exe" -l0x9 UNINSTALL
HP Integrated Module with Bluetooth wireless technology --> MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
HP ProtectTools Security Manager --> MsiExec.exe /I{2DB165DC-DDB4-403F-B985-19F3EC7D0357}
HP Quick Launch Buttons 6.40 B2 --> C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\Setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Wireless Assistant --> MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
IBM iSeries Access for Windows --> "C:\Program Files\IBM\Client Access\cwbinarp.exe"
Intel® Active Management Technology Device Software --> C:\WINDOWS\system32\mesoludlg.exe -uninstall
Intel® Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java Card Security for HP ProtectTools --> MsiExec.exe /I{77130095-2039-424F-A633-4FAF0261258A}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Macromedia Authorware Web Player --> C:\WINDOWS\system32\Macromed\AUTHORWA\UNWISE.EXE C:\WINDOWS\system32\Macromed\AUTHORWA\Install.log
Macromedia Flash Player 8 --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
MetaASSIST View --> "C:\Program Files\Actelis Networks\MetaASSIST View\Uninstall_MetaASSIST View\Uninstall MetaASSIST View.exe"
MetaFrame Presentation Server Client --> MsiExec.exe /I{E92B7A19-5FD5-4AEE-9FEF-7AD5DD3A675E}
mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Access 2000 SR-1 --> MsiExec.exe /I{00100409-78E1-11D2-B60F-006097C998E7}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --
Sign In
Create Account
