Here's the main DSS log:
Deckard's System Scanner v20071014.68
Run by Main on 2008-07-24 17:14:59
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
22: 2008-07-24 07:15:05 UTC - RP540 - Deckard's System Scanner Restore Point
21: 2008-07-24 07:11:15 UTC - RP539 - Installed Java 6 Update 7
20: 2008-07-24 07:06:03 UTC - RP538 - Removed Java SE Runtime Environment 6 Update 1
19: 2008-07-24 07:05:17 UTC - RP537 - Removed Java 6 Update 7
18: 2008-07-24 07:04:29 UTC - RP536 - Removed Java 6 Update 5
-- First Restore Point --
1: 2008-07-18 06:48:40 UTC - RP519 - Installed Java 6 Update 7
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Main.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:16:11 PM, on 24/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\VM_STI.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Main\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Main.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://g.ninemsn.com...S01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://windowsupdate.microsoft.com/R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {39b6af2a-5dac-69cb-ade4-4375f2064b5a} - {a5b4602f-5734-4eda-bc96-cad5a2fa6b93} - C:\WINDOWS\system32\goqdnk.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://lisaisno1.spa...ad/MsnPUpld.cabO16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onec...lscbase8300.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1161217552776O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) -
http://lisaisno1.spa...ad/MsnPUpld.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab56907.cabO16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) -
http://upload.facebo...Uploader4_5.cabO16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) -
http://drmlicense.on...e/en/crlocx.ocxO17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS2\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS3\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
O21 - SSODL: AvpSys - {5eee8ec8-7cb1-4123-a535-f2be6d01ff52} - (no file)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
--
End of file - 12597 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R1 Tosrfcom (Bluetooth RFCOMM from TOSHIBA) - c:\windows\system32\drivers\tosrfcom.sys <Not Verified; TOSHIBA Corporation; Bluetooth RFCOMM Driver>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.10.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.10.0>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 tosporte (Bluetooth Port Driver from Toshiba) - c:\windows\system32\drivers\tosporte.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth Port Emulation Driver>
R3 Tosrfbd (Bluetooth RFBUS from TOSHIBA) - c:\windows\system32\drivers\tosrfbd.sys <Not Verified; TOSHIBA CORPORATION; Bluetooth BUS Driver(WindowsXP,Windows2000)>
R3 Tosrfbnp (Bluetooth RFBNEP from TOSHIBA) - c:\windows\system32\drivers\tosrfbnp.sys <Not Verified; TOSHIBA Corporation; Bluetooth RFBNEP Driver from TOSHIBA>
R3 Tosrfhid (Bluetooth RFHID from TOSHIBA) - c:\windows\system32\drivers\tosrfhid.sys <Not Verified; TOSHIBA Corporation.; Bluetooth HID Driver from TOSHIBA>
R3 tosrfnds (Bluetooth Personal Area Network from TOSHIBA) - c:\windows\system32\drivers\tosrfnds.sys <Not Verified; TOSHIBA Corporation.; Bluetooth BNEP Driver from TOSHIBA>
R3 Tosrfusb (Bluetooth USB Controller) - c:\windows\system32\drivers\tosrfusb.sys <Not Verified; TOSHIBA CORPORATION; Microsoft® Windows NT® Operating System>
S3 SBAPIFS - c:\windows\system32\drivers\sbapifs.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
S3 Xmltskpwitb -
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-06-24 and 2008-07-24 -----------------------------
2008-07-24 17:11:21 0 d-------- C:\Program Files\Common Files\Java
2008-07-24 02:26:51 0 d-------- C:\VundoFix Backups
2008-07-22 06:01:25 0 d-------- C:\Program Files\Trend Micro
2008-07-22 03:43:20 0 dr-h----- C:\Documents and Settings\Main\Recent
2008-07-21 03:55:02 0 --a------ C:\WINDOWS\system32\SBRC.dat
2008-07-21 03:55:02 0 --a------ C:\WINDOWS\system32\SBFC.dat
2008-07-21 03:54:03 0 d-------- C:\Documents and Settings\Main\Application Data\Sunbelt Software
2008-07-21 03:53:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
2008-07-21 03:53:31 0 d-------- C:\Program Files\Sunbelt Software
2008-07-20 06:24:35 0 d-------- C:\Program Files\VS Revo Group
2008-07-20 06:09:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Innovative Solutions
2008-07-20 05:51:54 0 d-------- C:\Program Files\CCleaner
2008-07-19 18:59:07 0 d-------- C:\Program Files\Ashampoo
2008-07-19 03:59:29 0 d-------- C:\WINDOWS\Prefetch
2008-07-19 03:48:20 0 d-------- C:\WINDOWS\system32\scripting
2008-07-19 03:48:20 0 d-------- C:\WINDOWS\l2schemas
2008-07-19 03:48:19 0 d-------- C:\WINDOWS\system32\en
2008-07-19 03:48:17 0 d-------- C:\WINDOWS\system32\bits
2008-07-19 03:41:23 0 d-------- C:\WINDOWS\ServicePackFiles
2008-07-19 01:31:47 0 d-------- C:\Documents and Settings\Main\Application Data\Malwarebytes
2008-07-19 01:31:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-19 01:31:37 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-19 00:10:14 116864 --a------ C:\WINDOWS\system32\rwrahwuu.dll
2008-07-19 00:10:14 116864 --a------ C:\WINDOWS\system32\goqdnk.dll
2008-07-19 00:07:14 92672 -----n--- C:\WINDOWS\system32\bvmnidgx.dll
2008-07-18 18:07:15 116864 --a------ C:\WINDOWS\system32\iaarwu.dll
2008-07-18 18:07:14 116864 --a------ C:\WINDOWS\system32\ntjiiayy.dll
2008-07-18 17:08:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-18 17:02:30 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-28 20:34:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
-- Find3M Report ---------------------------------------------------------------
2008-07-24 17:13:40 0 d-------- C:\Program Files\LimeWire
2008-07-24 17:12:08 0 d-------- C:\Program Files\Java
2008-07-24 17:11:21 0 d-------- C:\Program Files\Common Files
2008-07-21 02:17:40 0 d-------- C:\Documents and Settings\Main\Application Data\AVG7
2008-07-20 06:29:59 0 d-------- C:\Program Files\EA GAMES
2008-07-20 03:15:08 0 d-------- C:\Program Files\MSN Messenger
2008-07-19 03:49:05 0 d-------- C:\Program Files\Messenger
2008-07-19 03:48:16 0 d-------- C:\Program Files\Movie Maker
2008-07-19 03:40:37 0 d-------- C:\Program Files\Windows NT
2008-07-18 17:08:34 0 d-------- C:\Program Files\Lavasoft
2008-07-18 17:08:33 0 d-------- C:\Documents and Settings\Main\Application Data\Lavasoft
2008-06-28 20:34:04 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-28 20:32:44 0 d-------- C:\Documents and Settings\Main\Application Data\AdobeUM
2008-06-27 05:14:29 0 d-------- C:\Documents and Settings\Main\Application Data\Mozilla
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a5b4602f-5734-4eda-bc96-cad5a2fa6b93}]
19/07/2008 12:10 AM 116864 --a------ C:\WINDOWS\system32\goqdnk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [22/02/2006 11:40 PM]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [02/01/2006 05:41 PM]
"Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [17/10/2005 05:09 PM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [14/04/2006 11:51 AM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [14/04/2006 11:52 AM]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [14/04/2006 11:56 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [17/07/2008 11:00 PM]
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [06/03/2006 05:13 PM]
"SBCSTray"="C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" [15/06/2007 03:17 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [21/10/2005 02:26 AM]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [26/10/2005 05:17 PM]
"SMSERIAL"="sm56hlpr.exe" [26/05/2005 07:12 PM C:\WINDOWS\sm56hlpr.exe]
"RTHDCPL"="RTHDCPL.EXE" [21/03/2007 02:49 PM C:\WINDOWS\RTHDCPL.exe]
"RemoteControl"="C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe" [02/11/2004 08:24 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [29/06/2007 06:24 AM]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50 AM]
"@"="" []
"ABLKSR"="C:\WINDOWS\ABLKSR\ABLKSR.exe" [02/01/2006 09:14 PM]
"Alcmtr"="ALCMTR.EXE" [03/05/2005 06:43 PM C:\WINDOWS\Alcmtr.exe]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [15/12/2004 07:01 PM]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [04/04/2007 02:50 AM]
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" [15/05/2007 02:01 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 10:12 AM]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [12/06/2006 02:32 PM]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [30/08/2007 01:09 AM]
C:\Documents and Settings\Main\Start Menu\Programs\Startup\
reminder-ScanSoft Product Registration.lnk - C:\Program Files\Caere\OmniPagePro90\EREG\REMIND32.EXE [21/10/2006 1:58:44 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [20/03/2007 6:17:12 PM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/04/2008 3:38:16 AM]
ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe [12/08/2006 11:34:56 AM]
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [16/06/2005 11:11:42 AM]
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [20/01/2007 9:04:43 PM]
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [20/01/2007 9:04:38 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCSSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51804ef2-5640-11dc-b644-0017310adb6c}]
AutoRun\command- F:\LaunchU3.exe
-- End of Deckard's System Scanner: finished at 2008-07-24 17:16:52 ------------
Here's the extra log:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: English
CPU 0: Genuine Intel® CPU T2300 @ 1.66GHz
Percentage of Memory in Use: 50%
Physical Memory (total/avail): 1023.36 MiB / 505.05 MiB
Pagefile Memory (total/avail): 2460.53 MiB / 1971.46 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1902.55 MiB
C: is Fixed (NTFS) - 72.66 GiB total, 22.24 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST98823A - 74.53 GiB - 2 partitions
\PARTITION0 - Unknown - 1906.12 MiB
\PARTITION1 (bootable) - Installable File System - 72.66 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Main\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-37689182E1
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA6
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Main
LOGONSERVER=\\YOUR-37689182E1
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Main\LOCALS~1\Temp
TMP=C:\DOCUME~1\Main\LOCALS~1\Temp
USERDOMAIN=YOUR-37689182E1
USERNAME=Main
USERPROFILE=C:\Documents and Settings\Main
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Main
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DD4F051C-1A2B-4A91-B187-B093C597418C}\setup.exe" -l0x9 anything
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Amigo DVD Ripper 2.8.05 --> "C:\Program Files\Amigo DVD Ripper\unins000.exe"
ArcSoft Funhouse --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCBD0769-BAD5-40AD-BCD9-68FADC5231D5}\SETUP.EXE" -l0x9 -uninst
ArcSoft PhotoStudio 2000 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoStudio 2000\Uninst.isu"
Ashampoo WinOptimizer 5.04 --> "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 5\unins000.exe"
Asus ChkMail --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Asus\Asus ChkMail\Uninst.isu"
Asus_A_Series_ScreenSaver --> C:\WINDOWS\ASUS A Series ScreenSaver Uninstaller.exe
ASUSDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> MsiExec.exe /I{1CE7D0E0-AC02-42C3-8EAD-66F9D39E3C0E}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder --> MsiExec.exe /I{90437E5F-0A9E-4B63-AD8B-D232897D18BF}
ATK0100 ACPI UTILITY --> C:\WINDOWS\ATK0100\XPunin.exe
AudibleManager --> C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
BitComet 0.93 --> C:\Program Files\BitComet\uninst.exe
Bluetooth Stack for Windows --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B9B9863A-32FD-4133-ADB7-46244ED77694} /l1033
Canon Internet Library for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F81FBFC-9A37-431F-9050-14B55485DF5A}
Canon MP Navigator EX 1.0 --> "C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini
Canon MP610 series --> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series /L0x0009
Canon MP610 series User Registration --> C:\Program Files\Canon\IJEREG\MP610 series\UNINST.EXE
Canon My Printer --> C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon ScanGear Toolbox CS 2.2 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\ScanGear Toolbox CS\Uninst.isu" -c"C:\Program Files\Canon\ScanGear Toolbox CS\uninst.dll"
Canon Utilities Easy-PhotoPrint EX --> C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu --> C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint --> "C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
CEP - Color Enable Package --> "C:\PROGRA~1\EAGAME~1\zCEP_Uninstaller\unins000.exe"
CorelDRAW Graphics Suite 12 --> MsiExec.exe /I{505AFDC0-5E72-4928-8368-5DEA385E3647}
Creative Removable Disk Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN Vision M Series --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31C44235-A613-4E95-B297-207BF6C6A8C1}\SETUP.EXE" -l0x9 /remove
D-Link DSLs --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{509E7E30-8EC3-449B-8C59-B952E7489B0F}\setup.exe" -l0x9
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Earth --> MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
Java 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Fireworks MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E583ED6F-BD99-4066-A420-C815BF692B69}\Setup.exe" -l0x9 UNINSTALL
Macromedia Flash MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALL
Macromedia FreeHand MXa --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939740B5-0064-4779-854A-8C1086181C05}\Setup.exe" -l0x9 UNINSTALL
MAGIX Media Manager silver --> C:\Media_Manager\instslct.exe
MAGIX PhotoStory on CD & DVD 2004 --> C:\Program Files\instslct.exe
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Medi@Show --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\CyberLink\MediaShow\Uninst.isu"
mEoU --> MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Reader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x9
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Motorola SM56 Data Fax Modem --> C:\WINDOWS\Motorola\SMSERIAL\sm56unst.exe
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Network Play System (Patching) --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
OmniPage Pro 9.0 --> C:\Program Files\Caere\OmniPagePro90\uninstall.exe -f"C:\Program Files\Caere\OmniPagePro90\DeIsL1.isu"
Picture Package --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x9 UNINSTALL
Power4 Gear --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\setup.exe" -l0x9
PowerDirector --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
REALTEK PCIE NIC Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}\setup.exe" -l0x9 REMOVE
Revo Uninstaller 1.71 --> C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Scan Manager 5.2 --> MsiExec.exe /I{E0A1559B-9886-11D4-8D06-0050DA284A39}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sony Ericsson PC Suite 1.20.224 --> MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" UNINSTALL
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
USB Video/Audio Device Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F3D5ECF7-7AE4-4B53-8A7E-1F850D6AE6B4}\Setup.exe"
USB2.0 1.3M Web Cam --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A87869D7-B133-498C-A347-D9BE109FF6C8}\Setup.exe" -l0x9
VIMICRO USB PC Camera --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9
WinAce Archiver 2.0 --> C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinFlash --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Wireless Console 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe" -l0x9 -removeonly
XML Paper Specification Shared Components Pack 1.0 -->
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
ZENcast Organizer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove
-- Application Event Log -------------------------------------------------------
Event Record #/Type15052 / Success
Event Submitted/Written: 07/24/2008 02:21:37 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type15033 / Success
Event Submitted/Written: 07/23/2008 04:47:02 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type15007 / Success
Event Submitted/Written: 07/22/2008 06:41:01 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type14951 / Success
Event Submitted/Written: 07/20/2008 06:04:48 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type14939 / Success
Event Submitted/Written: 07/20/2008 03:15:49 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type43384 / Error
Event Submitted/Written: 07/23/2008 04:36:06 AM
Event ID/Source: 7032 / Service Control Manager
Event Description:
The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:
%%1056
Event Record #/Type43381 / Error
Event Submitted/Written: 07/23/2008 04:35:33 AM
Event ID/Source: 10010 / DCOM
Event Description:
The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.
Event Record #/Type43348 / Warning
Event Submitted/Written: 07/22/2008 04:37:34 PM
Event ID/Source: 256 / PlugPlayManager
Event Description:
Timed out sending notification of device interface change to window of "C:\WINDOWS\VM_STI.EXE"
Event Record #/Type43247 / Error
Event Submitted/Written: 07/22/2008 03:46:17 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type43246 / Error
Event Submitted/Written: 07/22/2008 03:45:16 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
-- End of Deckard's System Scanner: finished at 2008-07-24 17:16:52 ------------
Thanks Gripp, see what you make of these!
gooner_4ever