Main.txtDeckard's System Scanner v20071014.68
Run by Joe on 2008-07-23 17:31:28
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
6: 2008-07-23 16:31:35 UTC - RP430 - Deckard's System Scanner Restore Point
5: 2008-07-23 15:48:12 UTC - RP429 - Removed PC Connectivity Solution
4: 2008-07-23 14:58:54 UTC - RP428 - Installed AVG Free 8.0
3: 2008-07-23 09:53:26 UTC - RP427 - Configured PCguard
2: 2008-07-23 09:02:57 UTC - RP426 - Removed Art Attack Digital
-- First Restore Point --
1: 2008-07-23 09:00:11 UTC - RP425 - Removed Art Attack Comic Creator
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 1.22 GiB (less than 15%) free.-- HijackThis (run as Joe.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:32:34, on 23/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Joe\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Joe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://webact.symant...slocale=iso:GBRO2 - BHO: {24d62100-1a8b-18fb-8ec4-b6c19d129864} - {468921d9-1c6b-4ce8-bf81-b8a100126d42} - C:\WINDOWS\system32\qhfyfy.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [BMe707ee62] Rundll32.exe "C:\WINDOWS\system32\blwwlkwa.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2A493D5F-8914-4D3E-8BF3-767F281862F4} (TraderMediaImgX Control) -
http://sell.autotrad...raderMediaX.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by130fd.bay13...es/MsnPUpld.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebo...toUploader3.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1158849984895O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1158849969192O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) -
http://upload.facebo...Uploader4_5.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 7030 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080723-152301-212 O20 - AppInit_DLLs: iSecurity.cpl
backup-20080723-152301-295 O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
backup-20080723-153004-373 O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
backup-20080723-153004-648 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
http://downloads.ewi...oOnlineScan.cabbackup-20080723-164414-324 O2 - BHO: (no name) - {168A334E-B4CE-43F9-B4AD-A58CDBA7FA2A} - C:\WINDOWS\system32\wvUnLBUL.dll (file missing)
backup-20080723-164414-333 O2 - BHO: (no name) - {28932635-76B0-4D4A-9788-EEFE332ABF74} - (no file)
backup-20080723-164414-365 O4 - HKLM\..\Run: [BMe707ee62] Rundll32.exe "C:\WINDOWS\system32\blwwlkwa.dll",s
backup-20080723-164414-542 O2 - BHO: (no name) - {D5935FF9-5C42-4C02-9975-CC30ECF3EDC9} - (no file)
backup-20080723-164414-553 O2 - BHO: (no name) - {1BE2C61A-D6B4-4488-BA49-68A52B44F568} - (no file)
backup-20080723-164414-632 O20 - Winlogon Notify: qOihgGYo - qOihgGYo.dll (file missing)
backup-20080723-164414-728 O2 - BHO: (no name) - {68950839-2675-49E2-B6A5-442E0B0D1BA4} - C:\WINDOWS\system32\qOihgGYo.dll (file missing)
backup-20080723-164414-768 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20080723-165039-191 O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (file missing)
backup-20080723-165039-294 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20080723-165039-796 O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (file missing)
backup-20080723-165039-828 O4 - HKLM\..\Run: [BMe707ee62] Rundll32.exe "C:\WINDOWS\system32\blwwlkwa.dll",s
backup-20080723-171740-649 O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
backup-20080723-171740-869 O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
backup-20080723-171740-952 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20080723-171957-161 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20080723-171957-725 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
backup-20080723-171957-910 O8 - Extra context menu item: &Search - ?p=ZK
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S2 CSS DVP - c:\windows\system32\drivers\css-dvp.sys (file missing)
S3 BVRPMPR5 (BVRPMPR5 NDIS Protocol Driver) - d:\instal~e\core\bvrpmpr5.sys (file missing)
S3 pccsmcfd (PCCS Mode Change Filter Driver) - c:\windows\system32\drivers\pccsmcfd.sys (file missing)
S3 upperdev - c:\windows\system32\drivers\usbser_lowerflt.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 x10nets (X10 Device Network Service) - c:\progra~1\common~1\x10\common\x10nets.exe <Not Verified; X10; x10 Module>
S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-06-23 and 2008-07-23 -----------------------------
2008-07-23 16:25:38 0 d-------- C:\WINDOWS\pss
2008-07-23 16:05:20 0 d--h----- C:\$AVG8.VAULT$
2008-07-23 16:03:30 101888 --a------ C:\WINDOWS\system32\qhfyfy.dll
2008-07-23 16:03:26 101888 --a------ C:\WINDOWS\system32\ttevaksa.dll
2008-07-23 16:00:28 93696 --a------ C:\WINDOWS\system32\blwwlkwa.dll
2008-07-23 15:59:05 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-07-23 15:58:54 0 d-------- C:\Program Files\AVG
2008-07-23 15:58:54 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-23 15:57:24 1043 --a------ C:\WINDOWS\system32\cgrdxrss.dll
2008-07-23 15:39:24 593455 --ahs---- C:\WINDOWS\system32\LUBLnUvw.ini2
2008-07-23 15:16:37 0 d-------- C:\Program Files\Trend Micro
2008-07-23 14:08:30 592751 --ahs---- C:\WINDOWS\system32\fMSYcMoq.ini2
2008-07-23 10:52:39 101888 --a------ C:\WINDOWS\system32\lncjnq.dll
2008-07-23 10:52:39 101888 --a------ C:\WINDOWS\system32\dstglyml.dll
2008-07-23 10:52:37 1043 --a------ C:\WINDOWS\system32\ajbvapek.dll
2008-07-23 10:51:20 93696 --a------ C:\WINDOWS\system32\ebbqsioj.dll
2008-07-10 22:46:06 101376 --a------ C:\WINDOWS\system32\eqivjy.dll
2008-07-10 22:46:05 101376 --a------ C:\WINDOWS\system32\nxqlumny.dll
2008-07-10 22:46:03 80896 --a------ C:\WINDOWS\system32\xymqtoui.dll
2008-07-10 22:11:29 596186 --ahs---- C:\WINDOWS\system32\wyaabLUt.ini2
2008-07-10 21:23:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-10 21:18:58 101376 --a------ C:\WINDOWS\system32\oxxutppo.dll
2008-07-10 21:18:58 101376 --a------ C:\WINDOWS\system32\myjsmr.dll
2008-07-09 22:04:18 0 d--hs---- C:\WINDOWS\CSC
2008-07-09 21:04:22 101888 --a------ C:\WINDOWS\system32\wavqfk.dll
2008-07-09 21:04:20 101888 --a------ C:\WINDOWS\system32\vlieiqam.dll
2008-07-09 20:59:16 92160 --a------ C:\WINDOWS\system32\qqjaitud.dll
2008-07-08 20:59:06 101376 --a------ C:\WINDOWS\system32\wuzdpx.dll
2008-07-08 20:59:06 101376 --a------ C:\WINDOWS\system32\cqvhrlbk.dll
2008-07-08 16:45:39 101376 --a------ C:\WINDOWS\system32\qgvjblav.dll
2008-07-08 16:45:39 101376 --a------ C:\WINDOWS\system32\byzuid.dll
2008-07-08 16:42:31 81408 --a------ C:\WINDOWS\system32\ngdsxnaw.dll
2008-07-08 16:39:07 598084 --ahs---- C:\WINDOWS\system32\JPXHOXbc.ini2
2008-07-07 20:58:40 91648 --a------ C:\WINDOWS\system32\talvjxps.dll
2008-07-06 18:07:48 0 d-------- C:\Documents and Settings\Ian\Application Data\SystemDefender
2008-07-06 18:05:27 0 d-------- C:\iSecurity
2008-07-06 12:28:06 101888 --a------ C:\WINDOWS\system32\pglwpi.dll
2008-07-06 12:28:05 101888 --a------ C:\WINDOWS\system32\eybxvguq.dll
2008-07-06 12:22:40 0 d-------- C:\Documents and Settings\Maya\Application Data\SystemDefender
2008-07-06 07:55:23 0 d-------- C:\Program Files\sprof
2008-07-06 07:55:15 0 d-------- C:\WINDOWS\system32\931928
2008-07-05 12:44:22 547553 --ahs---- C:\WINDOWS\system32\AdNUxGgh.ini2
2008-07-05 08:16:02 101376 --a------ C:\WINDOWS\system32\sylrvmwe.dll
2008-07-05 08:16:02 101376 --a------ C:\WINDOWS\system32\gczvjv.dll
2008-07-05 08:16:01 81408 --a------ C:\WINDOWS\system32\hkwvhbas.dll
2008-07-04 20:22:40 345 --ahs---- C:\WINDOWS\system32\iQpVDJjl.ini2
2008-07-04 11:58:33 104960 --a------ C:\WINDOWS\system32\ocbrmm.dll
2008-07-04 11:58:31 104960 --a------ C:\WINDOWS\system32\anwrphsy.dll
2008-07-04 11:57:41 574251 --ahs---- C:\WINDOWS\system32\xacMUvut.ini2
2008-07-04 09:34:37 0 dr-h----- C:\Documents and Settings\Jane\Recent
2008-07-04 05:24:08 104448 --a------ C:\WINDOWS\system32\ealwun.dll
2008-07-04 05:24:08 104448 --a------ C:\WINDOWS\system32\chsykxic.dll
2008-07-03 16:16:27 104448 --a------ C:\WINDOWS\system32\wtdaar.dll
2008-07-03 16:16:26 104448 --a------ C:\WINDOWS\system32\fkgyybqp.dll
2008-07-03 16:15:38 585930 --ahs---- C:\WINDOWS\system32\FhjSAcfe.ini2
2008-07-02 21:25:23 104448 --a------ C:\WINDOWS\system32\ldnktdax.dll
2008-07-02 21:25:23 104448 --a------ C:\WINDOWS\system32\esjhai.dll
2008-06-30 19:11:18 585996 --ahs---- C:\WINDOWS\system32\AKklUvut.ini2
2008-06-30 19:06:29 0 d--hs---- C:\WINDOWS\SmFuZQ
2008-06-30 19:06:24 0 d-------- C:\WINDOWS\system32\rev2
2008-06-30 19:06:24 0 d-------- C:\WINDOWS\system32\mb9
2008-06-30 19:06:16 0 d-------- C:\WINDOWS\system32\modtrux05
2008-06-30 19:06:16 0 d-------- C:\Temp
2008-06-27 21:21:02 0 d-------- C:\Documents and Settings\Joe\Application Data\alot
2008-06-23 16:20:59 0 d-------- C:\Documents and Settings\Maya\Application Data\alot
-- Find3M Report ---------------------------------------------------------------
2008-07-23 16:47:25 0 d-------- C:\Program Files\Google
2008-07-23 16:46:39 0 d-------- C:\Program Files\DivX
2008-07-23 16:46:38 0 d-------- C:\Program Files\Common Files
2008-07-23 13:52:07 1324 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-07-23 10:55:02 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-23 10:54:54 0 d-------- C:\Documents and Settings\Joe\Application Data\Virgin Broadband
2008-07-23 10:54:43 0 d-------- C:\Program Files\Common Files\PestPatrol
2008-07-23 10:54:39 0 d-------- C:\Program Files\Common Files\Command Software
2008-07-23 09:48:02 0 d-------- C:\Program Files\Common Files\PCSuite
2008-07-23 09:47:29 0 d-------- C:\Documents and Settings\Joe\Application Data\Nokia
2008-06-03 15:12:02 0 d-------- C:\Program Files\Common Files\logishrd
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{468921d9-1c6b-4ce8-bf81-b8a100126d42}]
23/07/2008 16:03 101888 --a------ C:\WINDOWS\system32\qhfyfy.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/07/2006 13:19]
"AGRSMMSG"="AGRSMMSG.exe" [12/12/2005 15:50 C:\WINDOWS\AGRSMMSG.exe]
"HDAudDeck"="C:\Program Files\VIAudioi\HDADeck\HDeck.exe" [17/07/2006 15:36]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 13:19]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [03/01/2007 20:04]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/01/2007 20:04]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [09/03/2007 12:09]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [23/07/2008 15:58]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [27/09/2005 01:34]
"BMe707ee62"="C:\WINDOWS\system32\blwwlkwa.dll" [23/07/2008 16:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [10/08/2004 20:00]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\wvUnLBUL
path=
backup=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
C:\Program Files\BroadJump\Client Foundation\CFD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMe707ee62]
Rundll32.exe "C:\WINDOWS\system32\blwwlkwa.dll",s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e434ddfe]
rundll32.exe "C:\WINDOWS\system32\rroajvbf.dll",b
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoToolbar]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8784 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-07-23 17:33:42 ------------
Extra.txt[
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Core2 CPU 6300 @ 1.86GHz
CPU 1: Intel® Core2 CPU 6300 @ 1.86GHz
Percentage of Memory in Use: 42%
Physical Memory (total/avail): 1022.42 MiB / 585.35 MiB
Pagefile Memory (total/avail): 2454.46 MiB / 2094.31 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.88 MiB
C: is Fixed (NTFS) - 227.54 GiB total, 1.22 GiB free.
D: is CDROM (No Media)a
E: is Removable (FAT)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
\\.\PHYSICALDRIVE0 - WDC WD2500JS-00NCB1 - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 227.54 GiB - C:
\PARTITION1 - Unknown - 5.34 GiB
\\.\PHYSICALDRIVE4 - CHIPSBNK USB 2.0 USB Device - 1004.06 MiB - 1 partition
\PARTITION0 (bootable) - MS-DOS V4 Huge - 1004.73 MiB - E:
\\.\PHYSICALDRIVE1 - Generic Flash HS-CF USB Device
\\.\PHYSICALDRIVE2 - Generic Flash HS-MS/SD USB Device
\\.\PHYSICALDRIVE3 - Generic Flash HS-SM USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: Norton Internet Worm Protection v2006 (Symantec)
DisabledAV: AVG Anti-Virus Free v8.0 (AVG Technologies)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:enabled:Remote Assistance"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:enabled:Windows Messenger"
"C:\\Program Files\\NetMeeting\\Conf.exe"="C:\\Program Files\\NetMeeting\\Conf.exe:*:enabled:NetMeeting"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL 9.0a"
"C:\\Program Files\\AOL 9.0b\\waol.exe"="C:\\Program Files\\AOL 9.0b\\waol.exe:*:Enabled:AOL 9.0b"
"C:\\Program Files\\AOL 9.0c\\waol.exe"="C:\\Program Files\\AOL 9.0c\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0d\\waol.exe"="C:\\Program Files\\AOL 9.0d\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0e\\waol.exe"="C:\\Program Files\\AOL 9.0e\\waol.exe:*:Enabled:AOL"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:enabled:Remote Assistance"
"C:\\Program Files\\NetMeeting\\Conf.exe"="C:\\Program Files\\NetMeeting\\Conf.exe:*:enabled:NetMeeting"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL 9.0a"
"C:\\Program Files\\AOL 9.0b\\waol.exe"="C:\\Program Files\\AOL 9.0b\\waol.exe:*:Enabled:AOL 9.0b"
"C:\\Program Files\\AOL 9.0c\\waol.exe"="C:\\Program Files\\AOL 9.0c\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0d\\waol.exe"="C:\\Program Files\\AOL 9.0d\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1168202033\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1168202033\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\AOL 9.0e\\waol.exe"="C:\\Program Files\\AOL 9.0e\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Joe\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SCOTTDOWNIE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Joe
LOGONSERVER=\\SCOTTDOWNIE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Joe\LOCALS~1\Temp
TMP=C:\DOCUME~1\Joe\LOCALS~1\Temp
USERDOMAIN=SCOTTDOWNIE
USERNAME=Joe
USERPROFILE=C:\Documents and Settings\Joe
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Jane
(admin)Ian
(admin)Joe
(admin)Maya
(admin)Joy
(admin)Franki
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
AOL Uninstaller --> C:\Program Files\Common Files\AOL\uninstaller.exe
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Broadband Help --> MsiExec.exe /I{01B6480D-3937-4E82-AB2C-8E4C591BEFE5}
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
Creatix V.92 Data Fax Modem --> agrsmdel
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
High Definition Audio Driver Package - KB888111 --> C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{A9F5421F-DA70-4C77-BB97-8D77EC33ED5E}\setup\hpzscr01.exe -datfile hposcr09.dat
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
LiveUpdate 3.1 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
McDonald's Fairies --> C:\Program Files\McDonaldsFairies\uninstall.exe
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0) --> C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OCA Client history tool install --> "C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Registry Mechanic 6.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
Roxio Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Shop for HP Supplies --> C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
VIA Platform Device Manager --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (03/05/2008 3.7) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Windows Driver Package - Nokia Modem (08/08/2007 3.3) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_32E2E448B53EE5B28E074D88802D0BAF984038DA\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition Screen Saver Screen Saver --> C:\WINDOWS\system32\WINDOW~1.SCR /U
X10 Hardware --> C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
-- Application Event Log -------------------------------------------------------
Event Record #/Type20544 / Error
Event Submitted/Written: 07/23/2008 05:32:41 PM
Event ID/Source: 11 / crypt32
Event Description:
Failed extract of third-party root list from auto update cab at: <
http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Event Record #/Type20540 / Error
Event Submitted/Written: 07/23/2008 05:26:26 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error
Initialization of the COM subsystem failed. Error code: 0x80070422
Event Record #/Type20486 / Error
Event Submitted/Written: 07/23/2008 11:34:53 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]
Event Record #/Type20485 / Error
Event Submitted/Written: 07/23/2008 11:34:43 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application SpybotSD.exe, version 1.6.0.30, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type20465 / Error
Event Submitted/Written: 07/23/2008 09:58:41 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application ad-aware.exe, version 6.2.0.206, faulting module tulbaayw.dll, version 0.0.0.0, fault address 0x00013be7.
Processing media-specific event for [ad-aware.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type186482 / Error
Event Submitted/Written: 07/23/2008 05:26:26 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service LiveUpdate with arguments ""
in order to run the server:
{03E0E6C2-363B-11D3-B536-00902771A435}
Event Record #/Type186481 / Error
Event Submitted/Written: 07/23/2008 05:26:26 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service LiveUpdate with arguments ""
in order to run the server:
{03E0E6C2-363B-11D3-B536-00902771A435}
Event Record #/Type186463 / Error
Event Submitted/Written: 07/23/2008 05:21:56 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The CSS DVP service failed to start due to the following error:
%%2
Event Record #/Type186430 / Error
Event Submitted/Written: 07/23/2008 04:52:34 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The CSS DVP service failed to start due to the following error:
%%2
Event Record #/Type186401 / Error
Event Submitted/Written: 07/23/2008 04:31:41 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The CSS DVP service failed to start due to the following error:
%%2
-- End of Deckard's System Scanner: finished at 2008-07-23 17:33:42 ------------