Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 3.0 Architecture: X86; Language: English CPU 0: Intel(R) Pentium(R) M processor 1.60GHz Percentage of Memory in Use: 73% Physical Memory (total/avail): 494.42 MiB / 132.78 MiB Pagefile Memory (total/avail): 1156.59 MiB / 777.24 MiB Virtual Memory (total/avail): 2047.88 MiB / 1921.3 MiB C: is Fixed (FAT32) - 35.7 GiB total, 0.59 GiB free. D: is Fixed (FAT32) - 35.87 GiB total, 31.82 GiB free. E: is CDROM (No Media) \\.\PHYSICALDRIVE0 - TOSHIBA MK8025GAS - 74.53 GiB - 3 partitions \PARTITION0 - Unknown - 2.93 GiB \PARTITION1 (bootable) - Unknown - 35.71 GiB - C: \PARTITION2 - Extended w/Extended Int 13 - 35.88 GiB - D: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\monthes\Application Data CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=THE1DERFULL ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\monthes LOGONSERVER=\\THE1DERFULL NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;D:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0d06 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\monthes\LOCALS~1\Temp TMP=C:\DOCUME~1\monthes\LOCALS~1\Temp USERDOMAIN=THE1DERFULL USERNAME=monthes USERPROFILE=C:\Documents and Settings\monthes windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- monthes [I](admin)[/I] guillaume [I](new local)[/I] henri [I](new local, admin)[/I] Administrator [I](admin)[/I] -- Add/Remove Programs --------------------------------------------------------- --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer English Online Help Creator\Uninst.isu" --> Dummy --> MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20} --> MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE} --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x9 UNINSTALL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent --> "D:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Acer eManager --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6DD28220-44BE-4882-B9C3-73B6F876046E} Acrobat.com --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 Acrobat.com --> MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07} Adobe AIR --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F} Adobe Download Manager 2.0 (Remove Only) --> "C:\Program Files\Common Files\Adobe\ESD\uninst.exe" Adobe Flash Player 10 Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} Ares 1.9.9 --> "D:\Program Files\Ares\uninstall.exe" AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL Brother MFL-Pro Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40A6C96D-808E-41DD-8716-617AB6B0F1F1}\Setup.exe" -l0x9 Brunin03.dllBrunin03.dll C-Media Wi-Sonic Wireless Audio Driver --> C:\WINDOWS\system32\cmrmdrvw.exe Conexant AC-Link Audio --> CIAunwdm.exe DDJMMAN --> MsiExec.exe /I{38917152-593E-4B2A-B5D5-FC9AFA851CC6} DVD Decrypter (Remove Only) --> "D:\Program Files\DVD Decrypter\uninstall.exe" FinePix Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}\SETUP.EXE" -l0x9 FinePixViewer Resource --> C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE -runfromtemp -l0x0009 -removeonly FinePixViewer Ver.5.4 --> C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE -runfromtemp -l0x0009 -removeonly First Step Guide --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D917C5F-1CF9-42E0-899F-78AC10576405}\setup.exe" -l0x9 UNINSTALL FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE" Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" ImageMixer EasyStepDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32C32B46-41C3-438F-94F6-55FE150D50D8}\setup.exe" -l0x9 UNINSTALL Indeo® Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" Intel(R) Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582 iTunes --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{47808F78-F178-49DC-B708-15FE538B16FF} J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Launch Manager --> C:\WINDOWS\UnInst32.exe QtZgAcer.UNI Linksys Wireless-G Music Bridge --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CCDF8BE-8BE8-45F1-BDAD-1195131E5AC5}\setup.exe" -l0x9 Macromedia Flash Player --> MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c} Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Streets and Trips 2005 with USB GPS --> MsiExec.exe /I{67E4EE98-59F4-4210-89A6-A20AF5BEC689} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (1.5.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.12 (en-US)" MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall Music Visualizer Library 1.4.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}\Setup.exe" -l0x9 NavExcel Search Toolbar (remove only) --> C:\WINDOWS\nxstinst.exe -u NavHelper --> "C:\Program Files\NavExcel\NavHelper\v2.0.4b\NHUninstaller.exe" Net MD Simple Burner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47E09785-B2FB-11D5-B8EE-00B0D0D26B88}\setup.exe" -l0x9 UNINSTALL NTI Backup NOW! 3 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4E68EAA3-775A-4542-A08A-47DB8E8E74A6} /l1033 BUNText NTI CD & DVD-Maker Gold --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778} /l1033 AnyText OpenMG Limited Patch 4.1-05-13-31-01 --> C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.1-05-13-31-01\HotFixSetup\setup.exe /u OpenMG Secure Module 4.1.00 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{2F151B50-B434-4838-B51D-70442EBA093E} UNINSTALL OpenOffice.org Installer 1.0 --> MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9} PaperPort --> MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064} Picture Package --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x9 UNINSTALL PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD} SoftV92 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6&SUBSYS_00641025\HXFSETUP.EXE -U -Iqta00645.inf SonicStage 3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x9 UNINSTALL -removeonly Sony DVD Handycam USB Driver 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A360821C-6B51-4EE4-A7E5-5E14B15004CD}\Setup.exe" UNINSTALL Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TBS WMP Plug-in --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{13515135-48BB-4184-8C1F-2FAE0138E200} Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{23C7348E-131C-4BFF-9763-2C804D6B87AE} Walgreens PhotoShow Express --> "C:\Program Files\Walgreens\Walgreens PhotoShow\data\Xtras\Uninstall.exe" Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type14611 / Warning Event Submitted/Written: 01/07/2009 10:01:27 AM Event ID/Source: 1524 / Userenv Event Description: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use. Event Record #/Type14606 / Error Event Submitted/Written: 01/05/2009 05:49:44 PM Event ID/Source: 5000 / MPSampleSubmission Event Description: EventType mptelemetry, P1 80072ee2, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Event Record #/Type14604 / Error Event Submitted/Written: 01/05/2009 05:47:17 PM Event ID/Source: 5000 / MPSampleSubmission Event Description: EventType mptelemetry, P1 80072ee2, P2 endsearch, P3 search, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 mptelemetry0, P10 mptelemetry1. Event Record #/Type14597 / Warning Event Submitted/Written: 01/05/2009 05:36:53 PM Event ID/Source: 1020 / ASP.NET 1.1.4322.0 Event Description: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i. Event Record #/Type14593 / Error Event Submitted/Written: 01/05/2009 05:19:53 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application iexplore.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type47917 / Warning Event Submitted/Written: 01/05/2009 06:48:24 PM Event ID/Source: 1002 / WinDefend Event Description: %THE1DERFULL27 scan has been stopped before completion. Scan ID: {97261FF2-CBE4-4C52-AF27-09929A759E5C} Scan Type: %THE1DERFULL01 Scan Parameters: %THE1DERFULL09 User: THE1DERFULL\monthes Event Record #/Type47912 / Warning Event Submitted/Written: 01/05/2009 05:52:28 PM Event ID/Source: 3004 / WinDefend Event Description: %THE1DERFULL27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %THE1DERFULL27 can't undo changes that you allow. For more information please see the following: %THE1DERFULL275 Scan ID: {3170ABB4-8B6D-44FB-A3C9-CA34B0B8EB69} User: THE1DERFULL\monthes Name: %THE1DERFULL271 ID: %THE1DERFULL272 Severity: 1.1.1593.05 Category: 1.1.1593.06 Path Found: %THE1DERFULL276 Alert Type: %THE1DERFULL278 Detection Type: 1.1.1593.02 Event Record #/Type47911 / Warning Event Submitted/Written: 01/05/2009 05:52:28 PM Event ID/Source: 3004 / WinDefend Event Description: %THE1DERFULL27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %THE1DERFULL27 can't undo changes that you allow. For more information please see the following: %THE1DERFULL275 Scan ID: {3BB7DECB-9875-4E68-9967-F44F2894A759} User: THE1DERFULL\monthes Name: %THE1DERFULL271 ID: %THE1DERFULL272 Severity: 1.1.1593.05 Category: 1.1.1593.06 Path Found: %THE1DERFULL276 Alert Type: %THE1DERFULL278 Detection Type: 1.1.1593.02 Event Record #/Type47910 / Warning Event Submitted/Written: 01/05/2009 05:51:03 PM Event ID/Source: 1002 / WinDefend Event Description: %THE1DERFULL27 scan has been stopped before completion. Scan ID: {B6D0987D-EBF5-4155-A7BE-41E6839D8AC0} Scan Type: %THE1DERFULL01 Scan Parameters: %THE1DERFULL09 User: THE1DERFULL\monthes Event Record #/Type47907 / Error Event Submitted/Written: 01/05/2009 05:13:23 PM Event ID/Source: 1003 / System Error Event Description: Error code 100000d1, parameter1 86400000, parameter2 00000002, parameter3 00000000, parameter4 f7244988. -- End of Deckard's System Scanner: finished at 2009-01-07 20:15:21 ------------