Ok here it is
Main.txt
Deckard's System Scanner v20071014.68
Run by Nicola's [bleep] on 2008-06-29 00:09:43
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
10: 2008-06-29 04:09:51 UTC - RP232 - Deckard's System Scanner Restore Point
9: 2008-06-28 07:57:18 UTC - RP231 - Microsoft OneCare Protection Checkpoint
8: 2008-06-27 09:47:46 UTC - RP230 - Software Distribution Service 3.0
7: 2008-06-27 09:26:24 UTC - RP229 - Software Distribution Service 3.0
6: 2008-06-27 07:44:24 UTC - RP228 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-06-27 04:24:50 UTC - RP223 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-29 00:11:17
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\WINDOWS\system32\TPHDEXLG.exe
C:\WINDOWS\system32\TpKmpSvc.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Nicola's [bleep]\Desktop\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft....k/?LinkId=74005R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: (no name) - {2890C98D-5959-4A94-A6C2-C59E85462152} - (no file)
O3 - Toolbar: (no name) - {AC9264CC-124E-43B6-9144-8664D704A0BC} - (no file)
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Student\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -
https://support.micr...veX/MSDcode.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://fpdownload.ma...director/sw.cabO16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) -
http://catalog.updat...b?1211207009593O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1192929343828O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: ACNotify - C:\WINDOWS\system32\ACNotify.dll (file missing)
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\system32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSvc.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\IBM ThinkVantage\Client Security Solution\ibmtcsd.exe
O23 - Service: TVT Backup Service - Unknown owner - C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Unknown owner - C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
O23 - Service: ThinkVantage System Update (UCLauncherService) - Unknown owner - C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
--
End of file - 9699 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 Shockprf - c:\windows\system32\drivers\shockprf.sys <Not Verified; Lenovo; ThinkVantage Active Protection System>
R1 ANC - c:\windows\system32\drivers\anc.sys <Not Verified; IBM Corp.; IBM Access Connections>
R1 IBMTPCHK - c:\windows\system32\drivers\ibmbldid.sys
R1 ShockMgr - c:\windows\system32\drivers\shockmgr.sys <Not Verified; Lenovo.; ThinkVantage Active Protection System>
R1 Smapint - c:\windows\system32\drivers\smapint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows NT Operating System>
R1 TDSMAPI - c:\windows\system32\drivers\tdsmapi.sys
R1 TPHKDRV - c:\windows\system32\drivers\tphkdrv.sys <Not Verified; IBM Corporation; ThinkPad OnScreenDisplay>
R1 TPPWRIF - c:\windows\system32\drivers\tppwrif.sys
R1 TSMAPIP - c:\windows\system32\drivers\tsmapip.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.5.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.5.0>
R2 EGATHDRV (IBM eGatherer) - c:\windows\system32\egathdrv.sys <Not Verified; IBM Corporation; IBM eGatherer>
R2 ibmfilter - c:\windows\system32\drivers\ibmfilter.sys <Not Verified; IBM; RRU>
R2 pmem - c:\windows\system32\drivers\pmemnt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows NT Operating System>
R2 PrivateDisk - c:\program files\ibm thinkvantage\safeguard privatedisk\privatediskm.sys <Not Verified; Utimaco Safeware AG; SafeGuard PrivateDisk>
R2 PROCDD (IPS Helper Driver) - c:\windows\system32\drivers\procdd.sys <Not Verified; Lenovo Group Limited; Away Manager>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R2 smi2 - c:\program files\smi2\smi2.sys <Not Verified; IBM Corp.; TVT SMI Bios driver>
S3 psadd (IBM PSA Access Driver) - c:\windows\system32\drivers\psadd.sys <Not Verified; Lenovo; SMI Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 IPSSVC (IPS Core Service) - c:\windows\system32\ipssvc.exe <Not Verified; Lenovo Group Limited; Away Manager>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 TPHDEXLGSVC (ThinkPad HDD APS Logging Service) - system32\tphdexlg.exe <Not Verified; Lenovo.; ThinkVantage Active Protection System>
R2 TpKmpSVC (IBM KCU Service) - c:\windows\system32\tpkmpsvc.exe
R2 TVT Scheduler - "c:\program files\ibm thinkvantage\common\scheduler\tvtsched.exe" <Not Verified; ; tvtsched Module>
R2 UCLauncherService (ThinkVantage System Update) - c:\program files\thinkvantage\systemupdate\uclauncherservice.exe
S3 PsaSrv (IBM PSA Access Driver Control) -
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-06-29 00:10:00 388 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AE952DE2-4671-4745-AE25-AB9FD7571EC1}.job
2008-06-29 00:07:19 256 --a------ C:\WINDOWS\Tasks\Disk Cleanup.job
2008-06-28 03:57:00 254 --a------ C:\WINDOWS\Tasks\Windows Update.job
2008-06-18 14:44:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-05-27 03:59:09 316 --a------ C:\WINDOWS\Tasks\PMTask.job
-- Files created between 2008-05-29 and 2008-06-29 -----------------------------
2008-06-28 02:12:04 0 d-------- C:\Temp
2008-06-28 01:43:14 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\WinRAR
2008-06-27 23:24:34 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\LimeWire
2008-06-27 12:03:08 0 d-------- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data\Apple Computer
2008-06-27 09:41:51 0 d-------- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data\Identities
2008-06-27 09:41:51 0 d-------- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data\IBM
2008-06-27 09:41:51 0 d-------- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data\Google
2008-06-27 09:41:50 0 d--h----- C:\Documents and Settings\nic.LENOVO-594FD52A\Templates
2008-06-27 09:41:50 0 dr------- C:\Documents and Settings\nic.LENOVO-594FD52A\Start Menu
2008-06-27 09:41:50 0 dr-h----- C:\Documents and Settings\nic.LENOVO-594FD52A\SendTo
2008-06-27 09:41:50 0 dr-h----- C:\Documents and Settings\nic.LENOVO-594FD52A\Recent
2008-06-27 09:41:50 0 d--h----- C:\Documents and Settings\nic.LENOVO-594FD52A\PrintHood
2008-06-27 09:41:50 1048576 --ah----- C:\Documents and Settings\nic.LENOVO-594FD52A\NTUSER.DAT
2008-06-27 09:41:50 0 d--h----- C:\Documents and Settings\nic.LENOVO-594FD52A\NetHood
2008-06-27 09:41:50 0 dr------- C:\Documents and Settings\nic.LENOVO-594FD52A\My Documents
2008-06-27 09:41:50 0 d--h----- C:\Documents and Settings\nic.LENOVO-594FD52A\Local Settings
2008-06-27 09:41:50 0 dr------- C:\Documents and Settings\nic.LENOVO-594FD52A\Favorites
2008-06-27 09:41:50 0 d-------- C:\Documents and Settings\nic.LENOVO-594FD52A\Desktop
2008-06-27 09:41:50 0 d--hs---- C:\Documents and Settings\nic.LENOVO-594FD52A\Cookies
2008-06-27 09:41:50 0 dr-h----- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data
2008-06-27 09:41:50 0 d-------- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data\ThinkVantage
2008-06-27 09:41:50 0 d-------- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data\Symantec
2008-06-27 09:41:50 0 d---s---- C:\Documents and Settings\nic.LENOVO-594FD52A\Application Data\Microsoft
2008-06-27 06:16:47 0 d-------- C:\WINDOWS\Prefetch
2008-06-27 06:10:20 0 d-------- C:\WINDOWS\system32\scripting
2008-06-27 06:10:16 0 d-------- C:\WINDOWS\l2schemas
2008-06-27 06:10:14 0 d-------- C:\WINDOWS\system32\en
2008-06-27 06:02:43 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-27 05:27:03 0 d-------- C:\VundoFix Backups
2008-06-27 04:46:13 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Sun
2008-06-27 02:06:49 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Apple Computer
2008-06-27 02:06:04 0 d-------- C:\Program Files\uTorrent
2008-06-27 02:06:02 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\uTorrent
2008-06-27 01:54:55 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Mozilla
2008-06-27 00:43:42 0 d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-06-27 00:25:04 94208 --a------ C:\WINDOWS\system32\pphcgvoj0et1a.exe
2008-06-27 00:25:04 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\rhclvoj0et1a
2008-06-27 00:24:50 0 d-------- C:\Program Files\rhclvoj0et1a
2008-06-27 00:12:54 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Malwarebytes
2008-06-27 00:12:51 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-27 00:12:51 0 d------c- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-26 23:48:51 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Uniblue
2008-06-26 23:42:12 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\ErrorRepairTool
2008-06-26 23:29:35 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Macromedia
2008-06-26 23:23:25 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Adobe
2008-06-26 06:34:58 0 d--h----- C:\Documents and Settings\Nicola's [bleep]\Templates
2008-06-26 06:34:58 0 dr------- C:\Documents and Settings\Nicola's [bleep]\Start Menu
2008-06-26 06:34:58 0 dr-h----- C:\Documents and Settings\Nicola's [bleep]\SendTo
2008-06-26 06:34:58 0 dr-h----- C:\Documents and Settings\Nicola's [bleep]\Recent
2008-06-26 06:34:58 0 d--h----- C:\Documents and Settings\Nicola's [bleep]\PrintHood
2008-06-26 06:34:58 1572864 --ah----- C:\Documents and Settings\Nicola's [bleep]\NTUSER.DAT
2008-06-26 06:34:58 0 d--h----- C:\Documents and Settings\Nicola's [bleep]\NetHood
2008-06-26 06:34:58 0 dr------- C:\Documents and Settings\Nicola's [bleep]\My Documents
2008-06-26 06:34:58 0 d--h----- C:\Documents and Settings\Nicola's [bleep]\Local Settings
2008-06-26 06:34:58 0 dr------- C:\Documents and Settings\Nicola's [bleep]\Favorites
2008-06-26 06:34:58 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Desktop
2008-06-26 06:34:58 0 d--hs---- C:\Documents and Settings\Nicola's [bleep]\Cookies
2008-06-26 06:34:58 0 d--h----- C:\Documents and Settings\Nicola's [bleep]\Application Data
2008-06-26 06:34:58 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\ThinkVantage
2008-06-26 06:34:58 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Symantec
2008-06-26 06:34:58 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Identities
2008-06-26 06:34:58 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\IBM
2008-06-26 06:34:58 0 d-------- C:\Documents and Settings\Nicola's [bleep]\Application Data\Google
2008-06-26 03:38:13 0 d-------- C:\Program Files\CableRouting
2008-06-26 00:57:58 60928 --a------ C:\WINDOWS\system32\blphcgvoj0et1a.scr <Not Verified; Sysinternals; Sysinternals Blue Screen>
2008-06-26 00:49:46 0 d------c- C:\Documents and Settings\los\Application Data\WinRAR
2008-06-23 06:36:36 57436 --a------ C:\WINDOWS\DASShp.dll <Not Verified; Microsoft Corporation; Microsoft® DAS Client Components>
2008-06-23 06:36:36 0 d-------- C:\Program Files\Microsoft Reader
2008-06-22 05:46:36 51712 --a------ C:\WINDOWS\wc98pp.dll
2008-06-20 01:09:46 0 d------c- C:\Documents and Settings\los\Application Data\Mozilla
2008-06-19 08:22:30 0 d--hs--c- C:\Documents and Settings\All Users\Application Data\System Restore
2008-06-19 04:46:10 0 d------c- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-18 06:26:38 0 d------c- C:\Documents and Settings\los\Application Data\FireShot
2008-06-18 06:13:12 0 d-------- C:\Documents and Settings\los\dwhelper
2008-06-18 02:55:50 0 d------c- C:\Program Files\PBA
2008-06-18 00:08:09 1160 --a------ C:\WINDOWS\mozver.dat
2008-06-17 00:42:08 0 d------c- C:\Documents and Settings\los\Application Data\Help
2008-06-12 03:51:19 0 d------c- C:\Program Files\QuickTime
2008-06-12 03:49:06 0 d-------- C:\Program Files\Apple Software Update
2008-06-12 01:08:53 9058 --a------ C:\WINDOWS\system32\kjtqpuwi.dll
2008-06-11 01:10:48 0 d-------- C:\Documents and Settings\nic\Application Data\Macromedia
2008-06-11 01:10:48 0 d-------- C:\Documents and Settings\nic\Application Data\Adobe
2008-06-11 01:08:33 0 d-------- C:\Documents and Settings\nic\Application Data\Yahoo!
2008-06-11 01:07:38 0 d-------- C:\Documents and Settings\nic\Application Data\Mozilla
2008-06-07 14:39:48 0 d--h----- C:\Documents and Settings\nic\Templates
2008-06-07 14:39:48 0 dr------- C:\Documents and Settings\nic\Start Menu
2008-06-07 14:39:48 0 dr-h----- C:\Documents and Settings\nic\SendTo
2008-06-07 14:39:48 0 dr-h----- C:\Documents and Settings\nic\Recent
2008-06-07 14:39:48 0 d--h----- C:\Documents and Settings\nic\PrintHood
2008-06-07 14:39:48 2883584 --ah----- C:\Documents and Settings\nic\NTUSER.DAT
2008-06-07 14:39:48 0 d--h----- C:\Documents and Settings\nic\NetHood
2008-06-07 14:39:48 0 dr------- C:\Documents and Settings\nic\My Documents
2008-06-07 14:39:48 0 d--h----- C:\Documents and Settings\nic\Local Settings
2008-06-07 14:39:48 0 dr------- C:\Documents and Settings\nic\Favorites
2008-06-07 14:39:48 0 d-------- C:\Documents and Settings\nic\Desktop
2008-06-07 14:39:48 0 d--hs---- C:\Documents and Settings\nic\Cookies
2008-06-07 14:39:48 0 dr-h----- C:\Documents and Settings\nic\Application Data
2008-06-07 14:39:48 0 d-------- C:\Documents and Settings\nic\Application Data\ThinkVantage
2008-06-07 14:39:48 0 d-------- C:\Documents and Settings\nic\Application Data\Symantec
2008-06-07 14:39:48 0 d---s---- C:\Documents and Settings\nic\Application Data\Microsoft
2008-06-07 14:39:48 0 d-------- C:\Documents and Settings\nic\Application Data\Identities
2008-06-07 14:39:48 0 d-------- C:\Documents and Settings\nic\Application Data\IBM
2008-06-07 14:39:48 0 d-------- C:\Documents and Settings\nic\Application Data\Google
2008-06-06 02:10:08 0 d------c- C:\Documents and Settings\los\Application Data\dvdcss
2008-05-29 01:42:28 0 d-------- C:\WINDOWS\system32\NtmsData
-- Find3M Report ---------------------------------------------------------------
2008-06-29 00:00:01 5427 --a------ C:\WINDOWS\system32\EGATHDRV.SYS <Not Verified; IBM Corporation; IBM eGatherer>
2008-06-27 06:11:12 0 d------c- C:\Program Files\Messenger
2008-06-27 06:10:13 0 d------c- C:\Program Files\Movie Maker
2008-06-27 06:02:15 0 d------c- C:\Program Files\Windows NT
2008-06-27 01:06:09 0 d-------- C:\Program Files\Common Files
2008-06-27 01:06:01 0 d-------- C:\Program Files\Lavasoft
2008-06-26 03:30:46 0 d------c- C:\Program Files\MSN Gaming Zone
2008-06-23 06:36:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-19 09:58:48 0 d------c- C:\Program Files\PrintMaster Silver 17
2008-06-18 12:10:41 738477 --ahs---- C:\WINDOWS\system32\RrYaGMoq.ini2
2008-06-18 10:02:57 0 d-------- C:\Program Files\DivX
2008-06-18 03:04:14 0 d------c- C:\Program Files\Support Tools
2008-06-16 00:04:38 0 d------c- C:\Program Files\Yahoo!
2008-06-16 00:00:54 0 d------c- C:\Program Files\The Print Shop 20
2008-06-16 00:00:46 0 d-------- C:\Program Files\Common Files\Broderbund
2008-06-15 23:58:27 0 d------c- C:\Program Files\Web Publish
2008-05-29 05:16:19 0 d------c- C:\Program Files\LimeWire
2008-05-27 02:12:58 0 d------c- C:\Program Files\MSECache
2008-05-26 21:20:41 9058 --a------ C:\WINDOWS\system32\ckxeyrrh.dll
2008-05-25 16:42:22 760256 --ahs---- C:\WINDOWS\system32\aJRtDfhk.ini2
2008-05-21 23:03:36 0 d-------- C:\Program Files\Broderbund
2008-05-19 09:54:06 0 d------c- C:\Program Files\Online Services
2008-05-19 02:46:19 0 d------c- C:\Program Files\Safer Networking
2008-05-17 16:36:41 0 d------c- C:\Program Files\Microsoft Games
2008-05-15 05:51:56 73 --a------ C:\WINDOWS\system32\ssprs.dll
2008-05-15 05:51:55 205 --a------ C:\WINDOWS\system32\lsprst7.dll
2008-05-15 05:51:46 1025 --a------ C:\WINDOWS\system32\clauth2.dll
2008-05-15 05:51:46 1025 --a------ C:\WINDOWS\system32\clauth1.dll
2008-05-15 05:51:45 1025 --a------ C:\WINDOWS\system32\sysprs7.dll
2008-05-07 06:56:51 1 --a------ C:\WINDOWS\system32\kr_done1de
2008-05-07 06:56:32 0 -rahs---- C:\MSDOS.SYS
2008-05-07 06:56:32 0 -rahs---- C:\IO.SYS
2008-05-07 02:26:29 0 d------c- C:\Program Files\VideoLAN
2008-05-05 00:59:10 0 d-------- C:\Program Files\Google
2008-04-09 03:00:27 10246 --ahs---- C:\WINDOWS\system32\VvwFNqss.ini2
2008-04-09 01:17:53 243 --a------ C:\832.bat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [05/27/2008 10:50 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [05/28/2008 12:35 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 08:12 PM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [10/18/2006 08:05 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
C:\Documents and Settings\Nicola's [bleep]\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [5/27/2008 7:23:48 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]
ACNotify.dll 02/01/2006 01:13 AM 32768 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]
C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 03/23/2006 05:03 AM 49152 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
notifyf2.dll 07/06/2005 02:45 AM 28672 C:\WINDOWS\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
tphklock.dll 11/30/2005 11:16 PM 24576 C:\WINDOWS\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli csspwntfy
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^los^Start Menu^Programs^Startup^WordWeb.lnk]
path=C:\Documents and Settings\los\Start Menu\Programs\Startup\WordWeb.lnk
backup=C:\WINDOWS\pss\WordWeb.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTray]
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACWLIcon]
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BLOG]
rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
"C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauth.exe" silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]
"C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneCareUI]
"C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDService.exe]
"C:\Program Files\IBM ThinkVantage\SafeGuard PrivateDisk\pdservice.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRMGRTR]
rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\suScheduler]
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe /SCHEDULER
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TP4EX]
tp4ex.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPHELPER]
C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TpShocks]
TpShocks.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8761 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-06-29 00:14:21 ------------
extra.txt
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: English
CPU 0: Intel® Celeron® M CPU 420 @ 1.60GHz
Percentage of Memory in Use: 52%
Physical Memory (total/avail): 1014.36 MiB / 486.46 MiB
Pagefile Memory (total/avail): 3965.52 MiB / 3529.36 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1918.05 MiB
C: is Fixed (NTFS) - 51.33 GiB total, 29.46 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - HTS541060G9SA00 - 55.89 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 51.33 GiB - C:
\PARTITION1 - Unknown - 4.55 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Nicola's [bleep]\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LENOVO-594FD52A
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Nicola's [bleep]
IBMSHARE=C:\IBMSHARE
LOGONSERVER=\\LENOVO-594FD52A
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ThinkPad\Utilities;C:\Program Files\Intel\Wireless\Bin;C:\Program Files\IBM ThinkVantage\Client Security Solution;C:\Program Files\ThinkPad\ConnectUtilities;C:\Program Files\Support Tools;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
RR=C:\Program Files\IBM ThinkVantage\Rescue and Recovery
SESSIONNAME=Console
SMA=C:\Program Files\IBM ThinkVantage\SMA\
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\NICOLA~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\NICOLA~1\LOCALS~1\Temp
TVT=C:\Program Files\IBM ThinkVantage
TVTPYDIR=C:\Program Files\IBM ThinkVantage\Common\Python24
USERDOMAIN=LENOVO-594FD52A
USERNAME=Nicola's [bleep]
USERPROFILE=C:\Documents and Settings\Nicola's [bleep]
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Student
(admin)los
(admin)nic
(admin)Nicola's [bleep]
(admin)nic.LENOVO-594FD52A
(new local, admin)Administrator
(admin)Guest
(new local, guest)-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Access Help --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\Setup.exe" -l0x9 UNINSTALL
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader 8.1.2 Security Update 1 (KB403742) -->
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Age of Mythology --> "C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
AntivirXP08 --> "C:\Program Files\rhclvoj0et1a\uninstall.exe"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
GTOneCare --> MsiExec.exe /X{CA40DD4F-D30E-4622-8783-1ED1E81340C2}
Help Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{986F64DC-FF15-449D-998F-EE3BCEC6666A}\Setup.exe" -l0x9 -AddRemove
High Definition Audio Driver Package - KB888111 -->
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IBM 32-bit Runtime Environment for Java 2, v1.4.2 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E922961C-6DB6-41DE-9FEA-426DF3E9F81C} /l1033
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
LimeWire 4.18.1 --> "C:\Program Files\LimeWire\uninstall.exe"
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Message Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}\Setup.exe" -l0x9 -AddRemove
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Protection Service --> MsiExec.exe /I{85CFDC2D-710E-49D5-B799-F3743CA506BA}
Microsoft Reader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6F7DBE7-2FE2-458F-A738-B10832746036}\Setup.exe" -L0x9
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Windows Live OneCare Resources v2.0.2500.32 --> MsiExec.exe /I{5660022E-F3F2-4126-8CC5-9726C47150EB}
Microsoft Windows OneCare Live AntiSpyware and AntiVirus --> MsiExec.exe /I{E6A31482-989E-4E3C-B0C0-1ED4DBD5BC83}
Microsoft Windows OneCare Live v2.0.2500.32 --> MsiExec.exe /I{D07A8E7E-D324-4945-BA8C-E532AD008FF3}
Microsoft Windows OneCare Live v2.0.2500.32 Idcrl Install --> MsiExec.exe /I{3851147E-5A91-4469-BA4D-13FFFCC8A920}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
NavigationAdvisor --> C:\Program Files\NavigationAdvisor\uninstall.exe
PCPrivacyCleaner --> "C:\Program Files\PCPrivacyCleaner\pcpc.exe" -uninstall
PrintMaster Silver 17 --> MsiExec.exe /I{AC4D65B6-F6A2-4FDC-9436-0C29DE29C457}
Productivity Center Supplement for ThinkPad --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D728E945-256D-4477-B377-6BBA693714AC}\SETUP.EXE" -l0x9 -AddRemove
PX Engine --> MsiExec.exe /I{6513E869-647F-40FD-A55D-CFC92579B9BA}
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Remove Multimedia Center --> C:\ibmtools\apps\recnow\sequencer.exe -fc:\ibmtools\apps\recnow\uninst.seq
Rescue and Recovery - Client Security Solution --> MsiExec.exe /I{BF90215F-2D7B-4C84-8A24-A03BC41B95DD}
RLPrintPlugin --> MsiExec.exe /I{3E55A2EC-00A6-4B4E-80BF-B5FEF79A5411}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) -->
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Software Installer --> _tpiu000.exe /U
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
System Migration Assistant --> MsiExec.exe /X{CA89B56F-E71B-4E08-82A9-580533E1C048}
The Print Shop Premium Fonts --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F64D075-84F1-4EBC-A842-F2EF9C58009A}\Setup.exe" -l0x9
ThinkPad Configuration --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC081D4D-DF1B-4CF1-B530-027E4118D846}\SETUP.EXE" -l0x9 -AddRemove
ThinkPad EasyEject Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1297C681-92D7-40EF-93BF-03F66EC5105C}\SETUP.EXE" -l0x9 -AddRemove
ThinkPad FullScreen Magnifier --> RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall.NT 132 C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.inf
ThinkPad Keyboard Customizer Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2111B23F-7FDA-4A41-8309-E5A1663CA296}\SETUP.EXE" -l0x9 anything
ThinkPad Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588\HXFSETUP.EXE -U -ITkp0588p.inf
ThinkPad PC Card Power Policy --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUnInstall 132 C:\IBMTOOLS\OSFIXES\PCMCIAPW\pcmciapw.inf
ThinkPad Power Management Driver --> RunDll32.exe tpinspm.dll,Uninstall
ThinkPad Power Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}\SETUP.EXE" -l0x9 -AddRemove
ThinkPad Presentation Director --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ThinkPad\Utilities\UNNPDR.isu" -c"C:\Program Files\ThinkPad\Utilities\Tpinsnpd.dll"
ThinkPad UltraNav Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
ThinkPad UltraNav Wizard --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{82512BC9-BD5D-4C50-BE4D-B98E7DF78687}\SETUP.EXE" -l0x9 UNINSTALL
ThinkVantage Access Connections --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7EB114D8-207F-45AE-BABD-1669715F2630}\Setup.exe" -l0x9 anything
ThinkVantage Active Protection System --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72806716-7088-41B2-8FA6-717A2A164DAB}\SETUP.EXE" -l0x9 anything
ThinkVantage Away Manager --> Rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AWAYTASK.INF
ThinkVantage Productivity Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}\SETUP.EXE" -l0x9 -AddRemove
ThinkVantage System Update --> MsiExec.exe /X{2A43FF29-0D97-4445-B82D-9324F176AED5}
ThinkVantage Technologies Welcome Message --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1007F41F-7D69-468E-8017-3849A5A973C2}\SETUP.EXE" -l0x9 anything
TrackPoint Accessibility Features --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA664480-3844-11D5-8C25-444553540000}\Setup.exe"
VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Wallpapers --> MsiExec.exe /I{F386C340-DF4B-4BBA-9503-420FB7EDB395}
Windows Live OneCare --> "C:\Program Files\Microsoft Windows OneCare Live\OCSetup.exe" /u
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows NT 4.0 Internet Authentication Service snap-in --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\iasnt4.inf, Uninstall
Windows Support Tools --> MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WordWeb --> C:\Program Files\WordWeb\uninst.exe
XP Themes --> MsiExec.exe /I{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}
-- Application Event Log -------------------------------------------------------
Event Record #/Type8818 / Warning
Event Submitted/Written: 06/29/2008 00:07:29 AM / 06/29/2008 00:07:30 AM
Event ID/Source: 4354 / EventSystem
Event Description:
The COM+ Event System failed to fire the ConnectionMadeNoQOCInfo method on subscription {A82F0E80-1305-400C-BA56-375AE04264A1}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001.
Event Record #/Type8802 / Warning
Event Submitted/Written: 06/28/2008 11:46:22 PM
Event ID/Source: 4354 / EventSystem
Event Description:
The COM+ Event System failed to fire the ConnectionMadeNoQOCInfo method on subscription {A82F0E80-1305-400C-BA56-375AE04264A1}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001.
Event Record #/Type8790 / Warning
Event Submitted/Written: 06/28/2008 06:25:36 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cann