Deckard's System Scanner v20071014.68
Run by Owner on 2008-07-02 22:49:11
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 5 Restore Point(s) --
42: 2008-07-03 01:44:08 UTC - RP1232 - Deckard's System Scanner Restore Point
41: 2008-07-03 01:06:55 UTC - RP1231 - Avg8 Update
40: 2008-07-03 01:00:15 UTC - RP1230 - Restore Operation
39: 2008-07-02 02:51:41 UTC - RP1229 - Software Distribution Service 3.0
38: 2008-07-02 02:28:12 UTC - RP1228 - System Checkpoint
-- First Restore Point --
1: 2008-04-05 22:06:11 UTC - RP1191 - Installed Java™ 6 Update 5
Backed up registry hives.
Total Physical Memory: 511 MiB (512 MiB recommended).-- HijackThis (run as Owner.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:52 PM, on 7/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\McAfee\McAfee Parental Controls\GUARDDOG.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINNT\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\McAfee\McAfee Parental Controls\GUARDDOG.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINNT\system32\SK9910DM.EXE
C:\Program Files\Gateway Utilities\GWInkMonitor.exe
C:\WINNT\system32\CTHELPER.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\GWMDMMSG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Documents and Settings\Owner\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,C:\WINNT\system32\iftuyszv.exe,
O1 - Hosts: 66.159.20.51 astalavista.box.sk
O2 - BHO: (no name) - {015A9E1E-35A5-4F37-8046-B00573263248} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {080CA2DA-49C5-49B4-9795-CE709DCC6F5E} - C:\WINNT\system32\awtqrsTN.dll (file missing)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {68950839-2675-49E2-B6A5-442E0B0D1BA4} - C:\WINNT\system32\iifefCSL.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: MySidesearch Search Assistant - {9506910A-0F94-4ea1-B567-7070428B8B2B} - C:\WINNT\system32\mysidesearch_sidebar.dll
O2 - BHO: (no name) - {9B57E08D-2616-4163-A223-9349186C654D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: {22e79e17-bf5e-4c4b-0a04-414be0a9524b} - {b4259a0e-b414-40a0-b4c4-e5fb71e97e22} - C:\WINNT\system32\slafmb.dll
O2 - BHO: (no name) - {D06AF0D2-F274-4E4A-91CB-8E1C5B24CFB1} - C:\WINNT\system32\tuvVPjgH.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway Utilities\GWInkMonitor.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AdaptecDirectCD] "c:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINNT\system32\tcntaxdm.exe DWram1FF
O4 - HKLM\..\Run: [a4c7cea3] rundll32.exe "C:\WINNT\system32\oflfrlip.dll",b
O4 - HKLM\..\Run: [{7C-CE-E0-0C-DW}] c:\winnt\system32\rwwnw64d.exe DWram1FF
O4 - HKLM\..\Run: [runner1] C:\WINNT\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\RunOnce: [SpybotDeletingC4570] cmd /c del "C:\WINNT\system32\tuvVPjgH.dll_old"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINNT\system32\tcntaxdm.exe
O4 - Startup: DW_Start.lnk = C:\WINNT\system32\rwwnw64d.exe
O4 - Startup: Epson all-in-one Registration.lnk = D:\Titles\EpsonReg\EPSONREG.EXE
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Event Reminder.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} -
http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} -
http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} -
http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcaf...01/mcinsctl.cabO16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) - file://C:\Program Files\gateway\helpspot\TechTools.CAB
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} (Whale Client Components) -
https://iweb.frc.com.../WhlCompMgr.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://games.pogo.co...aploader_v5.cabO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: iifefCSL - C:\WINNT\SYSTEM32\iifefCSL.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee Parental Controls (GuardDogEXE) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee Parental Controls\GUARDDOG.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINNT\system32\IcdSptSv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Uno Installer (UnoInstallerService) - Unknown owner - C:\Program Files\M-Audio Uno\UnoInst.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 13221 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - "regedit.exe" "%1"-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 pfc (PADUS ASPI SHELL) - c:\winnt\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
S3 hid8101 - c:\winnt\system32\drivers\hid8101.sys <Not Verified; Compuware Corporation; DriverStudio>
S3 lredbooo - c:\documents and settings\dylan\local settings\temp\lredbooo.sys
S3 LTower (LEGO USB Tower Driver) - c:\winnt\system32\drivers\ltower.sys <Not Verified; The LEGO Group; LEGO USB Tower Driver>
S3 PCDRDRV (Pcdr Helper Driver) - c:\progra~1\pc-doc~1\diagno~1\pcdrdrv.sys (file missing)
S3 TnIDriver - c:\docume~1\owner\locals~1\temp\tni608.tmp (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 EpsonBidirectionalService - c:\program files\common files\epson\ebapi\eebsvc.exe
R2 EPSONStatusAgent2 (EPSON Printer Status Agent2) - c:\program files\common files\epson\ebapi\sagent2.exe <Not Verified; SEIKO EPSON CORPORATION; EPSON Bidirectional Printer>
R2 GuardDogEXE (McAfee Parental Controls) - "c:\program files\mcafee\mcafee parental controls\guarddog.exe" /service <Not Verified; Network Associates, Inc.; McAfee Parental Controls>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
S2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
S2 UnoInstallerService (Uno Installer) - c:\program files\m-audio uno\unoinst.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-07-02 18:57:16 364 --a------ C:\WINNT\Tasks\Symantec NetDetect.job
2003-08-04 18:06:56 254 --a------ C:\WINNT\Tasks\ISP signup reminder 2.job
-- Files created between 2008-06-02 and 2008-07-02 -----------------------------
2008-07-02 22:18:09 285120 --a------ C:\WINNT\system32\cbXNFuut.dll
2008-07-02 21:19:20 0 d-------- C:\Program Files\Trend Micro
2008-07-02 19:48:41 104448 --a------ C:\WINNT\system32\slafmb.dll
2008-07-02 19:48:32 104448 --a------ C:\WINNT\system32\mylmtlkd.dll
2008-07-02 18:42:20 640955 --ahs---- C:\WINNT\system32\NTsrqtwa.ini2
2008-06-30 19:56:55 104448 --a------ C:\WINNT\system32\djxzqa.dll
2008-06-30 19:56:47 104448 --a------ C:\WINNT\system32\glfjyfad.dll
2008-06-30 10:21:04 94208 --a------ C:\WINNT\system32\jkbbegqr.dll
2008-06-30 00:48:05 88961 --a------ C:\WINNT\system32\mysidesearch_sidebar_uninstall.exe
2008-06-30 00:47:01 298305 --a------ C:\WINNT\system32\gside.exe
2008-06-29 22:46:49 0 d--h----- C:\$AVG8.VAULT$
2008-06-29 22:38:47 0 d-------- C:\WINNT\system32\drivers\Avg
2008-06-29 22:38:46 0 d-------- C:\Documents and Settings\Owner\Application Data\AVGTOOLBAR
2008-06-29 22:38:19 0 d-------- C:\Program Files\AVG
2008-06-29 22:38:17 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-29 22:28:18 22528 --a------ C:\WINNT\time.exe
2008-06-29 22:28:17 26368 --a------ C:\WINNT\svcinit.exe
2008-06-29 22:28:16 19712 --a------ C:\WINNT\svchost32.exe
2008-06-29 22:28:16 17152 --a------ C:\WINNT\sistem.exe
2008-06-29 22:28:16 29952 --a------ C:\WINNT\searchword.dll
2008-06-29 22:28:15 29952 --a------ C:\WINNT\rundll16.exe
2008-06-29 22:28:15 16640 --a------ C:\WINNT\quicken.exe
2008-06-29 22:28:15 22784 --a------ C:\WINNT\qttasks.exe
2008-06-29 22:28:13 19200 --a------ C:\WINNT\mswsc20.dll
2008-06-29 22:28:13 22272 --a------ C:\WINNT\mswsc10.dll
2008-06-29 22:28:13 26368 --a------ C:\WINNT\msspi.dll
2008-06-29 22:28:12 20224 --a------ C:\WINNT\msconfd.dll
2008-06-29 22:28:12 9728 --a------ C:\WINNT\internet.exe
2008-06-29 22:28:12 28416 --a------ C:\WINNT\inetinf.exe
2008-06-29 22:28:11 9472 --a------ C:\WINNT\helpcvs.exe
2008-06-29 22:28:11 25856 --a------ C:\WINNT\gfmnaaa.dll
2008-06-29 22:28:11 10240 --a------ C:\WINNT\funny.exe
2008-06-29 22:28:11 8448 --a------ C:\WINNT\funniest.exe
2008-06-29 22:28:11 19456 --a------ C:\WINNT\explorer32.exe
2008-06-29 22:28:10 13824 --a------ C:\WINNT\explore.exe
2008-06-29 22:28:10 20992 --a------ C:\WINNT\editpad.exe
2008-06-29 22:28:10 29440 --a------ C:\WINNT\dnsrelay.dll
2008-06-29 22:28:10 32512 --a------ C:\WINNT\directx32.exe
2008-06-29 22:28:10 12544 --a------ C:\WINNT\ctrlpan.dll
2008-06-29 22:28:09 27648 --a------ C:\WINNT\ctfmon32.exe
2008-06-29 22:25:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-29 22:18:02 629324 --ahs---- C:\WINNT\system32\HgjPVvut.ini2
2008-06-29 22:13:39 849 --a------ C:\WINNT\system32\winpfz33.sys
2008-06-29 22:13:14 0 d--hs---- C:\WINNT\IA
2008-06-29 22:13:05 4 --a------ C:\WINNT\system32\hljwugsf.bin
2008-06-29 22:12:59 0 d-------- C:\WINNT\system32\xsir
2008-06-29 22:12:59 0 d-------- C:\WINNT\system32\vec3
2008-06-29 22:12:59 0 d-------- C:\WINNT\system32\f10
2008-06-29 22:12:59 0 d-------- C:\WINNT\system32\bam
2008-06-29 22:12:55 0 d-------- C:\WINNT\system32\modtrux05
2008-06-29 22:12:55 0 d-------- C:\Temp
2008-06-29 22:12:50 34304 --a------ C:\WINNT\system32\iifefCSL.dll
2008-06-25 19:19:49 0 d-------- C:\Program Files\Pet Vet 2
2008-06-08 14:23:12 0 d-------- C:\Documents and Settings\Guest\Application Data\Talkback
2008-06-08 14:22:49 0 d-------- C:\Documents and Settings\Guest\Application Data\Mozilla
2008-06-08 14:08:05 0 d-------- C:\Documents and Settings\Guest\Application Data\PGP
2008-06-08 14:00:25 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-08 14:00:25 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-08 14:00:25 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-06-08 14:00:25 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-08 14:00:25 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-08 14:00:25 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-06-08 14:00:25 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-08 14:00:25 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-06-08 14:00:25 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-08 14:00:25 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-06-08 14:00:25 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-08 14:00:25 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-06-08 14:00:25 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-08 14:00:25 0 d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2008-06-08 14:00:25 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-06-08 14:00:25 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-08 14:00:24 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-08 14:00:24 2359296 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-08 13:22:45 0 d-------- C:\Documents and Settings\Guest\Application Data\Real
2008-06-08 13:22:29 0 d-------- C:\Documents and Settings\Guest\Application Data\InterTrust
2008-06-08 13:22:29 0 d-------- C:\Documents and Settings\Guest\Application Data\Identities
2008-06-08 13:22:29 0 d-------- C:\Documents and Settings\Guest\Application Data\Adobe
2008-06-08 13:22:28 0 d--h----- C:\Documents and Settings\Guest\Templates
2008-06-08 13:22:28 0 dr------- C:\Documents and Settings\Guest\Start Menu
2008-06-08 13:22:28 0 dr-h----- C:\Documents and Settings\Guest\SendTo
2008-06-08 13:22:28 0 dr-h----- C:\Documents and Settings\Guest\Recent
2008-06-08 13:22:28 0 d--h----- C:\Documents and Settings\Guest\PrintHood
2008-06-08 13:22:28 2359296 --ah----- C:\Documents and Settings\Guest\NTUSER.DAT
2008-06-08 13:22:28 0 d--h----- C:\Documents and Settings\Guest\NetHood
2008-06-08 13:22:28 0 dr------- C:\Documents and Settings\Guest\My Documents
2008-06-08 13:22:28 0 d--h----- C:\Documents and Settings\Guest\Local Settings
2008-06-08 13:22:28 0 dr------- C:\Documents and Settings\Guest\Favorites
2008-06-08 13:22:28 0 d-------- C:\Documents and Settings\Guest\Desktop
2008-06-08 13:22:28 0 d--hs---- C:\Documents and Settings\Guest\Cookies
2008-06-08 13:22:28 0 dr-h----- C:\Documents and Settings\Guest\Application Data
2008-06-08 13:22:28 0 d-------- C:\Documents and Settings\Guest\Application Data\Symantec
2008-06-08 13:22:28 0 d---s---- C:\Documents and Settings\Guest\Application Data\Microsoft
-- Find3M Report ---------------------------------------------------------------
2008-07-02 21:11:18 288 --a------ C:\WINNT\system32\DVCStateBkp-{00000001-00000000-00000001-00001102-00000004-10061102}.dat
2008-07-02 21:11:18 288 --a------ C:\WINNT\system32\DVCState-{00000001-00000000-00000001-00001102-00000004-10061102}.dat
2008-07-02 20:59:07 0 d-------- C:\Program Files\Common Files\AOL
2008-06-29 16:54:32 10 --a------ C:\WINNT\popcinfo.dat
2008-06-28 17:39:58 0 d-------- C:\Program Files\LimeWire
2008-06-21 13:03:13 0 d-------- C:\Program Files\StepMania
2008-05-28 18:13:17 1160 --a------ C:\WINNT\mozver.dat
2008-05-28 18:03:51 0 d-------- C:\Documents and Settings\Owner\Application Data\Talkback
2008-05-28 18:03:26 0 d-------- C:\Documents and Settings\Owner\Application Data\Mozilla
2008-05-09 23:47:52 0 d-------- C:\Program Files\Yahoo!
2008-05-09 23:02:00 0 d-------- C:\Documents and Settings\Owner\Application Data\WinRAR
2008-05-09 19:44:12 0 d-------- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-05-07 20:30:20 0 d-------- C:\Program Files\Audacity
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{015A9E1E-35A5-4F37-8046-B00573263248}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{080CA2DA-49C5-49B4-9795-CE709DCC6F5E}]
C:\WINNT\system32\awtqrsTN.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68950839-2675-49E2-B6A5-442E0B0D1BA4}]
06/29/2008 10:12 PM 34304 --a------ C:\WINNT\system32\iifefCSL.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9506910A-0F94-4ea1-B567-7070428B8B2B}]
03/27/2008 11:35 AM 333824 --a------ C:\WINNT\system32\mysidesearch_sidebar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9B57E08D-2616-4163-A223-9349186C654D}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b4259a0e-b414-40a0-b4c4-e5fb71e97e22}]
07/02/2008 07:48 PM 104448 --a------ C:\WINNT\system32\slafmb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D06AF0D2-F274-4E4A-91CB-8E1C5B24CFB1}]
C:\WINNT\system32\tuvVPjgH.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [02/01/2008 12:13 AM]
"NvCplDaemon"="C:\WINNT\System32\NvCpl.dll" [04/02/2003 01:40 PM]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [07/16/2002 08:21 PM]
"Hot Key Kbd 9910 Daemon"="SK9910DM.EXE" [01/03/2001 02:50 PM C:\WINNT\system32\SK9910DM.EXE]
"Gateway Ink Monitor"="C:\Program Files\Gateway Utilities\GWInkMonitor.exe" [06/24/2003 09:33 PM]
"CTHelper"="CTHELPER.EXE" [01/21/2003 04:34 PM C:\WINNT\system32\cthelper.exe]
"AdaptecDirectCD"="c:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [03/26/2003 12:15 PM]
"DDCActiveMenu"="C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" [06/07/2002 06:20 PM]
"EPSON Stylus CX6600 Series"="C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.exe" [02/29/2004 06:00 AM]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [05/09/2005 04:32 PM]
"@"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [12/12/2006 07:21 PM]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [07/12/2005 07:05 PM]
"GWMDMMSG"="GWMDMMSG.exe" [08/06/2002 03:24 PM C:\WINNT\GWMDMMSG.exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/19/2008 01:10 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"ExploreUpdSched"="C:\WINNT\system32\tcntaxdm.exe" []
"a4c7cea3"="C:\WINNT\system32\oflfrlip.dll" []
"{7C-CE-E0-0C-DW}"="c:\winnt\system32\rwwnw64d.exe" []
"runner1"="C:\WINNT\mrofinu1188.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"ctfmon.exe"="C:\WINNT\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"McAfee.InstantUpdate.Monitor"="C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" [08/05/2002 01:46 PM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 06:43 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [02/01/2008 12:13 AM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]
"Aim6"="" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotDeletingC4570"=cmd /c del "C:\WINNT\system32\tuvVPjgH.dll_old"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SetDefaultMidi"=MIDIDEF.EXE
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AOL Fast Start"="C:\Program Files\America Online 9.0b\AOL.EXE" -b
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{20d8bda1-1958-11d6-b00f-00b0d0c6b6a5}"= C:\Program Files\McAfee\McAfee Parental Controls\GDSHEXT.DLL [10/17/2002 01:00 AM 69632]
"{68950839-2675-49E2-B6A5-442E0B0D1BA4}"= C:\WINNT\system32\iifefCSL.dll [06/29/2008 10:12 PM 34304]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINNT\system32\userinit.exe,C:\WINNT\system32\iftuyszv.exe,"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifefCSL]
iifefCSL.dll 06/29/2008 10:12 PM 34304 C:\WINNT\system32\iifefCSL.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\awtqrsTN
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^RollerCoaster Tycoon 3 Registration.lnk]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk
backup=C:\WINNT\pss\RollerCoaster Tycoon 3 Registration.lnkStartup
-- Hosts -----------------------------------------------------------------------
66.159.20.51 astalavista.box.sk
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
8773 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-07-02 22:52:28 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.60GHz
CPU 1: Intel® Pentium® 4 CPU 2.60GHz
Percentage of Memory in Use: 75%
Physical Memory (total/avail): 510.73 MiB / 127.64 MiB
Pagefile Memory (total/avail): 1248.54 MiB / 842.26 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.92 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 76.33 GiB total, 21.3 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - Maxtor 6Y080L0 - 76.33 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 76.33 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:America Online 9.0a"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:America Online 9.0a"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0b\\waol.exe"="C:\\Program Files\\America Online 9.0b\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1100806414\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1100806414\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\Infogrames Interactive\\Scrabble 2\\Scrabble v2.0.exe"="C:\\Program Files\\Infogrames Interactive\\Scrabble 2\\Scrabble v2.0.exe:*:Disabled:Scrabble v2"
"C:\\WINNT\\system32\\dplaysvr.exe"="C:\\WINNT\\system32\\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\\Program Files\\EA Games\\The Battle for Middle-earth ™\\game.dat"="C:\\Program Files\\EA Games\\The Battle for Middle-earth ™\\game.dat:*:Enabled:The Battle for Middle-earth ™"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\support.com\\bin\\tgcmd.exe"="C:\\Program Files\\support.com\\bin\\tgcmd.exe:*:Disabled:Support.com Scheduler and Command Dispatcher"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Disabled:AIM"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=S0031794877
ComSpec=C:\WINNT\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\S0031794877
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINNT\system32;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;C:\Program Files\PC-Doctor for Windows\services;c:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINNT
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=S0031794877
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINNT
-- User Profiles ---------------------------------------------------------------
Owner
(admin)cats ss
Dylan.S0031794877
homework
(admin)Administrator
(admin)Guest
(guest)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINNT\IsUninst.exe -fC:\WINNT\orun32.isu
--> C:\WINNT\uninst.exe -fC:\Maxis\SimEarth\DeIsL2.isu
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C1B8CBC-9118-11D7-86D3-00055DF3561E}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{510582B9-2633-11D4-99DC-0000F49094C7}\Setup.exe" UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83021AC3-086F-4B77-ACCD-1BD7C9AB211E}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINNT\INF\PCHealth.inf
3D Ultra Lionel® TrainTown --> C:\WINNT\IsUninst.exe -fC:\Sierra\TrainTown\Uninst.isu
ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINNT\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AIM Toolbar 5.0 --> "C:\Program Files\AOL\AIM Toolbar 5.0\uninstall.exe"
AnswerWorks 4.0 Runtime - English --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
AOL Coach Version 2.0(Build:20041026.5 en) --> C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP
AOL Deskbar --> "C:\Program Files\AOL Deskbar\UNWISE.EXE" /u "C:\Program Files\AOL Deskbar\INSTALL.LOG"
AOL Uninstaller --> C:\Program Files\Common Files\AOL\uninstaller.exe
AOL You've Got Pictures Screensaver --> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\Setup.exe" -l0x9 -uninst
ArcSoft Software Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66C8BE35-8BBB-472B-96C7-C7C9A499F988}\Setup.exe" -l0x9
ASIO4ALL --> C:\Program Files\ASIO4ALL v2\uninstall.exe
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Blackhawk Striker --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {C4AE01B9-84F3-489F-A990-68306BC5548C}
Blasterball 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {3DA2C525-0A4A-4634-8656-8F442FD2C44A}
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
C++ Multimedia Cyber Classroom 4th ed. --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9EA270B-F1E6-4C89-AF81-508BEBBF62C0}\setup.exe"
Collab --> C:\Program Files\Image-Line\Collab\uninstall.exe
Comcast High-Speed Internet Install Wizard --> C:\Program Files\support.com\uninstall\chsi_uninstaller.exe
Creative Driver --> C:\WINNT\System32\ctdrvins /s /u
Dark Orbit --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {19906F9F-2E4F-4389-BB6E-205FE12B4BAA}
Deckadance --> C:\Program Files\VstPlugins\Deckadance\uninstall.exe
Deewoo Network Manager removal --> C:\WINNT\system32\tcntaxdm.exe -UPop
DirectX Media Runtime 5.1 --> RunDll32 advpack.dll,LaunchINFSection C:\WINNT\INF\DXM51.INF,Uninstall.NT
Disney's Lilo and Stitch Pinball --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {33C279DD-AA04-406D-B122-CBE750316CEB}
Disney Trivia Challenge --> C:\WINNT\IsUninst.exe -fC:\PROGRA~1\DISNEY~2\DISNEY~1\DeIsL1.isu
Do More 7.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2B7C41F-C63D-4935-B323-B60673724D63}\SETUP.EXE" -l0x9
DVD --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
EA SPORTS online 2005 --> C:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
EA.com Matchup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F173C40-563E-11D4-89C5-0010ADDAAC33}\setup.exe" -l0x0 Uninstall
EA.com Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\setup.exe" -l0x0 Uninstall
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
Electronic Arts Game Updater --> C:\WINNT\IsUninst.exe -f"c:\Program Files\EACom\Update\Uninst.isu"
Enhancement Browser Tools Gooochi --> C:\WINNT\system32\{0f789322-3bb2-f364-9811-2ad89decd3ef}.dll-uninst.exe
EPSON CardMonitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\Setup.exe" -l0x9 uninst
EPSON Copy Utility 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\Setup.exe" -l0x9 -UnInstall
EPSON CX6600 Reference Guide --> C:\Program Files\epson\guide\cx6600_e\uninstall.exe
EPSON PhotoStarter3.2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AE704636-ECD0-426C-952E-05B8DABD1949}\Setup.exe" -l0x9 uninst
EPSON Printer Software --> C:\WINNT\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Smart Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\Setup.exe" -l0x9 Uninstall
Excavation --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {B1C7AAF5-2271-410E-90BF-8FDF8B7029A1}
FL Studio 8 --> C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
Frogger2 --> C:\WINNT\IsUninst.exe -f"C:\Program Files\Hasbro Interactive\Frogger2\Uninst.isu"
Gateway Ink Monitor --> MsiExec.exe /X{F10082FE-BACB-4E58-A423-DAD6BFC8B3A2}
Gateway Rhapsody --> "C:\Program Files\SIFXINST\SIFXINST.EXE" /UnapplyFile 20BBF229-A337-40AD-9FEB-2C98CDA53D1C /Pr