Thank you very much for the help. Here is the information you have requested.
Deckard's System Scanner v20070807.62
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.66GHz
Percentage of Memory in Use: 78%
Physical Memory (total/avail): 254 MiB / 53.88 MiB
Pagefile Memory (total/avail): 621.98 MiB / 309.8 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1979.65 MiB
C: is Fixed (NTFS) - 37.21 GiB total, 19.98 GiB free.
D: is CDROM (No Media)
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is disabled.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.
FW: CA Personal Firewall 9.1.0.33 v9.1.0.33 (CA)
AV: CA Anti-Virus v8.4.0.24 (CA, Inc.)
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"="C:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealOne Player"
"C:\\Program Files\\Freaky Freezeday\\Freezeday.exe"="C:\\Program Files\\Freaky Freezeday\\Freezeday.exe:*:Enabled:Macromedia Projector"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Disabled:AOL Instant Messenger"
"C:\\Program Files\\Kazaa\\kazaa.exe"="C:\\Program Files\\Kazaa\\kazaa.exe:*:Disabled:Kazaa"
"C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp"="C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp:*:Disabled:KazaaLite"
"C:\\academic\\iss2\\iss.exe"="C:\\academic\\iss2\\iss.exe:*:Disabled:Sybase Inc. Product File"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\roger logan\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=D3WGSN41
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\roger logan
LOGONSERVER=\\D3WGSN41
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Outlook Express;C:\academic\orawin95\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Academic\orawin95\Bin;
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ROGERL~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ROGERL~1\LOCALS~1\Temp
USERDOMAIN=D3WGSN41
USERNAME=roger logan
USERPROFILE=C:\Documents and Settings\roger logan
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
kourtney harris
(admin)
roger logan
(admin)
Administrator
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Download Manager 1.2 (Remove Only) --> "C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
CA Internet Security Suite --> "C:\Program Files\CA\CA Internet Security Suite\caunst.exe" /u
Comcast High-Speed Internet Install Wizard --> C:\Program Files\support.com\uninstall\chsi_uninstaller.exe
Comcast PhotoShow Deluxe --> "C:\Program Files\Comcast\Comcast PhotoShow\data\Xtras\Uninstall.exe"
Creative MediaSource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x9 /remove/remove/remove
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Media Experience --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Dell Solution Center --> MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
Dell Support --> MsiExec.exe /X{43FCA273-9534-40DB-B7C5-D7758875616A}
FinePixViewer Ver.4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Golden Tee Golf Course Addon #1 --> C:\Games\GOLDEN~1\UNWISE.EXE C:\Games\GOLDEN~1\INSTALL.LOG
HP Extended Capabilities 5.3 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone Express --> MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart 330,380,420,470,7800,8000,8200 Series --> C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ImageMixer VCD for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3AA158A-9421-4883-8767-E771B0964A1D}\setup.exe"
Intel® 537EP V9x DF PCI Modem --> rundll32 IntelCci.dll,iSMUninstallation "Intel® 537EP V9x DF PCI Modem"
Intel® Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
iTunes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{54C0D94A-F467-4ABC-9D02-6E58748668D4} /l1033
Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Kazaa Lite K++ v2.4.3 --> "C:\Program Files\Kazaa Lite K++\unins000.exe"
Lexmark 1200 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXCZUN5C.EXE -dLexmark 1200 Series
Macromedia Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Encarta Encyclopedia Standard 2004 --> MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
Microsoft Money 2004 --> MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft Money 2004 System Pack --> MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
MicroStaff WINASPI NT --> C:\MWASPINT\uninst.exe
Modem Event Monitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}\setup.exe" -l0x9
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Modem On Hold --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033
RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9
RealOne Player --> C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
RoadRunner --> MsiExec.exe /I{A73EFA95-4872-4AE3-8EE9-10D2E2D713CF}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SST Programming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03ADCA1C-BCF0-4B12-AFCF-8EBF2CB3AB07}\setup.exe" AddRem
TurboTax Basic 2003 --> C:\Program Files\TurboTax\Basic 2003\TaxUnst.EXE "C:\Program Files\TurboTax\Basic 2003\Uninstall.log" -NoGui
Uniblue RegistryBooster 2 --> "C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
Uniblue SpeedUpMyPC 3 --> "C:\Program Files\Uniblue\SpeedUpMyPC 3\unins000.exe"
USB MassStorage CardReader --> C:\Program Files\Kodak40a_5005\Remove.exe
WexTech AnswerWorks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\setup.exe" -l0x9 -eliminate
WordPerfect Office 11 --> MsiExec.exe /I{54F90B55-BEB3-4F0D-8802-228822FA5921}
-- Application Event Log -------------------------------------------------------
Event ID #23916: Error
Event Submitted/Written: 08/08/2007 00:01:54 AM
Event Source: crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....uthrootseq.txt> with error: This network connection does not exist.
Event ID #23915: Error
Event Submitted/Written: 08/08/2007 00:01:53 AM
Event Source: crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....uthrootseq.txt> with error: This network connection does not exist.
Event ID #23914: Error
Event Submitted/Written: 08/08/2007 00:01:44 AM
Event Source: crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....uthrootseq.txt> with error: The specified server cannot perform the requested operation.
Event ID #23913: Error
Event Submitted/Written: 08/08/2007 00:01:43 AM
Event Source: crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....uthrootseq.txt> with error: The specified server cannot perform the requested operation.
Event ID #23912: Error
Event Submitted/Written: 08/08/2007 00:01:43 AM
Event Source: crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....uthrootseq.txt> with error: The specified server cannot perform the requested operation.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event ID #10961: Error
Event Submitted/Written: 08/08/2007 00:00:35 AM
Event Source: Schedule
Event Description:
The At1.job command failed to start due to the following error:
%%2147942405
Event ID #10933: Error
Event Submitted/Written: 08/07/2007 11:00:00 PM
Event Source: Schedule
Event Description:
The At24.job command failed to start due to the following error:
%%2147942405
Event ID #10932: Error
Event Submitted/Written: 08/07/2007 10:00:00 PM
Event Source: Schedule
Event Description:
The At23.job command failed to start due to the following error:
%%2147942405
Event ID #10931: Error
Event Submitted/Written: 08/07/2007 09:00:00 PM
Event Source: Schedule
Event Description:
The At22.job command failed to start due to the following error:
%%2147942405
Event ID #10930: Error
Event Submitted/Written: 08/07/2007 08:00:00 PM
Event Source: Schedule
Event Description:
The At21.job command failed to start due to the following error:
%%2147942405
-- End of Deckard's System Scanner: finished at 2007-08-08 at 00:04:18 ---------
Deckard's System Scanner v20070807.62
Run by roger logan on 2007-08-07 at 23:59:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
69: 2007-08-08 04:59:46 UTC - RP1220 - Deckard's System Scanner Restore Point
68: 2007-08-08 04:32:05 UTC - RP1219 - Removed Java 2 Runtime Environment, SE v1.4.2
67: 2007-08-08 04:30:31 UTC - RP1218 - Removed Java SE Runtime Environment 6 Update 1
66: 2007-08-07 20:53:49 UTC - RP1217 - System Checkpoint
65: 2007-08-06 20:34:52 UTC - RP1216 - Installed Ad-Aware 2007
-- First Restore Point --
1: 2007-06-16 04:34:38 UTC - RP1152 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Percentage of Memory in Use: 76% (more than 75%).
Total Physical Memory: 254 MiB (512 MiB recommended).
-- HijackThis (run as roger logan.exe) -----------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 12:01:08 AM, on 8/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.17.0\QOELoader.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\roger logan\My Documents\dss.exe
C:\PROGRA~1\HIJACK~1\roger logan.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed Online
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.17.0\QOELoader.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} -
http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} -
http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} -
http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------
backup-20070715-234616-124 O15 - Trusted Zone: *.errorsafe.com (HKLM)
backup-20070715-234616-252 O15 - Trusted Zone: *.systemdoctor.com (HKLM)
backup-20070715-234616-259 O15 - Trusted Zone: *.snipernet.biz (HKLM)
backup-20070715-234616-301 O15 - Trusted Zone: *.elitemediagroup.net (HKLM)
backup-20070715-234616-374 O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
backup-20070715-234616-391 O15 - Trusted Zone: *.imagesrvr.com (HKLM)
backup-20070715-234616-487 O15 - Trusted Zone: *.dollarrevenue.com (HKLM)
backup-20070715-234616-590 O15 - Trusted Zone: *.matcash.com (HKLM)
backup-20070715-234616-623 O15 - Trusted Zone: *.adgate.info (HKLM)
backup-20070715-234616-736 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
backup-20070715-234616-743 O15 - Trusted Zone: *.winfixer.com (HKLM)
backup-20070715-234616-798 O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
backup-20070715-234616-818 O20 - Winlogon Notify: PFW - C:\WINDOWS\SYSTEM32\UmxWnp.Dll
backup-20070715-234617-443 O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
backup-20070715-235135-160 O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} (Chess Object) -
http://zone.msn.com/...rp.cab51831.cab
backup-20070715-235135-328 R3 - Default URLSearchHook is missing
backup-20070715-235135-396 O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} -
http://zone.msn.com/...pandaonline.cab
backup-20070715-235135-962 O8 - Extra context menu item: &Search -
http://edits.mywebse...?p=ZCxdm565YYUS
backup-20070715-235135-971 O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\gwuljatw.dll
backup-20070715-235136-277 O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/...at.cab53083.cab
backup-20070715-235136-550 O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) -
http://zone.msn.com/...h2.1.0.0.55.cab
backup-20070715-235136-911 O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) -
http://zone.msn.com/...pandaonline.cab
backup-20070715-235136-996 O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) -
http://zone.msn.com/...vl.cab50560.cab
backup-20070717-225324-759 O3 - Toolbar: (no name) - {1028F737-81E7-452B-A860-E50CAD90A08C} - (no file)
backup-20070717-225324-801 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20070717-231040-894 O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} -
http://cdn.downloadc...easeInstall.cab
backup-20070729-112603-825 O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://zone.msn.com/...mjolauncher.cab
backup-20070729-112826-460 O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} (SCEWebLauncherCtl Object) -
http://zone.msn.com/...WebLauncher.cab
backup-20070729-112829-714 O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) -
http://zone.msn.com/...sh.1.0.0.89.cab
backup-20070729-112830-370 O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://zone.msn.com/...ploader_v10.cab
backup-20070729-112831-511 O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
http://fdl.msn.com/z...s/heartbeat.cab
backup-20070729-112832-469 O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) -
http://zone.msn.com/...PA.cab40641.cab
backup-20070807-233852-118 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
backup-20070807-233853-105 O2 - BHO: (no name) - {5D401015-0ABA-4901-983F-BA3CA8DFC206} - C:\Program Files\MSN\hokeqo83122.dll (file missing)
backup-20070807-233853-163 O15 - Trusted Zone: *.adgate.info
backup-20070807-233853-203 O2 - BHO: 0 - {D8698198-7352-4715-F598-8F987770805C} - C:\Program Files\Uninstall Information\lavukasy.dll (file missing)
backup-20070807-233853-210 O2 - BHO: (no name) - {9d1580f3-c186-4bb9-8664-bf67e5ec9b0b} - (no file)
backup-20070807-233853-282 O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
backup-20070807-233853-372 O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
backup-20070807-233853-426 O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
backup-20070807-233853-570 O2 - BHO: WebAssist - {85589B5D-D53D-4237-A677-46B82EA275F3} - C:\WINDOWS\WebAssist.dll
backup-20070807-233853-604 O2 - BHO: (no name) - {126568FF-8567-F9EA-4F14-FB8DCE2180CE} - (no file)
backup-20070807-233853-824 F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
backup-20070807-233853-999 O2 - BHO: (no name) - {48dc54ed-76b0-442e-b9c0-cc408f261154} - (no file)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys <Not Verified; Andrea Electronics Corporation; Andrea Audio Driver>
R3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT®>
R3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mohfilt - c:\windows\system32\drivers\mohfilt.sys <Not Verified; Intel Corporation; Intel® 537EP V9x DFV PCI Modem>
R3 SaiMini - c:\windows\system32\drivers\saimini.sys <Not Verified; Saitek; Configuration Software>
R3 SaiNtBus - c:\windows\system32\drivers\saintbus.sys <Not Verified; Saitek; Configuration Software>
R3 smwdm - c:\windows\system32\drivers\smwdm.sys <Not Verified; Analog Devices, Inc.; SoundMAX Digital Audio Driver>
S3 EL90XBC (3Com EtherLink XL 90XB/C Adapter Driver) - c:\windows\system32\drivers\el90xbc5.sys <Not Verified; 3Com Corporation; 3Com EtherLink PCI>
S3 i81x - c:\windows\system32\drivers\i81xnt5.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP0 - c:\windows\system32\drivers\wadv01nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP1 - c:\windows\system32\drivers\wadv02nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP2 - c:\windows\system32\drivers\wadv05nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP3 - c:\windows\system32\drivers\wsiintxx.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP4 - c:\windows\system32\drivers\wvchntxx.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV0 - c:\windows\system32\drivers\watv01nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV1 - c:\windows\system32\drivers\watv02nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV3 - c:\windows\system32\drivers\watv04nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV4 - c:\windows\system32\drivers\wch7xxnt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 SaiH0109 - c:\windows\system32\drivers\saih0109.sys <Not Verified; Saitek; Configuration Software>
S3 SaiU0109 - c:\windows\system32\drivers\saiu0109.sys <Not Verified; Saitek; Configuration Software>
S4 cbidf - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dac2w2k - c:\windows\system32\drivers\dac2w2k.sys <Not Verified; Mylex Corporation; Mylex Disk Array Controller Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft AB; Ad-Aware 2007 Service>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-08-08 00:00:35 350 --a------ C:\WINDOWS\Tasks\At1.job
2007-08-07 23:00:00 350 --a------ C:\WINDOWS\Tasks\At24.job
2007-08-07 22:00:00 350 --a------ C:\WINDOWS\Tasks\At23.job
2007-08-07 21:00:00 350 --a------ C:\WINDOWS\Tasks\At22.job
2007-08-07 20:00:00 350 --a------ C:\WINDOWS\Tasks\At21.job
2007-08-07 19:00:00 350 --a------ C:\WINDOWS\Tasks\At20.job
2007-08-07 18:00:00 350 --a------ C:\WINDOWS\Tasks\At19.job
2007-08-07 17:00:00 350 --a------ C:\WINDOWS\Tasks\At18.job
2007-08-07 16:00:00 350 --a------ C:\WINDOWS\Tasks\At17.job
2007-08-07 15:44:00 282 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2007-08-07 15:00:00 350 --a------ C:\WINDOWS\Tasks\At16.job
2007-08-07 14:00:00 350 --a------ C:\WINDOWS\Tasks\At15.job
2007-08-07 12:00:00 350 --a------ C:\WINDOWS\Tasks\At13.job
2007-08-07 11:00:00 350 --a------ C:\WINDOWS\Tasks\At12.job
2007-08-07 10:00:00 350 --a------ C:\WINDOWS\Tasks\At11.job
2007-08-07 09:00:00 350 --a------ C:\WINDOWS\Tasks\At10.job
2007-08-07 08:00:00 350 --a------ C:\WINDOWS\Tasks\At9.job
2007-08-07 07:00:00 350 --a------ C:\WINDOWS\Tasks\At8.job
2007-08-07 06:00:00 350 --a------ C:\WINDOWS\Tasks\At7.job
2007-08-07 05:00:00 350 --a------ C:\WINDOWS\Tasks\At6.job
2007-08-07 04:00:00 350 --a------ C:\WINDOWS\Tasks\At5.job
2007-08-07 03:00:00 350 --a------ C:\WINDOWS\Tasks\At4.job
2007-08-07 02:00:00 350 --a------ C:\WINDOWS\Tasks\At3.job
2007-08-07 01:00:00 350 --a------ C:\WINDOWS\Tasks\At2.job
2007-08-06 13:00:00 350 --a------ C:\WINDOWS\Tasks\At14.job
2007-07-22 11:25:00 276 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
2007-07-15 23:02:57 526 --a------ C:\WINDOWS\Tasks\CAAntiSpywareScan_Daily as roger logan at 9 02 PM.job
2007-07-14 14:42:55 350 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job
2007-07-09 19:25:54 404 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
2004-04-08 13:40:06 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 1.job
-- Files created between 2007-07-08 and 2007-08-08 -----------------------------
2007-08-07 11:47:35 0 dr-h----- C:\Documents and Settings\roger logan\Recent
2007-08-06 15:35:42 0 d-------- C:\Program Files\Lavasoft
2007-08-06 15:35:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-08-01 23:33:51 0 d-------- C:\Documents and Settings\kourtney harris\Application Data\Grisoft
2007-07-30 14:11:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2007-07-30 14:00:36 0 d-------- C:\Documents and Settings\roger logan\Application Data\Grisoft
2007-07-30 13:59:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-07-30 13:36:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-29 16:29:23 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-07-28 15:09:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Uniblue
2007-07-16 00:36:25 218112 --a------ C:\Program Files\HijackThis.exe <Not Verified; Soeperman Enterprises Ltd.; HijackThis>
2007-07-15 22:02:25 0 d-------- C:\Program Files\Common Files\Scanner
2007-07-15 18:00:03 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-07-15 18:00:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2007-07-15 18:00:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2007-07-15 18:00:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2007-07-15 18:00:03 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-07-15 18:00:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2007-07-15 18:00:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-07-15 18:00:02 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-07-15 18:00:02 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-07-15 18:00:02 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-07-15 18:00:02 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-07-15 18:00:02 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-07-15 18:00:02 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-07-15 18:00:02 0 dr------- C:\Documents and Settings\Administrator\My Documents
2007-07-15 18:00:02 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-07-15 18:00:02 0 dr------- C:\Documents and Settings\Administrator\Favorites
2007-07-15 18:00:02 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-07-15 18:00:02 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-07-15 18:00:01 2097152 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-07-15 17:47:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-07-15 17:44:42 0 d-------- C:\WINDOWS\system32\?icrosoft.NET
2007-07-15 17:34:01 0 d-------- C:\WINDOWS\SxsCaPendDel
2007-07-14 14:19:02 0 d-------- C:\Documents and Settings\kourtney harris\Application Data\Uniblue
2007-07-14 13:49:17 0 d--hs---- C:\WINDOWS\a291cnRuZXkgaGFycmlz
2007-07-14 13:46:25 0 d-------- C:\Documents and Settings\roger logan\Application Data\?ecurity
2007-07-14 13:45:48 0 d-------- C:\Program Files\ISM
2007-07-10 15:22:56 0 d-------- C:\Documents and Settings\roger logan\Application Data\Smart PC Solutions
2007-07-09 19:45:55 0 d-------- C:\Documents and Settings\roger logan\Application Data\System Tweaker
2007-07-09 19:26:04 0 d-------- C:\Documents and Settings\roger logan\Application Data\Uniblue
2007-07-09 19:25:42 0 d-------- C:\Program Files\Uniblue
-- Find3M Report ---------------------------------------------------------------
2007-08-07 23:32:21 0 d-------- C:\Program Files\Common Files
2007-08-07 23:31:34 0 d-------- C:\Program Files\Java
2007-08-07 11:32:44 0 d-------- C:\Program Files\BFG
2007-07-22 09:41:13 0 d-------- C:\Documents and Settings\roger logan\Application Data\AdobeUM
2007-07-16 00:39:48 0 d-------- C:\Program Files\_ArcadeDownloadFolder
2007-07-16 00:38:53 212849 --a------ C:\Program Files\hijackthis.zip
2007-07-15 22:02:25 0 d-------- C:\Program Files\CA
2007-07-15 18:35:17 0 d-------- C:\Program Files\Common Files\?ystem
2007-07-15 17:44:42 0 d-------- C:\Documents and Settings\roger logan\Application Data\?ecurity
2007-07-11 13:38:12 0 d-------- C:\Program Files\Real
2007-07-10 15:19:59 0 d-------- C:\Program Files\RegistryFix
2007-07-06 15:51:52 0 d-------- C:\Program Files\LimeWire
2007-07-04 16:41:47 126976 --a------ C:\WINDOWS\xhelper.dll
2007-07-01 23:18:03 1856188 ---hs---- C:\WINDOWS\system32\sttss.ini2
2007-07-01 18:12:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-01 16:27:26 0 d-------- C:\Program Files\Kazaa Lite K++
2007-07-01 13:46:17 1837973 ---hs---- C:\WINDOWS\system32\sttss.bak2
2007-06-29 18:59:42 1843914 ---hs---- C:\WINDOWS\system32\sttss.bak1
2007-06-29 18:44:38 62516 --a------ C:\WINDOWS\system32\gwuljatw.dll
2007-06-26 04:14:09 0 d-------- C:\Program Files\MSXML 4.0
2007-05-16 10:12:02 683520 --a------ C:\WINDOWS\system32\inetcomm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [06/12/2007 01:18 PM]
"cafwc"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [06/01/2007 03:14 PM]
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [06/01/2007 03:14 PM]
"@"="" []
"capfupgrade"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe" [06/01/2007 03:07 PM]
"CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [05/09/2007 08:17 AM]
"QOELOADER"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.17.0\QOELoader.exe" [07/18/2007 12:56 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/22/2006 09:10 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue SpeedUpMyPC"="C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe" [07/05/2007 01:31 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Spyware Doctor"=
C:\Documents and Settings\roger logan\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 9:00:00 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 9:00:00 AM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"{AC8AA27C-0A62-1033-1202-030512200001}"="C:\Program Files\Common Files\{AC8AA27C-0A62-1033-1202-030512200001}\Update.exe" mc-110-12-0000103
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- End of Deckard's System Scanner: finished at 2007-08-08 at 00:04:18 ---------