Ok, deleted the text file. Here is the main.txt file and extra.txt file
Deckard's System Scanner v20071014.68
Run by Justin on 2008-05-23 06:08:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
34: 2008-05-23 13:08:12 UTC - RP430 - Deckard's System Scanner Restore Point
33: 2008-05-23 03:49:23 UTC - RP429 - System Checkpoint
32: 2008-05-22 03:45:53 UTC - RP428 - ComboFix created restore point
31: 2008-05-21 15:21:21 UTC - RP427 - ComboFix created restore point
30: 2008-05-21 04:07:54 UTC - RP426 - Last known good configuration
-- First Restore Point --
1: 2008-05-21 04:07:44 UTC - RP397 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-23 06:09:31
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Free\avgamsvr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Grisoft\AVG Free\avgupsvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\HotFixQ0306270.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
C:\WINDOWS\system32\wltrysvc.exe
C:\WINDOWS\system32\bcmwltry.exe
C:\WINDOWS\system32\wscntfy.exe
C:\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
https://turbotax.com (HKCU)
O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) -
http://fishingchamp....GamesCampus.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macr...director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () -
http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} () -
http://download.micr...D0C/wmv9dmo.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} () -
http://www.fileplane...C_2.3.6.108.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1170861176296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1170861150437
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) -
http://secure2.comne...login-devel.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.5.0_04) -
http://java.sun.com/...indows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.ma...ent/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.h.../qdiagh.cab?326
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/...s/msnchat45.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{31A26BB4-45F3-4C91-969B-AE59E64BED47}: NameServer = 68.87.69.146,68.87.85.98
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - (no file)
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\AATP.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG Free\avgupsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\system32\wltrysvc.exe
--
End of file - 8304 bytes
-- HijackThis Fixed Entries (C:\\backups\) -------------------------------------
backup-20080521-204350-253 O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} -
http://software-dl.r...ip/RdxIE601.cab
backup-20080521-204350-284 O2 - BHO: (no name) - {1DD2B793-883A-4637-9EAD-C4B049CF07AF} - C:\WINDOWS\system32\wvUkHAtu.dll (file missing)
backup-20080521-204350-439 O4 - HKLM\..\Run: [BMcbba19da] Rundll32.exe "C:\WINDOWS\system32\weunrlab.dll",s
backup-20080521-204350-732 O2 - BHO: (no name) - {3AC3DFDD-2CBD-47DC-8F1F-A8C89BA601B3} - C:\WINDOWS\system32\opnomllJ.dll (file missing)
backup-20080521-204351-336 O20 - Winlogon Notify: byXQHbAQ - byXQHbAQ.dll (file missing)
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.0.0) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 PLFF (USB Flash Disk Driver) - c:\windows\system32\drivers\plff.sys <Not Verified; Prolific Technology Inc.; Prolific Flash Disk>
R3 vsbus (Virtual Serial Bus Enumerator) - c:\windows\system32\drivers\vsb.sys <Not Verified; ELTIMA Software; ELTIMA Virtual Serial Bus>
R3 WinDriver6 - c:\windows\system32\drivers\windrvr6.sys <Not Verified; Jungo; WinDriver Device Driver>
S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S3 grmnusb - c:\windows\system32\drivers\grmnusb.sys <Not Verified; GARMIN Corp.; Garmin USB GPS>
S3 PacketNTx (Packet helper driver) - c:\windows\system32\drivers\packetntx.sys <Not Verified; Sumix Co.; Sumix Packet Helper Driver>
S3 vserial (ELTIMA Virtual Serial Ports Driver) - c:\windows\system32\drivers\vserial.sys <Not Verified; ELTIMA Software; ELTIMA Virtual Serial Ports>
S3 Wdm1 (PL-2303X OnlyUSB Driver) - c:\windows\system32\drivers\usbservh.sys <Not Verified; SEIKO EPSON; PL-2303X OnlyUSB Driver>
S3 yukonwxp (NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter) - c:\windows\system32\drivers\yukonwxp.sys <Not Verified; Marvell Semiconductor Inc.; Marvell Yukon Gigabit Ethernet Adapter>
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NETGEAR FA311 Fast Ethernet Adapter
Device ID: PCI\VEN_100B&DEV_0020&SUBSYS_F3111385&REV_00\4&3191A3E6&0&4870
Manufacturer: Netgear
Name: NETGEAR FA311 Fast Ethernet Adapter
PNP Device ID: PCI\VEN_100B&DEV_0020&SUBSYS_F3111385&REV_00\4&3191A3E6&0&4870
Service: FA312
-- Files created between 2008-04-23 and 2008-05-23 -----------------------------
2008-05-23 06:06:51 686630 --a------ C:\dss.exe
2008-05-21 20:53:56 0 d-------- C:\Documents and Settings\Justin\Application Data\Malwarebytes
2008-05-21 20:53:50 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-21 20:53:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-21 20:43:50 0 d-------- C:\backups
2008-05-20 21:01:09 0 d-------- C:\cmdcons
2008-05-20 20:58:40 68096 --a------ C:\WINDOWS\zip.exe
2008-05-20 20:58:40 49152 --a------ C:\WINDOWS\VFind.exe
2008-05-20 20:58:40 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-05-20 20:58:40 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-05-20 20:58:40 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-05-20 20:58:40 98816 --a------ C:\WINDOWS\sed.exe
2008-05-20 20:58:40 80412 --a------ C:\WINDOWS\grep.exe
2008-05-20 20:58:40 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-05-20 15:12:01 1819563 --a------ C:\ComboFix.exe
2008-05-20 15:03:29 50688 --a------ C:\ATF-Cleaner.exe <ATF-CL~1.EXE> <Not Verified; Atribune.org; ATF Cleaner>
2008-05-11 13:27:00 0 d-------- C:\Documents and Settings\Administrator\Application Data\AVG7
2008-05-11 13:26:30 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-05-11 13:26:30 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-05-11 13:26:30 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-05-11 13:26:30 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-05-11 13:26:30 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-05-11 13:26:30 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-05-11 13:26:30 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-05-11 13:26:30 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-05-11 13:26:30 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-05-11 13:26:30 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-05-11 13:26:30 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-05-11 13:26:30 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-05-11 13:26:30 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-05-11 13:26:30 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-05-11 13:22:42 0 dr-h----- C:\Documents and Settings\Justin\Recent
2008-05-10 15:28:40 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-10 15:28:31 0 d-------- C:\Documents and Settings\Justin\Application Data\Mozilla
2008-05-10 11:43:47 691545 --a------ C:\WINDOWS\unins000.exe
2008-05-10 11:43:47 2542 --a------ C:\WINDOWS\unins000.dat
2008-05-10 11:39:22 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-05-09 21:00:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-08 19:22:15 0 d-------- C:\Program Files\Western Digital Technologies
-- Find3M Report ---------------------------------------------------------------
2008-05-11 13:22:33 0 d-------- C:\Program Files\Common Files
2008-05-11 13:22:25 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-09 21:00:52 0 d-------- C:\Program Files\Lavasoft
2008-05-09 21:00:51 0 d-------- C:\Documents and Settings\Justin\Application Data\Lavasoft
2008-05-09 20:51:35 0 d-------- C:\Documents and Settings\Justin\Application Data\AVG7
2008-05-02 17:27:20 0 d-------- C:\Documents and Settings\Justin\Application Data\uTorrent
2008-03-10 22:51:44 0 --a------ C:\WINDOWS\PowerReg.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [09/21/2007 04:10 AM C:\WINDOWS\KHALMNPR.Exe]
"PLFFAP"="C:\WINDOWS\system32\HotfixQ0306270.exe" [08/05/2003 10:43 AM]
"Bluetooth Connection Assistant"="LBTWIZ.exe" []
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/01/2006 05:22 PM]
C:\Documents and Settings\Justin\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [3/11/2008 12:00:26 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [4/23/2008 8:26:56 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll 11/15/2007 10:10 AM 72208 c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
-- End of Deckard's System Scanner: finished at 2008-05-23 06:10:39 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon™ 64 Processor 3000+
Percentage of Memory in Use: 20%
Physical Memory (total/avail): 2047.48 MiB / 1617.55 MiB
Pagefile Memory (total/avail): 3940.57 MiB / 3663.07 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1942.65 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 68.95 GiB total, 38.34 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Fixed (NTFS) - 3.81 GiB total, 3.29 GiB free.
Q: is Fixed (NTFS) - 149.05 GiB total, 69.14 GiB free.
\\.\PHYSICALDRIVE0 - WDC WD1600JB-22REA0 - 149.05 GiB - 1 partition
\PARTITION0 - Installable File System - 149.05 GiB - Q:
\\.\PHYSICALDRIVE1 - NVIDIA STRIPE 68.95G - 68.95 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 68.95 GiB - C:
\\.\PHYSICALDRIVE2 - - 3.81 GiB - 1 partition
\PARTITION0 - Installable File System - 3.81 GiB - F:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is disabled.
FW: ZoneAlarm Firewall v7.0.462.000 (Check Point, LTD.)
AV: AVG 7.5.524 v7.5.524 (Grisoft)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Justin\Application Data
CLASSPATH=C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
COLLECTIONID=COL7299
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MUERTE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Justin
ITEMID=oj-21918-1
LANG=1033
LOGONSERVER=\\MUERTE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONID=1148492619029htx60603778cf:10b8b0a487a:-4250
SESSIONNAME=Console
SWUTVER=1.0.18.30716
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Justin\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\Justin\LOCALS~1\Temp
TOOLPATH=/C:\Program%20Files\Hewlett-Packard\HP%20Software%20Update\install.htm
tvdumpflags=8
UPDATEDIR=C:\DOCUME~1\Justin\LOCALS~1\Temp\radF1BAC.tmp
USERDOMAIN=MUERTE
USERNAME=Justin
USERPROFILE=C:\Documents and Settings\Justin
VERSION=2.1.5
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Justin
(admin)
Administrator
(new local, admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
AVI Codec Pack --> C:\Program Files\AVI Codec Pack\uninstall.exe
Belkin Wireless Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45401A03-BDF0-448F-9B0F-3882B96F6692}\setup.exe" -l0x9
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer --> MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
Dive Rite NiTek Logic --> C:\PROGRA~1\DiveRite\UNWISE.EXE C:\PROGRA~1\DiveRite\INSTALL.LOG
DVDFab Platinum 4.0.6.2 --> "C:\Program Files\DVDFab Platinum 4\unins000.exe"
Enable S3 for USB Device --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Enable S3 for USB Device\Uninst.isu"
EverQuest II: Play the Fae --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31EF8B2A-1332-4A0E-8B35-2E3491727922}\setup.exe" -l0x9 -removeonly
FTDI USB Serial Converter Drivers --> C:\WINDOWS\system32\ftdiunin.exe C:\WINDOWS\system32\ftdiun2k.ini
Garmin Trip and Waypoint Manager v4 --> MsiExec.exe /X{67B9AF41-C0B9-4960-84D9-A61D23DE85D8}
Garmin WebUpdater --> MsiExec.exe /X{996EC44B-38E1-4898-8E47-3EE3D15F2712}
HijackThis 2.0.2 --> "C:\HijackThis.exe" /uninstall
HotFix Q0306270 -->
hp deskjet 5600 --> msiexec /x{DB5518BE-F40F-407A-B451-012625D4497B}
Hunt'n'Map --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hunt'n'Map\HuntNMapUninst.isu"
J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
KhalInstallWrapper --> MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
LimeWire PRO 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
Logger Pro 3.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEF1E430-28D2-4123-B03C-EC45E41FE362}\Setup.exe" -l0x9
Logitech SetPoint --> C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0009 -removeonly
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MapSource - US Topo v3.02 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD4203ED-7683-435E-B436-C299773A9936}\Setup.exe" -l0x9 AddRemove
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft ActiveSync 3.7 --> "C:\WINDOWS\ISUNINST.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Outlook 2002 --> MsiExec.exe /I{911A0409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MUSICMATCH Jukebox --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll
Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Nero 7 Demo --> MsiExec.exe /I{84B2CF01-194D-2284-B313-F2E0D78D1033}
NVIDIA Drivers --> C:\WINDOWS\System32\nvudisp.exe UninstallGUI
overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Pro Bass Fishing 2003 --> C:\Program Files\Infogrames\Pro Bass Fishing 2003\Setup.exe /Uninstall
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} /l1033
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
The Rosetta Stone --> C:\WINDOWS\unvise32.exe C:\Program Files\The Rosetta Stone\TRS Support\uninstal.log
TOPO! 4 --> MsiExec.exe /I{5B3FB6D4-1B88-413D-8DE7-A7E2D58DE5B2}
TurboTax Deluxe 2007 --> C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
USB Flash Disk Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F67AC89-5FA6-4F3F-95DB-92F322C8C2EB}\Setup.exe" -l0x9
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WIDCOMM Bluetooth Software --> MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type3153 / Error
Event Submitted/Written: 05/10/2008 03:14:54 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x015e1569.
Processing media-specific event for [iexplore.exe!ws!]
Event Record #/Type3152 / Error
Event Submitted/Written: 05/10/2008 02:34:26 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application teatimer.exe, version 1.5.2.16, faulting module teatimer.exe, version 1.5.2.16, fault address 0x000042b2.
Processing media-specific event for [teatimer.exe!ws!]
Event Record #/Type3139 / Error
Event Submitted/Written: 05/10/2008 11:16:42 AM
Event ID/Source: 2 / WLTRYSVC
Event Description:
SetServiceStatus() failed
Event Record #/Type3130 / Error
Event Submitted/Written: 05/09/2008 06:20:56 AM
Event ID/Source: 2 / WLTRYSVC
Event Description:
SetServiceStatus() failed
Event Record #/Type3126 / Error
Event Submitted/Written: 05/08/2008 03:50:55 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-05-08 22:50:55,015 MUERTE [001616:001636] ERROR 000 AVG7.WTS.CAvgAmWts ProcessIdToSessionId(3004) call failed with WIN32 error 87, returning session id is 0
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type27123 / Error
Event Submitted/Written: 05/23/2008 06:01:59 AM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
Event Record #/Type27105 / Warning
Event Submitted/Written: 05/22/2008 06:50:14 PM
Event ID/Source: 57 / Ftdisk
Event Description:
The system failed to flush data to the transaction log. Corruption may occur.
Event Record #/Type27081 / Warning
Event Submitted/Written: 05/21/2008 09:14:22 PM
Event ID/Source: 57 / Ftdisk
Event Description:
The system failed to flush data to the transaction log. Corruption may occur.
Event Record #/Type27080 / Warning
Event Submitted/Written: 05/21/2008 09:14:22 PM
Event ID/Source: 57 / Ftdisk
Event Description:
The system failed to flush data to the transaction log. Corruption may occur.
Event Record #/Type27079 / Warning
Event Submitted/Written: 05/21/2008 09:14:22 PM
Event ID/Source: 57 / Ftdisk
Event Description:
The system failed to flush data to the transaction log. Corruption may occur.
-- End of Deckard's System Scanner: finished at 2008-05-23 06:10:39 ------------
Thanks
Justin
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
