OK, scanning complete, symptons persist, here are the results.
NoLop! Log by Skate_Punk_21
Fix running from: C:\Documents and Settings\Dan\Desktop
[6/7/2008]
[7:30:17 PM]
---Infection Files Found/Removed---
C:\WINDOWS\tasks\AD78E411918B62F9.job
Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**
---Listing AppData sub directories---
C:\Documents and Settings\Administrator\Application Data\Identities
C:\Documents and Settings\Administrator\Application Data\Intel
C:\Documents and Settings\Administrator\Application Data\Microsoft
C:\Documents and Settings\Administrator\Application Data\Sun
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Adobe Systems
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Aol
C:\Documents and Settings\All Users\Application Data\Aol Downloads
C:\Documents and Settings\All Users\Application Data\Aol Ocp
C:\Documents and Settings\All Users\Application Data\Apple
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Avg8
C:\Documents and Settings\All Users\Application Data\Avid
C:\Documents and Settings\All Users\Application Data\Cyberlink
C:\Documents and Settings\All Users\Application Data\Digstream
C:\Documents and Settings\All Users\Application Data\Element5
C:\Documents and Settings\All Users\Application Data\Grisoft
C:\Documents and Settings\All Users\Application Data\Gtek
C:\Documents and Settings\All Users\Application Data\Installshield
C:\Documents and Settings\All Users\Application Data\Intel
C:\Documents and Settings\All Users\Application Data\Intuit
C:\Documents and Settings\All Users\Application Data\Macromedia
C:\Documents and Settings\All Users\Application Data\Macrovision
C:\Documents and Settings\All Users\Application Data\Malwarebytes
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Pace Anti-piracy
C:\Documents and Settings\All Users\Application Data\Pinnacle
C:\Documents and Settings\All Users\Application Data\Pinnacle Studio
C:\Documents and Settings\All Users\Application Data\Propellerhead Software
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\River Past G5
C:\Documents and Settings\All Users\Application Data\Smartsound Software Inc
C:\Documents and Settings\All Users\Application Data\Smsi
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Trend Micro
C:\Documents and Settings\All Users\Application Data\Ulead Systems
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Documents and Settings\All Users\Application Data\Wait Find Browse New
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Dan\Application Data\Acccore
C:\Documents and Settings\Dan\Application Data\Adobe
C:\Documents and Settings\Dan\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Dan\Application Data\Ahead
C:\Documents and Settings\Dan\Application Data\Aim
C:\Documents and Settings\Dan\Application Data\Apple Computer
C:\Documents and Settings\Dan\Application Data\Arcsoft
C:\Documents and Settings\Dan\Application Data\Atari
C:\Documents and Settings\Dan\Application Data\Avid
C:\Documents and Settings\Dan\Application Data\Castprocmode
C:\Documents and Settings\Dan\Application Data\Corel Photo Album
C:\Documents and Settings\Dan\Application Data\Creative
C:\Documents and Settings\Dan\Application Data\Cyberlink
C:\Documents and Settings\Dan\Application Data\Divx
C:\Documents and Settings\Dan\Application Data\Fretsonfire
C:\Documents and Settings\Dan\Application Data\Google
C:\Documents and Settings\Dan\Application Data\Gtek
C:\Documents and Settings\Dan\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Dan\Application Data\Identities
C:\Documents and Settings\Dan\Application Data\Installshield
C:\Documents and Settings\Dan\Application Data\Intel
C:\Documents and Settings\Dan\Application Data\Lavasoft
C:\Documents and Settings\Dan\Application Data\Leadertech
C:\Documents and Settings\Dan\Application Data\Macromedia
C:\Documents and Settings\Dan\Application Data\Malwarebytes
C:\Documents and Settings\Dan\Application Data\Microsoft
C:\Documents and Settings\Dan\Application Data\Microsoft Web Folders -- EMPTY Directory
C:\Documents and Settings\Dan\Application Data\Move Networks
C:\Documents and Settings\Dan\Application Data\Notecable
C:\Documents and Settings\Dan\Application Data\Pace Anti-piracy
C:\Documents and Settings\Dan\Application Data\Propellerhead Software
C:\Documents and Settings\Dan\Application Data\Publish Providers -- EMPTY Directory
C:\Documents and Settings\Dan\Application Data\Real
C:\Documents and Settings\Dan\Application Data\River Past G5
C:\Documents and Settings\Dan\Application Data\Sony
C:\Documents and Settings\Dan\Application Data\Sony Setup
C:\Documents and Settings\Dan\Application Data\Stoik
C:\Documents and Settings\Dan\Application Data\Sun
C:\Documents and Settings\Dan\Application Data\Viewpoint
C:\Documents and Settings\Dan\Application Data\Winrar -- EMPTY Directory
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User\Application Data\Intel
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Sun
C:\Documents and Settings\Localservice\Application Data\Apple Computer
C:\Documents and Settings\Localservice\Application Data\Cyberlink
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Mcx1\Application Data\Identities
C:\Documents and Settings\Mcx1\Application Data\Intel
C:\Documents and Settings\Mcx1\Application Data\Microsoft
C:\Documents and Settings\Mcx1\Application Data\Sun
C:\Documents and Settings\Networkservice\Application Data\Microsoft
Deckard's System Scanner v20071014.68
Run by Dan on 2008-06-07 19:50:32
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
60: 2008-06-07 23:50:48 UTC - RP927 - Deckard's System Scanner Restore Point
59: 2008-06-07 18:12:11 UTC - RP926 - Installed AVG Free 8.0
58: 2008-06-07 14:37:22 UTC - RP925 - System Checkpoint
57: 2008-06-06 05:53:41 UTC - RP924 - Software Distribution Service 3.0
56: 2008-06-05 17:25:36 UTC - RP923 - System Checkpoint
-- First Restore Point --
1: 2008-04-10 20:46:48 UTC - RP868 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 504 MiB (512 MiB recommended).
-- HijackThis (run as Dan.exe) -------------------------------------------------
Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-07 19:52:36
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\GameSpot\DownloadManager_Win32.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\CASIO\Photo Loader\Plauto.exe
C:\Program Files\GameSpot\GDM_TrayApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Dan\Local Settings\Temporary Internet Files\Content.IE5\JICLDHW4\dss[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://home.microsof...search.asp?p=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.microsoft...amp;ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Browse new fork rule] C:\Documents and Settings\All Users\Application Data\Wait Find Browse New\Scr Intra.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ANTISEND] C:\DOCUME~1\Dan\APPLIC~1\CASTPR~1\burngrid.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: GameSpot Download Manager.lnk = C:\Program Files\GameSpot\GDM_TrayApp.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Photo Loader supervisory.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.doginhispen.com (HKCU)
O15 - Trusted Zone: *.whataboutadog.com (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) -
https://support.dell...iler/SysPro.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://fpdownload.ma...director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) -
http://fpdownload.ma...director/sw.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplane...C_2.3.3.102.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) -
http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.ma...ent/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: DNADownloader - CNET Networks - C:\Program Files\GameSpot\DownloadManager_Win32.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
--
End of file - 8945 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------
backup-20060824-174106-165 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.dell4me.com/myway
backup-20060824-174106-175 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....ll4me.com/myway
backup-20060824-174106-258 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/myway
backup-20060824-174106-350 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.mrfindalo.../search.asp?si=
backup-20060824-174106-955 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.mrfindalo.../search.asp?si=
backup-20060824-174118-385 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/myway
backup-20060830-110927-171 O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
backup-20060830-110927-243 O4 - Startup: .protected
backup-20060830-110927-360 R3 - URLSearchHook: (no name) - _{A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)
backup-20060830-110927-390 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
backup-20060830-110927-488 O4 - HKCU\..\Run: [wioi] C:\PROGRA~1\COMMON~1\wioi\wioim.exe
backup-20060830-110927-495 O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\Duce6.exe
backup-20060830-110927-503 O4 - Global Startup: .protected
backup-20060830-110927-600 R3 - URLSearchHook: (no name) - _{4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
backup-20060830-110927-611 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
backup-20060830-110927-627 F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,jwgjydd.exe
backup-20060830-110927-693 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
backup-20060830-110927-785 R3 - URLSearchHook: (no name) - - (no file)
backup-20060830-110927-826 O4 - HKLM\..\Run: [jmasnlkA] C:\WINDOWS\jmasnlkA.exe
backup-20060830-110927-933 O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
backup-20060830-110927-980 O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\ondsregn.exe
backup-20060830-110943-348 O20 - Winlogon Notify: SideBySide - C:\WINDOWS\system32\mv24l9fq1.dll (file missing)
backup-20060830-111058-955 O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\Duce6.exe
backup-20060830-111127-711 O4 - Startup: .protected
backup-20060830-111227-430 O4 - Global Startup: .protected
backup-20060830-132811-321 O4 - Startup: .protected
backup-20060830-133244-284 O4 - Startup: .protected
backup-20060830-143716-211 O4 - HKLM\..\Run: [win32097-39180535] C:\WINDOWS\win32097-39180535.exe
backup-20060830-143716-434 O4 - Startup: .protected
backup-20060830-143716-525 O4 - Global Startup: .protected
backup-20060830-201138-259 O4 - HKLM\..\Run: [sys10-391805357] C:\WINDOWS\sys10-391805357.exe
backup-20060830-201138-479 O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\Duce6.exe
backup-20070621-151139-342 O8 - Extra context menu item: &D&ownload all with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
backup-20070621-151139-423 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
backup-20070621-151139-563 O8 - Extra context menu item: &D&ownload all video with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddVideo.htm
backup-20070621-151139-832 O8 - Extra context menu item: &D&ownload &with BitComet - res://F:\Program Files\BitComet\BitComet.exe/AddLink.htm
backup-20070621-151141-353 O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
backup-20070621-151141-834 O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
backup-20070621-151141-958 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
backup-20070621-151142-629 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 TPkd - c:\windows\system32\drivers\tpkd.sys <Not Verified; PACE Anti-Piracy, Inc.; InterLok®>
R1 APPDRV - c:\windows\system32\drivers\appdrv.sys <Not Verified; Dell Inc; Application Driver>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Inc; OMCI Driver>
R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.1.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.1.0.1>
R2 DigiNet (Digidesign Ethernet Support) - c:\windows\system32\drivers\diginet.sys <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
S3 adxapie - c:\docume~1\dan\locals~1\temp\adxapie.sys (file missing)
S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 DigiRefresh (Digidesign MME Refresh Service) - c:\program files\digidesign\drivers\mmerefresh.exe -s <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Digidesign MME Binder>
R2 DNADownloader - c:\program files\gamespot\downloadmanager_win32.exe <Not Verified; CNET Networks; GameSpot Download Manager>
R2 NICCONFIGSVC - c:\program files\dell\nicconfigsvc\nicconfigsvc.exe <Not Verified; Dell Inc.; NicConfigSvc>
R2 RegSrvc - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>
R2 RMSvc (Media Center Extender Resource Monitor) - c:\windows\ehome\rmsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
R2 WLANKEEPER - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSOFSet Service>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-06-07 19:42:03 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2008-06-04 08:57:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-05-07 and 2008-06-07 -----------------------------
2008-06-07 19:46:38 106 --a------ C:\delete.bat
2008-06-07 19:32:34 0 d-------- C:\NoLopBackups
2008-06-07 14:17:05 0 d--h----- C:\$AVG8.VAULT$
2008-06-07 14:12:35 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-07 14:12:11 0 d-------- C:\Program Files\AVG
2008-06-07 14:12:11 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-06 10:58:42 0 d-------- C:\Documents and Settings\Dan\Application Data\Malwarebytes
2008-06-06 10:58:39 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-06 10:58:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-06 10:47:02 0 d-------- C:\Program Files\Common Files\Download Manager
2008-05-27 19:16:19 0 d-------- C:\Program Files\Castprocmode
-- Find3M Report ---------------------------------------------------------------
2008-06-07 19:11:50 0 d-------- C:\Program Files\Viewpoint
2008-06-07 14:25:39 0 d-------- C:\Documents and Settings\Dan\Application Data\Castprocmode
2008-06-06 16:22:49 0 d-------- C:\Program Files\Soulseek
2008-06-06 10:47:02 0 d-a------ C:\Program Files\Common Files
2008-04-30 19:41:48 0 d-------- C:\Documents and Settings\Dan\Application Data\AdobeUM
2008-04-19 10:24:05 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-10 21:18:11 12095488 --a------ C:\Program Files\Capture(5).mpg
2008-03-10 19:52:07 15589376 --a------ C:\Program Files\Capture(4).mpg
2008-03-09 16:17:51 10291200 --a------ C:\Program Files\Capture(3).mpg
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"DigidesignMMERefresh"="C:\Program Files\Digidesign\Drivers\MMERefresh.exe" [12/09/2006 02:17 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [02/01/2008 12:13 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/04/2008 03:18 PM]
"Browse new fork rule"="C:\Documents and Settings\All Users\Application Data\Wait Find Browse New\Scr Intra.exe" [06/07/2008 07:42 PM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [06/07/2008 02:12 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="" []
"ANTISEND"="C:\DOCUME~1\Dan\APPLIC~1\CASTPR~1\burngrid.exe" [05/27/2008 07:16 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 07:00 AM]
C:\Documents and Settings\Dan\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [10/18/2006 6:03:07 PM]
GameSpot Download Manager.lnk - C:\Program Files\GameSpot\GDM_TrayApp.exe [5/9/2007 12:48:26 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [10/18/2006 6:03:07 PM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [12/6/2005 2:55:38 PM]
Extender Resource Monitor.lnk - C:\WINDOWS\ehome\RMSysTry.exe [10/20/2005 7:55:40 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 4:15:54 AM]
Photo Loader supervisory.lnk - C:\Program Files\CASIO\Photo Loader\Plauto.exe [11/19/2006 8:37:13 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 09/07/2004 06:08 PM 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE QWAVE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-06-07 19:54:48 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® M processor 1.60GHz
Percentage of Memory in Use: 76%
Physical Memory (total/avail): 503.37 MiB / 115.78 MiB
Pagefile Memory (total/avail): 1228.33 MiB / 728.36 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1916.45 MiB
C: is Fixed (NTFS) - 32.55 GiB total, 5.8 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - FUJITSU MHV2040AH - 37.26 GiB - 3 partitions
\PARTITION0 - Unknown - 62.72 MiB
\PARTITION1 (bootable) - Installable File System - 32.55 GiB - C:
\PARTITION2 - Unknown - 4.64 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AntivirusOverride is set.
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"F:\\Program Files\\BitComet\\BitComet.exe"="F:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"F:\\Program Files\\Soulseek\\slsk.exe"="F:\\Program Files\\Soulseek\\slsk.exe:*:Enabled:SoulSeek"
"C:\\Program Files\\Soulseek\\slsk.exe"="C:\\Program Files\\Soulseek\\slsk.exe:*:Enabled:SoulSeek"
"C:\\Documents and Settings\\Dan\\Local Settings\\Temp\\~AceTemp\\[sv]script2.7\\[sv]script2.7\\[sv]script2.7\\mirc.exe"="C:\\Documents and Settings\\Dan\\Local Settings\\Temp\\~AceTemp\\[sv]script2.7\\[sv]script2.7\\[sv]script2.7\\mirc.exe:*:Enabled:mIRC"
"F:\\Dans Stuff\\Dans carp**\\[sv]script2.7\\[sv]script2.7\\mirc.exe"="F:\\Dans Stuff\\Dans carp**\\[sv]script2.7\\[sv]script2.7\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Dan\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DANIEL
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Dan
LOGONSERVER=\\DANIEL
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Avid;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter;C:\Program Files\AVG\AVG8;C:\Program Files\AVG\AVG8
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Dan\LOCALS~1\Temp
TMP=C:\DOCUME~1\Dan\LOCALS~1\Temp
USERDOMAIN=DANIEL
USERNAME=Dan
USERPROFILE=C:\Documents and Settings\Dan
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Dan
(admin)
MCX1
Administrator
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNNMP.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AAFE9B0-B60B-4B12-B22D-6B15507502E5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61FB6DAF-197D-4404-A58D-B75268F35D01}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{61FB6DAF-197D-4404-A58D-B75268F35D01}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C679B41F-EE6E-4727-B131-47101785420A}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
ALPS Touch Pad Driver --> C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOLIcon --> MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apple Mobile Device Support --> MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BitComet 0.85 --> F:\Program Files\BitComet\uninst.exe
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Broadcom Management Programs 2 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1033
Canon Camera Access Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{901F8ED7-13E8-43EF-B738-2FE89B0588EB} /l1033
Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A1D0D14A-B776-4907-BC00-5149F2298086} /l1033
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}
Canon Camera Window DSLR 5 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{0A146245-DB79-4197-BF5D-FE1A699A2CC7}
Canon Camera Window MC 6 for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}
Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4DBBF091-FACD-422C-B43C-786335BD5398}
Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{44E24545-F317-4498-B7CD-240DE7BA8DE2}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CiD Help --> C:\DOCUME~1\Dan\APPLIC~1\CASTPR~1\burngrid.exe -uninstall
Conexant D110 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Corel Photo Album 6 --> MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
Creative MediaSource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x9 /remove
Creative MuVo N200 Media Explorer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C679B41F-EE6E-4727-B131-47101785420A}\setup.exe" -l0x9 /remove
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digidesign Audio Drivers 7.3.1 --> C:\Program Files\InstallShield Installation Information\{9F1D8E17-2AE6-4608-901D-42146D7D9C68}\setup.exe -runfromtemp -l0x0009 -removeonly
Digital Content Portal --> MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EducateU --> MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ESPNMotion --> C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
Frets On Fire --> "C:\Program Files\Frets on Fire\Uninstall.exe"
GameSpot Download Manager --> "C:\Program Files\GameSpot\uninstall.exe"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe"
Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe"
HijackThis 1.99.1 --> C:\Program Files\Hijackthis\HijackThis.exe /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Icy Tower v1.3.1 --> "F:\Program Files\icytower1.3\unins000.exe"
Intel® Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
Internal Network Card Power Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F528948-0E80-4C96-B455-DE4167CB1DF7}\setup.exe" -l0x9 UNINSTALL APPDRVNT4
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
IsoBuster 2.0 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
iTunes --> MsiExec.exe /I{02DFB3FD-CF52-4183-8BCA-2A127D4888F4}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
LimeWire PRO 4.14.7 --> "F:\Program Files\LimeWire\uninstall.exe"
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
Media Center Extender --> C:\WINDOWS\eHome\DvcConn.exe /uninstall
Media Center Extender --> MsiExec.exe /I{23FE964A-853B-4176-86D7-9E18B5CA1FC0}
mHlpDell --> MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIRC --> "F:\Dans Stuff\Dans carp**\[sv]script2.7\[sv]script2.7\mirc.exe" -uninstall
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mIWCA --> MsiExec.exe /I{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Move Networks Player for Internet Explorer --> "C:\Documents and Settings\Dan\Application Data\Move Networks\ie_bin\unins000.exe"
Mpeg2Decoder 1.1 --> "C:\Program Files\Mpeg2Decoder\unins000.exe"
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSSO --> MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mToolkit --> MsiExec.exe /I{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}
MuVo Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AAFE9B0-B60B-4B12-B22D-6B15507502E5}\setup.exe" -l0x9 /remove
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Need For Speed High Stakes --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Electronic Arts\Need For Speed High Stakes\Uninst.isu" -c"C:\Program Files\Electronic Arts\Need For Speed High Stakes\uninst.dll" E
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
NETGEAR Print Server Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NETGEAR Print Server\Uninst.isu"
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
Photo Loader 3.0E --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70B45586-B51E-4947-A258-A895596C5CED}\Setup.exe" -uninst
PhotoNow! 1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
PowerDirector --> "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
PowerDirector --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall
QuickSet --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe" -l0x9 UNINSTALL APPDRVNT4 - ALL
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
RollerCoaster Tycoon 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x9
Sentinel Protection Installer 7.3.2 --> MsiExec.exe /I{EDFE2142-CFB3-44AB-A961-DE85F6408A28}
SmartSound Quicktracks Plugin --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SoulSeek Client 156c --> "C:\Program Files\Soulseek\uninstall.exe"
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Venue InterLok Driver Kit --> MsiExec.exe /X{5684CDBB-5CB8-4E26-9F19-9DF037C143AC}
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WebCyberCoach 3.2 Dell --> "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
WinAce Archiver --> "C:\Program Files\WinAce\SXUNINST.EXE" "C:\Program Files\WinAce\SXUNINST.INI"
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer Clean Up --> MsiExec.exe /I{121634B0-2F4A-11D3-ADA3-00C04F52DD53}
Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Media Center Edition 2005 KB905589 --> "C:\WINDOWS\$NtUninstallKB905589$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
XML Paper Specification Shared Components Pack 1.0 -->
-- Application Event Log -------------------------------------------------------
Event Record #/Type8289 / Error
Event Submitted/Written: 06/07/2008 01:49:48 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16640, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x0000afb6.
Processing media-specific event for [iexplore.exe!ws!]
Event Record #/Type8280 / Error
Event Submitted/Written: 06/07/2008 10:20:09 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16640, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x0000afb6.
Processing media-specific event for [iexplore.exe!ws!]
Event Record #/Type8279 / Error
Event Submitted/Written: 06/07/2008 10:11:13 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16640, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x0000afb6.
Processing media-specific event for [iexplore.exe!ws!]
Event Record #/Type8278 / Error
Event Submitted/Written: 06/07/2008 10:05:37 AM
Event ID/Source: 4098 / Media Center Extender Services
Event Description:
ERROR: Device Service Listener - The listener loop unexpectedly ended. Error code 0x00000000.
Event Record #/Type8277 / Error
Event Submitted/Written: 06/07/2008 01:08:00 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16640, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x0000afb6.
Processing media-specific event for [iexplore.exe!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type6322 / Error
Event Submitted/Written: 06/07/2008 07:19:39 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Windows CardSpace service failed to start due to the following error:
%%1053
Event Record #/Type6321 / Error
Event Submitted/Written: 06/07/2008 07:19:39 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the Windows CardSpace service to connect.
Event Record #/Type6256 / Error
Event Submitted/Written: 06/07/2008 10:05:36 AM / 06/07/2008 10:05:38 AM
Event ID/Source: 14103 / PSched
Event Description:
QoS [Adapter {A18C13D0-EAC7-4199-8BA9-7B98A9565A41}]:
The netcard driver failed the query for OID_GEN_LINK_SPEED.
Event Record #/Type6255 / Warning
Event Submitted/Written: 06/07/2008 10:05:33 AM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\HAL on the network \Device\NetBT_Tcpip_{BD2D07FF-6EE7-4102-B208-E126ED5B134C}.
The data is the error code.
Event Record #/Type6253 / Warning
Event Submitted/Written: 06/06/2008 06:21:01 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
-- End of Deckard's System Scanner: finished at 2008-06-07 19:54:48 ------------