Thread: Re: Cleaning up sluggish computer
View Single Post
Old 08-02-2007, 10:31 AM   #1 (permalink)
NEaken
Registered User
 
Join Date: Jul 2007
Posts: 5
OS: windows xp


Re: Cleaning up sluggish computer
Hope I am not stepping on toes and did this as instructed. I followed the 5 steps and am posting Deckard Scan Log here.
Please advise.
Thanks again for all your help.
Nancy

Deckard's System Scanner v20070729.57
Run by Nancy Eaken on 2007-08-02 at 11:12:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
67: 2007-08-02 16:12:21 UTC - RP1422 - Deckard's System Scanner Restore Point
66: 2007-08-02 16:08:36 UTC - RP1421 - Installed Windows XP KB891781.
65: 2007-08-02 1631 UTC - RP1420 - Installed Windows XP KB890859.
64: 2007-08-02 16:05:41 UTC - RP1419 - Installed Windows XP KB890175.
63: 2007-08-02 16:04:47 UTC - RP1418 - Installed Windows XP KB890047.


-- First Restore Point --
1: 2007-06-22 03:27:18 UTC - RP1356 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Nancy Eaken.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:15 AM, on 8/2/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\DOCUME~1\NANCYE~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\T85OQG2G\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Nancy Eaken.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-A3FA-F161A787AD2D} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-A3FA-F161A787AD2D} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [YPC] C:\PROGRA~1\Yahoo!\PARENT~1\ypc.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Cleanup] C:\DOCUME~1\NANCYE~1\LOCALS~1\Temp\2007822927_mcappins.exe /v=3 /cleanup
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\NANCYE~1\LOCALS~1\Temp\200782297_mcinfo.exe /insfin
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: Microsoft Works Calendar.lnk = ?
O4 - Startup: WKCALREM.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.yahoo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175...at-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...16/mcgdmgr.cab
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} (Plaxo Auto-Import Utility) - https://www.plaxo.com/activex/plx_upldr-2k-xp.cab
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} - http://www.trueswitch.com/sbc/TrueInstallSBC.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{013FE46B-31B2-4CAA-9BE3-AFC6CF80ABF8}: NameServer = 151.164.1.8,206.13.28.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{26F174E9-C563-4777-A835-3144F85FB469}: NameServer = 151.164.1.8 206.13.28.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{013FE46B-31B2-4CAA-9BE3-AFC6CF80ABF8}: NameServer = 151.164.1.8,206.13.28.12
O17 - HKLM\System\CS2\Services\Tcpip\..\{013FE46B-31B2-4CAA-9BE3-AFC6CF80ABF8}: NameServer = 151.164.1.8,206.13.28.12
O17 - HKLM\System\CS3\Services\Tcpip\..\{013FE46B-31B2-4CAA-9BE3-AFC6CF80ABF8}: NameServer = 151.164.1.8,206.13.28.12
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE

--
End of file - 9284 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 cdrbsvsd - c:\windows\system32\drivers\cdrbsvsd.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 mrtRate - c:\windows\system32\drivers\mrtrate.sys <Not Verified; Marimba, Inc.; Rate Sensing Manager>
R3 NaiAvFilter1 - c:\windows\system32\drivers\naiavf5x.sys (file missing)

S2 PPSCAN - c:\windows\system32\drivers\ppscan.sys <Not Verified; Hewlett-Packard Co.; >
S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 ewdmaudn - c:\docume~1\nancye~1\locals~1\temp\ewdmaudn.sys (file missing)
S3 gnetbt - c:\docume~1\nancye~1\locals~1\temp\gnetbt.sys (file missing)
S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 NQL10WNT - c:\documents and settings\sarah eaken\local settings\temp\nql10wnt.sys
S3 RT25USBAP (Nintendo Wi-Fi USB Connector Service) - c:\windows\system32\drivers\rt25usbap.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
S3 SASC3350 - c:\docume~1\nancye~1\locals~1\temp\sasc3350.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 UserAccess7 (SecuROM User Access Service (V7)) - c:\windows\system32\uaservice7.exe

S3 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module>


-- Scheduled Tasks -------------------------------------------------------------

2004-01-08 13:59:21 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 1.job


-- Files created between 2007-07-02 and 2007-08-02 -----------------------------

2007-08-02 11:15:13 0 d-------- C:\Program Files\Trend Micro
2007-08-02 10:57:11 0 d-------- C:\WINDOWS\LastGood
2007-08-02 10:52:47 0 d-------- C:\WINDOWS\peernet
2007-08-02 10:52:46 0 d-------- C:\WINDOWS\provisioning
2007-08-02 10:50:40 0 d-------- C:\WINDOWS\ServicePackFiles
2007-08-02 10:42:55 0 d-------- C:\WINDOWS\EHome
2007-08-02 10:24:13 21312 --a------ C:\WINDOWS\choice.exe
2007-08-02 08:48:44 0 d------c- C:\ie-spyad2
2007-08-02 08:34:33 0 d-------- C:\Program Files\SpywareBlaster
2007-08-02 02:55:24 8576 --a------ C:\WINDOWS\System32\drivers\ylsydfvbppda.sys <Not Verified; Panda Software International; RKPavProc Driver>
2007-08-02 01:52:28 8576 --a------ C:\WINDOWS\System32\drivers\pwebosfjwcex.sys <Not Verified; Panda Software International; RKPavProc Driver>
2007-08-02 01:05:15 8576 --a------ C:\WINDOWS\System32\drivers\iprpugcljpyd.sys <Not Verified; Panda Software International; RKPavProc Driver>
2007-08-01 16:10:00 0 d-------- C:\WINDOWS\System32\ActiveScan
2007-07-29 13:04:31 0 d-------- C:\Program Files\Lavasoft
2007-07-29 11:38:38 0 d--h----- C:\WINDOWS\PIF
2007-07-29 10:31:12 0 d-------- C:\Program Files\Common Files\Java
2007-07-28 17:28:55 0 d-------- C:\WINDOWS\System32\NtmsData
2007-07-08 19:38:39 0 d-------- C:\Documents and Settings\Nick Eaken\Application Data\acccore
2007-07-08 19:36:00 0 d-------- C:\Documents and Settings\Sarah Eaken\Application Data\acccore
2007-07-08 17:26:32 0 d-------- C:\Documents and Settings\Nancy Eaken\Application Data\Viewpoint
2007-07-08 17:19:14 0 d-------- C:\Documents and Settings\Nancy Eaken\Application Data\acccore
2007-07-08 17:18:53 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2007-07-08 17:17:28 0 d-------- C:\Program Files\Common Files\AOL
2007-07-08 17:17:03 0 d-------- C:\Program Files\AIM6
2007-07-08 17:10:50 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads


-- Find3M Report ---------------------------------------------------------------

2007-08-02 10:53:08 0 d-------- C:\Program Files\Messenger
2007-08-02 10:52:47 0 d-------- C:\Program Files\Movie Maker
2007-08-02 10:50:22 0 d-------- C:\Program Files\Windows NT
2007-07-29 13:04:51 0 d-------- C:\Documents and Settings\Nancy Eaken\Application Data\Lavasoft
2007-07-29 13:02:19 0 d-------- C:\Program Files\Common Files
2007-07-29 12:55:14 2476640 --a------ C:\Program Files\US.exe
2007-07-29 10:36:19 0 d-------- C:\Program Files\Java
2007-07-28 17:50:27 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-28 17:50:27 0 d-------- C:\Program Files\Dell
2007-07-22 10:17:44 0 d-------- C:\Documents and Settings\Nancy Eaken\Application Data\Atari
2007-07-06 17:45:49 0 d-------- C:\Program Files\EA GAMES
2007-06-30 09:22:27 0 d-------- C:\Documents and Settings\Nancy Eaken\Application Data\Canon
2007-06-28 17:14:29 1080 --a------ C:\WINDOWS\AUTOLNCH.REG
2007-06-28 13:38:03 18432 --a------ C:\WINDOWS\ss3unstl.exe
2007-06-28 13:38:00 1566144 --a------ C:\WINDOWS\System32\Tropical Screensaver.scr
2007-06-22 18:28:43 0 d-------- C:\Program Files\Microsoft Games
2007-06-11 21:03:36 0 d-------- C:\Program Files\WiFiConnector


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-A3FA-F161A787AD2D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [08/06/2003 02:04 AM]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [08/13/2003 11:27 AM]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [01/17/2006 01:03 PM]
"YPC"="C:\PROGRA~1\Yahoo!\PARENT~1\ypc.exe" [02/11/2005 06:14 PM]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [07/21/2006 10:43 AM]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [08/19/2003 02:01 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [01/05/2004 07:11 PM]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [05/08/2003 12:00 PM]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [07/16/2002 08:21 PM]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [10/19/2005 09:59 AM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [10/19/2005 09:59 AM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 11:09 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04/27/2007 09:41 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [05/26/2007 12:45 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]
"Cleanup"="C:\DOCUME~1\NANCYE~1\LOCALS~1\Temp\2007822927_mcappins.exe" []
"msci"="C:\DOCUME~1\NANCYE~1\LOCALS~1\Temp\200782297_mcinfo.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"="" []
"MoneyAgent"="C:\Program Files\Microsoft Money\System\mnyexpr.exe" [07/17/2002 11:00 AM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [04/27/2007 04:17 PM]

C:\Documents and Settings\Nancy Eaken\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 10:00:00 AM]
Microsoft Works Calendar.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkscal.exe [7/10/2002 11:03:28 PM]
WKCALREM.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [7/10/2002 11:03:34 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 10:00:00 AM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

*Newly Created Service* - IPRPUGCLJPYD
*Newly Created Service* - PWEBOSFJWCEX
*Newly Created Service* - RKPAVPROC
*Newly Created Service* - SDTHOOK
*Newly Created Service* - YLSYDFVBPPDA



-- End of Deckard's System Scanner: finished at 2007-08-02 at 11:16:43 ---------

Deckard's System Scanner v20070729.57
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 1.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of Memory in Use: 37%
Physical Memory (total/avail): 1278 MiB / 793.54 MiB
Pagefile Memory (total/avail): 1517.49 MiB / 1280.54 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1963.96 MiB

C: is Fixed (NTFS) - 38.25 GiB total, 10.41 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)


-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Nancy Eaken\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EAKEN
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Nancy Eaken
LOGONSERVER=\\EAKEN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\System32;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Sonic Shared;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\NANCYE~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\NANCYE~1\LOCALS~1\Temp
USERDOMAIN=EAKEN
USERNAME=Nancy Eaken
USERPROFILE=C:\Documents and Settings\Nancy Eaken
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Nancy Eaken (admin)
Matt Eaken (admin)
Nick Eaken
Sarah Eaken
Administrator.EAKEN (new local, admin)
Guest (guest)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{410438A3-B591-4028-B70A-3CC0B33FBCD1}\Setup.exe" -l0x9 -L0x9anything
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Groove Playback Engine --> RunDll32 C:\WINDOWS\DOWNLO~1\GrooveAX.dll,_RemoveGroove@16
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AT&T Yahoo! Applications --> C:\PROGRA~1\Yahoo!\common\uninstall.exe
Broadcom Management Programs --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{89EE857B-8970-4F9F-AB58-A1C873AC72B3} /l1033
Canon MP Drivers --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58F8C6D9-5B55-486A-A322-4E8D87670031}\Setup.exe" -l0x9 -Uninstall
Canon MP Toolbox 4.1.1.0.mp10 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4669544E-20E4-4E56-8B44-2E6E1200051F}\Setup.exe" -l0x9 -Uninstall
Canon Utilities Easy-PhotoPrint --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Canon\Easy-PhotoPrint\Uninst.isu" -c"C:\Program Files\Canon\Easy-PhotoPrint\EZUNINST.DLL"
Canon Utilities Easy-PhotoPrint Plus --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Canon\Easy-PhotoPrint Plus\Uninst.isu" -c"C:\Program Files\Canon\Easy-PhotoPrint Plus\EZUNINST.DLL"
Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
DAO 3.5 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Intuit\DAO 3.5\Uninst.isu"
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Dell Solution Center --> MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Disney Interactive Global Compatibility Update June 2003 --> C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{4acec804-8c2c-4c78-9127-6c6b756e44e2}.sdb"
Dora Backpack --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D859D35F-E947-4F2A-8591-C76A4D116178}\setup.exe" -l0x9 -uninst
DS21Patch --> MsiExec.exe /I{9B79DCB0-AAD7-456B-8D07-433C936FA24B}
DVDSentry --> MsiExec.exe /I{98DF85D9-96C0-4F57-A92E-C3539477EF5E}
Easy-WebPrint --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
Finding Nemo --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1A5488D7-314D-4CBC-89BF-C5B59510BDBA} NemoADVUninstall
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB910998) --> "C:\WINDOWS\$NtUninstallKB910998$\spuninst\spuninst.exe"
IBM & Crayola Magic Princess --> C:\WINDOWS\uninst.exe -f"C:\.\Program Files\IBM and Crayola\DeIsL1.isu"
Intel(R) Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
iTunes --> MsiExec.exe /I{6E93572D-F31E-496F-8B2F-F400B3A2BC4E}
Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Kid Pix Deluxe 3 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Broderbund\Kid Pix Deluxe 3\Uninst.isu"
Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Macromedia Flash Player --> MsiExec.exe /X{4ecaf021-478c-40c1-b777-3368a15f9966}
Magic Artist Deluxe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{731A34F6-7375-4FC4-9EAA-E20BE3CA4326}\setup.exe" -l0x9
MetaFrame Presentation Server Web Client for Win32 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wficat.inf,DefaultUninstall
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Encarta Encyclopedia 2000 --> "C:\Program Files\Microsoft Encarta\Encarta Encyclopedia 2000\unee2000.exe" /uninstall
Microsoft Encarta Encyclopedia Standard 2003 --> MsiExec.exe /I{03410014-3975-4267-9F39-1DC4745090B7}
Microsoft Money 2003 --> MsiExec.exe /I{01F9D88C-3C86-4E82-840A-101A3221F67A}
Microsoft Money 2003 System Pack --> MsiExec.exe /I{02B42D23-10F2-4862-ADA4-3DF1EA0021B2}
Microsoft Office 2000 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Picture It! Photo 7.0 --> MsiExec.exe /I{369B36BE-3D64-4641-9AEA-808D436FE132}
Microsoft Streets and Trips 2002 --> MsiExec.exe /I{12BDDF23-B1DB-49C8-92D3-3E6841CCED61}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSs22.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Word 2002 --> MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works 2003 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2003\Setup\Launcher.exe D:\
Microsoft Works 7.0 --> MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{7EE9DE0D-9228-4C33-B80E-FDD1773600DF}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst
NCR Label Formats for MS Word Setup --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NCR Media Formats\Uninst.isu"
Nintendo Wi-Fi USB Connector Registration Tool --> C:\Program Files\WiFiConnector\SoftAPUninst.exe
Norton Spyware Scan provided by Yahoo! --> C:\PROGRA~1\Yahoo!\common\unynss.exe
OmniPage SE 2.0 --> MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
Panda ActiveScan --> C:\WINDOWS\System32\ASUninst.exe Panda ActiveScan
PhotoPrinter 2.0 LE --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoPrinter\Uninst.isu"
Picture Package --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}\setup.exe" -l0x9 UNINSTALL
Pivot Stickfigure Animator --> MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Princess Fashion Boutique 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3554902-AB4A-11D5-AA2E-0008C760B784}\setup.exe" Princess Fashion Boutique 2
Quicken Home & Business 2000 --> C:\WINDOWS\IsUninst.exe -fC:\QUICKENW\Uninst.isu
QuickTime --> MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
RealOne Player --> C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
Rugrats Totally Angelica Boredom Buster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6D9EA453-3D9F-4EBE-B2D0-4195255FB907}\setup.exe"
Rugrats(TM) All Growed Up --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{08C1D270-DD63-4E4A-875B-1347C5998E08}\setup.exe" -uninst
SBC Yahoo! DSL Activation --> C:\PROGRA~1\Yahoo!\common\undsldlk.exe
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Shockwave --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic MyDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\setup.exe" -l0x9 -L0x9 /SMAINT
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Stronghold 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe" -l0x9 -removeonly
StuffIt Standard --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{7D863662-0AB4-40BD-AD9F-A2ED548C3187}
The Sims 2 --> C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
The Sims 2 Glamour Life Stuff --> C:\Program Files\EA GAMES\The Sims 2 Glamour Life Stuff\EAUninstall.exe
The Sims 2 Nightlife --> C:\Program Files\EA GAMES\The Sims 2 Nightlife\EAUninstall.exe
The Sims 2 Pets --> C:\Program Files\EA GAMES\The Sims 2 Pets\EAUninstall.exe
Tropical Screensaver --> C:\WINDOWS\ss3unstl.exe "Tropical Screensaver"
Uno(TM) CD-Rom --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9416484D-7002-4CDF-8B46-8748962DF3CF}\setup.exe"
ViewSonic Monitor Drivers --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B4FEA924-630D-11D4-B78E-005004566E4D}\Setup.exe" -l0x9


-- End of Deckard's System Scanner: finished at 2007-08-02 at 11:16:43 ---------
Attached Files
File Type: txt extra.txt (14.2 KB, 1 views)
NEaken is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here