Thread: Help for Trojan.Adclicker virus
View Single Post
Old 11-27-2007, 02:45 PM   #5 (permalink)
rickd123
Registered User
 
Join Date: Nov 2007
Location: New England, USA
Posts: 7
OS: xp sp2


Re: Help for Trojan.Adclicker virus
That worked, ran fine.

Here are both logs, wow, what a wealth of information!

Thanks for the very quick response!

Rick




Deckard's System Scanner v20071014.68
Run by Rick on 2007-11-27 16:33:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 2 Restore Point(s) --
2: 2007-11-27 01:46:44 UTC - RP2 - Deckard's System Scanner Restore Point
1: 2007-11-27 01:42:28 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Rick.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:34:13 PM, on 11/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\FarStone\DriveClone Pro\CBP\DCSchdler.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\VISION~1\ONETOU~2.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\FarStone\DriveClone Pro\EFB\efbfs.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\FarStone\DriveClone Pro\EFB\EfbSchedule.exe
C:\Program Files\FarStone\DriveClone Pro\fsloader.exe
C:\Program Files\FarStone\DriveClone Pro\VBPTask.exe
C:\Program Files\FarStone\DriveClone Pro\VerChk.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\desktop\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Rick.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [OneTouch Monitor] C:\PROGRA~1\VISION~1\ONETOU~2.EXE
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - S-1-5-18 Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n035p/EN/install/gtdownlr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1193239979570
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} (YbUploadFavsCtl Class) - http://us.bookmarks.yahoo.com/YbConvFav.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A71D46F-3EF6-4216-8D06-223B7A5C09E0}: NameServer = 192.168.1.1,192.168.1.2
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DriveClone Scheduler (DCScheduler) - Unknown owner - C:\Program Files\FarStone\DriveClone Pro\CBP\DCSchdlerSRVC.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Restore FarStone File Event Manager (efbfs) - FarStone Technology, Inc. - C:\Program Files\FarStone\DriveClone Pro\EFB\efbfs.exe
O23 - Service: FarStone RestoreIT Loader - Unknown owner - C:\Program Files\FarStone\DriveClone Pro\fsloader.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TiVo.Net Auto-Transcoding Service - Pipkin Technologies - C:\Program Files\Pipkin Technologies\TiVo.Net\TiVoDotNet.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 13855 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 dcsnap - c:\windows\system32\drivers\dcsnap.sys
R0 giveio - c:\windows\system32\giveio.sys
R0 RITFSD - c:\windows\system32\drivers\ritfsd.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R0 VVBackd5 - c:\windows\system32\drivers\vvbackd5.sys <Not Verified; FarStone Technology, Inc.; RestoreIT(8.0).>
R1 DCDisk - c:\windows\system32\drivers\dcdisk.sys
R1 flbRITDisk - c:\windows\system32\drivers\flbritdisk.sys <Not Verified; Farstone; filedisk>
R2 flbdisk - c:\windows\system32\drivers\flbdisk.sys <Not Verified; FarStone Technology, Inc.; filedisk>
R2 flbrc - c:\windows\system32\drivers\flbrc.sys
R2 HCDisk - c:\windows\system32\drivers\hcdisk.sys
R2 ppsio2 (PPDevice) - c:\windows\system32\drivers\ppsio2.sys <Not Verified; ; Flatbed DevDriver/NT4>
R2 Rcfilter - c:\windows\system32\drivers\rcfilter.sys <Not Verified; FarStone Technology, Inc.; Restore IT!>
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S1 DVDRC - c:\windows\system32\drivers\dvdrc.sys (file missing)
S3 ABIT-IO - c:\program files\u-abit\abiteq\abit-io.sys
S3 FXDRV - d:\fxdrv.sys (file missing)
S3 Memctl - c:\program files\u-abit\flashmenu\memctl.sys
S3 SIoctl - c:\windows\system32\drivers\sioctl.sys <Not Verified; Windows (R) Codename Longhorn DDK provider; Windows (R) Codename Longhorn DDK driver>
S3 WINFLASH - c:\program files\u-abit\flashmenu\winflash.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Diskeeper - "c:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper (TM) Disk Defragmenter>
R2 efbfs (Restore FarStone File Event Manager) - c:\program files\farstone\driveclone pro\efb\efbfs.exe <Not Verified; FarStone Technology, Inc.; >
R2 FarStone RestoreIT Loader - "c:\program files\farstone\driveclone pro\fsloader.exe"
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>

S2 DCScheduler (DriveClone Scheduler) - c:\program files\farstone\driveclone pro\cbp\dcschdlersrvc.exe
S3 nmraapache (Pure Networks Net2Go Service) - "c:\program files\pure networks\network magic\webserver\bin\nmraapache.exe" -k runservice <Not Verified; Pure Networks, Inc.; Pure Networks Net2Go Service>
S3 TiVo.Net Auto-Transcoding Service - "c:\program files\pipkin technologies\tivo.net\tivodotnet.exe" <Not Verified; Pipkin Technologies; DotNetTivoBeacon>
S4 perfmons (perfmons Service) - c:\windows\system32\perfs.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-11-26 20:00:00 638 --a------ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Administrator.job
2007-11-23 17:15:00 406 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job
2007-11-16 21:22:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-27 and 2007-11-27 -----------------------------

2007-11-26 21:44:06 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-11-26 20:38:22 0 d-------- C:\Program Files\SpywareBlaster
2007-11-26 17:01:31 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-11-26 15:19:50 0 d-------- C:\Program Files\Trend Micro
2007-11-25 11:57:00 33295 --a------ C:\WINDOWS\system32\Indt2.sys
2007-11-25 11:08:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\U3
2007-11-25 10:45:44 0 d-------- C:\Program Files\Spyware Doctor
2007-11-25 10:45:44 0 d-------- C:\Documents and Settings\Administrator\Application Data\PC Tools
2007-11-16 21:23:30 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2007-11-16 21:22:45 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2007-11-09 22:09:37 0 d-------- C:\WINDOWS\USB-IrDA
2007-11-09 22:08:39 0 d-------- C:\Program Files\Susteen
2007-11-09 21:40:18 0 d-------- C:\Program Files\LG Electronics
2007-11-09 21:31:55 0 d-------- C:\Program Files\QuickTime
2007-11-09 21:31:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-08 12:31:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
2007-11-07 21:35:23 0 d-------- C:\Program Files\Microsoft Games
2007-11-07 16:42:05 0 d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2007-11-07 11:58:43 0 d-------- C:\Documents and Settings\LocalService\Application Data\Acronis
2007-11-07 11:55:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2007-11-07 11:29:59 0 d-------- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Pro
2007-11-07 11:29:49 0 d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2007-11-07 11:28:34 0 d-------- C:\Program Files\DAEMON Tools Pro
2007-11-07 1119 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-11-06 16:19:33 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sony Corporation
2007-11-06 16:10:54 3654 --a------ C:\WINDOWS\system32\drivers\Sonyhcp.dll
2007-11-06 16:10:54 0 d-------- C:\Drivers
2007-11-06 16:10:20 0 d-------- C:\Program Files\Sony
2007-11-05 21:09:15 0 d-------- C:\Documents and Settings\All Users\Application Data\SlySoft
2007-11-05 2114 0 d-------- C:\Program Files\SlySoft
2007-11-05 19:12:13 257024 --a------ C:\WINDOWS\system32\ndt2.sys
2007-11-05 1931 0 d-------- C:\Program Files\Elaborate Bytes
2007-11-05 18:49:41 5120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-11-05 18:49:40 0 d-------- C:\Program Files\ffdshow
2007-11-04 10:54:38 0 d-------- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
2007-11-04 10:52:20 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-11-04 10:52:20 47360 --a------ C:\Documents and Settings\Administrator\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-11-04 10:52:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Vso
2007-11-04 10:52:13 0 d-------- C:\Program Files\LG Software Innovations
2007-11-02 08:17:43 4142592 --a------ C:\WINDOWS\system32\qtintf.dll <Not Verified; Borland Software Corporation; Delphi-Qt2.x Interface Library>
2007-11-02 08:17:42 0 d-------- C:\Program Files\APC
2007-11-01 0900 0 d-------- C:\Documents and Settings\Administrator\Application Data\Zeon
2007-11-01 08:54:16 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2007-11-01 08:54:13 0 d--h----- C:\Documents and Settings\All Users\Application Data\zeon
2007-11-01 08:54:11 0 d-------- C:\WINDOWS\system32\DocucomRes6
2007-11-01 08:53:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\ScanSoft
2007-11-01 08:52:50 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-11-01 08:52:14 0 d-------- C:\Program Files\Common Files\ScanSoft Shared
2007-11-01 08:52:10 0 d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2007-11-01 08:52:06 0 d-------- C:\Program Files\ScanSoft
2007-10-27 12:46:06 0 d-------- C:\Program Files\MagicISO
2007-10-27 12:41:50 0 d-------- C:\Program Files\Apple Software Update
2007-10-27 12:41:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple


-- Find3M Report ---------------------------------------------------------------

2007-11-27 14:57:29 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-27 14:41:43 16384 ---h----- C:\logicinf.bin
2007-11-27 14:41:37 1024 ---h----- C:\diskfile1
2007-11-27 14:41:31 0 d-------- C:\Program Files\SpeedFan
2007-11-26 18:21:08 0 d-------- C:\Program Files\Visioneer OneTouch
2007-11-26 18:19:13 0 d-------- C:\Program Files\POP Peeper
2007-11-26 18:19:11 0 d-------- C:\Program Files\Norton Internet Security
2007-11-25 10:44:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\uTorrent
2007-11-25 10:34:30 4194304 -r-h----- C:\spc_kern
2007-11-18 12:24:47 82847744 -r-h----- C:\WINDOWS\dcdisk1_0
2007-11-17 09:34:59 147859456 -r-h----- C:\WINDOWS\dcdisk0_0
2007-11-17 08:32:05 0 d-------- C:\Program Files\PeerGuardian2
2007-11-09 22:09:37 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-07 11:55:08 0 d-------- C:\Program Files\Common Files\Acronis
2007-11-07 11:54:57 0 d-------- C:\Program Files\Acronis
2007-11-05 22:04:55 0 d-------- C:\Program Files\MediaMonkey
2007-11-04 10:52:25 34 --a------ C:\Documents and Settings\Administrator\Application Data\pcouffin.log
2007-11-04 10:52:20 1144 --a------ C:\Documents and Settings\Administrator\Application Data\pcouffin.inf
2007-11-04 10:52:20 7887 --a------ C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
2007-11-01 08:52:14 0 d-------- C:\Program Files\Common Files
2007-11-01 08:52:14 0 d-------- C:\Program Files\Common Files\InstallShield
2007-10-26 20:44:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\ATI MMC
2007-10-26 20:38:15 0 d-------- C:\Program Files\ATI Multimedia
2007-10-26 20:38:11 0 d-------- C:\Program Files\Common Files\ATI
2007-10-26 20:36:06 158345216 -r-h----- C:\WINDOWS\dcdisk2_0
2007-10-26 20:33:34 0 d-------- C:\Program Files\Common Files\ATI Technologies
2007-10-26 20:32:36 0 d-------- C:\Program Files\TitanTV
2007-10-26 20:32:23 0 d-------- C:\Program Files\msaccrt
2007-10-26 20:31:59 0 d-------- C:\Program Files\Windows Media Components
2007-10-26 20:21:02 158345216 -r-h----- C:\WINDOWS\dcdisk2_1
2007-10-26 20:20:42 82847744 -r-h----- C:\WINDOWS\dcdisk1_1
2007-10-26 10:32:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2007-10-26 10:25:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2007-10-26 10:03:19 0 d-------- C:\Program Files\Logitech
2007-10-26 09:38:22 0 d-------- C:\Program Files\Common Files\Logitech
2007-10-25 12:33:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\GoodSync
2007-10-25 12:33:15 0 d-------- C:\Program Files\Siber Systems
2007-10-25 09:22:38 0 d-------- C:\Documents and Settings\Administrator\Application Data\POP Peeper
2007-10-25 09:00:14 0 d-------- C:\Program Files\Pipkin Technologies
2007-10-25 08:53:53 0 d-------- C:\Program Files\TiVo
2007-10-25 08:53:53 0 d-------- C:\Program Files\Common Files\TiVo Shared
2007-10-25 08:48:24 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-25 08:37:03 4204544 -r-h----- C:\WINDOWS\dclog.bin
2007-10-25 08:35:58 0 d-------- C:\Program Files\FarStone
2007-10-25 08:33:05 0 d-------- C:\Program Files\TweakNow RegCleaner Pro
2007-10-25 08:28:59 0 d-------- C:\Program Files\Driver Cleaner PE
2007-10-25 07:52:08 0 d-------- C:\Program Files\Pure Networks
2007-10-25 07:51:46 0 d-------- C:\Program Files\DIFX
2007-10-25 07:51:41 0 d-------- C:\Program Files\Common Files\Pure Networks Shared
2007-10-25 07:50:26 0 d-------- C:\Program Files\DVD Shrink
2007-10-25 07:50:10 0 d-------- C:\Program Files\DVD Decrypter
2007-10-25 07:47:01 0 d-------- C:\Program Files\TuneUp Utilities 2007
2007-10-25 07:46:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2007-10-25 06:57:34 0 d-------- C:\Program Files\uTorrent
2007-10-25 06:51:37 0 d-------- C:\Documents and Settings\Administrator\Application Data\Help
2007-10-25 06:38:07 0 d-------- C:\Program Files\CyberLink
2007-10-25 06:29:23 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2007-10-25 06:23:09 0 d-------- C:\Program Files\Common Files\xing shared
2007-10-25 06:23:08 0 d-------- C:\Program Files\Common Files\Real
2007-10-25 06:22:56 0 d-------- C:\Program Files\Real
2007-10-24 17:40:20 0 d-------- C:\Program Files\Symantec
2007-10-24 16:58:28 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-10-24 16:56:39 0 d-------- C:\Program Files\Windows Sidebar
2007-10-24 16:46:56 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2007-10-24 16:46:51 0 d-------- C:\Program Files\Microsoft Expression
2007-10-24 16:44:15 0 d-------- C:\Program Files\Microsoft Works
2007-10-24 16:43:46 0 d-------- C:\Program Files\Microsoft.NET
2007-10-24 16:02:55 0 d-------- C:\Documents and Settings\Administrator\Application Data\Nero
2007-10-24 16:02:26 0 d-------- C:\Program Files\Common Files\Nero
2007-10-24 16:01:41 0 d-------- C:\Program Files\Nero
2007-10-24 15:53:14 0 d-------- C:\Program Files\Diskeeper Corporation
2007-10-24 15:27:57 0 d-------- C:\Program Files\DAMN NFO Viewer
2007-10-24 12:44:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2007-10-24 12:44:16 0 d-------- C:\Program Files\Java
2007-10-24 12:43:51 0 d-------- C:\Program Files\Common Files\Java
2007-10-24 12:42:10 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2007-10-24 12:40:48 0 d-------- C:\Program Files\Common Files\Adobe
2007-10-24 10:20:24 0 d-------- C:\Program Files\CCleaner
2007-10-24 10:13:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\ATI
2007-10-24 10:13:02 0 --a------ C:\WINDOWS\ativpsrm.bin
2007-10-24 10:11:55 0 d-------- C:\Program Files\ATI Technologies
2007-10-24 09:38:55 0 d-------- C:\Program Files\U-ABIT
2007-10-24 05:37:48 0 d-------- C:\Documents and Settings\Administrator\Application Data\InstallShield
2007-10-24 05:27:51 0 d-------- C:\Program Files\Realtek
2007-10-24 05:27:44 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2007-10-24 05:27:01 0 d-------- C:\Program Files\Marvell
2007-10-24 05:25:04 0 d-------- C:\Program Files\Intel
2007-10-24 05:16:11 22720 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-10-24 04:40:24 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-10-24 04:35:38 0 d-------- C:\Program Files\microsoft frontpage
2007-10-24 04:35:23 0 -rahs---- C:\MSDOS.SYS
2007-10-24 04:35:23 0 -rahs---- C:\IO.SYS
2007-10-24 04:35:23 0 --a------ C:\CONFIG.SYS
2007-10-24 04:35:23 0 --a------ C:\AUTOEXEC.BAT
2007-10-24 04:34:29 0 d--h----- C:\Program Files\WindowsUpdate
2007-10-24 04:33:51 0 d-------- C:\Program Files\Common Files\MSSoap
2007-10-24 04:33:43 0 d-------- C:\Program Files\Movie Maker
2007-10-24 04:32:45 0 d-------- C:\Program Files\Online Services
2007-10-24 04:32:35 0 d-------- C:\Program Files\Windows Media Connect 2
2007-10-24 04:32:31 0 d-------- C:\Program Files\Messenger
2007-10-24 04:32:28 0 d-------- C:\Program Files\MSN Gaming Zone
2007-10-24 04:32:21 0 d-------- C:\Program Files\Windows NT
2007-10-24 00:25:27 0 d-------- C:\Program Files\Common Files\ODBC
2007-10-24 00:25:25 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-10-24 00:24:00 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2007-09-28 20:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2007-09-19 23:50:23 316416 --a------ C:\WINDOWS\system32\wudfx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:22 55808 --a------ C:\WINDOWS\system32\wudfsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:22 165376 --a------ C:\WINDOWS\system32\wudfplatform.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:22 146432 --a------ C:\WINDOWS\system32\wudfhost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:22 356352 --a------ C:\WINDOWS\system32\WPDSp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:22 17408 --a------ C:\WINDOWS\system32\wpdshextautoplay.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:21 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:21 38400 --a------ C:\WINDOWS\system32\wpdshextres.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:21 2603008 --a------ C:\WINDOWS\system32\wpdshext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:19 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:18 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:18 35840 --a------ C:\WINDOWS\system32\wpdconns.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:18 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:18 656896 --a------ C:\WINDOWS\system32\wmvxencd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:17 767488 --a------ C:\WINDOWS\system32\wmvsencd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:17 1382912 --a------ C:\WINDOWS\system32\wmvsdecd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:16 1574912 --a------ C:\WINDOWS\system32\wmvencod.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:15 1543680 --a------ C:\WINDOWS\system32\wmvdecod.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:10 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:10 130048 --a------ C:\WINDOWS\system32\wmpps.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:10 613376 --a------ C:\WINDOWS\system32\wmpmde.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:02 1661440 --a------ C:\WINDOWS\system32\WMPEncEn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:50:01 295936 --a------ C:\WINDOWS\system32\wmpeffects.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:47 534528 --a------ C:\WINDOWS\system32\wmdrmsdk.dll <Not Verified; Microsoft Corporation; Microsoft® DRM>
2007-09-19 23:49:45 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:45 4096 --a------ C:\WINDOWS\system32\wdfapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:45 8704 --a------ C:\WINDOWS\system32\uWDF.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:42 199168 --a------ C:\WINDOWS\system32\portabledevicewmdrm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:42 132096 --a------ C:\WINDOWS\system32\portabledevicewiacompat.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:42 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:42 101888 --a------ C:\WINDOWS\system32\portabledeviceclassextension.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:41 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:39 259072 --a------ C:\WINDOWS\system32\mpg4decd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:39 259072 --a------ C:\WINDOWS\system32\mp43decd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:38 317440 --a------ C:\WINDOWS\system32\mp4sdecd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:38 212992 --a------ C:\WINDOWS\system32\mfplat.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:37 249856 --a------ C:\WINDOWS\system32\drmupgds.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:36 276992 --a------ C:\WINDOWS\system32\audiodev.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:29 69120 --a------ C:\WINDOWS\system32\wlanapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:13 36864 --a------ C:\WINDOWS\system32\qfecheck.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:49:05 1275392 --a------ C:\WINDOWS\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP 2>
2007-09-19 23:48:55 464384 --a------ C:\WINDOWS\system32\imapi2fs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:48:55 317952 --a------ C:\WINDOWS\system32\imapi2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:48:48 7168 --a------ C:\WINDOWS\system32\bitsprx4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:35:02 36352 --a------ C:\WINDOWS\system32\tsgqec.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:34:38 10752 --a------ C:\WINDOWS\system32\rspndr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:34:35 288768 --a------ C:\WINDOWS\system32\rhttpaa.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:34:30 84480 --a------ C:\WINDOWS\system32\pintool.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:34:17 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1>
2007-09-19 23:33:39 33792 --a------ C:\WINDOWS\system32\mmcperf.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:33:37 106496 --a------ C:\WINDOWS\system32\mmcfxcommon.dll <Not Verified; Microsoft Corporation; Microsoft (R) Windows (R) Operating System>
2007-09-19 23:33:36 397312 --a------ C:\WINDOWS\system32\mmcex.dll <Not Verified; Microsoft Corporation; Microsoft (R) Windows (R) Operating System>
2007-09-19 23:33:20 151552 --a------ C:\WINDOWS\system32\ifxcardm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:33:17 5120 --a------ C:\WINDOWS\system32\hdaudres.dll <Not Verified; Windows (R) Server 2003 DDK provider; Microsoft® Windows® Operating System>
2007-09-19 23:33:16 61952 --a------ C:\WINDOWS\system32\hdashcut.exe <Not Verified; Windows (R) Server 2003 DDK provider; Microsoft® Windows® Operating System>
2007-09-19 23:33:15 25088 --a------ C:\WINDOWS\system32\hdaprop.dll <Not Verified; Windows (R) Server 2003 DDK provider; Microsoft® Windows® Operating System>
2007-09-19 23:32:55 25600 --a------ C:\WINDOWS\system32\bcsprsrc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:32:55 96792 --a------ C:\WINDOWS\system32\basecsp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:32:55 133120 --a------ C:\WINDOWS\system32\axaltocm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-09-19 23:32:48 116736 --a------ C:\WINDOWS\system32\aaclient.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
08/24/2007 10:51 PM 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
10/24/2007 04:56 PM 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [08/24/2007 10:51 PM 316784]

[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [09/27/2007 01:20 PM C:\WINDOWS\RTHDCPL.exe]
"OSSelectorReinstall"="C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [02/22/2007 06:53 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [10/23/2007 04:18 PM]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [08/24/2007 11:53 PM]
"nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [10/01/2007 08:08 PM]
"nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" [09/20/2007 10:18 AM]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [03/18/2004 08:33 AM]
"Logitech Utility"="Logi_MwX.Exe" [12/17/2003 08:50 AM C:\WINDOWS\LOGI_MWX.EXE]
"OneTouch Monitor"="C:\PROGRA~1\VISION~1\ONETOU~2.EXE" [04/16/2002 07:12 AM]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [09/14/2007 02:52 AM]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [09/14/2007 03:02 AM]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [09/14/2007 02:55 AM]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [11/02/2007 05:24 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 05:56 PM]
"POP Peeper"="C:\Program Files\POP Peeper\POPPeeper.exe" [11/15/2006 11:02 PM]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [09/06/2007 08:08 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ShowDeskFix"=regsvr32 /s /n /i:u shell32
"tscuninstall"=%systemroot%\system32\tscupgrd.exe

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe [9/17/2007 12:04:02 PM]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Cyber-shot Viewer Media Check Tool.lnk]
path=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Cyber-shot Viewer Media Check Tool.lnk
backup=C:\WINDOWS\pss\Cyber-shot Viewer Media Check Tool.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Key.AnyDVD]
path=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Key.AnyDVD
backup=C:\WINDOWS\pss\Key.AnyDVDStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^APC UPS Status.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk
backup=C:\WINDOWS\pss\APC UPS Status.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ABIT uGuruIII]
C:\Program Files\U-ABIT\abitEQ\ABITEQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATI DeviceDetect]
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATI Launchpad]
"C:\Program Files\ATI Multimedia\main\launchpd.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
"C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
"C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPScheduler]
C:\Program Files\ScanSoft\PaperPort\PPScheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
"C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TivoNotify]
"C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TivoServer]
"C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TivoTransfer]
"C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
AutoRun\command- K:\LaunchU3.exe -a

*Newly Created Service* - COMHOST



-- End of Deckard's System Scanner: finished at 2007-11-27 16:34:56 ------------









Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
CPU 1: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 2046.42 MiB / 1206.19 MiB
Pagefile Memory (total/avail): 3937.71 MiB / 3016.52 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1924.28 MiB

B: is Removable (Unformatted)
C: is Fixed (NTFS) - 153.38 GiB total, 121.13 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 279.46 GiB total, 144.17 GiB free.
F: is Fixed (NTFS) - 298.08 GiB total, 268.09 GiB free.
G: is CDROM (No Media)
H: is CDROM (No Media)
I: is Removable (NTFS)
J: is Removable (No Media)
Y: is Removable (No Media)

\\.\PHYSICALDRIVE1 - HDS722516VLSA80 - 153.38 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 153.38 GiB - C:

\\.\PHYSICALDRIVE0 - ST3300831A - 279.46 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 279.46 GiB - E:

\\.\PHYSICALDRIVE2 - ST3320620AS - 298.09 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 298.08 GiB - F:

\\.\PHYSICALDRIVE3 -



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: Norton Internet Security v15.0.0.60 (Symantec Corporation)
AV: Norton Internet Security v15.0.0.60 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Common Files\\TiVo Shared\\Beacon\\TiVoBeacon.exe"="C:\\Program Files\\Common Files\\TiVo Shared\\Beacon\\TiVoBeacon.exe:LocalSubNet:Enabled:TiVo Beacon Service"
"C:\\Program Files\\Common Files\\TiVo Shared\\Transfer\\TiVoTransfer.exe"="C:\\Program Files\\Common Files\\TiVo Shared\\Transfer\\TiVoTransfer.exe:LocalSubNet:Enabled:TiVo Transfer Service"
"C:\\Program Files\\TiVo\\Desktop\\TiVoServer.exe"="C:\\Program Files\\TiVo\\Desktop\\TiVoServer.exe:LocalSubNet:Enabled:TiVo Server Service"
"C:\\Program Files\\TiVo\\Desktop\\TiVoDesktop.exe"="C:\\Program Files\\TiVo\\Desktop\\TiVoDesktop.exe:LocalSubNet:Enabled:TiVo Desktop User Interface"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\\Program Files\\Common Files\\Pure Networks Shared\\Platform\\nmsrvc.exe"="C:\\Program Files\\Common Files\\Pure Networks Shared\\Platform\\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DEN2
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\DEN2
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Diskeeper Corporation\Diskeeper\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=DEN2
USERNAME=Rick
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
1Click DVD Copy Pro 3.0.1.9 --> "C:\Program Files\LG Software Innovations\1Click DVD Copy Pro\unins000.exe"
1CLICK DVD Movie 3.0.0.5 --> "C:\Program Files\LG Software Innovations\1CLICK DVD Movie\unins000.exe"
abitEQ V1.1.0.9 --> C:\Program Files\InstallShield Installation Information\{A3DB6885-DDFA-442A-A2C2-EC1842CA4953}\setup.exe -runfromtemp -l0x0009 -removeonly
AC-3 ACM Codec --> C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AC3ACM.inf
Acronis*Disk Director Suite --> MsiExec.exe /X{2300EE96-0A41-4FAB-BD03-989EC44577A0}
Acronis*True*Image*Home --> MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Age of Empires III --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Age of Empires III - The Asian Dynasties --> C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\setup.exe -runfromtemp -l0x0409
Age of Empires III - The WarChiefs --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710}
AI RoboForm (All Users) --> "C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
APC PowerChute Personal Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Multimedia Center 9.16 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3CBA0E30-6F54-47EF-910E-1D4D450AFE45}
AVIVO Codecs --> MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}
Canon S530D --> C:\WINDOWS\system32\CNMCP43.exe "-PRINTERNAMECanon S530D" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon S530D Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon S530D Installer\Inst2\cnmi0409.dll"
ccCommon --> MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CloneDVD2 --> "C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
Component Framework --> MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
DAO --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}
DataPilot Pix 'n Tunes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{87B481FA-1E4A-40B0-80C3-157E9770F436} /l1033
Diskeeper 2007 Pro Premier --> MsiExec.exe /X{072845BA-E1B6-444E-8EB7-57BBC33A5284}
DriveClone Pro --> C:\Program Files\FarStone\DriveClone Pro\uninstall.exe
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
ffdshow [beta 1] [2006-12-11] --> "C:\Program Files\ffdshow\unins000.exe"
FlashMenu --> C:\Program Files\InstallShield Installation Information\{047E5F60-5357-43FB-A080-1912EB0132A4}\setup.exe -runfromtemp -l0x0009 -removeonly
GoodSync V6 --> "C:\Program Files\Siber Systems\GoodSync\uninstall.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LG USB Modem driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x9
LiveUpdate (Symantec Corporation) --> MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation) --> MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}
Logitech iTouch Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 UNINSTALL
Logitech MouseWare 9.79.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 -l0009 UNINSTALL
Magic ISO Maker v5.4 (build 0251) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
MediaMonkey 2.5 --> "C:\Program Files\MediaMonkey\unins000.exe"
Microsoft Expression Web --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WEBDESIGNER /dll ESETUP.DLL
Microsoft Expression Web --> MsiExec.exe /X{90120000-0026-0000-0000-0000000FF1CE}
Microsoft Expression Web MUI (English) --> MsiExec.exe /X{90120000-0026-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Nero 8 Demo --> MsiExec.exe /X{B944FA21-81AF-4A77-8328-CE4F4CC51033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Network Magic --> C:\Documents and Settings\All Users\Application Data\Pure Networks\Setup\nmsetup.exe /uninstall
Norton AntiVirus --> MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Norton AntiVirus Help --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Confidential Core --> MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
Norton Internet Security --> MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D}
Norton Internet Security (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_0_0_60\Setup.exe" /X
Norton Protection Center --> MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
POP Peeper --> C:\Program Files\POP Peeper\Uninstall.exe
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
ScanSoft PaperPort 11 --> MsiExec.exe /I{02E73E50-6513-4802-8600-B5A5BA185BE3}
ScanSoft PDF Create! 3.0 --> MsiExec.exe /I{AD1D8B40-F83C-41CA-BA08-9DB8D1653316}
Sony Picture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SpeedFan (remove only) --> "C:\Program Files\SpeedFan\uninstall.exe"
Spyware Doctor 5.1 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
TitanTV Client components for ATI --> MsiExec.exe /I{A3DD7BA6-37A6-4245-A167-B3AA137B2157}
TiVo Desktop 2.5 --> MsiExec.exe /X{4E839090-3B68-436A-B3CF-A2A08C38DD26}
TiVo.Net --> MsiExec.exe /I{BDE9BE70-68D0-4974-BAA5-C07484026733}
TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
TweakNow RegCleaner Professional --> "C:\Program Files\TweakNow RegCleaner Pro\unins000.exe"
USB-IrDA Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10F5D9BB-E2F2-4B18-A65D-928B73D22E6F}\SETUP.EXE" -l0x9
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Visioneer 8100 Scanner --> C:\PROGRA~1\VISION~1\UNWISE.EXE C:\PROGRA~1\VISION~1\INSTALL.LOG
Windows Driver Package - Pure Networks, Inc. Pure Networks Device Discovery Driver (08/24/2007 4.6.7236.0) --> rundll32.exe C:\PROGRA~1\DIFX\B7A8D76A63BBE060C656AA54D656BF7D1C31D4C3\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\pnarp_EA1D46527BDDE0262D42D36737D2D9EC73FFB1A0\pnarp.inf
Windows Driver Package - Pure Networks, Inc. Pure Networks Wireless Driver (08/24/2007 4.6.7236.0) --> rundll32.exe C:\PROGRA~1\DIFX\B7A8D76A63BBE060C656AA54D656BF7D1C31D4C3\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\purendis_63F463FB269B562703E37AAC1A91B3A645B65380\purendis.inf
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- End of Deckard's System Scanner: finished at 2007-11-27 16:34:56 ------------
rickd123 is offline