|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
Thread Tools |
07-20-2008, 09:55 PM
|
#1 (permalink) |
|
Registered User
|
The avp.exe process is constantly using ~33% of the CPU and its showinf ~75,000 on PF Delta.
My computer takes about 5mins to load windows explorer, which is riddiculous for a quad core 2.4GHZ, with 2GB Ram and a 3870X2 graphicns card. It started when i took out 1 of my sticks of ram (i had 2x2GB) to lend to a mate, but i fail to see why this happened Scan below; Deckard's System Scanner v20070807.62 Run by Tempest on 2008-07-21 at 15:05:44 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 22: 2008-07-21 22:05:48 UTC - RP22 - Deckard's System Scanner Restore Point 21: 2008-07-21 01:10:54 UTC - RP21 - System Checkpoint 20: 2008-07-19 20:30:58 UTC - RP20 - Printer Driver Canon iP4200 Installed 19: 2008-07-18 03:46:50 UTC - RP19 - System Checkpoint 18: 2008-07-17 03:21:20 UTC - RP18 - Installed Logitech GamePanel Software 2.02. -- First Restore Point -- 1: 2008-07-15 22:21:05 UTC - RP1 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Tempest.exe) --------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3  53 PM, on 21/07/2008Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe C:\Program Files\UltraMon\UltraMon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\UltraMon\UltraMonTaskbar.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe H:\Program Installs & Serials\1Format Instal\spyware removal\dss.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Tempest.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = harvest.adfa.edu.au:3128 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {4AD3A71E-8ED4-40F5-9A81-69245BDCBB75} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [GEST] = O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: UltraMon.lnk = ? O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- End of file - 7677 bytes -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu> R2 UltraMonUtility (UltraMon Utility Driver) - c:\program files\common files\realtime soft\ultramonmirrordrv\x32\ultramonutility.sys <Not Verified; Realtime Soft; UltraMon> R3 UltraMonMirror - c:\windows\system32\drivers\ultramonmirror.sys <Not Verified; Realtime Soft; UltraMon> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)> S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-06-21 and 2008-07-21 ----------------------------- 2008-07-21 15:05:19 0 d-------- C:\Program Files\Trend Micro 2008-07-20 18:35:09 0 d-------- C:\Documents and Settings\Tempest\Application Data\U3 2008-07-20 17:17:48 0 d-------- C:\WINDOWS\Sun 2008-07-20 00:15:29 0 d-------- C:\Program Files\LDA Games 2008-07-16 20:26:00 0 d-------- C:\Lyrics 2008-07-16 20:26:00 0 d-------- C:\Documents and Settings\Tempest\Application Data\MiniLyrics 2008-07-16 20:15:47 0 d-------- C:\Program Files\Minilyrics 2008-07-16 19:05:33 0 d--hs---- C:\WINDOWS\ftpcache 2008-07-16 18:55:05 0 d-------- C:\Program Files\Activision 2008-07-16 13:58:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-07-16 13:44:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-07-16 13:44:00 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-07-16 12:07:26 0 d-------- C:\Documents and Settings\Tempest\Application Data\Windows Desktop Search 2008-07-16 12 24 0 d-------- C:\Program Files\Windows Desktop Search2008-07-16 12:05:36 0 d-------- C:\Documents and Settings\Tempest\Application Data\Sun 2008-07-16 12:01:56 0 d-------- C:\Program Files\ABC Amber Agent Converter 2008-07-16 11:20:52 60416 --a------ C:\WINDOWS\system32\antiwpa.dll <Not Verified; ; AntiWPA3> 2008-07-16 11:15:31 0 d--h----- C:\CanoScan 2008-07-16 11:12:49 90112 --a------ C:\WINDOWS\system32\CNMCP78.exe <Not Verified; CANON INC.; Canon BJ Raster Printer Driver Installer> 2008-07-16 11:12:45 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ 2008-07-16 11:11:11 0 d-------- C:\Documents and Settings\Tempest\Application Data\Ahead 2008-07-16 11:10:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-07-16 11:10:03 0 d-------- C:\Program Files\Nero 2008-07-16 11:10:03 0 d-------- C:\Program Files\Common Files\Ahead 2008-07-16 10:59:54 0 d-------- C:\Program Files\Windows Live 2008-07-16 10:59:53 0 d-------- C:\Program Files\Messenger Plus! Live 2008-07-16 10:53:52 0 d-------- C:\Documents and Settings\Tempest\Contacts 2008-07-16 10:51:49 0 d-------- C:\Program Files\MSN Messenger 2008-07-16 10:42:36 0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd 2008-07-16 10:42:15 0 d-------- C:\Documents and Settings\Tempest\Application Data\Logitech 2008-07-16 10:37:07 0 d-------- C:\Program Files\mIRC 2008-07-16 10:32:49 69632 --a------ C:\WINDOWS\system32\KemXML.dll <Not Verified; Logitech Inc.; Logitech SetPoint> 2008-07-16 10:32:49 110592 --a------ C:\WINDOWS\system32\KemWnd.dll <Not Verified; Logitech Inc.; Logitech SetPoint> 2008-07-16 10:32:49 135168 --a------ C:\WINDOWS\system32\KemUtil.dll <Not Verified; Logitech Inc.; Logitech SetPoint> 2008-07-16 10:32:49 163840 --a------ C:\WINDOWS\system32\kemutb.dll <Not Verified; Logitech Inc.; Logitech SetPoint> 2008-07-16 10:32:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech 2008-07-16 10:32:37 0 d-------- C:\Program Files\Logitech 2008-07-16 10:32:35 0 d-------- C:\Program Files\Common Files\Logitech 2008-07-16 10:29:54 0 d-------- C:\Program Files\Java 2008-07-16 10:29:53 0 d-------- C:\Program Files\Common Files\Java 2008-07-16 10:28:52 0 d-------- C:\Program Files\ApexDC++ 2008-07-16 10:09:13 98304 --a------ C:\WINDOWS\system32\qttask.exe <Not Verified; Apple Computer, Inc.; QuickTime> 2008-07-16 10:08:23 0 d-------- C:\WINDOWS\system32\QuickTime 2008-07-16 10:08:16 1581056 --a------ C:\WINDOWS\system32\mplvw7.dll <Not Verified; Ligos Corporation; MPL Video Library> 2008-07-16 10:08:16 1122304 --a------ C:\WINDOWS\system32\mplvpx.dll <Not Verified; Ligos Corporation; MPL Video Library> 2008-07-16 10:08:16 1552384 --a------ C:\WINDOWS\system32\mplvm6.dll <Not Verified; Ligos Corporation; MPL Video Library> 2008-07-16 10:08:16 1650688 --a------ C:\WINDOWS\system32\mplva6.dll <Not Verified; Ligos Corporation; MPL Video Library> 2008-07-16 10:08:16 77824 --a------ C:\WINDOWS\system32\mplaw7.dll <Not Verified; Ligos Corporation; MPL Audio Library> 2008-07-16 10:08:16 65536 --a------ C:\WINDOWS\system32\mplapx.dll <Not Verified; Ligos Corporation; MPL Audio Library> 2008-07-16 10:08:16 65536 --a------ C:\WINDOWS\system32\mplam6.dll <Not Verified; Ligos Corporation; MPL Audio Library> 2008-07-16 10:08:16 77824 --a------ C:\WINDOWS\system32\mplaa6.dll <Not Verified; Ligos Corporation; MPL Audio Library> 2008-07-16 10:08:16 19968 --a------ C:\WINDOWS\system32\cpuinf32.dll 2008-07-16 10:08:15 152064 --a------ C:\WINDOWS\system32\unrar.dll 2008-07-16 10:08:11 761856 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-07-16 10:08:06 0 d-------- C:\Program Files\ACE Mega CoDecS Pack 2008-07-16 09:58:45 0 d-------- C:\Documents and Settings\Tempest\Application Data\Media Player Classic 2008-07-16 09:24:34 0 d-------- C:\Program Files\Winamp 2008-07-16 09:15:47 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-07-16 09:15:43 0 d-------- C:\Program Files\Common Files\Macrovision Shared 2008-07-16 09:12:57 0 d-------- C:\Program Files\Common Files\Adobe 2008-07-16 09:12:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2008-07-16 09:11:42 0 d-------- C:\Documents and Settings\Tempest\Application Data\Macromedia 2008-07-16 09:11:42 0 d-------- C:\Documents and Settings\Tempest\Application Data\Adobe 2008-07-16 09 00 0 d-------- C:\Program Files\Microsoft Works2008-07-16 09:05:46 0 d-------- C:\Program Files\MSBuild 2008-07-16 09:04:43 0 d-------- C:\Program Files\Microsoft.NET 2008-07-16 09:03:01 0 d-------- C:\Program Files\Microsoft Visual Studio 8 2008-07-16 09:02:21 0 d-------- C:\WINDOWS\SHELLNEW 2008-07-16 09:01:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-07-16 09:01:02 0 dr-h----- C:\MSOCache 2008-07-15 18:19:18 0 d-------- C:\Program Files\PowerISO 2008-07-15 18:17:58 0 d-------- C:\Documents and Settings\Tempest\Application Data\uTorrent 2008-07-15 18:07:09 5248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys 2008-07-15 18:07:09 160640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys 2008-07-15 18:07:07 0 d-------- C:\Program Files\Alcohol Soft 2008-07-15 18:01:59 0 d-------- C:\Documents and Settings\Tempest\Application Data\Realtime Soft 2008-07-15 18:01:54 0 d-------- C:\Program Files\Common Files\Realtime Soft 2008-07-15 18:01:53 0 d-------- C:\Program Files\UltraMon 2008-07-15 18:01:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Realtime Soft 2008-07-15 17:43:01 0 dr-h----- C:\Documents and Settings\Tempest\Recent 2008-07-15 17:40:39 0 d-------- C:\Documents and Settings\Tempest\Application Data\ATI 2008-07-15 17:40:39 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI 2008-07-15 17:32:17 0 d-------- C:\Program Files\ATI Technologies 2008-07-15 17:26:16 0 d-------- C:\Temp 2008-07-15 17:16:17 0 --a------ C:\WINDOWS\ativpsrm.bin 2008-07-15 17:14:30 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart> 2008-07-15 17:14:00 0 d-------- C:\ATI 2008-07-15 15:59:16 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-07-15 15:59:16 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-07-15 15:59:11 0 d-------- C:\Program Files\Kaspersky Lab 2008-07-15 15:59:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-07-15 15:59:10 268576 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-07-15 15:59:10 9648160 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-07-15 15:49:57 0 d-------- C:\WINDOWS\OPTIONS 2008-07-15 15:49:12 0 d-------- C:\WINDOWS\system32\Lang 2008-07-15 15:47:24 49152 -r------- C:\WINDOWS\system32\ChCfg.exe 2008-07-15 15:46:59 0 d-------- C:\WINDOWS\system32\RTCOM 2008-07-15 15:46:42 0 d-------- C:\Program Files\Realtek 2008-07-15 15:46:39 520192 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library> 2008-07-15 15:46:39 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program> 2008-07-15 15:46:35 0 d-------- C:\Program Files\Common Files\InstallShield 2008-07-15 15:46:15 0 d-------- C:\WINDOWS\system32\ReinstallBackups 2008-07-15 15:46:10 0 d------c- C:\WINDOWS\system32\DRVSTORE 2008-07-15 15:46:09 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-15 15:46:09 0 d-------- C:\Program Files\AMD 2008-07-15 15:46:05 0 d-------- C:\Documents and Settings\Tempest\Application Data\InstallShield 2008-07-15 15:44:08 0 --a------ C:\WINDOWS\nsreg.dat 2008-07-15 15:44:06 0 d-------- C:\Documents and Settings\Tempest\Application Data\Mozilla 2008-07-15 15:38:25 0 d-------- C:\WINDOWS\pss 2008-07-15 15:20:54 0 d-------- C:\Documents and Settings\Tempest\Application Data\Identities 2008-07-15 15:20:36 0 d--h----- C:\Documents and Settings\Tempest\Templates 2008-07-15 15:20:36 0 dr------- C:\Documents and Settings\Tempest\Start Menu 2008-07-15 15:20:36 0 dr-h----- C:\Documents and Settings\Tempest\SendTo 2008-07-15 15:20:36 0 d--h----- C:\Documents and Settings\Tempest\PrintHood 2008-07-15 15:20:36 2883584 --ah----- C:\Documents and Settings\Tempest\NTUSER.DAT 2008-07-15 15:20:36 0 d--h----- C:\Documents and Settings\Tempest\NetHood 2008-07-15 15:20:36 0 dr------- C:\Documents and Settings\Tempest\My Documents 2008-07-15 15:20:36 0 d--h----- C:\Documents and Settings\Tempest\Local Settings 2008-07-15 15:20:36 0 dr------- C:\Documents and Settings\Tempest\Favorites 2008-07-15 15:20:36 0 d-------- C:\Documents and Settings\Tempest\Desktop 2008-07-15 15:20:36 0 d---s---- C:\Documents and Settings\Tempest\Cookies 2008-07-15 15:20:36 0 dr-h----- C:\Documents and Settings\Tempest\Application Data 2008-07-15 15:19:19 0 d-------- C:\WINDOWS\SoftwareDistribution 2008-07-15 15:19:17 0 d---s---- C:\WINDOWS\system32\Microsoft 2008-07-15 15:19:17 0 d-------- C:\WINDOWS\Prefetch 2008-07-15 15:19:16 241664 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT 2008-07-15 15:19:16 0 d--h----- C:\Documents and Settings\LocalService\Local Settings 2008-07-15 15:19:16 0 d---s---- C:\Documents and Settings\LocalService\Cookies 2008-07-15 15:19:16 0 d-------- C:\Documents and Settings\LocalService\Application Data 2008-07-15 15:19:16 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft 2008-07-15 15:18:07 241664 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT 2008-07-15 15:18:07 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings 2008-07-15 15:18:07 0 d---s---- C:\Documents and Settings\NetworkService\Cookies 2008-07-15 15:18:07 0 d-------- C:\Documents and Settings\NetworkService\Application Data 2008-07-15 15:18:07 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft 2008-07-15 15:14:55 0 d-------- C:\WINDOWS\system32\xircom 2008-07-15 15:14:55 0 d-------- C:\Program Files\microsoft frontpage 2008-07-15 15:14:48 241664 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT 2008-07-15 15:14:36 0 -rahs---- C:\MSDOS.SYS 2008-07-15 15:14:36 0 -rahs---- C:\IO.SYS 2008-07-15 15:14:36 0 --a------ C:\CONFIG.SYS 2008-07-15 15:14:36 0 --a------ C:\AUTOEXEC.BAT 2008-07-15 15:13:52 0 d--hs---- C:\Documents and Settings\All Users\DRM 2008-07-15 15:13:45 0 dr------- C:\WINDOWS\Offline Web Pages 2008-07-15 15:13:45 0 d---s---- C:\WINDOWS\Downloaded Program Files 2008-07-15 15:13:37 0 d--h----- C:\Program Files\WindowsUpdate 2008-07-15 15:13:20 0 d-------- C:\WINDOWS\system32\DirectX 2008-07-15 15:13:02 0 d---s---- C:\WINDOWS\Tasks 2008-07-15 15:13:01 0 d-------- C:\Program Files\Common Files\MSSoap 2008-07-15 15:12:58 0 d-------- C:\WINDOWS\srchasst 2008-07-15 15:12:57 0 d-------- C:\WINDOWS\system32\Macromed 2008-07-15 15:12:49 0 d-------- C:\Program Files\Movie Maker 2008-07-15 15:12:30 0 d-------- C:\WINDOWS\system32\Restore 2008-07-15 15:11:44 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2008-07-15 15:11:30 0 d-------- C:\WINDOWS\Registration 2008-07-15 15:11:24 0 d-------- C:\Program Files\Online Services 2008-07-15 15:11:17 0 d-------- C:\Program Files\Messenger 2008-07-15 15:11:13 0 d-------- C:\Program Files\MSN Gaming Zone 2008-07-15 15:10:35 0 d-------- C:\Program Files\Windows NT 2008-07-15 15:10:27 0 d-------- C:\WINDOWS\system32\MsDtc 2008-07-15 15:10:23 0 d-------- C:\WINDOWS\system32\Com 2008-07-15 08:03:34 0 d--hs---- C:\WINDOWS\Installer 2008-07-15 08:03:34 0 d-------- C:\Program Files\Common Files\ODBC 2008-07-15 08:03:29 0 d-------- C:\Program Files\Common Files\SpeechEngines 2008-07-15 08:03:28 0 dr------- C:\Program Files 2008-07-15 08:03:28 0 d-------- C:\Program Files\Common Files 2008-07-15 08:02:54 0 d--h----- C:\Documents and Settings\Default User\Templates 2008-07-15 08:02:54 0 dr------- C:\Documents and Settings\Default User\Start Menu 2008-07-15 08:02:54 0 dr-h----- C:\Documents and Settings\Default User\SendTo 2008-07-15 08:02:54 0 d--h----- C:\Documents and Settings\Default User\Recent 2008-07-15 08:02:54 0 d--h----- C:\Documents and Settings\Default User\PrintHood 2008-07-15 08:02:54 0 d--h----- C:\Documents and Settings\Default User\NetHood 2008-07-15 08:02:54 0 d-------- C:\Documents and Settings\Default User\My Documents 2008-07-15 08:02:54 0 dr-h----- C:\Documents and Settings\Default User\Local Settings 2008-07-15 08:02:54 0 d-------- C:\Documents and Settings\Default User\Favorites 2008-07-15 08:02:54 0 d-------- C:\Documents and Settings\Default User\Desktop 2008-07-15 08:02:54 0 d---s---- C:\Documents and Settings\Default User\Cookies 2008-07-15 08:02:54 0 d--h----- C:\Documents and Settings\All Users\Templates 2008-07-15 08:02:54 0 dr------- C:\Documents and Settings\All Users\Start Menu 2008-07-15 08:02:54 0 d-------- C:\Documents and Settings\All Users\Favorites 2008-07-15 08:02:54 0 dr------- C:\Documents and Settings\All Users\Documents 2008-07-15 08:02:54 0 d-------- C:\Documents and Settings\All Users\Desktop 2008-07-15 08:01:27 0 d-------- C:\WINDOWS\system32\CatRoot2 2008-07-15 08:01:27 0 d-------- C:\WINDOWS\system32\CatRoot 2008-07-15 08:01:21 0 dr-h----- C:\Documents and Settings\Default User\Application Data 2008-07-15 08:01:21 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft 2008-07-15 08:01:21 0 dr-h----- C:\Documents and Settings\All Users\Application Data 2008-07-15 08:01:21 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft 2008-07-15 08:00:50 0 d--hs---- C:\System Volume Information 2008-07-15 08:00:50 0 d-------- C:\Documents and Settings 2008-07-15 07:53:07 0 d-------- C:\WINDOWS 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\WinSxS 2008-07-15 07:53:07 0 dr------- C:\WINDOWS\Web 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\twain_32 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\wins 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\wbem 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\usmt 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\spool 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\ShellExt 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\Setup 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\scripting 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\ras 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\oobe 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\npp 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\mui 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\inetsrv 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\IME 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\icsxml 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\ias 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\export 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\en 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\drivers 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\drivers\etc 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\drivers\disdn 2008-07-15 07:53:07 0 dr-hs--c- C:\WINDOWS\system32\dllcache 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\dhcp 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\config 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\3com_dmi 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\3076 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\2052 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1054 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1042 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1041 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1037 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1033 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1031 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1028 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system32\1025 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\system 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\security 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Resources 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\repair 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Provisioning 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\PeerNet 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\pchealth 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Network Diagnostic 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\mui 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\msapps 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\msagent 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Media 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\L2Schemas 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\java 2008-07-15 07:53:07 0 d--h----- C:\WINDOWS\inf 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\ime 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Help 2008-07-15 07:53:07 0 dr--s---- C:\WINDOWS\Fonts 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\ehome 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Driver Cache 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Debug 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Cursors 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Connection Wizard 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\Config 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\AppPatch 2008-07-15 07:53:07 0 d-------- C:\WINDOWS\addins 2008-07-07 00:40:49 56108 --a------ C:\WINDOWS\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu> -- Find3M Report --------------------------------------------------------------- 2008-07-15 08:02:54 62 --ahs---- C:\Documents and Settings\Tempest\Application Data\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [20/12/2007 01:47 AM C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [03/05/2005 03:43 AM C:\WINDOWS\Alcmtr.exe] "GEST"="=" [] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [09/03/2007 08:50 PM] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21/01/2008 12:17 PM] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11/04/2007 03:32 PM C:\WINDOWS\KHALMNPR.Exe] "Launch LCDMon"="C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [13/12/2007 05:43 PM] "Launch LGDCore"="C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [13/12/2007 05:57 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 05:00 AM] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [18/07/2008 12:31 AM] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [7/16/2008 10:32:48 AM] UltraMon.lnk - C:\WINDOWS\Installer\{AF0FA6D7-96F3-468A-ABB7-28BE006EA8E9}\IcoUltraMon.ico [7/15/2008 6:01:54 PM] Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2/5/2007 3:40:46 PM] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [05/02/2007 03:39 PM 294400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Antiwpa] antiwpa.dll 24/05/2003 10:11 AM 60416 C:\WINDOWS\system32\antiwpa.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs napagent hkmsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f6ed3c0-38e9-11dd-b7ac-001fd054e740}] AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL sys.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50c951bc-56aa-11dd-b2c2-001fd054e740}] AutoRun\command- E:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{840d82ed-38a6-11dd-bcd9-806d6172696f}] AutoRun\command- G:\Run.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fdcc844-3868-11dd-b7ab-001fd054e740}] AutoRun\command- Z:\Setup.exe -auto -- End of Deckard's System Scanner: finished at 2008-07-21 at 15:17:26 --------- Deckard's System Scanner v20070807.62 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 3.0 Architecture: X86; Language: English CPU 0: AMD Phenom(tm) 9750 Quad-Core Processor Percentage of Memory in Use: 29% Physical Memory (total/avail): 2046.42 MiB / 1449.28 MiB Pagefile Memory (total/avail): 3938.6 MiB / 3385.15 MiB Virtual Memory (total/avail): 2047.88 MiB / 1918.48 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 186.31 GiB total, 148.25 GiB free. D: is Fixed (NTFS) - 186.31 GiB total, 160.27 GiB free. F: is Removable (No Media) G: is CDROM (CDFS) H: is Fixed (NTFS) - 698.63 GiB total, 417.39 GiB free. I: is Removable (No Media) J: is Removable (No Media) K: is Removable (No Media) Z: is CDROM (CDFS) -- Security Center ------------------------------------------------------------- AUOptions is disabled. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Tempest\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=TEMPEST-29E4E47 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Tempest LOGONSERVER=\\TEMPEST-29E4E47 NUMBER_OF_PROCESSORS=4 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Adobe\AGL PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 16 Model 2 Stepping 3, AuthenticAMD PROCESSOR_LEVEL=16 PROCESSOR_REVISION=0203 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Tempest\LOCALS~1\Temp TMP=C:\DOCUME~1\Tempest\LOCALS~1\Temp ULTRAMON_LANGDIR=C:\Program Files\UltraMon\Resources\en USERDOMAIN=TEMPEST-29E4E47 USERNAME=Tempest USERPROFILE=C:\Documents and Settings\Tempest windir=C:\WINDOWS __COMPAT_LAYER=EnableNXShowUI -- User Profiles --------------------------------------------------------------- Tempest (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe" Adobe Acrobat 8 Professional - English, Français, Deutsch --> msiexec /I {AC76BA86-1033-F400-7760-000000000003} Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001} Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE} Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001} Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001} AMD Processor Driver --> C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly ApexDC++ 1.0.1 --> C:\Program Files\ApexDC++\uninst.exe ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Call of Duty(R) 4 - Modern Warfare(TM) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch --> C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409 Canon iP4200 --> C:\WINDOWS\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0409.dll" CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA} HijackThis 2.0.2 --> "D:\dld\HijackThis.exe" /uninstall J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920} Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920} KhalInstallWrapper --> MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719} Logitech GamePanel Software 2.02 --> MsiExec.exe /X{0523EAF4-402C-4435-A0DA-13C40193D811} Logitech SetPoint --> C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0009 -removeonly Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE} Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Project MUI (English) 2007 --> MsiExec.exe /X{90120000-00B4-0409-0000-0000000FF1CE} Microsoft Office Project Professional 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL Microsoft Office Project Professional 2007 --> MsiExec.exe /X{90120000-003B-0000-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Minilyrics(remove only) --> "C:\Program Files\Minilyrics\uninst-ml.exe" mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe Nero 7 Ultra Edition --> MsiExec.exe /I{2D7D9D86-923A-41A8-919F-437332AB1033} PowerISO --> "C:\Program Files\PowerISO\uninstall.exe" REALTEK GbE & FE Ethernet PCI-E NIC Driver --> C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x0009 -removeonly Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x9 -removeonly UltraMon --> MsiExec.exe /I{AF0FA6D7-96F3-468A-ABB7-28BE006EA8E9} Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe" Windows Desktop Search 3.01 --> "C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe" Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F} Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7} WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe WVS 0.30.14 for Winamp --> C:\Program Files\Winamp\Plugins\wvs\uninst.exe -- Application Event Log ------------------------------------------------------- Event ID #839: Error Event Submitted/Written: 07/19/2008 07:35:48 PM Event Source: crypt32 Event Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Event ID #838: Error Event Submitted/Written: 07/19/2008 07:35:47 PM Event Source: crypt32 Event Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Event ID #837: Error Event Submitted/Written: 07/19/2008 07:35:47 PM Event Source: crypt32 Event Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Event ID #836: Error Event Submitted/Written: 07/19/2008 07:35:47 PM Event Source: crypt32 Event Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. Event ID #835: Error Event Submitted/Written: 07/19/2008 07:35:47 PM Event Source: crypt32 Event Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event ID #597: Error Event Submitted/Written: 07/21/2008 02:58:31 PM Event Source: Service Control Manager Event Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Event ID #595: Error Event Submitted/Written: 07/21/2008 02:57:57 PM Event Source: Service Control Manager Event Description: The Messenger Sharing Folders USN Journal Reader service service terminated unexpectedly. It has done this 1 time(s). Event ID #594: Error Event Submitted/Written: 07/21/2008 02:57:48 PM Event Source: Service Control Manager Event Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Event ID #551: Error Event Submitted/Written: 07/21/2008 07:30:08 AM Event Source: Service Control Manager Event Description: The Application Layer Gateway Service service failed to start due to the following error: %%1053 Event ID #550: Error Event Submitted/Written: 07/21/2008 07:30:08 AM Event Source: Service Control Manager Event Description: Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect. -- End of Deckard's System Scanner: finished at 2008-07-21 at 15:17:26 --------- Last edited by amateur : 07-21-2008 at 02:46 AM. Reason: to retain 0-reply status |
|
     |
| Thread Tools | |
|
|
