Think my computer is infected with something

Sklbusdrvr · 2008/01/10

I think my computer is infected with something. It is slow and some programs quit working. Also my internet won't always connect.
Here is my logs from the Hijackthis and DSS scans.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:33 PM, on 1/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\WINDOWS\system32\lxcfcoms.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Owner\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: The emlkdvo - {47906C8A-7A72-45A8-AA59-0CEC20BD3B36} - C:\WINDOWS\emlkdvo.dll (file missing)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1168106319\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe "
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe "
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe "
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {255B1372-180C-4A22-A02D-1D4AB65F6AC2} - file:///C:/Program%20Files/Hide%20&%20Secret/Images/stg_drm.dll
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{503DCD7E-0F29-44D6-8F67-660E88D976DD}: NameServer = 192.168.1.1,192.168.1.10
O21 - SSODL: bvtqfvx - {368AFE6F-E397-4495-85E9-9264F713B619} - C:\WINDOWS\bvtqfvx.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file -

Sklbusdrvr · 2008/01/11

Here is the rest of the scans

Deckard's System Scanner v20071014.68
Run by Owner on 2008-01-10 22:06:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
24: 2008-01-11 04:06:09 UTC - RP694 - Deckard's System Scanner Restore Point
23: 2008-01-10 09:00:50 UTC - RP693 - Software Distribution Service 3.0
22: 2008-01-09 09:01:00 UTC - RP692 - Software Distribution Service 3.0
21: 2008-01-08 09:00:58 UTC - RP691 - Software Distribution Service 3.0
20: 2008-01-07 19:30:30 UTC - RP690 - Software Distribution Service 3.0

-- First Restore Point --
1: 2007-12-17 09:17:54 UTC - RP671 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

System Drive C: has 13.88 GiB (less than 15%) free.

-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:35 PM, on 1/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\WINDOWS\system32\lxcfcoms.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\MOZILL~2\FIREFOX.EXE
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: The emlkdvo - {47906C8A-7A72-45A8-AA59-0CEC20BD3B36} - C:\WINDOWS\emlkdvo.dll (file missing)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1168106319\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe "
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe "
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe "
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe "
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {255B1372-180C-4A22-A02D-1D4AB65F6AC2} - file:///C:/Program%20Files/Hide%20&%20Secret/Images/stg_drm.dll
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{503DCD7E-0F29-44D6-8F67-660E88D976DD}: NameServer = 192.168.1.1,192.168.1.10
O21 - SSODL: bvtqfvx - {368AFE6F-E397-4495-85E9-9264F713B619} - C:\WINDOWS\bvtqfvx.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11055 bytes

-- File Associations -----------------------------------------------------------

.txt - txtfile - shell\open\command - Notepad.exe %1

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 SunkFilt (Alcor Micro Corp Reader) - c:\windows\system32\drivers\sunkfilt.sys <Not Verified; Alcor Micro Corp.; SunkFilt>

S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys (file missing)
S3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - c:\windows\system32\drivers\awrtpd.sys (file missing)
S3 ElbyCDFL - c:\windows\system32\drivers\elbycdfl.sys <Not Verified; SlySoft, Inc.; CloneCD>
S3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
R2 ScsiAccess - c:\program files\photodex\proshowproducer\scsiaccess.exe
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S2 SServ (StService) -
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\C922E510DC00
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\C922E510DC00
Service: NIC1394

-- Scheduled Tasks -------------------------------------------------------------

2008-01-10 03:30:00 386 --a------ C:\WINDOWS\Tasks\RegClean Scheduled Scan.job
2008-01-01 01:00:00 356 --a------ C:\WINDOWS\Tasks\McQcTask.job
2007-12-15 01:00:00 264 --a------ C:\WINDOWS\Tasks\McDefragTask.job

-- Files created between 2007-12-10 and 2008-01-10 -----------------------------

2008-01-10 22:04:41 0 d-------- C:\Program Files\Trend Micro
2007-12-25 19:07:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Grisoft
2007-12-25 03:32:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2007-12-24 16:35:38 0 d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor
2007-12-24 16:34:38 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2007-12-23 20:26:31 81920 --a------ C:\WINDOWS\fvkwdrt.exe
2007-12-23 20:25:08 0 d-------- C:\Program Files\MediaVideoCodec
2007-12-21 09:41:00 0 d-------- C:\WINDOWS\Bus Driver
2007-12-21 09:40:59 0 d-------- C:\Program Files\Bus Driver
2007-12-18 09:21:17 0 d-------- C:\Program Files\Mystery in London
2007-12-17 18:52:31 0 d-------- C:\Program Files\Hasbro Interactive
2007-12-16 15:39:50 0 d-------- C:\Documents and Settings\Owner\Application Data\SecondLife
2007-12-13 23:04:28 0 d-------- C:\Documents and Settings\Sklbusdrvr\Application Data\DivX
2007-12-13 23:04:20 0 d-------- C:\Documents and Settings\Sklbusdrvr\Application Data\Media Player Classic
2007-12-11 10:24:46 0 d-------- C:\Program Files\Cindys Sundaes
2007-12-11 09:19:46 0 d-------- C:\Program Files\Live Search Maps for Outlook
2007-12-11 09:15:32 0 d-------- C:\Program Files\Microsoft Streets & Trips
2007-12-11 09:15:32 0 d-------- C:\Program Files\Microsoft Location Finder

-- Find3M Report ---------------------------------------------------------------

2008-01-01 18:42:23 0 d-------- C:\Program Files\MagicDVDCopier
2007-12-29 23:27:50 0 d-------- C:\Program Files\Windows Live
2007-12-29 23:24:52 0 d-------- C:\Program Files\Windows Live Toolbar
2007-12-24 11:27:20 0 d-------- C:\Program Files\Mozilla Thunderbird
2007-12-23 21:18:29 0 d-------- C:\Program Files\SiteAdvisor
2007-12-23 21:15:02 0 d-------- C:\Program Files\Trillian
2007-12-23 21:06:23 2296 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-12-22 09:42:01 0 d-------- C:\Program Files\iRoll
2007-12-22 09:30:06 0 d-------- C:\Program Files\Cartoonist
2007-12-19 20:42:45 0 d-------- C:\Documents and Settings\Owner\Application Data\U3
2007-12-18 09:22:16 0 d-------- C:\Documents and Settings\Owner\Application Data\Big Fish Games
2007-12-18 09:21:49 1524 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-12-18 09:21:30 0 d-------- C:\Program Files\Christmasville
2007-12-17 11:09:50 0 d-------- C:\Documents and Settings\Owner\Application Data\Corel
2007-12-17 11:04:41 3350 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-12-16 15:46:41 1009 --a------ C:\WINDOWS\EReg077.dat
2007-12-12 10:45:51 0 d-------- C:\Program Files\BitLord
2007-12-09 14:30:37 0 d-------- C:\Program Files\The Learning Company
2007-12-08 09:06:19 0 d-------- C:\Program Files\DIFX
2007-12-08 09:05:57 0 d-------- C:\Program Files\Cricut Software
2007-12-07 23:40:05 0 d-------- C:\Program Files\Binary-House
2007-12-07 10:30:05 0 d-------- C:\Program Files\Collectorz.com
2007-12-07 10:21:06 0 d-------- C:\Program Files\AllMyMovies
2007-12-03 10:55:23 0 d-------- C:\Program Files\Microsoft Games
2007-12-03 10:16:10 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-03 10:11:37 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-03 10:08:21 0 d-------- C:\Program Files\Common Files
2007-12-02 09:52:06 0 d-------- C:\Program Files\XPRepairPro2006
2007-12-01 23:52:46 0 d-------- C:\Program Files\Mystery Case Files - Madame Fate
2007-12-01 00:14:02 0 d-------- C:\Program Files\Elf Bowling The Last Insult
2007-11-29 22:10:07 0 d-------- C:\Program Files\FlashFXP
2007-11-26 09:57:17 0 d-------- C:\Program Files\Almeza
2007-11-25 23:05:44 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-22 19:56:29 0 d-------- C:\Program Files\DVDFab HD Decrypter 4
2007-11-22 18:37:46 0 d-------- C:\Program Files\McAfee
2007-11-20 13:32:40 0 d-------- C:\Program Files\Sierra On-Line
2007-11-19 23:12:33 0 d-------- C:\Program Files\Common Files\Nova Development
2007-11-19 23:10:17 0 d-------- C:\Program Files\Creative Home
2007-11-19 13:55:13 0 d-------- C:\Program Files\Common Files\McAfee
2007-11-19 13:19:44 0 d-------- C:\Program Files\MagicISO
2007-11-17 21:43:31 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-14 23:07:28 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2007-11-14 23:00:35 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2007-11-14 22:58:39 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-13 10:59:46 0 d-------- C:\Program Files\Lucky Clover
2007-11-11 22:32:14 192412 --ah----- C:\WINDOWS\system32\mlfcache.dat
2007-11-05 21:34:16 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-11-03 19:27:59 298 --a------ C:\WINDOWS\EReg515.dat
2007-10-25 21:21:23 11990 --a------ C:\WINDOWS\mozver.dat
2007-10-23 17:06:08 585728 --a------ C:\WINDOWS\WLXPGSS.SCR <Not Verified; Microsoft Corporation; Windows Live Photo Gallery>
2007-10-21 09:46:24 0 --a------ C:\WINDOWS\system32\sys_dll.dll

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 12:56 PM]
"SunKistEM "= "C:\Program Files\Digital Media Reader\shwiconem.exe" [11/15/2004 05:04 PM]
"SoundMan "= "SOUNDMAN.EXE" [04/15/2005 01:01 PM C:\WINDOWS\SOUNDMAN.EXE]
"Recguard "= "%WINDIR%\SMINST\RECGUARD.EXE" []
"HostManager "= "C:\Program Files\Common Files\AOL\1168106319\EE\AOLHostManager.exe" [11/03/2004 03:03 PM]
"RemoteControl "= "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/02/2004 10:24 PM]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 12:11 AM]
"LXCFCATS "= "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [07/20/2005 11:47 AM]
"Lexmark X5100 Series "= "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe" [03/04/2003 07:49 AM]
"@ "=" " []
"SiteAdvisor "= "C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [07/24/2006 02:28 PM]
"Adobe Photo Downloader "= "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [09/11/2007 12:43 AM]
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 05:24 AM]
"NeroFilterCheck "= "C:\WINDOWS\system32\NeroCheck.exe" [01/12/2006 02:40 PM]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 06:51 PM]
"mcagent_exe "= "C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/03/2007 10:33 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@ "=" " []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "= "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [02/01/2006 03:45 PM]
"MsnMsgr "= "C:\Program Files\MSN Messenger\MsnMsgr.exe" []
"Aim6 "= "C:\Program Files\AIM6\aim6.exe" [09/29/2007 02:22 PM]
"Pando "= "C:\Program Files\Pando Networks\Pando\Pando.exe" [10/18/2007 03:42 PM]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 01:00 PM]
"SpybotSD TeaTimer "= "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [08/31/2007 04:46 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SpybotSnD "= "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck

C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [11/3/2007 7:00:15 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [4/8/2007 7:04:07 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=0 (0x0)
"DisableTaskMgr "=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [10/19/2006 02:53 PM 293888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bvtqfvx "= {368AFE6F-E397-4495-85E9-9264F713B619} - C:\WINDOWS\bvtqfvx.dll [ ]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mfehidk]
@= "Driver "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mfehidk.sys]
@= "Driver "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mferkdk]
@= "Driver "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mferkdk.sys]
@= "Driver "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mfetdik]
@= "Driver "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mfetdik.sys]
@= "Driver "

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
CtServ CtServ

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

-- Hosts -----------------------------------------------------------------------

127.0.0.1 localhost
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com

7800 more entries in hosts file.

-- End of Deckard's System Scanner: finished at 2008-01-10 22:10:13 ------------

Sklbusdrvr · 2008/01/11

Next part of scan

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon(tm) 64 Processor 3500+
Percentage of Memory in Use: 53%
Physical Memory (total/avail): 1022.48 MiB / 473.72 MiB
Pagefile Memory (total/avail): 2266.3 MiB / 1860.58 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1919.48 MiB
C: is Fixed (NTFS) - 182.14 GiB total, 13.88 GiB free.
D: is Fixed (FAT32) - 4.15 GiB total, 1.48 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - WDC WD2000BB-22GUC0 - 186.31 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 182.14 GiB - C:
\PARTITION1 - Unknown - 4.16 GiB - D:
\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\\Program Files\\Minions of Mirth\\bin\\MinionsOfMirth.exe "= "C:\\Program Files\\Minions of Mirth\\bin\\MinionsOfMirth.exe:*:Enabled:MinionsOfMirth "
"C:\\Program Files\\FlashFXP\\FlashFXP.exe "= "C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3 "
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe "= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\\Program Files\\Pando Networks\\Pando\\pando.exe "= "C:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Enabledando "
"C:\\WINDOWS\\system32\\lxcfcoms.exe "= "C:\\WINDOWS\\system32\\lxcfcoms.exe:*:Enabled:730 Series Server "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxcfpswx.exe "= "C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxcfpswx.exe:*:Enabled:730 Series Printer Status "
"C:\\Program Files\\Trillian\\trillian.exe "= "C:\\Program Files\\Trillian\\trillian.exe:*:Enabled:Trillian "
"C:\\Program Files\\Qnext\\qnext.exe "= "C:\\Program Files\\Qnext\\qnext.exe:*:Enabled:Qnext "
"C:\\Program Files\\Qnext\\qnextclient.exe "= "C:\\Program Files\\Qnext\\qnextclient.exe:*:Enabled:qnextclient "
"C:\\Program Files\\LimeWire\\LimeWire.exe "= "C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire "
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe "= "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare "
"C:\\Program Files\\FlashFXP\\FlashFXP.exe "= "C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3 "
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe "= "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail "
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe "= "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail "
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe "= "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail "
"C:\\Documents and Settings\\Owner\\Desktop\\incredimail_install.exe "= "C:\\Documents and Settings\\Owner\\Desktop\\incredimail_install.exe:*:Enabled:IncrediMail Installer "
"C:\\Documents and Settings\\Owner\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe "= "C:\\Documents and Settings\\Owner\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install.exe:*:Enabled:IncrediMail Installer "
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "= "C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\\Program Files\\iTunes\\iTunes.exe "= "C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes "
"C:\\Program Files\\uTorrent\\uTorrent.exe "= "C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent "
"C:\\Program Files\\Wyzo\\wyzo.exe "= "C:\\Program Files\\Wyzo\\wyzo.exe:*:Enabled:Wyzo "
"C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe "= "C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe:*:Enabled:Zoo Tycoon 2 Executable "
"C:\\Program Files\\Magentic\\bin\\MgImp.exe "= "C:\\Program Files\\Magentic\\bin\\MgImp.exe:*:Enabled:Magentic "
"C:\\Program Files\\Magentic\\bin\\Magentic.exe "= "C:\\Program Files\\Magentic\\bin\\Magentic.exe:*:Enabled:Magentic "
"C:\\Program Files\\Magentic\\bin\\MgApp.exe "= "C:\\Program Files\\Magentic\\bin\\MgApp.exe:*:Enabled:Magentic "
"C:\\Program Files\\Messenger\\msmsgs.exe "= "C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger "
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "= "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader "
"C:\\Program Files\\Adobe\\Photoshop Elements 6.0\\AdobePhotoshopElementsMediaServer.exe "= "C:\\Program Files\\Adobe\\Photoshop Elements 6.0\\AdobePhotoshopElementsMediaServer.exe:*isabled:Adobe Photoshop Elements Media Server "
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe "= "C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent "
"C:\\Program Files\\AIM6\\aim6.exe "= "C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM "
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe "= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OFFICE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\OFFICE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=OFFICE
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Owner (admin)
Mike (admin)
Sklbusdrvr (admin)
Administrator (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> MsiExec.exe /I{219B0DA4-8F1A-499D-8795-4A07C632521E}
--> MsiExec.exe /I{644B991F-B109-4360-9DA3-40CDAD13961C}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
5 Spots II --> "C:\Program Files\5 Spots II\ReflexiveArcade\unins000.exe "
500 Solitaire Games --> "C:\Program Files\Selectsoft\500 Solitaire Games\uninstall.exe "
ACDSee 9 Photo Manager --> MsiExec.exe /X{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe "
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c "C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll "
Adobe ActiveShare 1.2 --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Adobe\ActiveShare\Uninst.isu "
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e225e\Setup.exe
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}
Adobe Flash Player 9 --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe PhotoDeluxe Home Edition 4.0 --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Adobe\PhotoDeluxe Home Edition 4.0\Uninst.isu "
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c "C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll "
Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Photoshop Elements 6.0 --> msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Photoshop Lightroom --> MsiExec.exe /I{359D2A79-64C6-4824-83CE-B053297DED6A}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup --> MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Agatha Christie Death On The Nile --> "C:\Program Files\Death On The Nile\ReflexiveArcade\unins000.exe "
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Alice Greenfingers --> "C:\Program Files\Alice Greenfingers\ReflexiveArcade\unins000.exe "
All My Movies 4.1 --> "C:\Program Files\AllMyMovies\unins000.exe "
AllFive 2000 --> C:\Program Files\AllFive 2000\Uninstal.exe
Almeza MultiSet 4.5 --> "C:\Program Files\Almeza\MultiSet\unins000.exe "
AMD Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
America Online (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\aolunins_us.exe
AnyDVD --> "C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D= "C:\Program Files\SlySoft\AnyDVD "
AusLogics Disk Defrag --> "C:\Program Files\AusLogics Disk Defrag\unins000.exe "
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Big Fish Games Client --> C:\Program Files\bfgclient\Uninstall.exe
Big Kahuna Reef 2 - Chain Reaction --> "C:\Program Files\Big Kahuna Reef 2\ReflexiveArcade\unins000.exe "
BigFix --> C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\BigFix\Uninst.isu" -c "C:\Program Files\BigFix\Lib\UninstallHelper.dll "
Bus Driver --> "C:\WINDOWS\Bus Driver\uninstall.exe" "/U:C:\Program Files\Bus Driver\Uninstall\uninstall.xml "
Carrie the Caregiver (remove only) --> C:\Program Files\Carrie the Caregiver\Uninstall.exe
Cartoonist 0.92 --> "C:\Program Files\Cartoonist\unins000.exe "
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CD Catalog Expert 9.1.7.328 --> "C:\Program Files\CD Catalog Expert\unins000.exe "
CDCheck --> "C:\Program Files\CDCheck\uninst.exe "
Christmasville --> "C:\Program Files\Christmasville\ReflexiveArcade\unins000.exe "
Chuzzle Deluxe --> "C:\Program Files\Chuzzle Deluxe\ReflexiveArcade\unins000.exe "
Cindys Sundaes --> "C:\Program Files\Cindys Sundaes\ReflexiveArcade\unins000.exe "
Cinema Tycoon Gold --> "C:\Program Files\Cinema Tycoon Gold\ReflexiveArcade\unins000.exe "
CK Babies All --> C:\CKBROW~1\UNWISE.EXE C:\CKBROW~1\BabiesAllINSTALL.LOG
CK Family Heritage All --> C:\CKBROW~1\UNWISE.EXE C:\CKBROW~1\WaterFunAllINSTALL.LOG
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
CloneCD --> "C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D= "C:\Program Files\SlySoft\CloneCD "
CloneDVD2 --> "C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D= "C:\Program Files\Elaborate Bytes\CloneDVD2 "
Collectorz.com Movie Collector --> C:\PROGRA~1\COLLEC~1.COM\MOVIEC~1\UNWISE.EXE C:\PROGRA~1\COLLEC~1.COM\MOVIEC~1\install.log
ConvertXtoDVD 2.2.3.258 --> "C:\Program Files\vso\ConvertXtoDVD\unins000.exe "
Corel Paint Shop Pro Photo XI --> MsiExec.exe /X{93A1B09E-BAFA-4628-A5B6-921CB026955A}
Corel Snapfire --> MsiExec.exe /I{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}
Coupon Printer for Windows --> "C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml "
Creative Lettering Combo --> C:\CKBROW~1\UNWISE.EXE C:\CKBROW~1\INSTALL.LOG
Cricut DesignStudio --> "C:\Program Files\Cricut Software\Cricut DesignStudio\uninstall.exe "
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 --> "C:\Program Files\Cucusoft\avi-dvd-pro\unins000.exe "
Digital Media Reader --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1}
Diner Dash Flo On The Go --> "C:\Program Files\Diner Dash Flo On The Go\ReflexiveArcade\unins000.exe "
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Dream Day Wedding --> "C:\Program Files\Dream Day Wedding\ReflexiveArcade\unins000.exe "
Dream Day Wedding (remove only) --> C:\Program Files\Dream Day Wedding\Uninstall.exe
DriverGuide Toolkit --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71AA4525-52F2-4841-93B6-8DF58C0CC0DA}\setup.exe"
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe "
DVD Rip Master Pro v8.0.4.1 --> "C:\Program Files\DVD Rip Master Pro\unins000.exe "
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe "
DVDFab Decrypter 3.0.9.6 --> "C:\Program Files\DVDFab Decrypter 3\unins000.exe "
DVDFab HD Decrypter 3.1.9.2 Beta --> "C:\Program Files\DVDFab HD Decrypter 3\unins000.exe "
DVDFab HD Decrypter 4.0.1.2 --> "C:\Program Files\DVDFab HD Decrypter 4\unins000.exe "
Easy MPEG/AVI/DIVX/WMV/RM to DVD 1.4.2 --> "C:\Program Files\Easy MPEG AVI DIVX WMV RM to DVD\unins000.exe "
EasyMadeMemories --> "C:\Documents and Settings\All Users\Application Data\{29570269-125D-4355-99A9-5B9A340A25F4}\EasyMadeMemories.exe" REMOVE=TRUE MODIFY=FALSE
Elf Bowling The Last Insult --> "C:\Program Files\Elf Bowling The Last Insult\ReflexiveArcade\unins000.exe "
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
Fairy Godmother Tycoon --> "C:\Program Files\Fairy Godmother Tycoon\ReflexiveArcade\unins000.exe "
Family Feud --> "C:\Program Files\Family Feud\unins000.exe "
Family Feud Holidays --> MsiExec.exe /I{7B2D0944-9716-4052-8638-489D08EF1DC2}
Family Tree Maker 2005 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B136E4A4-7660-4F15-9752-EF8E6BA7866D}\setup.exe" -l0x9
Fish Tycoon --> "C:\Program Files\Fish Tycoon\ReflexiveArcade\unins000.exe "
FlashFXP v3 --> "C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
Flower Shop - Big City Break --> C:\Program Files\Flower Shop - Big City Break\uninstall.exe
GameWiz32 --> C:\WINDOWS\system32\GKSUI18.EXE C:\Program Files\GameWiz32\Uninstall8027.DAT
GHOST Hunters The Haunting Of Majesty Manor --> "C:\Program Files\GHOST Hunters The Haunting Of Majesty Manor\ReflexiveArcade\unins000.exe "
Hallmark Card Studio 2008 Deluxe --> MsiExec.exe /X{747A6A10-DA58-48C2-A1F0-C15514419C8A}
Hidden Expedition Titanic --> "C:\Program Files\Hidden Expedition Titanic\ReflexiveArcade\unins000.exe "
Hidden Expedition: Everest (remove only) --> "C:\Program Files\Hidden Expedition - Everest\Uninstall.exe "
Hide & Secret --> C:\Program Files\Hide & Secret\uninstall.exe
Hide And Secret --> "C:\Program Files\Hide And Secret\ReflexiveArcade\unins000.exe "
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe "
Hoyle Board Games 2007 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BD6CF-2EB7-4BE4-9CAC-471F351BF24D}\SETUP.exe" -l0x9 -removeonly
IncrediMail Xe --> C:\PROGRA~1\INCRED~2\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes --> MsiExec.exe /I{9357AE3A-B2ED-4138-BB9B-0564352C3F0A}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Janes Hotel --> "C:\Program Files\Janes Hotel\ReflexiveArcade\unins000.exe "
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
K-Lite Codec Pack 3.4.5 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe "
Kazoo Player --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\LightWork Design\Kazoo Player\Uninst.isu "
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0002_2ffa8b5c\Setup.exe /APR-REMOVE
KPT(R) effects(TM) --> C:\WINDOWS\IsUninst.exe -f "c:\program files\adobe\KPT effects\KPTUnins.isu "
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
LD Supreme --> C:\PROGRA~1\LDSUPR~1\UNWISE.EXE C:\PROGRA~1\LDSUPR~1\INSTALL.LOG
Lexmark 730 Series --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcfUNST.EXE -NOLICENSE
Lexmark X5100 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBAUN5C.EXE -dLexmark X5100 Series
Little Shop Of Treasures --> "C:\Program Files\Little Shop Of Treasures\ReflexiveArcade\unins000.exe "
Little Shop Of Treasures 2 --> "C:\Program Files\Little Shop Of Treasures 2\ReflexiveArcade\unins000.exe "
Live Search Maps Add-In for Microsoft Office Outlook --> MsiExec.exe /I{EB9A4856-C28A-4BC2-9373-975A33BB9CD4}
Lucky Clover (remove only) --> "C:\Program Files\Lucky Clover\Uninstall.exe "
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Magic Academy --> "C:\Program Files\Magic Academy\ReflexiveArcade\unins000.exe "
Magic DVD Copier V4.6 --> "C:\Program Files\MagicDVDCopier\unins000.exe "
Magic DVD Ripper V4.2 --> "C:\Program Files\MagicDVDRipper\unins000.exe "
Magic ISO Maker v5.3 (build 0216) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Mahjong Holidays 2005 --> "C:\Program Files\Mahjong Holidays 2005\ReflexiveArcade\unins000.exe "
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Media Video Codec v1.6 --> C:\Program Files\MediaVideoCodec\Uninstall.exe
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe "
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft English TTS Engine --> MsiExec.exe /I{94824ADD-8F26-43D2-84DB-22E11F377E5E}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Streets & Trips 2007 --> MsiExec.exe /I{C82185E8-C27B-4EF4-2007-4444BC2C2B6D}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Web Publishing Wizard 1.52 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mirror Magic --> "C:\Program Files\Mirror Magic\ReflexiveArcade\unins000.exe "
Morpheus Photo Morpher v3.01 --> "C:\Program Files\Morpheus Photo Morpher\unins000.exe "
Mortimer Beckett And The Secrets Of Spooky Manor --> "C:\Program Files\Mortimer Beckett And The Secrets Of Spooky Manor\ReflexiveArcade\unins000.exe "
Mozilla Firefox (2.0.0.11) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.9) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Multimedia Keyboard Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x9
Mystery Case Files Ravenhurst --> "C:\WINDOWS\Mystery Case Files Ravenhurst\uninstall.exe" "/U:C:\Program Files\Mystery Case Files Ravenhurst\Uninstall\uninstall.xml "
Mystery in London (remove only) --> "C:\Program Files\Mystery in London\Uninstall.exe "
Mystery PI The Lottery Ticket --> "C:\Program Files\Mystery PI The Lottery Ticket\ReflexiveArcade\unins000.exe "
Mystery Solitaire Secret Island --> "C:\Program Files\Mystery Solitaire Secret Island\ReflexiveArcade\unins000.exe "
Mystery Solitaire: Secret Island (remove only) --> "C:\Program Files\Mystery Solitaire - Secret Island\Uninstall.exe "
Mysteryville --> "C:\Program Files\Mysteryville\ReflexiveArcade\unins000.exe "
Mysteryville 2 --> C:\Program Files\Mysteryville 2\Uninstall.exe
Mystic Inn (remove only) --> "C:\Program Files\Mystic Inn\Uninstall.exe "
Nanny Mania --> "C:\Program Files\Nanny Mania\ReflexiveArcade\unins000.exe "
Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Nero 7 Demo --> MsiExec.exe /I{C9AEDCDD-7DD7-B74C-C805-EC37FBCB1033}
Nero BurnRights --> C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
netbrdg --> MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OrgScheduler Pro version 3.6 --> "C:\Program Files\Binary-House\OrgSchedulerPro\unins000.exe "
Pando --> MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}
Paparazzi --> "C:\Program Files\Paparazzi\ReflexiveArcade\unins000.exe "
Phlinx To Go --> MsiExec.exe /I{3FA757B9-AF49-4181-B118-1B2F6D1A22E4}
Photo DVD Maker Professional 7.03 --> C:\Program Files\Photo DVD Maker Professional\uninst.exe
Photo Explosion SE 2.0 --> MsiExec.exe /X{DD040AAA-F295-492B-AD91-C8DC24488273}
Photodex Presenter --> C:\Program Files\Photodex Presenter\uninst.exe
PhotoZoom Pro 2.1.10 --> C:\Program Files\PhotoZoom Pro 2\Uninstall.exe
Pirateville (remove only) --> "C:\Program Files\Pirateville\Uninstall.exe "
Pizza Panic --> "C:\Program Files\Pizza Panic\ReflexiveArcade\unins000.exe "
Posh Shop --> "C:\Program Files\Posh Shop\ReflexiveArcade\unins000.exe "
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Princess Fashion Boutique 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3554902-AB4A-11D5-AA2E-0008C760B784}\setup.exe" Princess Fashion Boutique 2
PrintMaster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A35C2323-3CEA-405C-9569-EF5DDE930B2F}\setup.exe" -l0x9 anything
Private Eye - Greatest Unsolved Mysteries (remove only) --> C:\Program Files\Private Eye - Greatest Unsolved Mysteries\Uninstall.exe
ProShow Gold --> C:\Program Files\Photodex\ProShowGold\proshow.exe . -u
ProShow Producer --> C:\Program Files\Photodex\ProShowProducer\proshow.exe . -u
Quick Memory Editor 4.2 --> "C:\Quick Memory Editor\unins000.exe "
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Real Alternative 1.51 --> "C:\Program Files\Real Alternative\unins000.exe "
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
REALTEK GbE & FE Ethernet PCI NIC Driver --> C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x0009 -removeonly
RegClean 2.6 --> "C:\Program Files\RegClean\unins000.exe "
Safari --> MsiExec.exe /I{3F9EFA28-D2FE-44B7-8896-0B0FF8DF5517}
Salon Styler Pro --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Creative Zone\Salon Styler Pro\Uninst.isu "
Secrets Of Great Art --> "C:\Program Files\Secrets Of Great Art\ReflexiveArcade\unins000.exe "
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Shopmania --> "C:\Program Files\Shopmania\ReflexiveArcade\unins000.exe "
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSM5K.inf
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Spybot - Search & Destroy 1.5.1.15 --> "C:\WINDOWS\unins000.exe "
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
StormPredator 3.03 --> C:\WINDOWS\iun6002.exe "C:\Program Files\StormPredator\irunin.ini "
Sun Download Manager 2.0 (web) --> C:\WINDOWS\system32\javaws.exe -uninstall "http://javadl-esd.sun.com/update/sdm20/sdm20.jnlp "
The Cutting Edge --> C:\PCHUGW~1\UNWISE.EXE C:\PCHUGW~1\INSTALL.LOG
The Magicians Handbook Cursed Valley --> "C:\Program Files\The Magicians Handbook Cursed Valley\ReflexiveArcade\unins000.exe "
The Scruffs (remove only) --> "C:\Program Files\The Scruffs\Uninstall.exe "
tooltips --> MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
Travelogue 360 Paris --> "C:\Program Files\Travelogue 360 Paris\ReflexiveArcade\unins000.exe "
Travelogue 360 Rome --> "C:\Program Files\Travelogue 360 Rome\ReflexiveArcade\unins000.exe "
Travelogue 360 Rome - The Curse of the Necklace --> C:\WINDOWS\iun506.exe C:\Program Files\Travelogue 360 Rome - The Curse of the Necklace\irunin.ini
Trillian --> C:\Program Files\Trillian\trillian.exe /uninstall
TTS Wrapper --> MsiExec.exe /I{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}
TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Ulead iPhoto Express 1.1 --> C:\WINDOWS\ULEAD.DAT\ULuninst.exe /f:ipe11f.inf
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Wall Photo Maker v3.4 --> "C:\Program Files\Oreware.com\Wall Photo Maker\unins000.exe "
WinAVI DVD Copy --> "C:\Program Files\WinAVI DVD Copy\unins000.exe "
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Desktop Search 3.0 --> "C:\WINDOWS\$NtUninstallKB917013$\spuninst\spuninst.exe "
Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04) --> C:\PROGRA~1\DIFX\F5DE4F5A04FFC80D\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\ftdibus_1EFE8ACE84BF7FF75302177777293E12CA62079A\ftdibus.inf
Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04) --> C:\PROGRA~1\DIFX\F5DE4F5A04FFC80D\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\ftdiport_E3FE268552211CE3257EFBEE0E69543753506151\ftdiport.inf
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail --> MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Photo Gallery --> MsiExec.exe /X{257E440F-781F-459B-9A68-A0872B80C1D6}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe "
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Wonderland Adventures (remove only) --> C:\Program Files\Wonderland Adventures\Uninstall.exe
Wondershare Flash SlideShow Builder (3.3.2) Trial Version --> "C:\Program Files\Wondershare\Flash SlideShow Builder\unins000.exe "
Wyzo 0.5.3 --> C:\Program Files\Wyzo\uninst.exe
XP Repair Pro 2006 --> MsiExec.exe /I{80682344-770B-46CB-B0FF-6A7620B37CBA}
Your Birthday News --> "C:\WINDOWS\Your Birthday News\uninstall.exe" "/U:C:\Program Files\Your Birthday News\irunin.xml "

Sklbusdrvr · 2008/01/11

Last part of scan

-- Application Event Log -------------------------------------------------------

Event Record #/Type8439 / Success
Event Submitted/Written: 01/10/2008 03:11:30 AM
Event ID/Source: 2570 / Adobe Active File Monitor 6.0
Event Description:
Adobe Active File Monitor Service has Started.

Event Record #/Type8427 / Success
Event Submitted/Written: 01/08/2008 10:28:00 AM
Event ID/Source: 2570 / Adobe Active File Monitor 6.0
Event Description:
Adobe Active File Monitor Service has Started.

Event Record #/Type8426 / Warning
Event Submitted/Written: 01/08/2008 10:26:25 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type8417 / Success
Event Submitted/Written: 01/07/2008 01:42:12 PM
Event ID/Source: 2570 / Adobe Active File Monitor 6.0
Event Description:
Adobe Active File Monitor Service has Started.

Event Record #/Type8411 / Success
Event Submitted/Written: 01/07/2008 01:37:29 PM
Event ID/Source: 2570 / Adobe Active File Monitor 6.0
Event Description:
Adobe Active File Monitor Service has Started.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type24852 / Warning
Event Submitted/Written: 01/10/2008 04:51:16 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type24849 / Error
Event Submitted/Written: 01/10/2008 03:31:20 AM
Event ID/Source: 8032 / BROWSER
Event Description:
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{503DCD7E-0F29-44D6-8F67-660E88D976DD}.
The backup browser is stopping.

Event Record #/Type24848 / Warning
Event Submitted/Written: 01/10/2008 03:27:56 AM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\PRINCESS on the network \Device\NetBT_Tcpip_{503DCD7E-0F29-44D6-8F67-660E88D976DD}.
The data is the error code.

Event Record #/Type24835 / Error
Event Submitted/Written: 01/10/2008 03:12:11 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The NTPort Library Driver service failed to start due to the following error:
%%2

Event Record #/Type24829 / Error
Event Submitted/Written: 01/10/2008 03:10:08 AM
Event ID/Source: 10010 / DCOM
Event Description:
The server {6A972E27-93E2-4F98-8367-4101B2073814} did not register with DCOM within the required timeout.

Geri · 2008/01/11

Hi Sklbusdrvr

Spybot S&D's tea timer normally provides real-time protection from spyware, however it may interfere with what we need to do. We will disable it until the machine is clean when it can be re-enabled.

First step:

Right-click the Spybot Icon in the System Tray (looks like a blue/white calendar with a padlock symbol)

If you have the new version 1.5, Click once on Resident Protection, then Right click the Spybot icon again and make sure Resident Protection is now Unchecked. The Spybot icon in the System tray should now be now colorless.

If you have Version 1.4, Click on Exit Spybot S&D Resident

Second step, For Either Version :

Open Spybot S&D

Click Mode, choose Advanced Mode

Go To the bottom of the Vertical Panel on the Left, Click Tools

then, also in left panel, click Resident shows a red/white shield.

If your firewall raises a question, say OK

In the Resident protection status frame, Uncheck the box labeled Resident "Tea-Timer "(Protection of over-all system settings) active

OK any prompts.

Use File, Exit to terminate Spybot

Reboot your machine for the changes to take effect.

Don't forget to re-enable it, when your computer is clean.

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 2
Java(TM) 6 Update 2
Java(TM) SE Runtime Environment 6 Update 1
KSU <<< Do you know what this is?
Media Video Codec v1.6

Please note any other programs that you dont recognize in that list and post them in your next response
I would also suggest you go through and remove any of the game you know longer play, If any.

Download ComboFix from [color= "Red"]Here[/color] to your Desktop.

Close all open programs and windows

Double click combofix.exe and follow the prompts.

When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Please post the Combofix log.

Thanks
Geri

Log in or Sign up

Think my computer is infected with something

Sklbusdrvr Inactive Thread Starter

Sklbusdrvr Inactive Thread Starter

Sklbusdrvr Inactive Thread Starter

Sklbusdrvr Inactive Thread Starter

Geri Inactive Alumni

Share This Page

Log in or Sign up

Think my computer is infected with something

Sklbusdrvr Inactive Thread Starter

Sklbusdrvr Inactive Thread Starter

Sklbusdrvr Inactive Thread Starter

Sklbusdrvr Inactive Thread Starter

Geri Inactive Alumni

Share This Page

Useful Searches