Disappearing Files, Hijacked IE6 Browser, etc. etc

-- HijackThis Fixed Entries (C:\UTILIT~1\HJT\backups\) -------------------------

backup-20080624-141942-231 O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.bat - batfile - shell\open\command - "%1" %*
.bat - batfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.cmd - cmdfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.cmd - cmdfile - shell\open\command - "%1" %*
.cmd - cmdfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.chm - chm.file - DefaultIcon - C:\WINDOWS\hh.exe,0
.chm - chm.file - shell\open\command - "C:\WINDOWS\hh.exe" %1
.com - comfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,2
.com - comfile - shell\open\command - "%1" %*
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1 ",%*
.exe - exefile - DefaultIcon - %1
.exe - exefile - shell\open\command - "%1" %*
.hlp - hlpfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,23
.hlp - hlpfile - shell\open\command - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.inf - inffile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.ini - inifile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,3
.js - JSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - CLSID - {00021401-0000-0000-C000-000000000046}
.pif - piffile - shell\open\command - "%1" %*
.reg - regfile - DefaultIcon - %SystemRoot%\regedit.exe,1
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.reg - regfile - shell\edit\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.scr - scrfile - shell\open\command - "%1" %*
.txt - txtfile - DefaultIcon - %SystemRoot%\system32\shell32.dll,-152
.txt - txtfile - shell\open\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,2
.vbs - VBSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.vbs - VBSFile - shell\edit\command - %SystemRoot%\System32\Notepad.exe %1



-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 iomdisk (Iomega Devices Disk Filter Services) - c:\windows\system32\drivers\iomdisk.sys <Not Verified; Iomega Corporation; Microsoft(R) Windows NT(R) Operating System>
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Mup - c:\windows\system32\drivers\mup.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PartMgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCIIde - c:\windows\system32\drivers\pciide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys <Not Verified; Sonic Solutions; PxHelp20>
R0 sisagp (SiS AGP Filter) - c:\windows\system32\drivers\sisagpx.sys <Not Verified; Silicon Integrated Systems Corporation; SiS AGPv3.5 Filter for Windows XP>
R0 snapman (Acronis Snapshots Manager) - c:\windows\system32\drivers\snapman.sys <Not Verified; Acronis; Acronis Snapshot API>
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 tdrpman (Acronis Try&Decide and Restore Points filter) - c:\windows\system32\drivers\tdrpman.sys <Not Verified; Acronis; Acronis Try&Decide and Restore Points>
R0 timounter (Acronis True Image Backup Archive Explorer) - c:\windows\system32\drivers\timntr.sys <Not Verified; Acronis; Acronis True Image>
R0 VolSnap - c:\windows\system32\drivers\volsnap.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFD (AFD Networking Support Environment) - c:\windows\system32\drivers\afd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
R1 AvgLdx86 (AVG AVI Loader Driver x86) - c:\windows\system32\drivers\avgldx86.sys <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R1 AvgMfx86 (AVG On-access Scanner Minifilter Driver x86) - c:\windows\system32\drivers\avgmfx86.sys <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R1 Beep - c:\windows\system32\drivers\beep.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Fips - c:\windows\system32\drivers\fips.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Msfs - c:\windows\system32\drivers\msfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBT (NetBios over Tcpip) - c:\windows\system32\drivers\netbt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Npfs - c:\windows\system32\drivers\npfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Null - c:\windows\system32\drivers\null.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 SbFw - c:\windows\system32\drivers\sbfw.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R1 sbhips (Sunbelt HIPS Driver) - c:\windows\system32\drivers\sbhips.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 SiSkp - c:\windows\system32\drivers\srvkp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS (R) WindowsXP Display Manager>
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 VgaSave (VGA Display Controller.) - c:\windows\system32\drivers\vga.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 aslm75 - c:\windows\system32\drivers\aslm75.sys
R2 AvgTdiX (AVG8 Network Redirector) - c:\windows\system32\drivers\avgtdix.sys <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R2 ParVdm - c:\windows\system32\drivers\parvdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 symlcbrd - c:\windows\system32\drivers\symlcbrd.sys
R2 tifsfilter (Acronis True Image FS Filter) - c:\windows\system32\drivers\tifsfilt.sys <Not Verified; Acronis; Acronis True Image>
R2 tmcomm - c:\windows\system32\drivers\tmcomm.sys <Not Verified; Trend Micro Inc.; ActiveClean>
R3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
R3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - c:\windows\system32\drivers\awrtpd.sys <Not Verified; Lavasoft AB; Ad-Watch Beta>
R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys <Not Verified; Andrea Electronics Corporation; Andrea Audio Driver>
R3 ati2mtag - c:\windows\system32\drivers\ati2mtag.sys <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Miniport Driver>
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 gameenum (Game Port Enumerator) - c:\windows\system32\drivers\gameenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Intels51 (Intel(R) 536EP Modem) - c:\windows\system32\drivers\intels51.sys <Not Verified; Intel Corporation; Intel(R) 536EP Modem>
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 L8042pr2 (Logitech PS/2 Mouse Filter Driver) - c:\windows\system32\drivers\l8042pr2.sys <Not Verified; Logitech, Inc.; Logitech MouseWare(TM)>
R3 LMouFlt2 (Logitech Mouse Class Filter Driver) - c:\windows\system32\drivers\lmouflt2.sys <Not Verified; Logitech, Inc.; Logitech MouseWare(TM)>
R3 MagicTune - c:\windows\system32\drivers\mtictwl.sys <Not Verified; Samsung Electronics, Inc.; MagicTunePremium>
R3 Modem - c:\windows\system32\drivers\modem.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys <Not Verified; Parallel Technologies, Inc.; Microsoft® Windows® Operating System>
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 SBFWIMCL (Sunbelt Software Firewall NDIS IM Filter Miniport) - c:\windows\system32\drivers\sbfwim.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R3 serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 SISNIC (SiS PCI Fast Ethernet Adapter Driver) - c:\windows\system32\drivers\sisnic.sys <Not Verified; SiS Corporation; NDIS 5.1 NIC Driver>
R3 smwdm - c:\windows\system32\drivers\smwdm.sys <Not Verified; Analog Devices, Inc.; SoundMAX Digital Audio Driver>
R3 Srv - c:\windows\system32\drivers\srv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbscan (USB Scanner Driver) - c:\windows\system32\drivers\usbscan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Fastfat - c:\windows\system32\drivers\fastfat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

 

S1 Cdaudio - c:\windows\system32\drivers\cdaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S2 FILESpy - c:\program files\softwin\bitdefender9\filespy.sys (file missing)
S2 REGSpy - c:\program files\softwin\bitdefender9\regspy.sys (file missing)
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ASUSHWIO - c:\windows\system32\drivers\asushwio.sys
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 BDRsDrv - c:\program files\softwin\bitdefender9\bdrsdrv.sys (file missing)
S3 DMusic (Microsoft Kernel DLS Syntheiszer) - c:\windows\system32\drivers\dmusic.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HidBatt (HID UPS Battery Driver) - c:\windows\system32\drivers\hidbatt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HTTP - c:\windows\system32\drivers\http.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ip6fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFlt (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkflt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFwd (IPX Traffic Forwarder Driver) - c:\windows\system32\drivers\nwlnkfwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 PSI - c:\windows\system32\drivers\psi_mf.sys <Not Verified; Secunia; Secunia Personal Software Inspector>
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ROOTMODEM (Microsoft Legacy Modem Driver) - c:\windows\system32\drivers\rootmdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Secdrv - c:\windows\system32\drivers\secdrv.sys <Not Verified; Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.; Macrovision SECURITY Driver>
S3 SiS315 - c:\windows\system32\drivers\sisgrp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS (R) Compatible Super VGA Miniport Driver for Windows XP>
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cbidf2k - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dmboot - c:\windows\system32\drivers\dmboot.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmio - c:\windows\system32\drivers\dmio.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmload - c:\windows\system32\drivers\dmload.sys <Not Verified; Microsoft Corp., Veritas Software.; Logical Disk Manager for Windows NT>
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Udfs - c:\windows\system32\drivers\udfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 _IOMEGA_ACTIVE_DISK_SERVICE_ (Iomega Active Disk) - "c:\program files\iomega\autodisk\adservice.exe" <Not Verified; Iomega Corporation; Iomega Active Disk>
R2 aawservice (Lavasoft Ad-Aware Service) - "c:\program files\lavasoft\ad-aware\aawservice.exe" <Not Verified; Lavasoft; Ad-Aware Service>
R2 AcrSch2Svc (Acronis Scheduler2 Service) - "c:\program files\common files\acronis\schedule2\schedul2.exe" <Not Verified; Acronis; Acronis Scheduler 2>
R2 Alerter - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 APC UPS Service - c:\program files\apc\apc powerchute personal edition\mainserv.exe <Not Verified; American Power Conversion Corporation; APC PowerChute Personal Edition>
R2 Ati HotKey Poller - c:\windows\system32\ati2evxx.exe <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows>
R2 AudioSrv (Windows Audio) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 avg8emc (AVG8 E-mail Scanner) - c:\progra~1\avg\avg8\avgemc.exe <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R2 avg8wd (AVG8 WatchDog) - c:\progra~1\avg\avg8\avgwdsvc.exe <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R2 BITS (Background Intelligent Transfer Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Browser (Computer Browser) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 CryptSvc (Cryptographic Services) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 DcomLaunch (DCOM Server Process Launcher) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dhcp (DHCP Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dnscache (DNS Client) - c:\windows\system32\svchost.exe -k networkservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ERSvc (Error Reporting Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 helpsvc (Help and Support) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 HidServ (HID Input Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Iomega App Services - "c:\progra~1\iomega\system32\appservices.exe" <Not Verified; Iomega Corporation; Iomega App Services>
R2 lanmanserver (Server) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 lanmanworkstation (Workstation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 LmHosts (TCP/IP NetBIOS Helper) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 MagicTuneEngine - c:\program files\magictune premium\magictuneengine.exe
R2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RpcSs (Remote Procedure Call (RPC)) - c:\windows\system32\svchost -k rpcss <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SbPF.Launcher - "c:\program files\sunbelt software\personal firewall\sbpflnch.exe" <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R2 Schedule (Task Scheduler) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 seclogon (Secondary Logon) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SENS (System Event Notification) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ShellHWDetection (Shell Hardware Detection) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SiteAdvisor Service - "c:\program files\siteadvisor\6261\saservice.exe "
R2 SoundMAX Agent Service (default) (SoundMAX Agent Service) - c:\program files\analog devices\soundmax\smagent.exe <Not Verified; Analog Devices, Inc.; SoundMAX service agent>
R2 SPF4 (Sunbelt Personal Firewall 4) - "c:\program files\sunbelt software\personal firewall\sbpfsvc.exe" <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 srservice (System Restore Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 stisvc (Windows Image Acquisition (WIA)) - c:\windows\system32\svchost.exe -k imgsvc <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Themes - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 TrkWks (Distributed Link Tracking Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 TryAndDecideService (Acronis Try And Decide Service) - "c:\program files\common files\acronis\fomatik\trueimagetrystartservice.exe "
R2 UMWdf (Windows User Mode Driver Framework) - c:\windows\system32\wdfmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 W32Time (Windows Time) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WebClient - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 winmgmt (Windows Management Instrumentation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wscsvc (Security Center) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wuauserv (Automatic Updates) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WZCSVC (Wireless Zero Configuration) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Eventlog (Event Log) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 EventSystem (COM+ Event System) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 FastUserSwitchingCompatibility (Fast User Switching Compatibility) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Netman (Network Connections) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Nla (Network Location Awareness (NLA)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasMan (Remote Access Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TapiSrv (Telephony) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TermService (Terminal Services) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

 

S2 ATI Smart - c:\windows\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
S3 AppMgmt (Application Management) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aspnet_state (ASP.NET State Service) - c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 CiSvc (Indexing Service) - c:\windows\system32\cisvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 COMSysApp (COM+ System Application) - c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe /com <Not Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
S3 dmserver (Logical Disk Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HTTPFilter (HTTP SSL) - c:\windows\system32\svchost.exe -k httpfilter <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 mnmsrvc (NetMeeting Remote Desktop Sharing) - c:\windows\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
S3 MSIServer (Windows Installer) - c:\windows\system32\msiexec.exe /v <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
S3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtmsSvc (Removable Storage) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RasAuto (Remote Access Auto Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RSVP (QoS RSVP) - c:\windows\system32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SCardSvr (Smart Card) - c:\windows\system32\scardsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SwPrv (MS Software Shadow Copy Provider) - c:\windows\system32\dllhost.exe /processid:{73f63084-1e55-4b05-bea2-081e313647a8} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SysmonLog (Performance Logs and Alerts) - c:\windows\system32\smlogsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 UPS (Uninterruptible Power Supply) - c:\windows\system32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmdmPmSN (Portable Media Serial Number Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 xmlprov (Network Provisioning Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ClipSrv (ClipBook) - c:\windows\system32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Iomega Activity Disk2 - " "
S4 Messenger - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDE (Network DDE) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDEdsdm (Network DDE DSDM) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 RemoteAccess (Routing and Remote Access) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 SSDPSRV (SSDP Discovery Service) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 upnphost (Universal Plug and Play Device Host) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-16 15:11:00 244 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2008-05-17 15:11:41 338 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job


-- Files created between 2008-06-16 and 2008-07-16 -----------------------------

2008-07-15 16:01:50 0 dr-h----- C:\Documents and Settings\Norman\Recent
2008-07-13 17:27:01 65576 --a------ C:\WINDOWS\system32\drivers\SbFwIm.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
2008-07-13 17:27:01 269736 -ra------ C:\WINDOWS\system32\drivers\SbFw.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
2008-07-13 17:26:53 0 d-------- C:\Program Files\Sunbelt Software
2008-07-11 17:24:58 139264 --a------ C:\WINDOWS\system32\javaws.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U7>
2008-07-11 17:24:58 135168 --a------ C:\WINDOWS\system32\javaw.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U7>
2008-07-11 17:24:58 135168 --a------ C:\WINDOWS\system32\java.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U7>
2008-07-08 17:23:22 0 d--h---c- C:\WINDOWS\$NtUninstallKB951748$
2008-07-08 14:29:34 9437184 --a------ C:\Documents and Settings\Norman\ntuser.dat
2008-07-04 17:44:44 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-07-04 17:44:04 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-06-21 04:54:54 66600 -ra------ C:\WINDOWS\system32\drivers\sbhips.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
2008-06-19 16:50:19 0 d--h---c- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-06-18 15:18:24 0 d-------- C:\Deckard


-- Find3M Report ---------------------------------------------------------------

2008-07-16 15:02:53 2048 --a-s---- C:\WINDOWS\bootstat.dat
2008-07-16 15:02:50 536449024 --ahs---- C:\hiberfil.sys
2008-07-16 15:02:49 754974720 --ahs---- C:\pagefile.sys
2008-07-16 14:49:44 0 d-------- C:\Program Files\Mozilla Firefox
2008-07-16 14:49:20 0 d-------- C:\Program Files\SpywareBlaster
2008-07-15 22:48:36 0 d-------- C:\Program Files\Common Files
2008-07-15 21:37:07 0 d-------- C:\Program Files\MICROSOFT MONEY BACKUPS
2008-07-13 17:11:00 0 d-------- C:\Program Files\MSECache
2008-07-11 17:24:57 0 d-------- C:\Program Files\Java
2008-07-10 17:24:49 0 d-------- C:\Program Files\SiteAdvisor
2008-07-07 23:28:37 0 d-------- C:\Program Files\Verizon Online
2008-07-05 16:50:34 0 d-------- C:\Program Files\Panda Security
2008-07-05 15:21:41 0 d-------- C:\Documents and Settings\Norman\Application Data\SiteAdvisor
2008-07-04 23:04:52 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-04 16:15:44 0 d-------- C:\Program Files\Lavasoft
2008-07-04 16:13:38 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-02 15:26:28 10520 --a------ C:\WINDOWS\system32\avgrsstx.dll <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
2008-06-25 12:15:46 17972344 --a------ C:\WINDOWS\system32\MRT.exe <Not Verified; Microsoft Corporation; Microsoft Windows Malicious Software Removal Tool>
2008-06-20 13:41:10 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-20 13:41:10 148992 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-10 17:50:39 0 d-------- C:\Program Files\Internet Explorer
2008-06-04 21:23:55 0 d-------- C:\Documents and Settings\Norman\Application Data\Malwarebytes
2008-05-26 21:15:13 36888 --a------ C:\Documents and Settings\Norman\Application Data\GDIPFONTCACHEV1.DAT
2008-05-20 21:23:15 0 d-------- C:\Documents and Settings\Norman\Application Data\Macromedia
2008-05-20 21:23:14 0 d-------- C:\Documents and Settings\Norman\Application Data\Adobe
2008-05-17 15:11:51 0 d-------- C:\Documents and Settings\Norman\Application Data\Uniblue
2008-05-16 11:58:04 12632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-07 01:18:48 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2008-04-21 02:56:59 666624 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 618496 --a------ C:\WINDOWS\system32\urlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 1499136 --a------ C:\WINDOWS\system32\shdocvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 39424 --a------ C:\WINDOWS\system32\pngfilt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 532480 --a------ C:\WINDOWS\system32\mstime.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:57 146432 --a------ C:\WINDOWS\system32\msrating.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:57 449024 --a------ C:\WINDOWS\system32\mshtmled.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:57 3066880 --a------ C:\WINDOWS\system32\mshtml.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:56 16384 --a------ C:\WINDOWS\system32\jsproxy.dll <Not Verified; Microsoft Corporation; JScript Proxy Auto-Configuration>
2008-04-21 02:56:56 96256 --a------ C:\WINDOWS\system32\inseng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:56 251904 --a------ C:\WINDOWS\system32\iepeers.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 55808 --a------ C:\WINDOWS\system32\extmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 205312 --a------ C:\WINDOWS\system32\dxtrans.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 357888 --a------ C:\WINDOWS\system32\dxtmsft.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 1054208 --a------ C:\WINDOWS\system32\danim.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2008-04-21 02:56:54 151040 --a------ C:\WINDOWS\system32\cdfview.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:54 1024000 --a------ C:\WINDOWS\system32\browseui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-17 06:37:04 351744 --a------ C:\WINDOWS\system32\xpsp3res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

 

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ADUserMon "= "C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [04/27/2008 03:48 PM]
"Logitech Utility "= "Logi_MwX.Exe" [12/17/2003 09:50 AM C:\WINDOWS\LOGI_MWX.EXE]
"HTpatch "= "C:\WINDOWS\htpatch.exe" [10/30/2002 05:40 AM]
"SiteAdvisor "= "c:\program files\siteadvisor\6253\siteadv.exe" []
"SiS Windows KeyHook "= "C:\WINDOWS\system32\keyhook.exe" [05/12/2004 05:22 PM]
"THGuard "= "C:\Program Files\TrojanHunter 4.7\THGuard.exe" [06/23/2007 12:19 AM]
"TrueImageMonitor.exe "= "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [09/14/2007 02:52 AM]
"AcronisTimounterMonitor "= "C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [09/14/2007 03:02 AM]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM]
"AVG8_TRAY "= "C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/02/2008 03:26 PM]
"Acronis Scheduler2 Service "= "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [09/14/2007 02:55 AM]
"NeroCheck "= "C:\WINDOWS\System32\\NeroCheck.exe" [07/09/2001 06:50 AM]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"Ad-Watch "= "C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe" [07/04/2008 04:30 PM]

C:\Documents and Settings\Norman\Start Menu\Programs\Startup\
Secunia PSI (RC1).lnk - C:\Program Files\Secunia\PSI (RC1)\psi.exe [2/5/2008 6:36:24 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [1/11/2008 11:16:38 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls "=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages "= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@= "Volume shadow copy "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GammaTray.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk
backup=C:\WINDOWS\pss\GammaTray.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

*Newly Created Service* - AD-WATCH_REAL-TIME_SCANNER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 Command - Keeping Software Free
127.0.0.1 032439.com

8828 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-07-16 15:13:14 ------------

 

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.66GHz
Percentage of Memory in Use: 66%
Physical Memory (total/avail): 511.53 MiB / 169.61 MiB
Pagefile Memory (total/avail): 1200.54 MiB / 747.38 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1979.28 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 38.29 GiB total, 28.74 GiB free.
D: is Fixed (NTFS) - 38.4 GiB total, 38.33 GiB free.
V: is CDROM (No Media)
W: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - HDS722580VLAT20 - 76.69 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 38.29 GiB - C:
\PARTITION1 - Installable File System - 38.4 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FW: Sunbelt Personal Firewall v4.6.1839 T (Sunbelt Software, Inc)
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax "
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager "
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax "
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager "
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe "= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe "
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe "= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe "


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Norman\Application Data
CLIENTNAME=Console
COLLECTIONID=COL8143
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NORMAN-SP8SZ7LJ
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Norman
ITEMID=dj-22741-15
LANG=1033
LOGONSERVER=\\NORMAN-SP8SZ7LJ
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONID=1166576732968htx6060.cce.hp.com52fda6:10f9d645719:-7a7c
SESSIONNAME=Console
SWUTVER=1.0.1.1
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Norman\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\Norman\LOCALS~1\Temp
TOOLPATH=/C:/Program%20Files/Hewlett-Packard/HP%20Software%20Update/install.htm
UPDATEDIR=C:\DOCUME~1\Norman\LOCALS~1\Temp\radCE50F.tmp
USERDOMAIN=NORMAN-SP8SZ7LJ
USERNAME=Norman
USERPROFILE=C:\Documents and Settings\Norman
VERSION=3.0.5.001
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Norman (admin)
Administrator.NORMAN-SP8SZ7LJ (admin)


-- Add/Remove Programs ---------------------------------------------------------

-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
--> C:\PROGRA~1\VERIZO~1\Uninstall.exe Verizon
--> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00BF-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00C6-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00D1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03DA-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x9 -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acronis True Image Home --> MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Active Disk --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\AutoDisk\uninstal.log
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AnswerWorks 4.0 Runtime - English --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
APC PowerChute Personal Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
ASUS Probe V2.19.04 --> C:\WINDOWS\uninst.exe -f "C:\Program Files\ASUS\Probe\DeIsL2.isu "
AsusUpdate --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\ASUS\AsusUpdate\Uninst.isu "
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Catalyst Control Center Core Implementation -->
Catalyst Control Center Graphics Full Existing -->
Catalyst Control Center Graphics Full New -->
Catalyst Control Center Graphics Light -->
Catalyst Control Center Graphics Previews Common -->
ccc-core-static -->
ccc-utility -->
CCC Help English -->
CCleaner (remove only) --> "C:\UTILITIES\CCleaner\uninst.exe "
Click'N Design 3D (V5) --> C:\PROGRA~1\CLICK'~1\UNWISE.EXE C:\PROGRA~1\CLICK'~1\INSTALL.LOG
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DigiPan --> C:\WINDOWS\system32\msinfhlp.exe ;uninstall; ;C:\Program Files\DigiPan\DigiPan.dat;
EasyCleaner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HijackThis 2.0.2 --> "C:\UTILITIES\HJT\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915865) --> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
hp deskjet 5600 --> msiexec /x{8CDC6712-AF80-459E-911F-F1E156CB0AB0}
hp instant support --> C:\PROGRA~1\HEWLET~1\hpis\Uninstall.exe /s CeS
HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - Deskjet Series --> MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
HP Photo and Imaging 2.1 - Scanjet 36X0 Series --> MsiExec.exe /I{49CE65E4-9EE2-4F29-8768-58DD1E45D09C}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
Intel(R) 536EP Modem --> rundll32 IntelSdi.dll,iSMUninstallation "Intel(R) 536EP Modem "
IomegaWare 4.0.3 --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\uninstal.log
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Logitech MouseWare 9.79.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 -l0009 UNINSTALL
MagicTune Premium --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6044256-A309-43B5-9833-D3FAFE2AD24D}\setup.exe" -l0x9
Malwarebytes' Anti-Malware --> "C:\Utilities\MBAM\unins000.exe "
McAfee SiteAdvisor --> C:\Program Files\SiteAdvisor\6261\uninstall.exe
Microsoft .NET Framework 2.0 Service Pack 1 --> MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Baseline Security Analyzer 2.0.1 --> MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs --> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft National Language Support Downlevel APIs --> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office PowerPoint Viewer 2007 (English) --> MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002 --> MsiExec.exe /I{901B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works Setup Launcher --> C:\Program Files\Microsoft Works Suite 99\Setup\Launcher.exe W:\
Mozilla Firefox (2.0.0.15) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Paragon Partition Manager 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F06F0CE-C2B7-428C-BF70-8C55EEDF81BC}\Setup.exe" -l0x9
PowerDesk 6 --> MsiExec.exe /I{B93251B5-9209-4DAB-867C-AA98D91584CD}
PrintDeskTop --> C:\WINDOWS\unvise32.exe C:\Program Files\PrintDeskTop\uninstal.log
Quick StartUp 2.3 --> "c:\utilities\Quick Startup\unins000.exe "
RegSupreme --> "C:\UTILITIES\RegSupreme\unins000.exe "
Revo Uninstaller 1.50 --> c:\UTILITIES\Revo Uninstaller\uninst.exe
Secunia PSI (RC1) --> "C:\Program Files\Secunia\PSI (RC1)\uninstall.exe "
Security Update for Windows Media Player (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB911565) --> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe "
Security Update for Windows XP (KB883939) --> "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe "
Security Update for Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe "
Security Update for Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896688) --> "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899588) --> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe "
Security Update for Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe "
Security Update for Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe "
Security Update for Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe "
Security Update for Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe "
Security Update for Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe "
Security Update for Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe "
Security Update for Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe "
Security Update for Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe "
Security Update for Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe "
Security Update for Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe "
Security Update for Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe "
Security Update for Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe "
Security Update for Windows XP (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe "
Security Update for Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe "
Security Update for Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe "
Security Update for Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
ShareIns -->
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R
Skins -->
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe "
Sunbelt Personal Firewall --> MsiExec.exe /X{2736EE90-D7F8-499E-AA60-E65D4C2FE069}
TrojanHunter 4.7 --> "C:\Program Files\TrojanHunter 4.7\unins000.exe "
TurboTax Deluxe 2007 --> C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Deluxe Deduction Maximizer 2006 --> C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006 --> MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta "
Update for Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe "
Update for Windows XP (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe "
Update for Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe "
Update for Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe "
Update for Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe "
Update for Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe "
Update for Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe "
Update for Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe "
Update for Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe "
Update for Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe "
Update for Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe "
Update for Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe "
Update for Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe "
Update for Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe "
Update for Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe "
Update for Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe "
Update for Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe "
Update for Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe "
Verizon Online --> C:\WINDOWS\system32\VerizonUninstaller.exe
Verizon Online Support Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00A1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
WebFldrs XP -->
WexTech AnswerWorks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate
Windows Genuine Advantage Notifications (KB905474) -->
Windows Genuine Advantage v1.3.0254.0 --> MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Installer 3.1 (KB893803) --> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Live Safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll ",?UninstallFunction@CwlscCore@@QAEXXZ
Windows Media Format Runtime --> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 --> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Hotfix - KB873333 --> C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB885884 --> C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742 --> C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175 --> C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Service Pack 2 --> C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type53 / Error
Event Submitted/Written: 07/10/2008 09:07:11 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application pcwizard.dll, version 2007.1.0.73, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type52 / Error
Event Submitted/Written: 07/10/2008 09:07:07 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application pcwizard.dll, version 2007.1.0.73, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b.
Processing media-specific event for [pcwizard.dll!ws!]

Event Record #/Type16 / Error
Event Submitted/Written: 07/06/2008 04:16:11 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 638239796.

Event Record #/Type15 / Error
Event Submitted/Written: 07/06/2008 04:16:06 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application SpybotSD.exe, version 1.5.2.20, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type11 / Error
Event Submitted/Written: 07/05/2008 03:29:41 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 638239796.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type10955 / Error
Event Submitted/Written: 07/16/2008 03:03:36 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The REGSpy service failed to start due to the following error:
%%3

Event Record #/Type10954 / Error
Event Submitted/Written: 07/16/2008 03:03:36 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The FILESpy service failed to start due to the following error:
%%3

Event Record #/Type10932 / Error
Event Submitted/Written: 07/16/2008 02:39:06 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The REGSpy service failed to start due to the following error:
%%3

Event Record #/Type10931 / Error
Event Submitted/Written: 07/16/2008 02:39:06 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The FILESpy service failed to start due to the following error:
%%3

Event Record #/Type10928 / Error
Event Submitted/Written: 07/16/2008 02:38:19 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.2 for the Network Card with network address 000C6EB2A2A0 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).



-- End of Deckard's System Scanner: finished at 2008-07-16 15:13:14 ------------
:
(I notice there are some programs listed which I no longer use)

 

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.66GHz
Percentage of Memory in Use: 66%
Physical Memory (total/avail): 511.53 MiB / 169.61 MiB
Pagefile Memory (total/avail): 1200.54 MiB / 747.38 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1979.28 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 38.29 GiB total, 28.74 GiB free.
D: is Fixed (NTFS) - 38.4 GiB total, 38.33 GiB free.
V: is CDROM (No Media)
W: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - HDS722580VLAT20 - 76.69 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 38.29 GiB - C:
\PARTITION1 - Installable File System - 38.4 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FW: Sunbelt Personal Firewall v4.6.1839 T (Sunbelt Software, Inc)
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax "
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager "
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax "
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager "
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe "= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe "
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe "= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe "


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Norman\Application Data
CLIENTNAME=Console
COLLECTIONID=COL8143
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NORMAN-SP8SZ7LJ
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Norman
ITEMID=dj-22741-15
LANG=1033
LOGONSERVER=\\NORMAN-SP8SZ7LJ
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONID=1166576732968htx6060.cce.hp.com52fda6:10f9d645719:-7a7c
SESSIONNAME=Console
SWUTVER=1.0.1.1
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Norman\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\Norman\LOCALS~1\Temp
TOOLPATH=/C:/Program%20Files/Hewlett-Packard/HP%20Software%20Update/install.htm
UPDATEDIR=C:\DOCUME~1\Norman\LOCALS~1\Temp\radCE50F.tmp
USERDOMAIN=NORMAN-SP8SZ7LJ
USERNAME=Norman
USERPROFILE=C:\Documents and Settings\Norman
VERSION=3.0.5.001
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Norman (admin)
Administrator.NORMAN-SP8SZ7LJ (admin)


-- Add/Remove Programs ---------------------------------------------------------

-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
--> C:\PROGRA~1\VERIZO~1\Uninstall.exe Verizon
--> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00BF-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00C6-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00D1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03DA-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x9 -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acronis True Image Home --> MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Active Disk --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\AutoDisk\uninstal.log
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AnswerWorks 4.0 Runtime - English --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
APC PowerChute Personal Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
ASUS Probe V2.19.04 --> C:\WINDOWS\uninst.exe -f "C:\Program Files\ASUS\Probe\DeIsL2.isu "
AsusUpdate --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\ASUS\AsusUpdate\Uninst.isu "
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Catalyst Control Center Core Implementation -->
Catalyst Control Center Graphics Full Existing -->
Catalyst Control Center Graphics Full New -->
Catalyst Control Center Graphics Light -->
Catalyst Control Center Graphics Previews Common -->
ccc-core-static -->
ccc-utility -->
CCC Help English -->
CCleaner (remove only) --> "C:\UTILITIES\CCleaner\uninst.exe "
Click'N Design 3D (V5) --> C:\PROGRA~1\CLICK'~1\UNWISE.EXE C:\PROGRA~1\CLICK'~1\INSTALL.LOG
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DigiPan --> C:\WINDOWS\system32\msinfhlp.exe ;uninstall; ;C:\Program Files\DigiPan\DigiPan.dat;
EasyCleaner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HijackThis 2.0.2 --> "C:\UTILITIES\HJT\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915865) --> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
hp deskjet 5600 --> msiexec /x{8CDC6712-AF80-459E-911F-F1E156CB0AB0}
hp instant support --> C:\PROGRA~1\HEWLET~1\hpis\Uninstall.exe /s CeS
HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - Deskjet Series --> MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
HP Photo and Imaging 2.1 - Scanjet 36X0 Series --> MsiExec.exe /I{49CE65E4-9EE2-4F29-8768-58DD1E45D09C}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
Intel(R) 536EP Modem --> rundll32 IntelSdi.dll,iSMUninstallation "Intel(R) 536EP Modem "
IomegaWare 4.0.3 --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\uninstal.log
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Logitech MouseWare 9.79.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 -l0009 UNINSTALL
MagicTune Premium --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6044256-A309-43B5-9833-D3FAFE2AD24D}\setup.exe" -l0x9
Malwarebytes' Anti-Malware --> "C:\Utilities\MBAM\unins000.exe "
McAfee SiteAdvisor --> C:\Program Files\SiteAdvisor\6261\uninstall.exe
Microsoft .NET Framework 2.0 Service Pack 1 --> MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Baseline Security Analyzer 2.0.1 --> MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs --> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft National Language Support Downlevel APIs --> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office PowerPoint Viewer 2007 (English) --> MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002 --> MsiExec.exe /I{901B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works Setup Launcher --> C:\Program Files\Microsoft Works Suite 99\Setup\Launcher.exe W:\
Mozilla Firefox (2.0.0.15) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Paragon Partition Manager 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F06F0CE-C2B7-428C-BF70-8C55EEDF81BC}\Setup.exe" -l0x9
PowerDesk 6 --> MsiExec.exe /I{B93251B5-9209-4DAB-867C-AA98D91584CD}
PrintDeskTop --> C:\WINDOWS\unvise32.exe C:\Program Files\PrintDeskTop\uninstal.log
Quick StartUp 2.3 --> "c:\utilities\Quick Startup\unins000.exe "
RegSupreme --> "C:\UTILITIES\RegSupreme\unins000.exe "
Revo Uninstaller 1.50 --> c:\UTILITIES\Revo Uninstaller\uninst.exe
Secunia PSI (RC1) --> "C:\Program Files\Secunia\PSI (RC1)\uninstall.exe "
Security Update for Windows Media Player (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB911565) --> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe "
Security Update for Windows XP (KB883939) --> "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe "
Security Update for Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe "
Security Update for Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896688) --> "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899588) --> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe "
Security Update for Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe "
Security Update for Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe "
Security Update for Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe "
Security Update for Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe "
Security Update for Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe "
Security Update for Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe "
Security Update for Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe "
Security Update for Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe "
Security Update for Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe "
Security Update for Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe "
Security Update for Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe "
Security Update for Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe "
Security Update for Windows XP (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe "
Security Update for Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe "
Security Update for Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe "
Security Update for Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
ShareIns -->
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R
Skins -->
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe "
Sunbelt Personal Firewall --> MsiExec.exe /X{2736EE90-D7F8-499E-AA60-E65D4C2FE069}
TrojanHunter 4.7 --> "C:\Program Files\TrojanHunter 4.7\unins000.exe "
TurboTax Deluxe 2007 --> C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Deluxe Deduction Maximizer 2006 --> C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006 --> MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta "
Update for Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe "
Update for Windows XP (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe "
Update for Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe "
Update for Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe "
Update for Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe "
Update for Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe "
Update for Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe "
Update for Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe "
Update for Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe "
Update for Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe "
Update for Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe "
Update for Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe "
Update for Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe "
Update for Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe "
Update for Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe "
Update for Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe "
Update for Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe "
Update for Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe "
Verizon Online --> C:\WINDOWS\system32\VerizonUninstaller.exe
Verizon Online Support Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00A1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
WebFldrs XP -->
WexTech AnswerWorks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate
Windows Genuine Advantage Notifications (KB905474) -->
Windows Genuine Advantage v1.3.0254.0 --> MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Installer 3.1 (KB893803) --> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Live Safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll ",?UninstallFunction@CwlscCore@@QAEXXZ
Windows Media Format Runtime --> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 --> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Hotfix - KB873333 --> C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB885884 --> C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742 --> C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175 --> C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Service Pack 2 --> C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type53 / Error
Event Submitted/Written: 07/10/2008 09:07:11 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application pcwizard.dll, version 2007.1.0.73, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type52 / Error
Event Submitted/Written: 07/10/2008 09:07:07 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application pcwizard.dll, version 2007.1.0.73, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b.
Processing media-specific event for [pcwizard.dll!ws!]

Event Record #/Type16 / Error
Event Submitted/Written: 07/06/2008 04:16:11 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 638239796.

Event Record #/Type15 / Error
Event Submitted/Written: 07/06/2008 04:16:06 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application SpybotSD.exe, version 1.5.2.20, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type11 / Error
Event Submitted/Written: 07/05/2008 03:29:41 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 638239796.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type10955 / Error
Event Submitted/Written: 07/16/2008 03:03:36 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The REGSpy service failed to start due to the following error:
%%3

Event Record #/Type10954 / Error
Event Submitted/Written: 07/16/2008 03:03:36 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The FILESpy service failed to start due to the following error:
%%3

Event Record #/Type10932 / Error
Event Submitted/Written: 07/16/2008 02:39:06 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The REGSpy service failed to start due to the following error:
%%3

Event Record #/Type10931 / Error
Event Submitted/Written: 07/16/2008 02:39:06 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The FILESpy service failed to start due to the following error:
%%3

Event Record #/Type10928 / Error
Event Submitted/Written: 07/16/2008 02:38:19 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.2 for the Network Card with network address 000C6EB2A2A0 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).



-- End of Deckard's System Scanner: finished at 2008-07-16 15:13:14 ------------
:
(I notice there are some programs listed which I no longer use)

---------------

I disabled the [Internal] entries in msconfig.

I had read somewhere that one shouldn’t change anything in msconfig, so I have two programs in the system tray I don’t need. Since you gave the go-ahead to make a change in msconfig, I’ll disable them, too.

Many years ago I had a bad guy which—if I remember correctly—changed msconfig to msconfg.. When my machine was cleaned, msconfig worked OK, but something happened which may have corrupted the path, because the only way I’ve been able to access it, is via a desktop shortcut.

 

I suspect these are false detections. Please open MBAM and restore them from quarantine, then submit each of those files to my submission channel for analysis. Leave a link back to this topic.

Registry Keys Infected:
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\revo uninstaller
Files Infected:
C:\Program Files\Hewlett-Packard\hpis\Uninstall.exe
C:\Program Files\Verizon Online\Uninstall.exe
C:\Program Files\Verizon Online\bin\UpdateSC.EXE
C:\UTILITIES\Revo Uninstaller\uninst.exe


Wow ... lots of broken file associations. Highlight and copy the bolded command below.

"%userprofile%\desktop\dss.exe" /daft

• Click Start>Run and paste the command in, then hit enter.
• An interface of Deckards file association fix will open.
• Click Scan.
• Check the box next to all of the entries listed, then click Fix.
• Exit when complete.

A few BitDefender remnants that need cleaned up. Highlight each of the lines below and paste them into the Run dialog 1 at a time, hitting enter after each.

sc delete FILESpy
sc delete REGSpy
sc delete BDRsDrv

Scan again with Hijackthis and place a check next to the following entry, if present.

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Click Fix Checked and close HijackThis when complete.

After a reboot, see how things are working and post a fresh dss log.

I would also like for you to run another scan with MBAM, with a slight twist.

• Click the Start
• Click Run
• Type in (or copy and paste) mbam.exe /developer and hit enter
• Run the same type of scan you did before and save the logfile, then post it here

 

I returned the files you requested to their original positions.

Pardon my ignorance, but I was unable to properly paste them. I use Word to keep track of this thread, and when I pasted them, all but one was accompanied by an icon, and each was displaced vertically.

They weren’t accessible with my mouse; the arrow wouldn’t appear over them---just an I beam.

I intended to paste them onto your other site.

Please tell me how to make this work.

​

-o-o-o-o-o-o-

There were only two items when I ran your special dss.exe command.

​

-o-o-o-o-o-o-

I deleted the BitDefender files, and ran HJT---fixed the entry you told me to.

​

-o-o-o-o-o-o-

Ran RegSupreme, which found about 50 items, including several BitDefender leftovers.

If you’d prefer I not run this program while we’re working, please let me know.

​

-o-o-o-o-o-o-

When I ran MBAM, I was surprised to note that the formerly tagged files didn’t show up.

​

-o-o-o-o-o-o-

I found a tool called "File Assassin" in MBAM, so tried deleting the My Documents file I told you about. The program said the deletion was successful, but it wasn’t.

Sad to say, I can’t tell any difference in the behavior of my machine.

In fact, some generic icons are back when the desktop appears.

I’m sure I can straighten that out using the procedure you gave me previously.

​

-o-o-o-o-o-o-

I actually received an e-mail response from ZA. It included some rather detailed instructions for deleting the program.

It also included a site from which to download the installation file. While the version number is the same, there’s a difference in the file name. I guess I’ll have to try it one last time.

BTW, the ZA forum shows many unhappy campers having similar problems.

The next posts will be the dss.exe and MBAM logs.

 

Deckard's System Scanner v20071014.68
Run by Norman on 2008-07-20 17:17:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
7: 2008-07-20 21:18:07 UTC - RP18 - Deckard's System Scanner Restore Point
6: 2008-07-19 20:46:46 UTC - RP17 - System Checkpoint
5: 2008-07-18 19:37:26 UTC - RP16 - Before Firefox 3
4: 2008-07-18 18:57:54 UTC - RP15 - Installed Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
3: 2008-07-16 03:21:57 UTC - RP14 - Deckard's System Scanner Restore Point


-- First Restore Point --
1: 2008-07-15 20:03:36 UTC - RP12 - System Checkpoint


Performed disk cleanup.



-- HijackThis (run as Norman.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:19:21 PM, on 7/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINDOWS\htpatch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\program files\siteadvisor\6261\siteadv.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\TrojanHunter 4.7\THGuard.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Secunia\PSI (RC3)\psi.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Documents and Settings\Norman\Desktop\dss.exe
C:\UTILIT~1\HJT\Norman.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O4 - HKLM\..\Run: [ADUserMon] "C:\Program Files\Iomega\AutoDisk\ADUserMon.exe "
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [SiteAdvisor] c:\program files\siteadvisor\6261\siteadv.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.7\THGuard.exe "
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe "
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: MagicTune 3.6.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: Antivirus software - BitDefender - The future of security now!
O15 - Trusted Zone: ewido is AVG - anti-spyware, anti-malware and anti-virus software
O15 - Trusted Zone: usa.kaspersky.com
O15 - Trusted Zone: Antivirus, anti-spyware, anti-spam, firewall. Protect yourself with Panda Security
O15 - Trusted Zone: Trend Micro HouseCall - Free Online Virus and Spyware Scan - Trend Micro USA
O15 - Trusted Zone: http://*.turbotax.com
O15 - Trusted Zone: *.vanguard.com
O15 - Trusted Zone: *.verizon.net
O16 - DPF: {05317530-B882-449D-9421-18D94FA3ED34} (OSInfo Control) - http://www.sis.com/ocis/OSInfo.cab
O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/ocis/SiSAutodetectNT.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120085952027
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143236299578
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

--
End of file - 8451 bytes

 

-- HijackThis Fixed Entries (C:\UTILIT~1\HJT\backups\) -------------------------

backup-20080624-141942-231 O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
backup-20080719-153258-135 O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.bat - batfile - shell\open\command - "%1" %*
.bat - batfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.cmd - cmdfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.cmd - cmdfile - shell\open\command - "%1" %*
.cmd - cmdfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.chm - chm.file - DefaultIcon - C:\WINDOWS\hh.exe,0
.chm - chm.file - shell\open\command - "C:\WINDOWS\hh.exe" %1
.com - comfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,2
.com - comfile - shell\open\command - "%1" %*
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1 ",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1 ",%*
.exe - exefile - DefaultIcon - %1
.exe - exefile - shell\open\command - "%1" %*
.hlp - hlpfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,23
.hlp - hlpfile - shell\open\command - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.inf - inffile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.ini - inifile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,3
.js - JSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - CLSID - {00021401-0000-0000-C000-000000000046}
.pif - piffile - shell\open\command - "%1" %*
.reg - regfile - DefaultIcon - %SystemRoot%\regedit.exe,1
.reg - regfile - shell\open\command - regedit.exe "%1 "
.reg - regfile - shell\edit\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.scr - scrfile - shell\open\command - "%1" /S
.txt - txtfile - DefaultIcon - %SystemRoot%\system32\shell32.dll,-152
.txt - txtfile - shell\open\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,2
.vbs - VBSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.vbs - VBSFile - shell\edit\command - %SystemRoot%\System32\Notepad.exe %1

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 iomdisk (Iomega Devices Disk Filter Services) - c:\windows\system32\drivers\iomdisk.sys <Not Verified; Iomega Corporation; Microsoft(R) Windows NT(R) Operating System>
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Mup - c:\windows\system32\drivers\mup.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PartMgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCIIde - c:\windows\system32\drivers\pciide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys <Not Verified; Sonic Solutions; PxHelp20>
R0 sisagp (SiS AGP Filter) - c:\windows\system32\drivers\sisagpx.sys <Not Verified; Silicon Integrated Systems Corporation; SiS AGPv3.5 Filter for Windows XP>
R0 snapman (Acronis Snapshots Manager) - c:\windows\system32\drivers\snapman.sys <Not Verified; Acronis; Acronis Snapshot API>
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 tdrpman (Acronis Try&Decide and Restore Points filter) - c:\windows\system32\drivers\tdrpman.sys <Not Verified; Acronis; Acronis Try&Decide and Restore Points>
R0 timounter (Acronis True Image Backup Archive Explorer) - c:\windows\system32\drivers\timntr.sys <Not Verified; Acronis; Acronis True Image>
R0 VolSnap - c:\windows\system32\drivers\volsnap.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFD (AFD Networking Support Environment) - c:\windows\system32\drivers\afd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
R1 AvgLdx86 (AVG AVI Loader Driver x86) - c:\windows\system32\drivers\avgldx86.sys <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R1 AvgMfx86 (AVG On-access Scanner Minifilter Driver x86) - c:\windows\system32\drivers\avgmfx86.sys <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R1 Beep - c:\windows\system32\drivers\beep.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Fips - c:\windows\system32\drivers\fips.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Msfs - c:\windows\system32\drivers\msfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBT (NetBios over Tcpip) - c:\windows\system32\drivers\netbt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Npfs - c:\windows\system32\drivers\npfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Null - c:\windows\system32\drivers\null.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 SbFw - c:\windows\system32\drivers\sbfw.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R1 sbhips (Sunbelt HIPS Driver) - c:\windows\system32\drivers\sbhips.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 SiSkp - c:\windows\system32\drivers\srvkp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS (R) WindowsXP Display Manager>
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 VgaSave (VGA Display Controller.) - c:\windows\system32\drivers\vga.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 aslm75 - c:\windows\system32\drivers\aslm75.sys
R2 AvgTdiX (AVG8 Network Redirector) - c:\windows\system32\drivers\avgtdix.sys <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R2 ParVdm - c:\windows\system32\drivers\parvdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 symlcbrd - c:\windows\system32\drivers\symlcbrd.sys
R2 tifsfilter (Acronis True Image FS Filter) - c:\windows\system32\drivers\tifsfilt.sys <Not Verified; Acronis; Acronis True Image>
R2 tmcomm - c:\windows\system32\drivers\tmcomm.sys <Not Verified; Trend Micro Inc.; ActiveClean>
R3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
R3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - c:\windows\system32\drivers\awrtpd.sys <Not Verified; Lavasoft AB; Ad-Watch Beta>
R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys <Not Verified; Andrea Electronics Corporation; Andrea Audio Driver>
R3 ati2mtag - c:\windows\system32\drivers\ati2mtag.sys <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Miniport Driver>
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 gameenum (Game Port Enumerator) - c:\windows\system32\drivers\gameenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Intels51 (Intel(R) 536EP Modem) - c:\windows\system32\drivers\intels51.sys <Not Verified; Intel Corporation; Intel(R) 536EP Modem>
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 L8042pr2 (Logitech PS/2 Mouse Filter Driver) - c:\windows\system32\drivers\l8042pr2.sys <Not Verified; Logitech, Inc.; Logitech MouseWare(TM)>
R3 LMouFlt2 (Logitech Mouse Class Filter Driver) - c:\windows\system32\drivers\lmouflt2.sys <Not Verified; Logitech, Inc.; Logitech MouseWare(TM)>
R3 MagicTune - c:\windows\system32\drivers\mtictwl.sys <Not Verified; Samsung Electronics, Inc.; MagicTunePremium>
R3 Modem - c:\windows\system32\drivers\modem.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PSI - c:\windows\system32\drivers\psi_mf.sys <Not Verified; Secunia; Secunia Personal Software Inspector>
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys <Not Verified; Parallel Technologies, Inc.; Microsoft® Windows® Operating System>
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 SBFWIMCL (Sunbelt Software Firewall NDIS IM Filter Miniport) - c:\windows\system32\drivers\sbfwim.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R3 serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 SISNIC (SiS PCI Fast Ethernet Adapter Driver) - c:\windows\system32\drivers\sisnic.sys <Not Verified; SiS Corporation; NDIS 5.1 NIC Driver>
R3 smwdm - c:\windows\system32\drivers\smwdm.sys <Not Verified; Analog Devices, Inc.; SoundMAX Digital Audio Driver>
R3 Srv - c:\windows\system32\drivers\srv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbscan (USB Scanner Driver) - c:\windows\system32\drivers\usbscan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Fastfat - c:\windows\system32\drivers\fastfat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

 

S1 Cdaudio - c:\windows\system32\drivers\cdaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ASUSHWIO - c:\windows\system32\drivers\asushwio.sys
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 DMusic (Microsoft Kernel DLS Syntheiszer) - c:\windows\system32\drivers\dmusic.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HidBatt (HID UPS Battery Driver) - c:\windows\system32\drivers\hidbatt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HTTP - c:\windows\system32\drivers\http.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ip6fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFlt (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkflt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFwd (IPX Traffic Forwarder Driver) - c:\windows\system32\drivers\nwlnkfwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ROOTMODEM (Microsoft Legacy Modem Driver) - c:\windows\system32\drivers\rootmdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Secdrv - c:\windows\system32\drivers\secdrv.sys <Not Verified; Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.; Macrovision SECURITY Driver>
S3 SiS315 - c:\windows\system32\drivers\sisgrp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS (R) Compatible Super VGA Miniport Driver for Windows XP>
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cbidf2k - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dmboot - c:\windows\system32\drivers\dmboot.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmio - c:\windows\system32\drivers\dmio.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmload - c:\windows\system32\drivers\dmload.sys <Not Verified; Microsoft Corp., Veritas Software.; Logical Disk Manager for Windows NT>
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Udfs - c:\windows\system32\drivers\udfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 _IOMEGA_ACTIVE_DISK_SERVICE_ (Iomega Active Disk) - "c:\program files\iomega\autodisk\adservice.exe" <Not Verified; Iomega Corporation; Iomega Active Disk>
R2 aawservice (Lavasoft Ad-Aware Service) - "c:\program files\lavasoft\ad-aware\aawservice.exe" <Not Verified; Lavasoft; Ad-Aware Service>
R2 AcrSch2Svc (Acronis Scheduler2 Service) - "c:\program files\common files\acronis\schedule2\schedul2.exe" <Not Verified; Acronis; Acronis Scheduler 2>
R2 Alerter - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 APC UPS Service - c:\program files\apc\apc powerchute personal edition\mainserv.exe <Not Verified; American Power Conversion Corporation; APC PowerChute Personal Edition>
R2 Ati HotKey Poller - c:\windows\system32\ati2evxx.exe <Not Verified; ATI Technologies Inc.; ATI External Event Utility for Windows>
R2 AudioSrv (Windows Audio) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 avg8emc (AVG8 E-mail Scanner) - c:\progra~1\avg\avg8\avgemc.exe <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R2 avg8wd (AVG8 WatchDog) - c:\progra~1\avg\avg8\avgwdsvc.exe <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
R2 BITS (Background Intelligent Transfer Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Browser (Computer Browser) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 CryptSvc (Cryptographic Services) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 DcomLaunch (DCOM Server Process Launcher) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dhcp (DHCP Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dnscache (DNS Client) - c:\windows\system32\svchost.exe -k networkservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ERSvc (Error Reporting Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 helpsvc (Help and Support) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 HidServ (HID Input Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Iomega App Services - "c:\progra~1\iomega\system32\appservices.exe" <Not Verified; Iomega Corporation; Iomega App Services>
R2 lanmanserver (Server) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 lanmanworkstation (Workstation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 LmHosts (TCP/IP NetBIOS Helper) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 MagicTuneEngine - c:\program files\magictune premium\magictuneengine.exe
R2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RpcSs (Remote Procedure Call (RPC)) - c:\windows\system32\svchost -k rpcss <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SbPF.Launcher - "c:\program files\sunbelt software\personal firewall\sbpflnch.exe" <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R2 Schedule (Task Scheduler) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 seclogon (Secondary Logon) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SENS (System Event Notification) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ShellHWDetection (Shell Hardware Detection) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SiteAdvisor Service - "c:\program files\siteadvisor\6261\saservice.exe "
R2 SoundMAX Agent Service (default) (SoundMAX Agent Service) - c:\program files\analog devices\soundmax\smagent.exe <Not Verified; Analog Devices, Inc.; SoundMAX service agent>
R2 SPF4 (Sunbelt Personal Firewall 4) - "c:\program files\sunbelt software\personal firewall\sbpfsvc.exe" <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 srservice (System Restore Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 stisvc (Windows Image Acquisition (WIA)) - c:\windows\system32\svchost.exe -k imgsvc <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Themes - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 TrkWks (Distributed Link Tracking Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 TryAndDecideService (Acronis Try And Decide Service) - "c:\program files\common files\acronis\fomatik\trueimagetrystartservice.exe "
R2 UMWdf (Windows User Mode Driver Framework) - c:\windows\system32\wdfmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 W32Time (Windows Time) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WebClient - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 winmgmt (Windows Management Instrumentation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wscsvc (Security Center) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wuauserv (Automatic Updates) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WZCSVC (Wireless Zero Configuration) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Eventlog (Event Log) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 EventSystem (COM+ Event System) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 FastUserSwitchingCompatibility (Fast User Switching Compatibility) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Netman (Network Connections) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Nla (Network Location Awareness (NLA)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasMan (Remote Access Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TapiSrv (Telephony) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TermService (Terminal Services) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

 

S2 ATI Smart - c:\windows\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
S3 AppMgmt (Application Management) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aspnet_state (ASP.NET State Service) - c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 CiSvc (Indexing Service) - c:\windows\system32\cisvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 COMSysApp (COM+ System Application) - c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe /com <Not Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
S3 dmserver (Logical Disk Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HTTPFilter (HTTP SSL) - c:\windows\system32\svchost.exe -k httpfilter <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 mnmsrvc (NetMeeting Remote Desktop Sharing) - c:\windows\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
S3 MSIServer (Windows Installer) - c:\windows\system32\msiexec.exe /v <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
S3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtmsSvc (Removable Storage) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RasAuto (Remote Access Auto Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RSVP (QoS RSVP) - c:\windows\system32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SCardSvr (Smart Card) - c:\windows\system32\scardsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SwPrv (MS Software Shadow Copy Provider) - c:\windows\system32\dllhost.exe /processid:{73f63084-1e55-4b05-bea2-081e313647a8} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SysmonLog (Performance Logs and Alerts) - c:\windows\system32\smlogsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 UPS (Uninterruptible Power Supply) - c:\windows\system32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmdmPmSN (Portable Media Serial Number Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 xmlprov (Network Provisioning Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ClipSrv (ClipBook) - c:\windows\system32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Iomega Activity Disk2 - " "
S4 Messenger - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDE (Network DDE) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDEdsdm (Network DDE DSDM) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 RemoteAccess (Routing and Remote Access) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 SSDPSRV (SSDP Discovery Service) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 upnphost (Universal Plug and Play Device Host) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-16 15:11:00 244 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2008-05-17 15:11:41 338 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job


-- Files created between 2008-06-20 and 2008-07-20 -----------------------------

2008-07-19 21:53:47 0 dr-h----- C:\Documents and Settings\Norman\Recent
2008-07-19 14:00:57 36472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys <Not Verified; Malwarebytes Corporation; Malwarebytes' Anti-Malware>
2008-07-18 14:56:46 0 d-------- C:\Program Files\Secunia
2008-07-13 17:27:01 65576 --a------ C:\WINDOWS\system32\drivers\SbFwIm.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
2008-07-13 17:27:01 269736 -ra------ C:\WINDOWS\system32\drivers\SbFw.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>
2008-07-13 17:26:53 0 d-------- C:\Program Files\Sunbelt Software
2008-07-11 17:24:58 139264 --a------ C:\WINDOWS\system32\javaws.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U7>
2008-07-11 17:24:58 135168 --a------ C:\WINDOWS\system32\javaw.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U7>
2008-07-11 17:24:58 135168 --a------ C:\WINDOWS\system32\java.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U7>
2008-07-08 17:23:22 0 d--h---c- C:\WINDOWS\$NtUninstallKB951748$
2008-07-08 14:29:34 9437184 --a------ C:\Documents and Settings\Norman\ntuser.dat
2008-07-04 17:44:44 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-07-04 17:44:04 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-06-21 04:54:54 66600 -ra------ C:\WINDOWS\system32\drivers\sbhips.sys <Not Verified; Sunbelt Software, Inc.; Sunbelt Personal Firewall>

 

-- Find3M Report ---------------------------------------------------------------

2008-07-20 16:23:00 0 d-------- C:\Program Files\Mozilla Firefox
2008-07-20 16:22:47 0 d-------- C:\Program Files\SpywareBlaster
2008-07-20 16:13:04 2048 --a-s---- C:\WINDOWS\bootstat.dat
2008-07-20 16:13:01 536449024 --ahs---- C:\hiberfil.sys
2008-07-20 16:13:00 754974720 --ahs---- C:\pagefile.sys
2008-07-19 15:52:48 0 d-------- C:\Program Files\MICROSOFT MONEY BACKUPS
2008-07-18 17:23:53 0 d-------- C:\Program Files\Verizon Online
2008-07-18 15:39:59 0 d-------- C:\Documents and Settings\Norman\Application Data\Mozilla
2008-07-18 14:57:56 0 d-------- C:\Program Files\Adobe
2008-07-15 22:48:36 0 d-------- C:\Program Files\Common Files
2008-07-13 17:11:00 0 d-------- C:\Program Files\MSECache
2008-07-11 17:24:57 0 d-------- C:\Program Files\Java
2008-07-10 17:24:49 0 d-------- C:\Program Files\SiteAdvisor
2008-07-05 16:50:34 0 d-------- C:\Program Files\Panda Security
2008-07-05 15:21:41 0 d-------- C:\Documents and Settings\Norman\Application Data\SiteAdvisor
2008-07-04 23:04:52 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-04 16:15:44 0 d-------- C:\Program Files\Lavasoft
2008-07-04 16:13:38 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-02 15:26:28 10520 --a------ C:\WINDOWS\system32\avgrsstx.dll <Not Verified; AVG Technologies CZ, s.r.o.; AVG Internet Security>
2008-06-25 12:15:46 17972344 --a------ C:\WINDOWS\system32\MRT.exe <Not Verified; Microsoft Corporation; Microsoft Windows Malicious Software Removal Tool>
2008-06-20 13:41:10 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-20 13:41:10 148992 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-10 17:50:39 0 d-------- C:\Program Files\Internet Explorer
2008-06-04 21:23:55 0 d-------- C:\Documents and Settings\Norman\Application Data\Malwarebytes
2008-05-26 21:15:13 36888 --a------ C:\Documents and Settings\Norman\Application Data\GDIPFONTCACHEV1.DAT
2008-05-20 21:23:15 0 d-------- C:\Documents and Settings\Norman\Application Data\Macromedia
2008-05-20 21:23:14 0 d-------- C:\Documents and Settings\Norman\Application Data\Adobe
2008-05-16 11:58:04 12632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-07 01:18:48 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2008-04-21 02:56:59 666624 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 618496 --a------ C:\WINDOWS\system32\urlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 1499136 --a------ C:\WINDOWS\system32\shdocvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 39424 --a------ C:\WINDOWS\system32\pngfilt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:58 532480 --a------ C:\WINDOWS\system32\mstime.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:57 146432 --a------ C:\WINDOWS\system32\msrating.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:57 449024 --a------ C:\WINDOWS\system32\mshtmled.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:57 3066880 --a------ C:\WINDOWS\system32\mshtml.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:56 16384 --a------ C:\WINDOWS\system32\jsproxy.dll <Not Verified; Microsoft Corporation; JScript Proxy Auto-Configuration>
2008-04-21 02:56:56 96256 --a------ C:\WINDOWS\system32\inseng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:56 251904 --a------ C:\WINDOWS\system32\iepeers.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 55808 --a------ C:\WINDOWS\system32\extmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 205312 --a------ C:\WINDOWS\system32\dxtrans.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 357888 --a------ C:\WINDOWS\system32\dxtmsft.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:55 1054208 --a------ C:\WINDOWS\system32\danim.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2008-04-21 02:56:54 151040 --a------ C:\WINDOWS\system32\cdfview.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-21 02:56:54 1024000 --a------ C:\WINDOWS\system32\browseui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ADUserMon "= "C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [04/27/2008 03:48 PM]
"Logitech Utility "= "Logi_MwX.Exe" [12/17/2003 09:50 AM C:\WINDOWS\LOGI_MWX.EXE]
"HTpatch "= "C:\WINDOWS\htpatch.exe" [10/30/2002 05:40 AM]
"SiteAdvisor "= "c:\program files\siteadvisor\6261\siteadv.exe" [05/16/2008 12:50 PM]
"SiS Windows KeyHook "= "C:\WINDOWS\system32\keyhook.exe" [05/12/2004 05:22 PM]
"THGuard "= "C:\Program Files\TrojanHunter 4.7\THGuard.exe" [06/23/2007 12:19 AM]
"TrueImageMonitor.exe "= "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [09/14/2007 02:52 AM]
"AcronisTimounterMonitor "= "C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [09/14/2007 03:02 AM]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM]
"AVG8_TRAY "= "C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/02/2008 03:26 PM]
"Acronis Scheduler2 Service "= "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [09/14/2007 02:55 AM]
"NeroCheck "= "C:\WINDOWS\System32\\NeroCheck.exe" [07/09/2001 06:50 AM]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"Ad-Watch "= "C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe" [07/04/2008 04:30 PM]

C:\Documents and Settings\Norman\Start Menu\Programs\Startup\
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [6/16/2008 5:03:08 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [1/11/2008 11:16:38 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls "=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages "= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@= "Volume shadow copy "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GammaTray.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GammaTray.lnk
backup=C:\WINDOWS\pss\GammaTray.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

*Newly Created Service* - AD-WATCH_REAL-TIME_SCANNER

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 Command - Keeping Software Free
127.0.0.1 032439.com

8828 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-07-20 17:20:24 ------------

-o-o-o-o-o-o-o-

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.66GHz
Percentage of Memory in Use: 58%
Physical Memory (total/avail): 511.53 MiB / 211.02 MiB
Pagefile Memory (total/avail): 1200.54 MiB / 677.43 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1979.25 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 38.29 GiB total, 28.48 GiB free.
D: is Fixed (NTFS) - 38.4 GiB total, 38.33 GiB free.
V: is CDROM (No Media)
W: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - HDS722580VLAT20 - 76.69 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 38.29 GiB - C:
\PARTITION1 - Installable File System - 38.4 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FW: Sunbelt Personal Firewall v4.6.1839 T (Sunbelt Software, Inc)
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\\Network Diagnostic\\xpnetdiag.exe "= "%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax "
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager "
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax "
"C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe "= "C:\\Program Files\\TurboTax\\Deluxe 2007\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager "
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe "= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe "
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe "= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe "

 

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Norman\Application Data
CLIENTNAME=Console
COLLECTIONID=COL8143
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NORMAN-SP8SZ7LJ
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Norman
ITEMID=dj-22741-15
LANG=1033
LOGONSERVER=\\NORMAN-SP8SZ7LJ
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OSVER=winXPH
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONID=1166576732968htx6060.cce.hp.com52fda6:10f9d645719:-7a7c
SESSIONNAME=Console
SWUTVER=1.0.1.1
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Norman\LOCALS~1\Temp
TIMEOUT=0
TMP=C:\DOCUME~1\Norman\LOCALS~1\Temp
TOOLPATH=/C:/Program%20Files/Hewlett-Packard/HP%20Software%20Update/install.htm
UPDATEDIR=C:\DOCUME~1\Norman\LOCALS~1\Temp\radCE50F.tmp
USERDOMAIN=NORMAN-SP8SZ7LJ
USERNAME=Norman
USERPROFILE=C:\Documents and Settings\Norman
VERSION=3.0.5.001
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Norman (admin)
Administrator.NORMAN-SP8SZ7LJ (admin)


-- Add/Remove Programs ---------------------------------------------------------

-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
-->
--> C:\PROGRA~1\VERIZO~1\Uninstall.exe Verizon
--> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00BF-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00C6-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00D1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03DA-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x9 -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acronis True Image Home --> MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Active Disk --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\AutoDisk\uninstal.log
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader 8.1.2 Security Update 1 (KB403742) -->
AnswerWorks 4.0 Runtime - English --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
APC PowerChute Personal Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
ASUS Probe V2.19.04 --> C:\WINDOWS\uninst.exe -f "C:\Program Files\ASUS\Probe\DeIsL2.isu "
AsusUpdate --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\ASUS\AsusUpdate\Uninst.isu "
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Catalyst Control Center Core Implementation -->
Catalyst Control Center Graphics Full Existing -->
Catalyst Control Center Graphics Full New -->
Catalyst Control Center Graphics Light -->
Catalyst Control Center Graphics Previews Common -->
ccc-core-static -->
ccc-utility -->
CCC Help English -->
CCleaner (remove only) --> "C:\UTILITIES\CCleaner\uninst.exe "
Click'N Design 3D (V5) --> C:\PROGRA~1\CLICK'~1\UNWISE.EXE C:\PROGRA~1\CLICK'~1\INSTALL.LOG
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DigiPan --> C:\WINDOWS\system32\msinfhlp.exe ;uninstall; ;C:\Program Files\DigiPan\DigiPan.dat;
EasyCleaner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HijackThis 2.0.2 --> "C:\UTILITIES\HJT\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915865) --> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
hp deskjet 5600 --> msiexec /x{8CDC6712-AF80-459E-911F-F1E156CB0AB0}
hp instant support --> C:\PROGRA~1\HEWLET~1\hpis\Uninstall.exe /s CeS
HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - Deskjet Series --> MsiExec.exe /I{E0828692-FD9D-459F-9312-C645C3CA6650}
HP Photo and Imaging 2.1 - Scanjet 36X0 Series --> MsiExec.exe /I{49CE65E4-9EE2-4F29-8768-58DD1E45D09C}
hp print screen utility --> C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
Intel(R) 536EP Modem --> rundll32 IntelSdi.dll,iSMUninstallation "Intel(R) 536EP Modem "
IomegaWare 4.0.3 --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\uninstal.log
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Logitech MouseWare 9.79.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 -l0009 UNINSTALL
MagicTune Premium --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D6044256-A309-43B5-9833-D3FAFE2AD24D}\setup.exe" -l0x9
Malwarebytes' Anti-Malware --> "C:\Utilities\MBAM\unins000.exe "
McAfee SiteAdvisor --> C:\Program Files\SiteAdvisor\6261\uninstall.exe
Microsoft .NET Framework 2.0 Service Pack 1 --> MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Baseline Security Analyzer 2.0.1 --> MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs --> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft National Language Support Downlevel APIs --> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office PowerPoint Viewer 2007 (English) --> MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Word 2002 --> MsiExec.exe /I{901B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works Setup Launcher --> C:\Program Files\Microsoft Works Suite 99\Setup\Launcher.exe W:\
Mozilla Firefox (3.0.1) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
Paragon Partition Manager 6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F06F0CE-C2B7-428C-BF70-8C55EEDF81BC}\Setup.exe" -l0x9
PowerDesk 6 --> MsiExec.exe /I{B93251B5-9209-4DAB-867C-AA98D91584CD}
PrintDeskTop --> C:\WINDOWS\unvise32.exe C:\Program Files\PrintDeskTop\uninstal.log
Quick StartUp 2.3 --> "c:\utilities\Quick Startup\unins000.exe "
RegSupreme --> "C:\UTILITIES\RegSupreme\unins000.exe "
Revo Uninstaller 1.50 --> c:\UTILITIES\Revo Uninstaller\uninst.exe
Secunia PSI (RC3) --> "C:\Program Files\Secunia\PSI (RC3)\uninstall.exe "
Security Update for Windows Media Player (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB911565) --> "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe "
Security Update for Windows XP (KB883939) --> "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe "
Security Update for Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe "
Security Update for Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe "
Security Update for Windows XP (KB896688) --> "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899588) --> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe "
Security Update for Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe "
Security Update for Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe "
Security Update for Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe "
Security Update for Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe "
Security Update for Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe "
Security Update for Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe "
Security Update for Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe "
Security Update for Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe "
Security Update for Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe "
Security Update for Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe "
Security Update for Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe "
Security Update for Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe "
Security Update for Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe "
Security Update for Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe "
Security Update for Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe "
Security Update for Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe "
Security Update for Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe "
Security Update for Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe "
Security Update for Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe "
Security Update for Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe "
Security Update for Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe "
Security Update for Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe "
Security Update for Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe "
Security Update for Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe "
Security Update for Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe "
Security Update for Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe "
Security Update for Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe "
Security Update for Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe "
Security Update for Windows XP (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe "
Security Update for Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe "
Security Update for Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe "
Security Update for Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe "
Security Update for Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe "
Security Update for Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe "
Security Update for Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe "
Security Update for Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748) --> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
ShareIns -->
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R
Skins -->
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe "
Sunbelt Personal Firewall --> MsiExec.exe /X{2736EE90-D7F8-499E-AA60-E65D4C2FE069}
TrojanHunter 4.7 --> "C:\Program Files\TrojanHunter 4.7\unins000.exe "
TurboTax Deluxe 2007 --> C:\Program Files\TurboTax\Deluxe 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2007\Uninstall.log" -NoGui
TurboTax Deluxe Deduction Maximizer 2006 --> C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006 --> MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta "
Update for Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe "
Update for Windows XP (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe "
Update for Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe "
Update for Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe "
Update for Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe "
Update for Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe "
Update for Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe "
Update for Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe "
Update for Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe "
Update for Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe "
Update for Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe "
Update for Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe "
Update for Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe "
Update for Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe "
Update for Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe "
Update for Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe "
Update for Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe "
Update for Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe "
Update for Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe "
Verizon Online --> C:\WINDOWS\system32\VerizonUninstaller.exe
Verizon Online Support Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00A1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
WebFldrs XP -->
WexTech AnswerWorks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate
Windows Genuine Advantage Notifications (KB905474) -->
Windows Genuine Advantage v1.3.0254.0 --> MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Genuine Advantage Validation Tool (KB892130) -->
Windows Installer 3.1 (KB893803) --> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Live Safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll ",?UninstallFunction@CwlscCore@@QAEXXZ
Windows Media Format Runtime --> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10 --> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Hotfix - KB873333 --> C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP Hotfix - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP Hotfix - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP Hotfix - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP Hotfix - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB885884 --> C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB887742 --> C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Windows XP Hotfix - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890175 --> C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
Windows XP Hotfix - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP Service Pack 2 --> C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type53 / Error
Event Submitted/Written: 07/10/2008 09:07:11 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application pcwizard.dll, version 2007.1.0.73, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type52 / Error
Event Submitted/Written: 07/10/2008 09:07:07 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application pcwizard.dll, version 2007.1.0.73, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b.
Processing media-specific event for [pcwizard.dll!ws!]

Event Record #/Type16 / Error
Event Submitted/Written: 07/06/2008 04:16:11 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 638239796.

Event Record #/Type15 / Error
Event Submitted/Written: 07/06/2008 04:16:06 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application SpybotSD.exe, version 1.5.2.20, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type11 / Error
Event Submitted/Written: 07/05/2008 03:29:41 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 638239796.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type11077 / Error
Event Submitted/Written: 07/20/2008 04:16:11 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.2 for the Network Card with network address 000C6EB2A2A0 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type11053 / Error
Event Submitted/Written: 07/19/2008 05:52:50 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.2 for the Network Card with network address 000C6EB2A2A0 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type11049 / Error
Event Submitted/Written: 07/19/2008 05:04:26 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.2 for the Network Card with network address 000C6EB2A2A0 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type11025 / Error
Event Submitted/Written: 07/19/2008 01:54:34 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.0.2 for the Network Card with network address 000C6EB2A2A0 has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type11009 / Error
Event Submitted/Written: 07/19/2008 01:52:05 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The REGSpy service failed to start due to the following error:
%%3



-- End of Deckard's System Scanner: finished at 2008-07-20 17:20:24 ------------

-o-o-o-o-o-o-o-

mbam.exe /developer

-o-o-o-o-o-o-o-

Malwarebytes' Anti-Malware 1.21
Database version: 971
Windows 5.1.2600 Service Pack 2

6:20:57 PM 7/20/2008
mbam-log-7-20-2008 (18-20-57).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 92558
Time elapsed: 35 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

Highlight and copy the contents of the code box below.

Code:

attrib -r -h -s  "%userprofile%\My Documents\WCAU Old Timers. "
cacls  "%userprofile%\My Documents\WCAU Old Timers." /e /g Norman:f /c
del /q  "%userprofile%\My Documents\WCAU Old Timers. "
exit
cls

Open a command window and right click>Paste the text.
The command window should close on it's own.
Check to see if that file is now gone from your My Documents folder.

I'm going to have to review this topic to see if there's something else I can recommend. Might be a day or so longer. Hang in there!

 

Quote from your last post (I don't know how to do this, so I just pasted it):

I'm going to have to review this topic to see if there's something else I can recommend. Might be a day or so longer. Hang in there!

-o-o-o-o-

I’m hanging! I’m hanging!

Tried pasting your code at a command prompt, but nothing happened, so I made a batch file, and ran it. The command window opened and closed as you said it would.

The bloody file is still there.

Here’s a copy of my batch file, so you can check it for accuracy:

attrib -r -h -s "%userprofile%\My Documents\WCAU Old Timers. "
cacls "%userprofile%\My Documents\WCAU Old Timers." /e /g Norman:f /c
del /q "%userprofile%\My Documents\WCAU Old Timers. "
exit
cls

When I ran a DIR for My Documents from the command prompt, the file is a no-show.

Very strange!

-o-o-o-o-

While you’re checking my topic, I’d like to add that at least a couple of programs open only partially, and then completely.

For instance, when I open IE, what’s missing are the tool bar and address bar, then they appear after a couple of seconds.

-o-o-o-o-

I’ve done some checking online, and it appears that the latest version of ZA (v.7) gets low marks compared to the previous version., so I’ve decided not to reinstall it.

The one freebie getting very high marks is Comodo Firewall Pro, so I replaced Sunbelt with it.

Now I’ll keep hanging ‘til I hear from you.

 

Copy the text in the code box below and paste it into a command window opened via Start>Run and typing cmd.

Code:

@echo off
cd  "%userprofile%\mydocu~1 "
dir * /a h > check.txt
start notepad check.txt
exit
cls

Does the filename show up in the check.txt file that opens? If so, post it as shown.

 

I don’t know how to copy and paste into a cmd prompt, so I made another batch file.

My assumption is that you’re interested only in the one entry:

11/26/2007 06:36 PM 0 WCAU Old Timers.

Once again, you made magic.

 

To copy and paste into a command window, first highlight and copy the text.
Click Start>Run and type cmd then hit Enter to open a command window.
Now right click within the command window and select Paste.

Copy the following bolded text and paste it into a command window.

@echo off
cd "%userprofile%\mydocu~1 "
attrib -r -h -s "WCAU Old Timers. "
exit
cls

When the command window closes, open My Documents and see if the WCAU Old Timers. file is visible.
If visible, download MoveOnBoot (use the Softpedia Secure Download link) then install it.
Now right click the WCAU Old Timers. file and select Delete file(s) on the next boot.
Answer Yes to the prompt and you should get another message that the action suceeded.
Now reboot and see if the file is gone.

 

Installed and ran MoveOnBoot.

There was a message saying "The "¦â€¦ file either is locked or does not exist. Do you want to continue?" (Yes)

At the end of the procedure, the message that the action succeeded appeared, just as you said it would.

Rebooted.

The file is still there!!!

Why me?