PDA

View Full Version : Not a Win32 application - for many progs



kuku1939
2008-02-01, 19:04
The message started first with AV NOD32. I then tried some more progs such as:
SpyBot,SUPERAntiSpyware,Trend Micro Anti-Spyware and the online Kaspersky .
Reading a thread in your forum with similar error notice (and finally resolved !) - I decided to run DSS . I got the 2 logs for that one. I became brave and charged on the IceSword. What a shame - it got me the "Not a Win32 application" too !.
By the way I cannot boot into "safe mode" - get an error there.
I am an old man I have seen many rugues on the internet, and cleaned malwares with available tools - but this one
I feel is really bad.
Much oblige.
Here are the DSS logs:
=====================
MAIN.TXT Part 1:
---------------
Deckard's System Scanner v20071014.68
Run by zzz eee on 2008-02-01 14:15:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-02-01 12:15:37 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-01 14:19:15
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.5730.13)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
D:\Util_D\Fix-It 7\mxtask.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\Util_D\Fix-It 7\mxtask.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Internet\PopPeeper\POPPeeper.exe
D:\Util_D\Ad-Aware SE Professional\Ad-Watch.exe
C:\Documents and Settings\zzz eee\Desktop\CLEANERS\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.msn.com/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uzit.co.il/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\7z.exe,
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\Animate_D\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Internet\FlashGet\jccatch.dll
O2 - BHO: (no name) - {6A76FE99-247F-4055-B999-F47D7939F3B3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {796E0AE9-127D-481E-ABFA-3C085732090f} - (no file)
O2 - BHO: HunterSite Class - {A83E9D7E-119A-4A2C-94FE-2D4315ED3D40} - C:\Internet\GetFlash\GetFlash.dll
O2 - BHO: (no name) - {BBB664A0-1F11-488E-ACA8-93D2800974CC} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Internet\FlashGet\getflash.dll
O2 - BHO: Microsoft copyright - {FFFFFFFF-F538-4f86-ABAF-E9D94D5C007C} - socksys.dll (file missing)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\Animate_D\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Internet\Save Flash\SaveFlash.dll
O3 - Toolbar: The leosrv - {D3ADD35B-48FC-4EB5-84BB-AF7ED2795035} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] "C:\WINDOWS\system32\ElkCtrl.exe" /automation
O4 - HKLM\..\Run: [LogitechCameraAssistant] "C:\Program Files\Logitech\Video\CameraAssistant.exe"
O4 - HKLM\..\Run: [LogitechVideo[inspector]] "C:\Program Files\Logitech\Video\InstallHelper.exe" /inspect
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [POP Peeper] "C:\Internet\PopPeeper\POPPeeper.exe" -min
O4 - HKCU\..\Run: [AWMON] "D:\Util_D\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Internet\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Internet\FlashGet\jc_link.htm
O8 - Extra context menu item: Save Flash - res://D:\Animate_D\Flash Saving Plugin\FlashSButton.dll/210
O8 - Extra context menu item: Save Flash to GetFlash - res://C:\Internet\GetFlash\GetFlash.dll/GetFlash.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O8 - Extra context menu item: מגיבריש לעברית - C:\Program Files\EitanRousso\Gibrish2Heb.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - (file missing)
O9 - Extra 'Tools' menuitem: GetFlash - {348821E2-5D36-42c5-9821-E3293F6699F9} - (file missing)
O9 - Extra button: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - (file missing)
O9 - Extra 'Tools' menuitem: GetFlash - {3CA1D406-30D8-4DBC-8EE6-0E2C05F78864} - (file missing)
O9 - Extra button: FlashKeeper - {86301D40-94C1-4a5e-843B-7F43965E364A} - (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Internet\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Internet\FlashGet\flashget.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - %SystemRoot%\system32\shdocvw.dll (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
O11 - Options Group: [!AGetFlash] GetFlash
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_02) - http://java.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://pcpitstop.com/mhLbl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Internet\SuperAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\fci.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - D:\Util_D\Fix-It 7\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Ghost - Unknown owner - D:\Util_D\Norton Ghost\Agent\VProSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Unknown owner - D:\Util_D\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\system32\VundoFixSVC.exe
O24 - Desktop Component 0: Privacy Protection -

--
End of file - 9834 bytes

-- HijackThis Fixed Entries (D:\Util_D\HiJackThis\backups\) --------------------

backup-20071115-103337-376 O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)

-- File Associations -----------------------------------------------------------

.bat - batfile - shell\edit\command - unable to read value
.cmd - cmdfile - shell\edit\command - unable to read value
.inf - inffile - shell\open\command - unable to read value
.ini - inifile - shell\open\command - notepad.exe %1
.reg - regfile - shell\edit\command - unable to read value
.txt - txtfile - shell\open\command - "C:\Program Files\JGsoft\EditPadPro6\EditPadPro.exe" "%1"
.vbs - VBSFile - shell\edit\command - unable to read value


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 Vax347b - c:\windows\system32\drivers\vax347b.sys
R0 Vax347s - c:\windows\system32\drivers\vax347s.sys
R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI>
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R1 SASDIFSV - c:\internet\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\internet\superantispyware\saskutil.sys
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 srosa (Megadrv3) - c:\windows\system32\drivers\srosa.sys
R1 Tdimsys (TCPView Pro Driver) - c:\windows\system32\drivers\tdimsys.sys <Not Verified; Winternals, SysInternals; Tdimon for Windows NT/2K>
R2 ViCAM - c:\windows\system32\drivers\vicam.sys <Not Verified; Vista Imaging, Inc.; ViCAM Digital Camera>
R3 dvd43llh - c:\windows\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>
R3 LVPrcMon (Logitech LVPrcMon Driver) - c:\windows\system32\drivers\lvprcmon.sys
R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete>
R3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 SPLITCAM (Splitcam, WDM Camera Stream Splitter) - c:\windows\system32\drivers\splitcam.sys <Not Verified; LoteSoft Co.; Video Capture Splitter driver>

S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S3 SASENUM - c:\internet\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 DirectJojc (DirectX Service) -
S2 FCI - c:\windows\system32\fci.exe
S3 VundoFixSvc (VundoFix Service) - vundofixsvc.exe <Not Verified; Atribune.org; Vundofix Service>
S4 ccPwdSvc (Symantec Password Validation) - "c:\program files\common files\symantec shared\ccpwdsvc.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-02-01 14:00:00 268 --ah----- C:\WINDOWS\Tasks\81F8CE1581077DAD.job
2008-02-01 13:20:02 346 --a------ C:\WINDOWS\Tasks\HP Usg Daily.job

kuku1939
2008-02-01, 19:07
MAIN.TXT 2nd part:
=================
-- Files created between 2008-01-01 and 2008-02-01 -----------------------------

2008-01-31 23:52:39 0 d-------- C:\WINDOWS\LastGood
2008-01-31 23:45:55 0 d-------- C:\WINDOWS\LastGood.Tmp
2008-01-31 23:40:35 0 d-------- C:\kav
2008-01-30 19:27:15 0 d-------- C:\Program Files\EsetOnlineScanner
2008-01-29 22:50:18 0 d-------- C:\Program Files\Enigma Software Group
2008-01-29 18:38:40 274432 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2008-01-29 17:09:48 0 d-------- C:\Program Files\Dealio
2008-01-29 17:09:20 0 d-------- C:\Program Files\Helper
2008-01-29 17:08:51 25600 --a------ C:\WINDOWS\system32\fci.exe
2008-01-29 17:08:47 54764 --a------ C:\WINDOWS\system32\drivers\qwer78.sys
2008-01-29 17:08:45 58368 --a------ C:\oipiy.exe
2008-01-29 17:03:30 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-01-29 16:29:58 0 d--hs---- C:\FOUND.000
2008-01-29 16:17:59 71172 --a------ C:\WINDOWS\system32\mdelk.exe
2008-01-25 11:00:30 177216 -----n--- C:\WINDOWS\system\TYPELIB.DLL <Not Verified; Microsoft Corporation; Microsoft OLE 2.02 for Windows>
2008-01-25 11:00:30 157696 -----n--- C:\WINDOWS\system\STORAGE.DLL
2008-01-25 11:00:30 51712 -----n--- C:\WINDOWS\system\OLE2PROX.DLL <Not Verified; Microsoft Corporation; Microsoft OLE 2.02 for Windows>
2008-01-25 11:00:29 150976 -----n--- C:\WINDOWS\system\OLE2NLS.DLL <Not Verified; Microsoft Corporation; Microsoft OLE 2.02 for Windows>
2008-01-25 11:00:29 164832 -----n--- C:\WINDOWS\system\OLE2DISP.DLL <Not Verified; Microsoft Corporation; Microsoft OLE 2.02 for Windows>
2008-01-25 11:00:29 57328 -----n--- C:\WINDOWS\system\OLE2CONV.DLL <Not Verified; Microsoft Corporation; Microsoft Graphic Filters>
2008-01-25 11:00:28 302592 -----n--- C:\WINDOWS\system\OLE2.DLL <Not Verified; Microsoft Corporation; Microsoft OLE 2.02 for Windows>
2008-01-25 11:00:28 12912 -----n--- C:\WINDOWS\system\LTWND70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:27 17424 -----n--- C:\WINDOWS\system\LTTWN70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:27 3824 -----n--- C:\WINDOWS\system\LTTHK70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:27 351312 -----n--- C:\WINDOWS\system\LTKRN70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:27 58352 -----n--- C:\WINDOWS\system\LTIMG70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:27 38832 -----n--- C:\WINDOWS\system\LTFIL70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:26 229040 -----n--- C:\WINDOWS\system\LTANN70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:26 7536 -----n--- C:\WINDOWS\system\LFWPG70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:26 7568 -----n--- C:\WINDOWS\system\LFWMF70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:26 5680 -----n--- C:\WINDOWS\system\LFWFX70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:26 78672 -----n--- C:\WINDOWS\system\LFTIF70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:26 7632 -----n--- C:\WINDOWS\system\LFTGA70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 6480 -----n--- C:\WINDOWS\system\LFRAS70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 8272 -----n--- C:\WINDOWS\system\LFPSD70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 132880 -----n--- C:\WINDOWS\system\LFPNG70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 10736 -----n--- C:\WINDOWS\system\LFPCX70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 10288 -----n--- C:\WINDOWS\system\LFPCT70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 6640 -----n--- C:\WINDOWS\system\LFPCD70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 6160 -----n--- C:\WINDOWS\system\LFMSP70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 5648 -----n--- C:\WINDOWS\system\LFMAC70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 14608 -----n--- C:\WINDOWS\system\LFLMB70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 19696 -----n--- C:\WINDOWS\system\LFLMA70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 7088 -----n--- C:\WINDOWS\system\LFIMG70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 8560 -----n--- C:\WINDOWS\system\LFICA70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:25 44112 -----n--- C:\WINDOWS\system\LFFAX70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:24 10608 -----n--- C:\WINDOWS\system\LFEPS70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:24 249040 -----n--- C:\WINDOWS\system\LFDIC70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:24 209936 -----n--- C:\WINDOWS\system\LFCMP70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:23 6384 -----n--- C:\WINDOWS\system\LFCAL70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:23 11760 -----n--- C:\WINDOWS\system\LFBMP70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:23 4720 -----n--- C:\WINDOWS\system\LFAVI70W.DLL <Not Verified; LEAD Technologies, Inc.; LEADTOOLS® DLL for Windows>
2008-01-25 11:00:23 21648 -----n--- C:\WINDOWS\system\CTL3DV2.DLL <Not Verified; Microsoft Corporation; 3d Windows Control>
2008-01-25 11:00:23 108544 -----n--- C:\WINDOWS\system\COMPOBJ.DLL <Not Verified; Microsoft Corporation; Microsoft OLE 2.02 for Windows>
2008-01-21 14:18:23 0 d-------- C:\Program Files\FLAC
2008-01-07 13:58:14 0 dr-h----- C:\Documents and Settings\zzz eee\Recent


-- Find3M Report ---------------------------------------------------------------

2008-02-01 14:12:46 23682 --a------ C:\Documents and Settings\zzz eee\Application Data\CleanUp!.log
2008-01-05 13:19:42 12607 --a------ C:\WINDOWS\mozver.dat
2007-12-31 23:08:12 0 d-------- C:\Documents and Settings\zzz eee\Application Data\Uniblue
2007-12-22 11:57:10 77824 --a------ C:\WINDOWS\binret.exe
2007-12-19 19:00:02 0 d-------- C:\Documents and Settings\zzz eee\Application Data\Orbit
2007-12-19 18:06:12 2322 --a------ C:\WINDOWS\swnreg.dll
2007-12-17 11:05:08 0 --a------ C:\WINDOWS\ssprbwl.dll
2007-12-17 11:05:08 0 --a------ C:\WINDOWS\ssprawl.dll
2007-12-10 09:42:08 0 d-------- C:\Program Files\WinConfig
2007-12-09 13:49:48 0 d-------- C:\Documents and Settings\zzz eee\Application Data\CDrun
2007-12-07 15:07:18 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-12-04 09:15:06 36089 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
2007-12-04 09:15:06 131072 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2007-11-21 13:17:08 68 --a------ C:\WINDOWS\system32\esafedrv.dat
2007-11-21 13:17:08 53 --a------ C:\WINDOWS\pcenid.dat
2007-11-21 13:17:08 53 ---h----- C:\dosldr.bin
2007-11-21 12:21:40 77824 --a------ C:\WINDOWS\zipexe_r.exe
2007-11-03 08:35:44 0 --a------ C:\WINDOWS\MMDEVL13.SYS


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6A76FE99-247F-4055-B999-F47D7939F3B3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{796E0AE9-127D-481E-ABFA-3C085732090f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BBB664A0-1F11-488E-ACA8-93D2800974CC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-F538-4f86-ABAF-E9D94D5C007C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/29/2007 12:43 AM]
"nwiz"="nwiz.exe" [06/29/2007 12:43 AM C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [12/09/2005 03:32 PM]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [11/01/2004 05:22 PM]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [12/07/2005 10:26 AM]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [12/07/2005 10:33 AM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [11/21/2006 05:09 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"POP Peeper"="C:\Internet\PopPeeper\POPPeeper.exe" [11/15/2006 09:02 PM]
"AWMON"="D:\Util_D\Ad-Aware SE Professional\Ad-Watch.exe" [05/25/2005 12:12 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 10:56 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideFastUserSwitching"=0 (0x0)
"EnableLUA"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableLockWorkstation"=0 (0x0)
"DisableChangePassword"=0 (0x0)
"Wallpaper"=
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Internet\SuperAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\7z.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Internet\SuperAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Internet\SuperAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\\WINDOWS\\system32\\ddabc

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^zzz eee^Start Menu^Programs^Startup^7way.lnk]
backup=C:\WINDOWS\pss\7way.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^zzz eee^Start Menu^Programs^Startup^iexplore.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^zzz eee^Start Menu^Programs^Startup^MemTurbo.lnk]
backup=C:\WINDOWS\pss\MemTurbo.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AWMON]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCD]
G:\Run.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kis]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Desktop Messenger]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malware Scanner]
C:\Internet\Malware Scanner\MalScr.exe /STARTUP

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Malware Scanner"=C:\Internet\Malware Scanner\MalScr.exe /STARTUP

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"dvd43"=C:\Program Files\dvd43\dvd43_tray.exe
"LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
"RemoteControl"="D:\Animate_D\Power DVD\PDVDServ.exe"
"LanguageShortcut"="D:\Animate_D\Power DVD\Language\Language.exe"
"DSLAGENTEXE"=dslagent.exe USB

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc




-- End of Deckard's System Scanner: finished at 2008-02-01 14:20:18 ------------

kuku1939
2008-02-01, 19:09
EXTRA.TXT:
=========
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
CPU 1: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of Memory in Use: 24%
Physical Memory (total/avail): 2046.42 MiB / 1541.55 MiB
Pagefile Memory (total/avail): 3939.39 MiB / 3536.39 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1883.38 MiB

A: is Removable (No Media)
C: is Fixed (FAT32) - 31.97 GiB total, 16.85 GiB free.
D: is Fixed (NTFS) - 100.01 GiB total, 76.36 GiB free.
E: is Fixed (NTFS) - 166.08 GiB total, 161.39 GiB free.
F: is CDROM (No Media)
G: is CDROM (No Media)
H: is CDROM (No Media)
I: is Removable (No Media)

\\.\PHYSICALDRIVE0 - - 298.09 GiB - 3 partitions
\PARTITION0 (bootable) - Unknown - 32 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 266.09 GiB - D: - E:

\\.\PHYSICALDRIVE1 - HP photosmart 7600 USB Device



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

AV: Norton AntiVirus v2007 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 6.2"
"C:\\WINDOWS\\Cursors\\IEXPLORE.EXE"="C:\\WINDOWS\\Cursors\\IEXPLORE.EXE:*:Enabled:Internet Explorer"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\zzz eee\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EEE-O8WLEDJ1XWK
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\zzz eee
LOGONSERVER=\\EEE-O8WLEDJ1XWK
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Program Files\Common Files\STOPzilla!;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Common Files\Adobe\AGL;D:\Pinnacle\Shared Files;D:\Pinnacle\Shared Files\Filter
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ZZZEEE~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ZZZEEE~1\LOCALS~1\Temp
USERDOMAIN=EEE-O8WLEDJ1XWK
USERNAME=zzz eee
USERPROFILE=C:\Documents and Settings\zzz eee
windir=C:\WINDOWS
__COMPAT_LAYER=DisableNXShowUI


-- User Profiles ---------------------------------------------------------------

zzz eee (admin)
Administrator.EEE-O8WLEDJ1XWK (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> D:\Util_D\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
123 AVI to GIF Converter 3.0 --> "D:\Animate_D\123 AVI to GIF Converter\unins000.exe"
3D Hand Clock --> MsiExec.exe /I{C71E83CC-16F6-4366-ABA2-5F42F4B1609E}
7Way Email Checker 1.81 --> "C:\Internet\7Way Mail Checker\unins000.exe"
Ad-Aware SE Professional --> D:\Util_D\AD-AWA~1\UNWISE.EXE D:\Util_D\AD-AWA~1\INSTALL.LOG
Adobe Bridge 1.0 --> MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Premiere Pro 2.0 --> msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
Animated Email Magic, Version 2 --> C:\WINDOWS\uninst.exe -f"d:\animate_d\Animated Email Magic\DeIsL1.isu" -c"d:\animate_d\Animated Email Magic\_ISREG32.DLL"
AxMan --> C:\WINDOWS\uninst.exe -fd:\util_d\AxMan\DeIsL1.isu -cd:\util_d\AxMan\_ISREG32.DLL
Azureus --> C:\Internet\Azureus\Uninstall.exe
Babylon --> C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe
Blaze Media Pro --> "C:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}\setup_blazemp.exe" REMOVE=TRUE MODIFY=FALSE
BS.Player PRO --> "D:\Animate_D\BSplayerPro\uninstall.exe"
Canon CanoScan Toolbox 4.9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\setup.exe" -l0x9 anything
Canon ScanGear Starter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x9 anything
CCleaner (remove only) --> "D:\Util_D\CCleaner\uninst.exe"
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
CodeStuff Starter --> "C:\Program Files\CodeStuff\Starter\unStarter.exe"
Dagesh2002 --> C:\WINDOWS\IsUninst.exe -f"d:\util_d\Dagesh Pro\Uninst.isu"
dBpowerAMP FLAC Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP FLAC Codec.dat
dBpowerAMP Mp3 Blade Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Mp3 Blade Codec.dat
dBpowerAMP Music Converter --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat
DIKO 0.78 Beta 1 --> D:\Animate_D\DIKO\unins000.exe
DIKO Menu Image Creator 0.064 --> D:\Animate_D\DIKO\DIKOMENU\unins000.exe
dMC Auxiliary Input --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dMC Auxiliary Input.dat
dMC File Selector --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dMC File Selector.dat
dMC mp3PRO (CLI) Encoder --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dMC mp3PRO (CLI) Encoder.dat
DMIView B06.1227.01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}\setup.exe" -l0x9 -removeonly
DVD43 v3.9.0 --> "C:\Program Files\dvd43\unins000.exe"
DVDPizza 1.0 --> D:\Util_D\DVDPizza 1.0\uninst.exe
Easy WebTV & Radio v1.6.5 --> "C:\Internet\Easy WebTV & Radio\unins000.exe"
Elecard MPEG2 Decoder Package 2.0 --> "C:\Program Files\Elecard MPEG2 Decoder Package 2.0\Uninstall.exe" "C:\Program Files\Elecard MPEG2 Decoder Package 2.0\install.log"
ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe
Fix-It Utilities 7 Professional --> MsiExec.exe /I{5158974E-2D28-4018-9335-7694C2974746}
FLAC Installer 1.1.2a (remove only) --> C:\Program Files\FLAC\uninstall.exe
FlashDigger Plus --> C:\WINDOWS\FDUNINST.EXE /U "D:\Animate_D\FlashDigger 4.03.115\Uninst.log"
FlashGet 1.9.0.1012 --> C:\Internet\FlashGet\uninst.exe
FLV Player 2.0, build 23 --> D:\Animate_D\FLV Player\uninst.exe
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 3.2.0623 --> "D:\Animate_D\FLV to AVI MPEG WMV 3GP MP4 iPod Converter\unins000.exe"
GetFlash --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AECFC8C-1721-4F74-9C60-6A726067D028}\Setup.exe"
Google Earth Pro --> MsiExec.exe /X{29622F4A-245C-4126-8764-897E21E888D1}
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 1.99.1 --> D:\Util_D\HiJackThis\HijackThis.exe /uninstall
HP Software Update --> MsiExec.exe /X{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}
Icon Constructor 3 --> "D:\Animate_D\Icon Constructor 3\unins000.exe"
Infine Capture Flash version 1.1 --> C:\Internet\CaptureFlash\unins000.exe
Inside Out Networks Watchport/V Drivers (Remove only) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{836997E1-7C7D-11D6-BE73-00065B4930CB}\Setup.exe" -l0x9 -uninst
InternetTweak 4.40 --> C:\Internet\InternetTweak\unins000.exe
IrfanView (remove only) --> D:\Animate_D\IrfanView\iv_uninstall.exe
IsoBuster 2.1 --> "D:\Util_D\IsoBuster\Uninst\unins000.exe"
It'sMe v2.0 Add-on Pack --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC07B9DD-7B5A-4AC5-B0CC-0EC89B57676B}\setup.exe"
Jasc Animation Shop 3 --> MsiExec.exe /I{7C4196CA-CA41-4F34-9C08-7724E7705D52}
Jasc Paint Shop Pro 9 --> MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Jasc Paint Shop Pro Studio Additional Content --> D:\Animate_D\Paint Shop Pro 9\Studio Pack\Unwise.exe /R /U D:\ANIMAT~1\PAINTS~1\STUDIO~1\INSTALL.LOG
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
JGsoft EditPad Pro 6 v.6.2.2 --> C:\WINDOWS\UnDeploy.exe "C:\Program Files\JGsoft\EditPadPro6\Deploy.log"
Logitech QuickCam Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x9
Logitech® Camera Driver --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Magic ISO Maker v3.60 (build 0067) --> C:\UTIL\MAGICISO\UNWISE.EXE C:\UTIL\MAGICISO\INSTALL.LOG
Magic Utilities 2007 Version 5.20 --> "D:\Util_D\Magic Utilities\unins000.exe"
MagicTweak Version 2.60 --> "D:\Util_D\Magic Tweak 2.6\unins000.exe"
Malware Scanner 3.1.0.0 --> "C:\Internet\Malware Scanner\unins000.exe"
Manual CanoScan LiDE 25 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C45EB9E5-7165-4FB0-8C31-77FC4743362F}\setup.exe" -l0x9
Memturbo (TM) 4 --> "C:\Program Files\Memturbo 4\unins000.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office 2000 Professional --> MsiExec.exe /I{000104E7-78E1-11D2-B60F-006097C998E7}
Microsoft SQL Server Desktop Engine (PINNACLESYS) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSf22.inf, Uninstall
MozBackup 1.4.6 --> "C:\Internet\MozBackup\unins000.exe"
Mozilla Firefox (2.0.0.11) --> C:\INTERNET\FireFox\uninstall\helper.exe
Nero 7 Premium --> MsiExec.exe /I{11439F51-B8D2-4736-9CDF-8889FEBE1033}
Nero 7 Premium --> MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NoAdware v5.0 --> "C:\Program Files\NoAdware5.0\unins000.exe"
Norton Ghost 10.0 --> MsiExec.exe /X{32F720F5-2D0D-4245-A2B0-9EB3CECF8101}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Outlook Express Backup V6.5 --> "C:\Internet\Outlook Express Backup V6.5\unins000.exe"
Paper Folding 3D --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EFC6C19-B06F-41B7-9763-42538D5B5CB3}\setup.exe" -l0x9 -removeonly
PFConfig 1.0.144 --> C:\Internet\PFConfig\uninst.exe
Photosmart 140,240,7200,7600,7700,7900 Series --> C:\Program Files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\setup\hpzscr01.exe -datfile hphscr01.dat
PowerDVD --> "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
PowerISO --> "D:\Util_D\PowerISO\uninstall.exe"
PowerQuest PartitionMagic 8.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Registry Mechanic 5.1 --> "D:\Util_D\Registry Mechanic\unins000.exe"
RunAlyzer --> "C:\Program Files\Safer Networking\RunAlyzer\unins000.exe"
Save Flash 4.0 --> C:\Internet\Save Flash\uninst.exe
Skype™ 3.5 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SmartSound Quicktracks Plugin --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
SnagIt 8 --> MsiExec.exe /I{DA0BF7AB-88EB-4675-8FA1-531EAD938821}
SoulSeek Client 157 test 12c --> "C:\Internet\Soulseek\uninstall.exe"
Spybot - Search & Destroy 1.4 --> "C:\Internet\Spybot - Search & Destroy\unins000.exe"
SpyHunter --> "C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
SUPER © Version 2007.bld.23 (July 4, 2007) --> D:\ANIMAT~1\SUPERC~1\Setup.exe /remove /q0
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
TCPView Pro --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE61BE14-283C-11D4-8FC8-00E081100E97}\Setup.exe"
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Ulead GIF Animator 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AF3E926-ED59-11D4-A44B-0000E86D2305}\Setup.exe"
UltraISO V6.52 SR-1 --> D:\Util_D\UltraISO\unins000.exe
VBA Key --> D:\Util_D\Passware\UNWISE.EXE /U D:\Util_D\Passware\vbakey.log
ViCAM Camera Utilities 6.8.5.8 (Remove only) --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ViCAM\Uninst.isu"
ViceVersa Plus --> C:\WINDOWS\UnGins.exe "D:\Util_D\ViceVersa\install.log"
VideoLAN VLC media player 0.8.6c --> D:\Animate_D\VLC\uninstall.exe
Virtual Painter --> MsiExec.exe /I{CAB34C17-71D2-406E-A1CB-AE19FA79D2B8}
VocalTec Surf&Call --> VTSnC40Remove.exe /u
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
WinRAR archiver --> C:\Util\WinRar\uninstall.exe
WinZip --> "C:\util\WinZip\WINZIP32.EXE" /uninstall
XP Repair Pro 2007 --> MsiExec.exe /X{7D5EDF94-4A58-4C53-A07A-1E4B535307D5}


-- Application Event Log -------------------------------------------------------

Event Record #/Type9143 / Error
Event Submitted/Written: 01/31/2008 11:45:13 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Event Record #/Type9141 / Error
Event Submitted/Written: 01/31/2008 11:40:55 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Event Record #/Type9140 / Error
Event Submitted/Written: 01/30/2008 09:01:05 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application svchost.exe, version 5.1.2600.2180, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Processing media-specific event for [svchost.exe!ws!]

Event Record #/Type9136 / Error
Event Submitted/Written: 01/30/2008 00:54:36 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application lvcomsx.exe, version 9.5.0.1098, faulting module lvprcinj.dll, version 9.5.0.1098, fault address 0x00002445.
Processing media-specific event for [lvcomsx.exe!ws!]

Event Record #/Type9119 / Error
Event Submitted/Written: 01/29/2008 07:11:58 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.2180, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Processing media-specific event for [explorer.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type135453 / Error
Event Submitted/Written: 02/01/2008 02:14:10 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Event Record #/Type135452 / Error
Event Submitted/Written: 02/01/2008 02:14:10 PM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Event Record #/Type135451 / Error
Event Submitted/Written: 02/01/2008 02:14:10 PM
Event ID/Source: 32 / SideBySide
Event Description:
Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Event Record #/Type135444 / Warning
Event Submitted/Written: 02/01/2008 01:18:53 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type135443 / Warning
Event Submitted/Written: 02/01/2008 11:29:39 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.



-- End of Deckard's System Scanner: finished at 2008-02-01 14:20:18 ------------