Hi shelf life many thanks again for your reply and help
Deckard's System Scanner v20071014.68
Run by Geoff on 2008-04-27 07:35:10
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
67: 2008-04-27 06:35:56 UTC - RP67 - Deckard's System Scanner Restore Point
66: 2008-04-26 17:24:33 UTC - RP66 - System Checkpoint
65: 2008-04-25 14:50:43 UTC - RP65 - Installed Logitech Gaming Software
64: 2008-04-25 05:27:56 UTC - RP64 - System Checkpoint
63: 2008-04-24 04:46:29 UTC - RP63 - System Checkpoint
-- First Restore Point --
1: 2008-03-16 09:51:21 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 224 MiB (512 MiB recommended).
-- HijackThis (run as Geoff.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:43:56, on 27/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\Program Files\Kontiki\KService.exe
C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\F-Secure Internet Security\FSGUI\ispnews.exe
C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsrw.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-SECU~1\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Documents and Settings\Geoff\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Geoff.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TalkTalk] "C:\Program Files\TalkTalk\bin\sprtcmd.exe" /P TalkTalk
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure Internet Security\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: F-Secure 2006.lnk = C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure Internet Security\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1205734530171
O17 - HKLM\System\CCS\Services\Tcpip\..\{5712A3D9-784D-4F7D-A617-525E46C9377B}: NameServer = 62.24.218.50,62.24.218.51
O17 - HKLM\System\CS1\Services\Tcpip\..\{5712A3D9-784D-4F7D-A617-525E46C9377B}: NameServer = 62.24.218.50,62.24.218.51
O17 - HKLM\System\CS2\Services\Tcpip\..\{5712A3D9-784D-4F7D-A617-525E46C9377B}: NameServer = 62.24.218.50,62.24.218.51
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: F-Secure 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: F-Secure BlackLight Sensor - Unknown owner - C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9825 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080402-065529-115 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
backup-20080402-065529-158 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
backup-20080402-065529-458 O17 - HKLM\System\CS1\Services\Tcpip\..\{5712A3D9-784D-4F7D-A617-525E46C9377B}: NameServer = 208.67.220.220,208.67.222.222
backup-20080402-065529-487 O17 - HKLM\System\CCS\Services\Tcpip\..\{5712A3D9-784D-4F7D-A617-525E46C9377B}: NameServer = 208.67.220.220,208.67.222.222
backup-20080402-065529-599 O17 - HKLM\System\CS2\Services\Tcpip\..\{5712A3D9-784D-4F7D-A617-525E46C9377B}: NameServer = 208.67.220.220,208.67.222.222
backup-20080402-065529-652 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 FSFW (F-Secure Firewall Driver) - c:\windows\system32\drivers\fsdfw.sys <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>
R2 F-Secure Filter (F-Secure File System Filter) - c:\program files\f-secure internet security\anti-virus\win2k\fsfilter.sys
R2 F-Secure Gatekeeper - c:\program files\f-secure internet security\anti-virus\win2k\fsgk.sys
R2 F-Secure Recognizer (F-Secure File System Recognizer) - c:\program files\f-secure internet security\anti-virus\win2k\fsrec.sys
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 iadusb (MT882) - c:\windows\system32\drivers\glauiad.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 BackWeb Plug-in - 4476822 (F-Secure 2006) - c:\progra~1\f-secu~1\backweb\4476822\program\servic~1.exe <Not Verified; F-Secure Internet Security 2005; RunnerEXE Application>
R2 fsbwsys - "c:\program files\f-secure internet security\backweb\4476822\program\fsbwsys.exe" <Not Verified; F-Secure Corp.; F-Secure BackWeb>
R2 F-Secure Gatekeeper Handler Starter (FSGKHS) - "c:\program files\f-secure internet security\anti-virus\fsgk32st.exe" <Not Verified; F-Secure Corporation; F-Secure Corp. Startup service>
R2 FSMA (F-Secure Management Agent) - "c:\program files\f-secure internet security\common\fsma32.exe" <Not Verified; F-Secure Corporation; F-Secure Management Agent>
R3 FSDFWD (F-Secure Anti-Virus Firewall Daemon) - "c:\program files\f-secure internet security\fwes\program\fsdfwd.exe" <Not Verified; F-Secure Corporation; F-Secure Anti-Virus Internet Shield>
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>
S3 F-Secure BlackLight Sensor - c:\windows\temp\f-secure\anti-virus\fsblsrv.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: RAID Controller
Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_1411147B&REV_80\3&61AAA01&0&78
Manufacturer:
Name: RAID Controller
PNP Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_1411147B&REV_80\3&61AAA01&0&78
Service:
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia Windows Portable Device Driver
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 6280
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 6111
Device ID: ROOT\WPD\0001
Manufacturer: Nokia
Name: Nokia 6111
PNP Device ID: ROOT\WPD\0001
Service: WUDFRd
-- Scheduled Tasks -------------------------------------------------------------
2008-04-25 01:24:55 544 --a------ C:\WINDOWS\Tasks\Scheduled scanning task.job
-- Files created between 2008-03-27 and 2008-04-27 -----------------------------
2008-04-25 15:51:37 0 d-------- C:\Program Files\Common Files\Logitech
2008-04-25 15:50:49 0 d-------- C:\Program Files\Logitech
2008-04-25 15:47:52 151552 --a------ C:\WINDOWS\system32\MSOSS.DLL <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(R) Operating System>
2008-04-25 15:47:52 0 d-------- C:\Program Files\Codemasters
2008-04-18 20:17:06 0 d-------- C:\Program Files\TryMedia
2008-04-18 20:06:13 0 d-------- C:\Program Files\City Interactive
2008-04-12 09:09:42 0 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-04-10 20:16:56 0 d-------- C:\Program Files\505 Game Collection
2008-04-10 17:45:30 0 d-------- C:\Program Files\Selectsoft
2008-04-08 09:29:27 0 d-------- C:\Program Files\Google
2008-04-04 09:40:50 0 d-------- C:\Program Files\Kontiki
2008-04-04 09:40:46 0 d-------- C:\Program Files\Channel4
2008-04-04 09:40:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Kontiki
2008-04-04 09:40:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Channel4
2008-04-04 07:20:27 0 d-------- C:\Documents and Settings\Geoff\Application Data\Nokia Multimedia Player
2008-04-02 13:47:35 0 d-------- C:\Documents and Settings\Geoff\Application Data\Malwarebytes
2008-04-02 13:41:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-02 13:40:15 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-01 23:42:52 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-01 23:13:01 0 d-------- C:\WINDOWS\network diagnostic
2008-04-01 23:05:47 0 d-------- C:\4b6c686b320a0b02071e8779
2008-04-01 18:15:58 0 d-------- C:\6e972bc5707354af1511998a9cbadb
2008-03-31 07:52:32 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-03-31 07:52:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Comodo
2008-03-31 07:39:55 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-03-30 19:34:20 1167 --a------ C:\WINDOWS\mozver.dat
2008-03-30 19:23:50 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-30 19:22:52 0 d-------- C:\Documents and Settings\Geoff\Application Data\Mozilla
2008-03-30 17:29:22 0 d-------- C:\Program Files\Trend Micro
2008-03-30 17:13:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-30 17:12:29 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-29 14:26:27 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-03-29 02:02:13 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-03-28 17:40:38 0 d-------- C:\Documents and Settings\Geoff\Application Data\Comodo
2008-03-28 17:40:25 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-03-28 17:39:06 0 d-------- C:\Program Files\COMODO
2008-03-28 15:40:34 0 d-------- C:\WINDOWS\Internet Logs
2008-03-28 15:24:28 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-28 15:19:28 0 d-------- C:\Program Files\SpywareBlaster
2008-03-27 17:04:09 0 d-------- C:\Program Files\MediaMonkey
2008-03-27 16:01:25 0 d-------- C:\Documents and Settings\All Users\Application Data\NCH Software
2008-03-27 16:01:06 0 d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-27 16:01:00 0 d-------- C:\Program Files\NCH Software
2008-03-27 15:59:48 0 d-------- C:\Program Files\NCH Swift Sound
2008-03-27 15:59:48 0 d-------- C:\Documents and Settings\Geoff\Application Data\NCH Swift Sound
2008-03-27 13:09:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-27 07:26:58 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-03-27 07:26:58 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-03-27 07:26:58 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-03-27 07:26:58 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-03-27 07:26:58 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-03-27 07:26:58 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-03-27 07:26:58 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-03-27 07:26:58 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-03-27 07:26:58 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-03-27 07:26:58 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-03-27 07:26:58 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-03-27 07:26:58 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-03-27 07:26:58 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-03-27 07:26:57 1835008 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
-- Find3M Report ---------------------------------------------------------------
2008-04-26 10:39:49 0 d-------- C:\Documents and Settings\Geoff\Application Data\uTorrent
2008-04-25 15:51:37 0 d-------- C:\Program Files\Common Files
2008-04-25 15:50:43 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-25 15:49:27 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-05 17:59:37 0 d-------- C:\Documents and Settings\Geoff\Application Data\Ahead
2008-04-04 07:05:28 0 d-------- C:\Documents and Settings\Geoff\Application Data\PC Suite
2008-04-02 00:32:44 0 d-------- C:\Program Files\Java
2008-03-29 10:05:30 668 --a------ C:\Documents and Settings\Geoff\Application Data\vso_ts_preview.xml
2008-03-29 10:05:23 0 d-------- C:\Documents and Settings\Geoff\Application Data\Vso
2008-03-28 07:55:55 1744 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-24 17:00:34 0 d-------- C:\Documents and Settings\Geoff\Application Data\Nokia
2008-03-24 16:58:21 0 d-------- C:\Program Files\DIFX
2008-03-24 16:56:23 0 d-------- C:\Program Files\Common Files\Nokia
2008-03-24 16:56:08 0 d-------- C:\Program Files\Common Files\PCSuite
2008-03-24 16:55:48 0 d-------- C:\Program Files\Nokia
2008-03-24 16:54:37 0 d-------- C:\Program Files\PC Connectivity Solution
2008-03-23 22:15:35 0 d-------- C:\Documents and Settings\Geoff\Application Data\mIRC
2008-03-23 11:28:21 0 d-------- C:\Program Files\MediaTV
2008-03-23 11:12:31 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-23 03:53:44 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-03-23 03:50:53 0 d-------- C:\Program Files\MSXML 4.0
2008-03-21 17:14:37 104265 --a------ C:\WINDOWS\hpoins04.dat
2008-03-21 17:12:11 0 d-------- C:\Program Files\HP
2008-03-21 17:08:58 0 d-------- C:\Program Files\Common Files\HP
2008-03-21 17:06:29 0 d-------- C:\Program Files\Hewlett-Packard
2008-03-21 17:04:20 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-03-21 11:01:22 0 d-------- C:\Program Files\DivXCodec
2008-03-21 03:52:20 0 d-------- C:\Documents and Settings\Geoff\Application Data\Sun
2008-03-21 03:51:02 0 d-------- C:\Program Files\Common Files\Java
2008-03-21 03:28:30 0 d-------- C:\Program Files\MT882
2008-03-21 01:15:26 0 d-------- C:\Program Files\Netgear
2008-03-21 00:57:44 0 d-------- C:\Documents and Settings\Geoff\Application Data\Adobe
2008-03-19 17:52:28 0 d-------- C:\Documents and Settings\Geoff\Application Data\WinRAR
2008-03-19 10:31:35 34 --a------ C:\Documents and Settings\Geoff\Application Data\pcouffin.log
2008-03-19 10:31:30 47360 --a------ C:\Documents and Settings\Geoff\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-03-19 10:31:30 1144 --a------ C:\Documents and Settings\Geoff\Application Data\pcouffin.inf
2008-03-19 10:31:30 7887 --a------ C:\Documents and Settings\Geoff\Application Data\pcouffin.cat
2008-03-19 10:31:21 0 d-------- C:\Program Files\VSO
2008-03-17 04:10:07 0 d-------- C:\Program Files\Messenger
2008-03-16 13:18:47 0 d-------- C:\Program Files\uTorrent
2008-03-16 13:15:37 0 d-------- C:\Documents and Settings\Geoff\Application Data\Azureus
2008-03-16 12:37:04 0 d-------- C:\Documents and Settings\Geoff\Application Data\Macromedia
2008-03-16 12:21:29 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-16 12:10:01 0 d-------- C:\Documents and Settings\Geoff\Application Data\F-Secure
2008-03-16 11:41:40 0 d-------- C:\Documents and Settings\Geoff\Application Data\ispnews
2008-03-16 11:39:22 0 d-------- C:\Program Files\F-Secure Internet Security
2008-03-16 11:21:10 0 d-------- C:\Program Files\Ahead
2008-03-16 11:19:42 0 d-------- C:\Program Files\Common Files\Ahead
2008-03-16 11:16:54 0 d-------- C:\Program Files\Microsoft IntelliPoint
2008-03-16 11:14:09 0 d-------- C:\Program Files\TalkTalk
2008-03-16 11:14:06 0 d-------- C:\Program Files\SupportSoft
2008-03-16 11:14:00 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-16 11:07:30 0 d-------- C:\Program Files\Common Files\SupportSoft
2008-03-16 11:02:38 0 d-------- C:\Program Files\Microsoft.NET
2008-03-16 11:02:35 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-03-16 10:55:43 0 d-------- C:\Program Files\Realtek Sound Manager
2008-03-16 10:55:42 0 d-------- C:\Program Files\AvRack
2008-03-16 10:54:23 0 d-------- C:\Program Files\S3
2008-03-16 10:51:05 0 d-------- C:\Documents and Settings\Geoff\Application Data\Identities
2008-03-16 09:30:07 0 d-------- C:\Program Files\microsoft frontpage
2008-03-16 09:29:27 0 -rahs---- C:\MSDOS.SYS
2008-03-16 09:29:27 0 -rahs---- C:\IO.SYS
2008-03-16 09:29:27 0 --a------ C:\CONFIG.SYS
2008-03-16 09:29:27 0 --a------ C:\AUTOEXEC.BAT
2008-03-16 09:27:44 0 d--h----- C:\Program Files\WindowsUpdate
2008-03-16 09:27:39 0 d-------- C:\Program Files\Online Services
2008-03-16 09:26:55 0 d-------- C:\Program Files\Common Files\MSSoap
2008-03-16 09:26:48 0 d-------- C:\Program Files\Movie Maker
2008-03-16 09:25:53 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-16 09:25:18 0 d-------- C:\Program Files\MSN Gaming Zone
2008-03-16 09:25:11 0 d-------- C:\Program Files\Windows NT
2008-03-16 02:20:11 0 d-------- C:\Program Files\Common Files\ODBC
2008-03-16 02:20:08 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-03-16 02:19:46 62 --ahs---- C:\Documents and Settings\Geoff\Application Data\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [15/01/2004 13:33 C:\WINDOWS\system32\VTTimer.exe]
"SoundMan"="SOUNDMAN.EXE" [30/08/2004 06:48 C:\WINDOWS\SOUNDMAN.EXE]
"TalkTalk"="C:\Program Files\TalkTalk\bin\sprtcmd.exe" [16/08/2005 01:12]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [24/03/2005 00:26]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 11:50]
"F-Secure Manager"="C:\Program Files\F-Secure Internet Security\Common\FSM32.exe" [26/10/2005 02:51]
"F-Secure TNB"="C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe" [18/07/2005 15:51]
"F-Secure Startup Wizard"="C:\Program Files\F-Secure Internet Security\FSGUI\FSSW.exe" [18/10/2005 09:29]
"News Service"="C:\Program Files\F-Secure Internet Security\FSGUI\ispnews.exe" [31/05/2005 13:45]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [12/02/2004 14:38]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [12/05/2004 16:18]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [19/04/2008 16:31]
"4oD"="C:\Program Files\Kontiki\KHost.exe" [23/04/2007 11:23]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [28/02/2006 13:00]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [10/02/2005 18:00]
"kdx"="C:\Program Files\Kontiki\KHost.exe" [23/04/2007 11:23]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 12:43]
"Start WingMan Profiler"="" []
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [10/12/2007 11:12]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
F-Secure 2006.lnk - C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe [16/03/2008 11:37:55]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [28/05/2004 23:31:38]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [29/05/2004 00:06:36]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"system"="kdmzj.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= C:\WINDOWS\system32\guard32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
-- End of Deckard's System Scanner: finished at 2008-04-27 07:45:21 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Sempron(tm) 2400+
Percentage of Memory in Use: 85%
Physical Memory (total/avail): 223.48 MiB / 32.81 MiB
Pagefile Memory (total/avail): 569.41 MiB / 162.81 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1921.57 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 76.68 GiB total, 18.27 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - HDS728080PLAT20 - 76.69 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 76.68 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before download.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: COMODO Firewall Pro v3.0 (COMODO)
AV: F-Secure Anti-Virus 2006 6.12 v6.12 (F-Secure Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled
xpsp2res.dll,-22019"
"C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure 2006"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\Program\\fspex.exe:*:Enabled:F-Secure 2006"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*
isabled
xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled
xpsp3res.dll,-20000"
"C:\\Program Files\\Kontiki\\KService.exe"="C:\\Program Files\\Kontiki\\KService.exe:*:Enabled
elivery Manager Service"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Geoff\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BONDOGWATS4154
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Geoff
LOGONSERVER=\\BONDOGWATS4154
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Geoff\LOCALS~1\Temp
TMP=C:\DOCUME~1\Geoff\LOCALS~1\Temp
USERDOMAIN=BONDOGWATS4154
USERNAME=Geoff
USERPROFILE=C:\Documents and Settings\Geoff
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Geoff
(admin)
Administrator
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Help"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
--> "C:\Program Files\F-Secure Internet Security\fsuninst.exe" /UninstRegKey:"News Service"
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNNMP.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
4oD --> MsiExec.exe /I {8B7443F5-E141-42A0-AB61-ED2331AAD606}
505 Game Collection --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{33C3FB8A-B803-435D-AB5E-5A20E2294B94}
555 Games XP Championship --> "C:\Program Files\Selectsoft\555 Games XP Championship\uninstall.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Colin McRae Rally 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}\setup.exe"
COMODO Firewall Pro --> C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
ConvertXtoDVD 3.0.0.1 --> "C:\Program Files\VSO\ConvertX\3\unins000.exe"
DG834 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Netgear\DG834\DeIsL1.isu" -c"C:\Program Files\Netgear\DG834\_ISREG32.DLL"
DivX 4.12 Codec --> "C:\Program Files\DivXCodec\uninstall.exe"
F-Secure Anti-Virus 2006 --> C:\PROGRA~1\F-SECU~1\Common\fsbwih.exe /uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.2 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update --> MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
Java 2 Runtime Environment, SE v1.4.2_15 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142150}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Logitech Gaming Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{648F9C94-EC44-487B-9DA4-44ED72A082CC}\setup.exe" -l0x9
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MT882 --> C:\Program Files\MT882\Adsl\uninstall.exe
Nero Suite --> C:\Program Files\Common Files\Ahead\Uninstall\setup.exe /uninstall ExtraUninstallID=""
Nokia Connectivity Cable Driver --> MsiExec.exe /X{0A3D3C54-2EC0-4D67-B265-FF17926E6D67}
Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Nokia_PC_Suite_rel_6_85_14_1_eng_web[1].exe
Nokia PC Suite --> MsiExec.exe /I{29466F9C-7C6A-419C-B301-F440FAF78760}
PC Connectivity Solution --> MsiExec.exe /I{BA084E7C-8ABA-4670-BDE8-B85E689A5C1B}
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
S3 S3Display --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
S3 S3Gamma2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
S3 S3Info2 --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
S3 S3Overlay --> vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\INSTALL.LOG
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
TalkTalk Assist & Go --> MsiExec.exe /X{D084B1A9-153B-409D-AEBF-C40FCEF925EA}
UniChrome IGP Driver and Utilities --> C:\PROGRA~1\S3\S3\s3setvga.exe -s -fC:\PROGRA~1\S3\S3\S3.uns
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_1EB5F2E6F54A6BEDE9F436D1BA5D830FC71739BE\nokbtmdm.inf
Windows Driver Package - Nokia Modem (10/12/2007 3.6) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_0A5D98F754C6588B2E3DDE89DDEF097075ADFFB7\nokia_bluetooth.inf
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type1016 / Error
Event Submitted/Written: 04/26/2008 08:41:12 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
3 2008-04-26 20:41:11+01:00 bondogwats4154 BONDOGWATS4154\Geoff F-Secure Anti-Virus
Scanning of C:\WINDOWS\SYSTEM32\WMPEFFECTS.DLL was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
Event Record #/Type1015 / Error
Event Submitted/Written: 04/26/2008 05:58:27 PM / 04/26/2008 05:58:28 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
2 2008-04-26 17:58:22+01:00 bondogwats4154 BONDOGWATS4154\Geoff F-Secure Anti-Virus
Scanning of C:\DOCUMENTS AND SETTINGS\GEOFF\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\TEEZLUI9.DEFAULT\SESSIONSTORE-2.JS was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
Event Record #/Type1014 / Error
Event Submitted/Written: 04/26/2008 05:48:56 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
1 2008-04-26 17:48:42+01:00 bondogwats4154 BONDOGWATS4154\Geoff F-Secure Anti-Virus
Scanning of C:\WINDOWS\SYSTEM32\WUAUENG.DLL was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).
Event Record #/Type1009 / Error
Event Submitted/Written: 04/26/2008 05:12:23 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application HijackThis.exe, version 2.0.0.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type1008 / Error
Event Submitted/Written: 04/26/2008 05:12:22 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application HijackThis.exe, version 2.0.0.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type3889 / Warning
Event Submitted/Written: 04/27/2008 07:23:30 AM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Event Record #/Type3882 / Error
Event Submitted/Written: 04/26/2008 08:59:24 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Reference error message: The operation completed successfully.
.
Event Record #/Type3881 / Error
Event Submitted/Written: 04/26/2008 08:59:24 PM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.
Event Record #/Type3880 / Error
Event Submitted/Written: 04/26/2008 08:59:24 PM
Event ID/Source: 32 / SideBySide
Event Description:
Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
Event Record #/Type3851 / Error
Event Submitted/Written: 04/26/2008 05:44:39 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL.
Reference error message: The operation completed successfully.
.
-- End of Deckard's System Scanner: finished at 2008-04-27 07:45:21 ------------
