Here are the first scans. Totalscan will be coming shortly.
Deckard's System Scanner v20071014.68
Run by Chris on 2007-12-28 18:09:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
51: 2007-12-28 23:09:41 UTC - RP100 - Deckard's System Scanner Restore Point
50: 2007-12-28 22:45:15 UTC - RP99 - Software Distribution Service 3.0
49: 2007-12-27 17:13:55 UTC - RP98 - System Checkpoint
48: 2007-12-26 16:10:08 UTC - RP97 - Removed IM-me
47: 2007-12-25 13:39:17 UTC - RP96 - Installed IM-me
-- First Restore Point --
1: 2007-10-18 11:30:49 UTC - RP50 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 503 MiB (512 MiB recommended).-- HijackThis (run as Chris.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:11:15 PM, on 12/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\SiteAdvisor\6021\SiteAdv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Chris\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Chris.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/def ... earch.htmlR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.michiganreefers.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/def ... earch.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ie/def ... .yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6021\SiteAdv.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DACSMiniApp] C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 8881064187O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: bonspells - {11853d5f-f894-4cc7-bbc3-fc7a9dcfd896} - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
--
End of file - 8568 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 NCHSSVAD (SoundTap Recorder) - c:\windows\system32\drivers\nchssvad.sys <Not Verified; NCH Swift Sound; NCH Swift Sound Virtual Audio Device>
S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 0006401195674543mcinstcleanup (McAfee Application Installer Cleanup (0006401195674543)) - c:\windows\temp\000640~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-12-20 09:45:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-11-01 00:00:00 352 --a------ C:\WINDOWS\Tasks\McQcTask.job
2007-07-15 00:00:01 350 --a------ C:\WINDOWS\Tasks\McDefragTask.job
-- Files created between 2007-11-28 and 2007-12-28 -----------------------------
2007-12-28 18:02:14 0 dr-h----- C:\Documents and Settings\Chris\Recent
2007-12-28 16:46:11 0 d-------- C:\Program Files\Trend Micro
2007-12-25 08:39:18 0 d-------- C:\Program Files\Girl Tech
2007-12-24 10:05:12 0 d-------- C:\Documents and Settings\Alexis\Application Data\Fisher-Price
2007-12-23 20:26:01 0 d-------- C:\Program Files\Pro Imaging Powertoys
2007-12-23 20:26:01 0 d-------- C:\Program Files\Common Files\Nikon
2007-12-23 10:48:01 0 d-------- C:\Documents and Settings\Chris\Application Data\Fisher-Price
2007-12-23 10:47:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Fisher-Price
2007-12-23 10:44:45 0 d-------- C:\Program Files\Fisher-Price
2007-12-08 11:34:52 0 d-------- C:\Program Files\Full Tilt Poker
-- Find3M Report ---------------------------------------------------------------
2007-12-26 19:13:15 0 d-------- C:\Documents and Settings\Chris\Application Data\LimeWire
2007-12-25 14:26:17 0 d-------- C:\Program Files\LimeWire
2007-12-24 13:46:19 0 d-------- C:\Program Files\Nick Arcade
2007-12-24 13:45:28 0 d-------- C:\Program Files\Scholastic
2007-12-24 13:43:45 0 d-------- C:\Program Files\PartyPoker.net
2007-12-24 13:43:03 0 d-------- C:\Program Files\Yahoo! Games
2007-12-24 13:34:57 0 d-------- C:\Program Files\Nick Jr. Arcade
2007-12-23 20:26:01 0 d-------- C:\Program Files\Common Files
2007-12-23 11:29:29 0 d-------- C:\Program Files\Common Files\AOL
2007-12-23 11:29:08 0 d-------- C:\Program Files\Common Files\aolshare
2007-12-12 17:53:15 0 d-------- C:\Program Files\Dl_cats
2007-12-10 18:26:56 0 d-------- C:\Documents and Settings\Chris\Application Data\Juniper Networks
2007-12-08 11:34:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-25 09:04:46 10 --a------ C:\CONFIG.SYS
2007-11-10 10:10:38 0 d-------- C:\Documents and Settings\Chris\Application Data\SiteAdvisor
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLBTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [11/09/2004 04:41 PM]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [01/07/2004 01:01 AM]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 02:42 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6021\SiteAdv.exe" [12/19/2006 09:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [10/30/2006 09:36 AM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [08/20/2004 03:55 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [08/20/2004 03:51 PM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [08/17/2007 04:55 PM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [10/12/2004 04:54 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [01/27/2005 01:02 AM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [12/06/2004 01:05 AM]
"Dell Photo AIO Printer 922"="C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [11/10/2004 02:36 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 04:25 AM]
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [04/19/2007 12:33 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 05:24 AM]
"DACSMiniApp"="C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe" [08/24/2007 04:46 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 10:09 AM]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [07/13/2007 04:10 AM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
C:\Documents and Settings\Chris\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 1:04:12 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 4:44:06 AM]
DESKTOP.INI [8/10/2004 1:04:12 PM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [5/4/2005 12:41:22 AM]
QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [11/11/2004 11:59:36 AM]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [6/28/2007 8:59:56 AM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk
backup=C:\WINDOWS\pss\ymetray.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
-- End of Deckard's System Scanner: finished at 2007-12-28 18:12:02 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) 4 CPU 2.80GHz
Percentage of Memory in Use: 55%
Physical Memory (total/avail): 502.07 MiB / 225.42 MiB
Pagefile Memory (total/avail): 1226.08 MiB / 863.38 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1936.87 MiB
C: is Fixed (NTFS) - 33.41 GiB total, 10.59 GiB free.
D: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - HDS722540VLSA80 - 37.25 GiB - 3 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 33.41 GiB - C:
\PARTITION2 - Unknown - 3.8 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"="C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Chris\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=FHMJH71
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Chris
LOGONSERVER=\\FHMJH71
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Microsoft Office\OFFICE11\Business Contact Manager\IM;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft Office\OFFICE11\Business Contact Manager\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Chris\LOCALS~1\Temp
TMP=C:\DOCUME~1\Chris\LOCALS~1\Temp
USERDOMAIN=FHMJH71
USERNAME=Chris
USERPROFILE=C:\Documents and Settings\Chris
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Chris
(admin)Sherry
(admin)Madison
(admin)Alexis
Aiden
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Yahoo!\Yahoo! Music Jukebox\oggcodecs\uninst.exe
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> MsiExec.exe /I{F543B12A-13F5-487E-9314-F7D25E1BBE3E}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7 Wonders of the Ancient World (remove only) --> "C:\Program Files\AOL Games\7 Wonders of the Ancient World\Uninstall.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
America Online (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\Aolunins_us.exe
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
ArcSoft Camera Suite 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14FB1C47-B0F2-4DB6-B9C0-1A817862F9A3}\setup.exe" -l0x9
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Broadcom 440x 10/100 Integrated Controller --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1033
Broadcom Management Programs --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2A6282FF-B75B-463F-90F5-0A43732F690D} /l1033
Build-a-lot (remove only) --> "C:\Program Files\Yahoo! Games\Build-a-lot\Uninstall.exe"
Business Contact Manager for Outlook 2003 --> MsiExec.exe /I{66563AD8-637B-407F-BCA7-0233A16891AB}
Canon Camera Support Core Library --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1033
Canon Camera Window for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}
Canon MovieEdit Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{DE286975-ACF1-45B8-9EF7-34E162B2C817}
Canon PhotoRecord --> MsiExec.exe /X{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}
Canon RAW Image Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}
Canon RemoteCapture Task for ZoomBrowser EX --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}
Canon Utilities PhotoStitch 3.1 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}
Canon Utilities ZoomBrowser EX --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CiD Help --> C:\DOCUME~1\Chris\APPLIC~1\STYLEU~1\Holesaferoam.exe -uninstall
Companion wizard --> C:\Program Files\Common Files\Companion Wizard\compwiz.exe -u
Conexant D110 MDC V.9x Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Media Experience --> MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
Dell Photo AIO Printer 922 --> C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTUNST.EXE -NOLICENSE
Dell Picture Studio v3.0 --> MsiExec.exe /I{AF06CAE4-C134-44B1-B699-14FBDB63BD37}
DellConnect --> MsiExec.exe /X{52D56C42-8C69-4882-A661-39695537C9CF}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
FinalBurner Free v1.17.0.93 --> "C:\Program Files\FinalBurner\Uninstall.exe" "C:\Program Files\FinalBurner\install.log" -u
Full Tilt Poker --> "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fundamentals of Nursing 6e --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC31E358-7247-4143-890E-CE41AC1AD234}\setup.exe" -l0x9
Get High Speed Internet! --> MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Photo Album 5 --> MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Jasc Paint Shop Pro Studio, Dell Editon --> MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Juniper Networks Cache Cleaner 5.5.0 --> "C:\Documents and Settings\Chris\Application Data\Juniper Networks\Cache Cleaner 5.5.0\uninstall.exe"
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
LimeWire 4.14.12 --> "C:\Program Files\LimeWire\uninstall.exe"
Macromedia Flash Player --> MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
MediaTickets by OIN --> "C:\Program Files\Common Files\Yazzle1409OinUninstaller.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Small Business Edition 2003 --> MsiExec.exe /I{91CA0409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft RAW Image Thumbnailer and Viewer for Windows XP Version 1.0 (Build 50) --> MsiExec.exe /X{2E5A5B57-57FC-4C79-A239-9DB280ADEC2A}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Move Networks Player for Internet Explorer --> "C:\Documents and Settings\Chris\Application Data\Move Networks\ie_bin\unins000.exe"
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Nick Aracde Toolbar --> C:\Program Files\nickarcade\uninstall.exe -uninstall -prompt
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
Photo Click --> MsiExec.exe /I{6E179C77-7335-458D-9537-4F4EAC0181ED}
PowerDVD 5.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Puppy Grows & Knows Your Name 1.0 --> "C:\Program Files\Fisher-Price\Puppy Grows and Knows Your Name\unins000.exe"
Qualxserve Service Agreement --> MsiExec.exe /X{0F756CD9-4A1E-409B-B101-601DDC4C03AA}
QuickBooks Simple Start Special Edition --> msiexec.exe /I {F543B12A-13F5-487E-9314-F7D25E1BBE3E} UNIQUE_NAME="atomlimited" QBFULLNAME="QuickBooks Simple Start Special Edition" ADDREMOVE=1
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealArcade --> C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SpamBlockerUtility Browser, Weather and Wowpapers Tools --> "C:\Program Files\SpamBlockerUtility\Bin\SbUninst.exe" Web
SpamBlockerUtility Email Toolbar --> "C:\Program Files\SpamBlockerUtility\Bin\SbUninst.exe" Outlook
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
The Digital Arts and Crafts Studio --> MsiExec.exe /I{983338D4-D972-4C58-AA6D-B81445070451}
TradeWinds 2 (remove only) --> "C:\Program Files\Yahoo! Games\TradeWinds 2\Uninstall.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virtual Earth 3D (Beta) --> MsiExec.exe /X{619B8475-0F48-41B7-A370-5147F7092989}
Westward (remove only) --> "C:\Program Files\Yahoo! Games\Westward\Uninstall.exe"
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPatrol 2007 --> C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
Word Search Deluxe (remove only) --> "C:\Program Files\Word Search Deluxe\Uninstall.exe"
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Music Jukebox --> MsiExec.exe /X{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}
Yahoo! Photos Easy Upload Tool 1v6 --> C:\WINDOWS\system32\regsvr32 /u /s "C:\WINDOWS\cache\YDropper.dll"
Yahoo! Ten Pin Championship Bowling --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6DE14135-AC19-459A-8A1F-C2AA0AD2D9F7}\Setup.exe" -l0x9 -uninst
Yahoo! Toolbar for Internet Explorer --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type14944 / Warning
Event Submitted/Written: 12/28/2007 06:01:40 PM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355
Event Record #/Type14931 / Warning
Event Submitted/Written: 12/28/2007 04:25:20 PM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355
Event Record #/Type14928 / Warning
Event Submitted/Written: 12/28/2007 02:26:41 PM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355
Event Record #/Type14923 / Warning
Event Submitted/Written: 12/28/2007 10:01:39 AM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355
Event Record #/Type14918 / Warning
Event Submitted/Written: 12/27/2007 05:19:04 PM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type10138 / Error
Event Submitted/Written: 12/28/2007 06:06:38 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Computer Browser service terminated with the following error:
%%1460
Event Record #/Type10108 / Error
Event Submitted/Written: 12/28/2007 05:59:08 PM
Event ID/Source: 20 / Windows Update Agent
Event Description:
Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 7 for Windows XP.
Event Record #/Type10107 / Error
Event Submitted/Written: 12/28/2007 05:59:00 PM
Event ID/Source: 4373 / Internet Explorer 7 Disk
Event Description:
Internet Explorer 7 ie7 installation failed.
The configuration registry key could not be written.
Event Record #/Type10102 / Warning
Event Submitted/Written: 12/28/2007 05:49:20 PM
Event ID/Source: 20 / Print
Event Description:
Printer Driver Microsoft Office Document Image Writer Driver for Windows NT x86 Version-3 was added or updated. Files:- mdigraph.dll, mdiui.dll, mdiui.dll.
Event Record #/Type10101 / Warning
Event Submitted/Written: 12/28/2007 05:49:17 PM
Event ID/Source: 3 / Print
Event Description:
Printer Microsoft Office Document Image Writer was deleted.
-- End of Deckard's System Scanner: finished at 2007-12-28 18:12:02 ------------