[Warrenisit]

Honestly, I constantly scan my comp and am always looking to keep it secure. I never download smut but the one time I F!#$@^& did BAM!

[evilfantasy]

Lets take a closer look.


Download Deckard's System Scanner (DSS) to your Desktop.
Note: You must be logged onto an account with administrator privileges.

• Close all applications and windows.
• Double-click on dss.exe to run it, and follow the prompts.
• When the scan is complete, two text files will open
  • main.txt <- this one will be maximized
  • and extra.txt <- this one will be minimized
• Add the contents of main.txt in your post.
• Also add extra.txt to your post.

• The text from these files may exceed the maximum post length for this forum, and may need to be sent over 2 or more posts. Please ensure all text is posted.

What DSS will do:

• Create a new System Restore point in Windows XP and Vista.
• Clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
• Check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

[Warrenisit]

Here's half of the Main one.

Deckard's System Scanner v20071014.68
Run by Owner on 2008-01-10 21:33:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
55: 2008-01-11 03:33:09 UTC - RP55 - Deckard's System Scanner Restore Point
54: 2008-01-11 02:15:03 UTC - RP54 - Software Distribution Service 3.0
53: 2008-01-11 01:51:02 UTC - RP53 - Software Distribution Service 3.0
52: 2008-01-10 12:34:15 UTC - RP52 - Software Distribution Service 3.0
51: 2008-01-10 02:24:41 UTC - RP51 - Removed SpyZooka


-- First Restore Point --
1: 2007-12-19 20:01:09 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:35:05 PM, on 1/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit .exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe

--
End of file - 4564 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20071229-185531-989 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
backup-20080110-185623-928 O21 - SSODL: bklgvsf - {91B4E850-CB64-4E58-A6D7-CB77098ABE11} - (no file)
backup-20080110-185624-467 O21 - SSODL: ampkfst - {DE891973-DFFB-4992-8CFE-7C98636EE248} - C:\WINDOWS\ampkfst.dll (file missing)

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

S3 Profos - c:\program files\common files\bitdefender\bitdefender threat scanner\profos.sys (file missing)
S3 Trufos - c:\program files\common files\bitdefender\bitdefender threat scanner\trufos.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

Class GUID:
Description: USB Cable Modem
Device ID: USB\VID_07B2&PID_5101\0012C97DCC0B
Manufacturer:
Name: USB Cable Modem
PNP Device ID: USB\VID_07B2&PID_5101\0012C97DCC0B
Service:


-- Files created between 2007-12-10 and 2008-01-10 -----------------------------

2008-01-10 20:23:45 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-01-10 19:04:33 0 d-------- C:\Documents and Settings\Owner\DoctorWeb
2008-01-10 18:47:42 0 d-------- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-01-10 17:26:16 0 d-------- C:\Program Files\Helper
2008-01-10 12:36:41 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-01-10 12:36:41 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-01-10 12:36:41 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-01-10 12:36:41 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-01-10 12:36:41 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-01-10 12:36:41 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-01-10 12:36:41 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-01-10 12:36:41 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-01-10 12:36:41 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-01-10 12:36:41 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-01-10 12:36:41 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-01-10 12:36:41 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-01-10 12:36:41 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-01-10 12:36:41 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-01-10 06:33:49 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-01-09 20:23:52 0 d-------- C:\Documents and Settings\Owner\Application Data\PCToolsFirewallPlus
2008-01-09 20:20:50 0 d-------- C:\Program Files\Common Files\PC Tools
2008-01-09 20:20:47 0 d-------- C:\Program Files\PC Tools Firewall Plus
2008-01-09 20:17:59 0 d-------- C:\Program Files\ThreatFire
2008-01-09 20:17:59 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-01-09 19:34:38 728 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-09 19:34:01 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-09 19:34:01 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-09 19:34:01 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-09 19:34:01 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-09 19:34:01 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-09 19:05:54 0 d-------- C:\Program Files\SpyZooka
2008-01-08 04:32:33 0 d-------- C:\Documents and Settings\Owner\.housecall6.6
2008-01-07 21:54:30 0 d-------- C:\Program Files\Alwil Software
2008-01-07 21:34:30 0 --a------ C:\Install
2008-01-07 21:24:11 2 --a------ C:\-927745117
2008-01-07 21:24:07 54764 --a------ C:\WINDOWS\system32\mp32s.sys
2008-01-07 21:24:05 58880 --a------ C:\ydpgtbtq.exe
2008-01-07 21:24:05 54272 --a------ C:\einedoyg.exe
2008-01-07 21:24:04 81656 --a------ C:\dawkopdj.exe
2008-01-07 21:15:34 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-07 21:15:20 0 d-------- C:\Program Files\Spyware Doctor
2008-01-07 21:15:20 0 d-------- C:\Documents and Settings\Owner\Application Data\PC Tools
2008-01-07 20:06:41 81984 --a------ C:\WINDOWS\system32\bdod.bin
2008-01-07 20:05:50 0 d-------- C:\Program Files\BitDefender
2008-01-07 19:29:28 0 d-------- C:\Program Files\Common Files\BitDefender
2008-01-07 03:54:03 90112 --a------ C:\WINDOWS\foxflpd.exe
2008-01-06 11:20:44 0 d-------- C:\Documents and Settings\Owner\Application Data\CyberLink
2008-01-06 11:18:24 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-01-06 11:13:47 0 d-------- C:\WINDOWS\Profiles
2008-01-06 11:13:45 0 d-------- C:\WINDOWS\system32\Adobe
2008-01-06 11:13:45 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-06 11:13:44 0 d-------- C:\Documents and Settings\Owner\Application Data\InterTrust
2008-01-06 11:13:23 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-01-06 11:12:58 2973696 -----n--- C:\WINDOWS\NuNinst.exe <Not Verified; Nero AG; Nero Web Engine>
2008-01-06 11:12:55 8704 -----n--- C:\WINDOWS\system32\drivers\InCDrec.sys <Not Verified; Nero AG; InCD>
2008-01-06 11:12:55 29696 -----n--- C:\WINDOWS\system32\drivers\InCDpass.sys <Not Verified; Nero AG; InCD>
2008-01-06 11:12:55 99584 -----n--- C:\WINDOWS\system32\drivers\InCDfs.sys <Not Verified; Nero AG; InCD>
2008-01-06 11:12:55 0 d-------- C:\Program Files\Common Files\Ahead
2008-01-06 11:12:54 28672 -----n--- C:\WINDOWS\system32\drivers\InCDrm.sys <Not Verified; Nero AG; EasyWrite Reader>
2008-01-06 11:12:53 0 d-------- C:\WINDOWS\InCD
2008-01-06 11:12:53 0 d-------- C:\Program Files\Ahead
2008-01-06 11:11:03 0 d-------- C:\Program Files\CyberLink
2008-01-06 11:10:49 0 d-------- C:\MyWorks
2008-01-06 11:10:38 40960 --a------ C:\Program Files\Uninstall_CDS.exe
2008-01-06 11:10:37 0 d-------- C:\Program Files\CyberLink DVD Solution
2008-01-03 18:56:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-01-02 09:01:50 217127 --a------ C:\WINDOWS\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)>
2008-01-02 09:01:50 208935 --a------ C:\WINDOWS\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)>
2008-01-02 09:01:50 176165 --a------ C:\WINDOWS\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)>
2008-01-02 09:01:48 0 d-------- C:\Program Files\VSO
2008-01-02 01:45:08 0 d-------- C:\WINDOWS\Sun
2008-01-02 01:45:08 0 d-------- C:\Documents and Settings\Owner\Application Data\Sun
2008-01-02 01:44:33 0 d-------- C:\Program Files\Java
2008-01-02 01:44:05 0 d-------- C:\Program Files\Common Files\Java
2008-01-01 10:13:53 0 d-------- C:\Documents and Settings\Owner\.dvdcss
2007-12-31 23:32:13 225280 --a------ C:\WINDOWS\system32\KPDPMUI.dll <Not Verified; Eastman Kodak Company; Kodak EasyShare printer>
2007-12-31 23:32:13 290816 --a------ C:\WINDOWS\system32\KPDPM.dll <Not Verified; Eastman Kodak Company; Kodak EasyShare printer>
2007-12-31 23:31:45 0 d-------- C:\Program Files\Common Files\Kodak
2007-12-31 23:31:36 0 d-------- C:\KPCMS
2007-12-29 23:12:57 0 d-------- C:\WINDOWS\SxsCaPendDel
2007-12-29 21:22:13 0 d-------- C:\Program Files\Common Files\xing shared
2007-12-29 21:21:49 0 d-------- C:\Program Files\Real
2007-12-29 21:21:46 0 d-------- C:\Program Files\Common Files\Real
2007-12-29 21:21:43 0 d-------- C:\Documents and Settings\Owner\Application Data\Real
2007-12-29 18:59:48 0 d-------- C:\Program Files\CCleaner
2007-12-29 05:25:32 0 d-------- C:\Documents and Settings\Owner\Application Data\ArcSoft
2007-12-29 05:25:08 11776 --a------ C:\WINDOWS\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
2007-12-29 05:24:29 212480 --a------ C:\WINDOWS\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2007-12-29 05:12:18 0 d-------- C:\Program Files\Trend Micro
2007-12-29 05:06:39 0 d-------- C:\WINDOWS\Pixart
2007-12-29 05:06:37 0 d-------- C:\Program Files\CIF USB Camera
2007-12-29 04:48:14 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-29 04:47:48 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-12-29 04:47:48 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2007-12-29 04:47:27 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-22 22:54:50 0 d-------- C:\Program Files\Microsoft Works
2007-12-22 22:50:41 0 d-------- C:\WINDOWS\SHELLNEW
2007-12-22 22:49:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-22 22:49:21 0 dr-h----- C:\MSOCache
2007-12-22 22:07:49 0 d-------- C:\Program Files\Microsoft Small Business
2007-12-22 22:05:25 0 d-------- C:\Program Files\Microsoft.NET
2007-12-22 22:03:53 0 d-------- C:\Program Files\Microsoft SQL Server
2007-12-22 21:44:31 0 d-------- C:\Documents and Settings\Owner\Application Data\Uniblue
2007-12-22 21:44:18 0 d-------- C:\Program Files\Uniblue
2007-12-21 17:27:23 0 d-------- C:\81580206dda5769dd93d
2007-12-21 10:26:41 15721 --a------ C:\logfile
2007-12-21 01:21:38 0 d-------- C:\Program Files\MediaCoder
2007-12-21 01:06:52 0 d-------- C:\Program Files\MSXML 4.0
2007-12-20 20:09:25 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-12-20 18:44:07 0 d-------- C:\WINDOWS\system32\PreInstall
2007-12-20 17:40:11 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-12-20 12:57:41 0 d-------- C:\Program Files\PeerGuardian2
2007-12-20 12:34:19 0 d-------- C:\Program Files\uTorrent
2007-12-20 12:34:13 0 d-------- C:\Documents and Settings\Owner\Application Data\uTorrent
2007-12-19 20:01:47 0 d-------- C:\Program Files\Snood
2007-12-19 19:54:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2007-12-19 19:46:54 0 d-------- C:\Program Files\Master of Defense
2007-12-19 19:35:32 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-12-19 19:35:32 0 d-------- C:\Documents and Settings\Owner\Application Data\Vso
2007-12-19 19:35:32 47360 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2007-12-19 19:29:18 0 d-------- C:\TempDVD
2007-12-19 19:29:14 0 d-------- C:\Program Files\dvdSanta
2007-12-19 19:18:53 0 d-------- C:\Program Files\Windows Media Connect 2
2007-12-19 19:18:00 0 d-------- C:\ba96c27ff82a21f9c0763e
2007-12-19 19:17:56 0 d-------- C:\WINDOWS\system32\LogFiles
2007-12-19 19:17:56 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-12-19 19:17:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-12-19 19:09:24 86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>
2007-12-19 19:09:18 0 d-------- C:\WINDOWS\system32\QuickTime
2007-12-19 19:09:18 0 d-------- C:\Program Files\QuickTime
2007-12-19 19:09:18 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2007-12-19 19:09:08 0 d-------- C:\WINDOWS\system32\BWKDLogs
2007-12-19 19:08:45 0 d-------- C:\WINDOWS\system32\color
2007-12-19 19:07:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Kodak
2007-12-19 19:07:27 0 d-------- C:\Program Files\Kodak
2007-12-19 18:34:58 1397 --a------ C:\WINDOWS\mozver.dat
2007-12-19 18:17:12 0 d-------- C:\Documents and Settings\Owner\Application Data\Talkback
2007-12-19 18:17:04 0 --a------ C:\WINDOWS\nsreg.dat
2007-12-19 18:17:01 0 d-------- C:\Documents and Settings\Owner\Application Data\Mozilla
2007-12-19 18:07:38 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2007-12-19 18:07:17 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2007-12-19 18:06:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-12-19 18:05:13 0 d-------- C:\Program Files\Yahoo!
2007-12-19 14:53:29 0 d-------- C:\WINDOWS\system32\Lang
2007-12-19 14:49:21 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2007-12-19 14:49:16 0 d-------- C:\Documents and Settings\LocalService\Application

[Warrenisit]

The second half of Main

Data\AVG7
2007-12-19 14:49:02 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-12-19 14:47:16 0 d-------- C:\Program Files\Lavasoft
2007-12-19 14:39:53 0 d-------- C:\Program Files\S3
2007-12-19 14:38:50 49152 -r------- C:\WINDOWS\system32\ChCfg.exe
2007-12-19 14:38:30 0 d-------- C:\WINDOWS\system32\RTCOM
2007-12-19 14:37:43 0 d-------- C:\Program Files\Realtek
2007-12-19 14:37:33 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2007-12-19 14:37:32 520192 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2007-12-19 14:37:23 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-19 14:36:57 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-12-19 14:36:41 0 d-------- C:\Program Files\VIA
2007-12-19 14:36:31 0 d-------- C:\Program Files\Common Files\InstallShield
2007-12-19 14:36:07 10288 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-12-19 14:00:58 0 d-------- C:\Documents and Settings\Owner\Application Data\Identities
2007-12-19 14:00:39 0 dr-h----- C:\Documents and Settings\Owner\SendTo
2007-12-19 14:00:39 0 d--h----- C:\Documents and Settings\Owner\PrintHood
2007-12-19 14:00:39 0 d--h----- C:\Documents and Settings\Owner\NetHood
2007-12-19 14:00:39 0 dr------- C:\Documents and Settings\Owner\My Documents
2007-12-19 14:00:39 0 d--h----- C:\Documents and Settings\Owner\Local Settings
2007-12-19 14:00:39 0 dr------- C:\Documents and Settings\Owner\Favorites
2007-12-19 14:00:39 0 d-------- C:\Documents and Settings\Owner\Desktop
2007-12-19 14:00:39 0 d---s---- C:\Documents and Settings\Owner\Cookies
2007-12-19 14:00:39 0 dr-h----- C:\Documents and Settings\Owner\Application Data
2007-12-19 14:00:38 0 d--h----- C:\Documents and Settings\Owner\Templates
2007-12-19 14:00:38 0 dr------- C:\Documents and Settings\Owner\Start Menu
2007-12-19 14:00:38 2883584 --ah----- C:\Documents and Settings\Owner\NTUSER.DAT
2007-12-19 14:00:33 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-12-19 14:00:22 0 d-------- C:\WINDOWS\Prefetch
2007-12-19 14:00:16 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-12-19 14:00:15 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-12-19 14:00:15 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-12-19 14:00:15 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2007-12-19 14:00:15 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-12-19 14:00:15 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-12-19 13:57:11 225280 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-12-19 13:57:11 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-12-19 13:57:11 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2007-12-19 13:57:11 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-12-19 13:57:11 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-12-19 13:54:29 0 d-------- C:\WINDOWS\system32\xircom
2007-12-19 13:54:29 0 d-------- C:\Program Files\microsoft frontpage
2007-12-19 13:54:27 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-12-19 13:54:19 0 d--h----- C:\WINDOWS\$hf_mig$
2007-12-19 13:54:00 0 -rahs---- C:\MSDOS.SYS
2007-12-19 13:54:00 0 -rahs---- C:\IO.SYS
2007-12-19 13:54:00 0 --a------ C:\CONFIG.SYS
2007-12-19 13:54:00 0 --a------ C:\AUTOEXEC.BAT
2007-12-19 13:53:00 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-12-19 13:52:52 0 dr------- C:\WINDOWS\Offline Web Pages
2007-12-19 13:52:52 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-12-19 13:52:42 0 d--h----- C:\Program Files\WindowsUpdate
2007-12-19 13:52:25 0 d-------- C:\WINDOWS\system32\DirectX
2007-12-19 13:51:57 0 d---s---- C:\WINDOWS\Tasks
2007-12-19 13:51:56 0 d-------- C:\Program Files\Common Files\MSSoap
2007-12-19 13:51:53 0 d-------- C:\WINDOWS\srchasst
2007-12-19 13:51:52 0 d-------- C:\WINDOWS\system32\Macromed
2007-12-19 13:51:46 0 d-------- C:\Program Files\Movie Maker
2007-12-19 13:51:39 0 d-------- C:\WINDOWS\system32\Restore
2007-12-19 13:51:25 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-12-19 13:51:09 0 d-------- C:\WINDOWS\Registration
2007-12-19 13:50:45 0 d-------- C:\Program Files\Online Services
2007-12-19 13:50:41 0 d-------- C:\Program Files\Messenger
2007-12-19 13:50:38 0 d-------- C:\Program Files\MSN Gaming Zone
2007-12-19 13:50:06 0 d-------- C:\Program Files\Windows NT
2007-12-19 13:50:02 0 d-------- C:\WINDOWS\system32\MsDtc
2007-12-19 13:50:01 0 d-------- C:\WINDOWS\system32\Com
2007-12-19 07:29:47 0 d--hs---- C:\WINDOWS\Installer
2007-12-19 07:29:47 0 d-------- C:\Program Files\Common Files\ODBC
2007-12-19 07:29:43 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-12-19 07:29:42 0 dr------- C:\Program Files
2007-12-19 07:29:42 0 d-------- C:\Program Files\Common Files
2007-12-19 07:29:17 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-12-19 07:29:17 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-12-19 07:29:17 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-12-19 07:29:17 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-12-19 07:29:17 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-12-19 07:29:17 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-12-19 07:29:17 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-12-19 07:29:17 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-12-19 07:29:17 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-12-19 07:29:17 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-12-19 07:29:17 0 d---s---- C:\Documents and Settings\Default User\Cookies
2007-12-19 07:29:17 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-12-19 07:29:17 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-12-19 07:29:17 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-12-19 07:29:17 0 dr------- C:\Documents and Settings\All Users\Documents
2007-12-19 07:29:17 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-12-19 07:27:26 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-12-19 07:27:26 0 d-------- C:\WINDOWS\system32\CatRoot
2007-12-19 07:27:21 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-12-19 07:27:21 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-12-19 07:27:21 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-12-19 07:27:21 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-12-19 07:26:54 0 d-------- C:\Documents and Settings
2007-12-19 07:26:53 0 d--hs---- C:\System Volume Information
2007-12-19 07:18:58 0 d-------- C:\WINDOWS
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\WinSxS
2007-12-19 07:18:58 0 dr------- C:\WINDOWS\Web
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\twain_32
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\wins
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\wbem
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\usmt
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\spool
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\ShellExt
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\Setup
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\ras
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\oobe
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\npp
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\mui
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\inetsrv
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\IME
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\icsxml
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\ias
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\export
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\drivers
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-12-19 07:18:58 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\dhcp
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\config
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\3076
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\2052
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1054
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1042
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1041
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1037
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1033
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1031
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1028
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system32\1025
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\system
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\security
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Resources
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\repair
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Provisioning
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\PeerNet
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\pchealth
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\mui
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\msapps
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\msagent
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Media
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\java
2007-12-19 07:18:58 0 d--h----- C:\WINDOWS\inf
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\ime
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Help
2007-12-19 07:18:58 0 dr--s---- C:\WINDOWS\Fonts
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Driver Cache
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Debug
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Cursors
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Connection Wizard
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\Config
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\AppPatch
2007-12-19 07:18:58 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-01-02 09:02:00 34 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.log
2008-01-02 09:01:52 1144 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.inf
2008-01-02 09:01:52 7887 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.cat
2007-12-19 07:29:17 62 --ahs---- C:\Documents and Settings\Owner\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ThreatFire"="C:\Program Files\ThreatFire\TFTray.exe" [12/20/2007 11:13 AM]
"00PCTFW"="C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" [12/31/2007 09:16 AM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumpre p 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"PowerBar"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/21/2007 02:06 PM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 05:43 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"ClearRecentDocsOnExit"=00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,useri nit.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdcoreservice"




-- End of Deckard's System Scanner: finished at 2008-01-10 21:36:57 ------------

[Warrenisit]

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz
CPU 1: Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz
Percentage of Memory in Use: 37%
Physical Memory (total/avail): 895.17 MiB / 557.22 MiB
Pagefile Memory (total/avail): 2168.09 MiB / 1840.02 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1895.89 MiB

A: is Removable (Unformatted)
C: is Fixed (NTFS) - 37.27 GiB total, 10.23 GiB free.
D: is CDROM (UDF)

\\.\PHYSICALDRIVE0 - WDC WD400BB-75CLB0 - 37.27 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.27 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntivirusOverride is set.

FW: PC Tools Firewall Plus v3.0.0 (PC Tools)
FW: Bitdefender Firewall v8.0 (BitDefender) Disabled
AV: Bitdefender Antivirus v8.0 (BitDefender) Disabled
AV: avast! antivirus 4.7.1098 [VPS 080110-0] v4.7.1098 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\ \Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Ena bled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Progra m Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Ya hoo! FT Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS \\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS \\system32\\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Disabled:EasyShare"
"C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\win99.exe"=" C:\\DOCUME~1\\Owner\\LOCALS~1\\Temp\\win99.exe:*:E nabled:win99"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=WARREN1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\WARREN1
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=WARREN1
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)
Administrator (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\PC Tools Firewall Plus\unins000.exe /LOG
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-aware 6 Professional --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,Run Setup
CardRd81 --> MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CIF USB Camera --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{066A1255-1299-4EBA-B9B3-FA7FB14F92E4}\Setup.exe" -l0x9
ConvertXtoDVD 2.2.3.258h --> "C:\Program Files\VSO\ConvertXtoDVD\unins000.exe"
CR2 --> MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
dvdSanta 4.00 --> "C:\Program Files\dvdSanta\unins000.exe"
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
ESSTUTOR --> MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\s puninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HLPIndex --> MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HLPRFO --> MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593}
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunins t.exe"
InCD --> C:\WINDOWS\NuNInst.exe /UNINSTALL
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140011_a6aefb7\Se tup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Master of Defense (remove only) --> C:\Program Files\Master of Defense\Uninstall.exe
MediaCoder 0.6.0 --> C:\Program Files\MediaCoder\uninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spu ninst.exe"
Microsoft Office 2003 Web Components --> MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Accounting 2007 --> "c:\Program Files\Microsoft Small Business\Small Business Accounting 2007\SetupBootstrap\Setup.exe" /remove {B0717D5A-1976-482B-9ADF-F19631A541A4}
Microsoft Office Accounting 2007 --> MsiExec.exe /X{B0717D5A-1976-482B-9ADF-F19631A541A4}
Microsoft Office Accounting ADP Payroll Addin --> MsiExec.exe /I{5FA793A6-0071-42C1-9355-8F69A428C44F}
Microsoft Office Accounting Equifax Addin --> MsiExec.exe /X{8C711818-076E-475C-B95B-DF11CD9D8DBE}
Microsoft Office Accounting Fixed Asset Manager --> MsiExec.exe /X{46614A49-222A-48EF-87A9-BFD603E608E1}
Microsoft Office Accounting PayPal Addin --> MsiExec.exe /X{353D20CC-719B-4A60-AD33-D03F88C10330}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional 2007 --> MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Professional 2007 Trial --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components --> MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft SQL Server Native Client --> MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spunin st.exe"
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Multimedia Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
PC Tools Firewall Plus 3.0 --> "C:\Program Files\PC Tools Firewall Plus\unins000.exe"
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Snood for Windows version 3.52-W --> "C:\Program Files\Snood\unins000.exe"
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SUPERAntiSpyware Professional --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
ThreatFire 3.0 --> "C:\Program Files\ThreatFire\unins000.exe"
Uniblue SpeedUpMyPC --> "C:\Program Files\Uniblue\SpeedUpMyPC\unins000.exe"
VIA Platform Device Manager --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\ID river.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA Rhine-Family Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VIA/S3G Display Driver 6.14.10.0071 --> C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spunin st.exe"
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type1467 / Error
Event Submitted/Written: 01/10/2008 09:36:27 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Event Record #/Type1466 / Error
Event Submitted/Written: 01/10/2008 09:36:00 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Event Record #/Type1465 / Error
Event Submitted/Written: 01/10/2008 09:36:00 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Event Record #/Type1464 / Error
Event Submitted/Written: 01/10/2008 09:36:00 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Event Record #/Type1463 / Error
Event Submitted/Written: 01/10/2008 09:36:00 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type3494 / Warning
Event Submitted/Written: 01/10/2008 09:27:50 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type3477 / Error
Event Submitted/Written: 01/10/2008 09:05:20 PM
Event ID/Source: 1000 / Dhcp
Event Description:
Your computer has lost the lease to its IP address 192.168.100.13 on the
Network Card with network address 001BFCF59F5F.

Event Record #/Type3476 / Warning
Event Submitted/Written: 01/10/2008 09:05:20 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001BFCF59F5F. The following
error occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type3467 / Error
Event Submitted/Written: 01/10/2008 09:04:46 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 24.119.17.50 for the Network Card with network address 001BFCF59F5F has been
denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type3434 / Error
Event Submitted/Written: 01/10/2008 08:08:56 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The avast! Mail Scanner service terminated unexpectedly. It has done this 1 time(s).



-- End of Deckard's System Scanner: finished at 2008-01-10 21:36:57 ------------

[evilfantasy]

I can't see anything in there.

Try installing StartUp Tool

Run it and if you see anything that needs to be removed from startup just right click it and choose delete.

If nothing turns up with that make a thread in the Windows Operating Systems forum. More people will see it there and you will get a quicker response. I am unsure what is going on with that.

[Warrenisit]

Thanks for all your help man. I'll point friends to this site if they have troubles also.

[evilfantasy]

No problem,

Safe surfing.......