My PC is acting strange

V-P · January 2008

It's actually my laptop and I know there isn't any major problems but it has been acting funny lately. When I try to open Spybot, it shows up in the process list but the GUI never actually shows up. Other random things like that happen too... Here's a HijackThis log if someone could look it over. Thanks a lot guys.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:06:49 PM, on 1/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Vash Patel\Desktop\Y'z\YzDock.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Vash Patel\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe (What is this?)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4974 bytes

V-P · January 2008

This is getting really annoying. Winamp doesn't show up either. It's in the processes but it's nowhere to be found and same with Nero StartSmart.

V-P · January 2008

V|P wrote:

This is getting really annoying. Winamp doesn't show up either. It's in the processes but it's nowhere to be found and same with Nero StartSmart.

I know this is kind of repetitive but someone please help me out. I'm getting really frustrated because random programs are hanging on me. I would re-install XP except I can't even back anything up since Nero won't start. Winamp works sometimes, and doesn't other times, and Spybot, Nero, and Steam won't even start though they show up in the process list... I did a virus check with AVG with no viruses and 1 or 2 minor spyware. Ad-aware gave me nothing and spybot won't start. This just started happening yesterday and I didn't install anything new....

Trogan · January 2008

Hi,

mdnsresponder.exe is a process associated with "Bonjour for Windows" software. It is used by ITunes for music sharing.

There's nothing bad showing in your log, but you don't have an Anti-Virus or Firewall program running. Is there a reason for that?

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
- Extended (if available otherwise Standard)
- Scan Options:
- Scan Archives
  Scan Mail Bases
Click OK
Now under select a target to scan:
- Select My Computer
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
Save the file to your desktop.

Post the Kaspersky report back here.

If you have any program(s) disabled on startup, enable them and post a new HijackThis log.

V-P · January 2008

http://icrontic.com/forum/attachment.php?attachmentid=24658&stc=1&d=1200255187

I know I should be using firewalls and anti-virus but I just never do. And I've really never had any problems with viruses or spyware other than when I was really young and didn't know any better.

-------------------------------------------------------------------------------
 KASPERSKY ONLINE SCANNER REPORT
 Sunday, January 13, 2008 3:12:52 PM
 Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner version: 5.0.98.0
 Kaspersky Anti-Virus database last update: 13/01/2008
 Kaspersky Anti-Virus database records: 510121
-------------------------------------------------------------------------------

Scan Settings:
	Scan using the following antivirus database: extended
	Scan Archives: true
	Scan Mail Bases: true

Scan Target - My Computer:
	C:\
	D:\
	E:\
	F:\
	G:\

Scan Statistics:
	Total number of scanned objects: 70755
	Number of viruses found: 0
	Number of infected objects: 0
	Number of suspicious objects: 0
	Duration of the scan process: 01:13:37

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log	Object is locked	skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck	Object is locked	skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\AvgFwLog.log	Object is locked	skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\AvgFwLog.log.lck	Object is locked	skipped
C:\Documents and Settings\All Users\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log	Object is locked	skipped
C:\Documents and Settings\LocalService\Cookies\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\NTUSER.DAT	Object is locked	skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT	Object is locked	skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings\Vash Patel\Cookies\index.dat	Object is locked	skipped
C:\Documents and Settings\Vash Patel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\Vash Patel\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\Vash Patel\Local Settings\History\History.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\Vash Patel\Local Settings\Temp\Perflib_Perfdata_e00.dat	Object is locked	skipped
C:\Documents and Settings\Vash Patel\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat	Object is locked	skipped
C:\Documents and Settings\Vash Patel\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\Vash Patel\NTUSER.DAT	Object is locked	skipped
C:\Documents and Settings\Vash Patel\ntuser.dat.LOG	Object is locked	skipped
C:\Program Files\Nero\Nero8\Nero BackItUp\BIU1.txt	Object is locked	skipped
C:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped
C:\System Volume Information\_restore{272DC9B1-133D-4494-90D0-0F7866EC36A4}\RP35\A0008732.dll	Object is locked	skipped
C:\System Volume Information\_restore{272DC9B1-133D-4494-90D0-0F7866EC36A4}\RP37\change.log	Object is locked	skipped
C:\WINDOWS\Debug\PASSWD.LOG	Object is locked	skipped
C:\WINDOWS\S8E4BE0F7.tmp	Object is locked	skipped
C:\WINDOWS\SchedLgU.Txt	Object is locked	skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{C2D1E9B0-BF92-4481-A5BE-6647AA0CC6BA}.bin	Object is locked	skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log	Object is locked	skipped
C:\WINDOWS\Sti_Trace.log	Object is locked	skipped
C:\WINDOWS\svchost.exe	Object is locked	skipped
C:\WINDOWS\system32\CatRoot2\edb.log	Object is locked	skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb	Object is locked	skipped
C:\WINDOWS\system32\config\AppEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\default	Object is locked	skipped
C:\WINDOWS\system32\config\default.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\Internet.evt	Object is locked	skipped
C:\WINDOWS\system32\config\ODiag.evt	Object is locked	skipped
C:\WINDOWS\system32\config\OSession.evt	Object is locked	skipped
C:\WINDOWS\system32\config\SAM	Object is locked	skipped
C:\WINDOWS\system32\config\SAM.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\SecEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\SECURITY	Object is locked	skipped
C:\WINDOWS\system32\config\SECURITY.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\software	Object is locked	skipped
C:\WINDOWS\system32\config\software.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\SysEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\system	Object is locked	skipped
C:\WINDOWS\system32\config\system.LOG	Object is locked	skipped
C:\WINDOWS\system32\drivers\sptd.sys	Object is locked	skipped
C:\WINDOWS\system32\h323log.txt	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP	Object is locked	skipped
C:\WINDOWS\wiadebug.log	Object is locked	skipped
C:\WINDOWS\wiaservc.log	Object is locked	skipped
C:\WINDOWS\WindowsUpdate.log	Object is locked	skipped
C:\WINDOWS\xcopy.exe	Object is locked	skipped

Scan process completed.

Trogan · January 2008

Since it's you, I won't tell you to get an Anti-Virus or Firewall.

Anyway, the Kaspersky report is clean.

Have you tried reinistalling the programs? What about deleting the respective folders from Program Files first?

V-P · January 2008

Trogan wrote:

Since it's you, I won't tell you to get an Anti-Virus or Firewall.

Anyway, the Kaspersky report is clean.

Have you tried reinistalling the programs? What about deleting the respective folders from Program Files first?

Well if it was a certain program giving me problems, I would reinstall it, but this is across the board. For example, when I turned my computer on today, my recycle bin icon has changed to the generic icons for applications that windows doesn't know how to open. Txt files have that icon too... I have no idea what's wrong since all my reports are clean...

Trogan · January 2008

Not sure what's going on, but lets take a deeper look...

Download Deckard's System Scanner (DSS) to your desktop.

Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, a text file will open - Main.txt
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of Main.txt in your thread in the HijackThis Log Help Forum.
A folder, C:\Deckard\System Scanner, will also open. In it will be another text file, Extra.txt.
Please also copy the contents of Extra.txt to your post as well.
Note: some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so.

What DSS will do:
create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

V-P · January 2008

Thanks a lot for your help.

Here's Main:

Deckard's System Scanner v20071014.68
Run by Vash Patel on 2008-01-13 21:53:04
Computer is in Normal Mode.

-- HijackThis (run as Vash Patel.exe)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:53:19 PM, on 1/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Documents and Settings\Vash Patel\Desktop\Y'z\YzDock.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Vash Patel\Desktop\dss.exe
C:\DOCUME~1\VASHPA~1\Desktop\Vash Patel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5536 bytes

-- Files created between 2007-12-13 and 2008-01-13

2008-01-13 14:11:06 1211 -rahs---- C:\WINDOWS\xcopy.exe
2008-01-13 14:11:06 70207 -rahs---- C:\WINDOWS\svchost.exe
2008-01-13 13:47:20 0 d

C:\WINDOWS\system32\Kaspersky Lab
2008-01-13 13:41:29 0 d

C:\Program Files\Kaspersky Lab
2008-01-13 13:41:29 0 d

C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-13 13:40:44 0 d

C:\KAV
2008-01-12 21:25:53 0 dr-h

C:\Documents and Settings\Vash Patel\Recent
2008-01-12 21:15:15 0 dr-h

C:\$VAULT$.AVG
2008-01-12 20:30:48 0 d

C:\Documents and Settings\LocalService\Application Data\AVG7
2008-01-12 20:28:54 0 d

C:\Documents and Settings\Vash Patel\Application Data\AVG7
2008-01-12 20:28:43 0 d

C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-12 20:28:43 0 d

C:\Documents and Settings\All Users\Application Data\avg7
2008-01-12 20:05:39 0 d

C:\Program Files\Lavasoft
2008-01-12 20:05:39 0 d

C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-12 20:05:06 0 d

C:\Program Files\Common Files\Wise Installation Wizard
2008-01-12 20:02:06 0 d

C:\spoolerlogs
2008-01-11 20:28:23 0 d

C:\Program Files\Elaborate Bytes
2008-01-11 20:04:52 715248 --a

C:\WINDOWS\system32\drivers\sptd.sys
2008-01-11 18:50:45 0 d

C:\MP3
2008-01-11 16:17:20 0 d

C:\Program Files\uTorrent
2008-01-11 16:17:15 0 d

C:\Documents and Settings\Vash Patel\Application Data\uTorrent
2008-01-10 21:24:02 0 d

C:\Documents and Settings\Vash Patel\Application Data\BitTyrant
2008-01-09 19:15:57 94208 --a

C:\WINDOWS\system32\GTW32N50.dll
2008-01-09 19:15:57 15872 --a

C:\WINDOWS\system32\GTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-01-09 19:15:55 32768 --a

C:\WINDOWS\system32\GTGina.dll <Not Verified; Gemtek; GTGina Dynamic Link Library>
2008-01-09 14:49:41 0 d

C:\Program Files\Bethesda Softworks
2008-01-08 14:50:58 0 d

C:\Program Files\Sniper Elite
2008-01-07 21:04:54 36864 --a

C:\WINDOWS\system32\ILUT.dll <Not Verified; Abysmal Software; Developer's Image Utility Toolkit Library>
2008-01-07 21:04:54 81920 --a

C:\WINDOWS\system32\ILU.dll <Not Verified; Abysmal Software; Developer's Image Utilities Library>
2008-01-07 21:04:54 161280 --a

C:\WINDOWS\system32\fmod.dll <Not Verified; Firelight Technologies Pty, Ltd; FMOD>
2008-01-07 21:04:54 864256 --a

C:\WINDOWS\system32\DevIL.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2008-01-07 21:04:47 0 d

C:\Program Files\Lugaru
2008-01-07 19:31:01 0 d

C:\Documents and Settings\Vash Patel\Application Data\dvdcss
2008-01-07 18:01:40 0 d

C:\Program Files\SystemRequirementsLab
2008-01-07 18:01:27 0 d

C:\Documents and Settings\Vash Patel\Application Data\SystemRequirementsLab
2008-01-06 19:45:34 0 d

C:\Program Files\Foxit Software
2008-01-06 19:17:44 0 d

C:\Downloads
2008-01-05 23:09:27 0 d

C:\Documents and Settings\Vash Patel\Application Data\Nero
2008-01-05 22:27:14 196608 --a

C:\WINDOWS\system32\NCTWMAFile2.dll <Not Verified; NCT Company Ltd.; NCTWMAFile2 ActiveX DLL>
2008-01-05 22:27:14 335872 --a

C:\WINDOWS\system32\NCTAudioVisualization2.dll <Not Verified; NCT Company Ltd.; NCTAudioVisualization2 ActiveX DLL>
2008-01-05 22:27:14 307200 --a

C:\WINDOWS\system32\NCTAudioRecord2.dll <Not Verified; NCT Company Ltd.; NCTAudioRecord2 ActiveX DLL>
2008-01-05 22:27:14 315392 --a

C:\WINDOWS\system32\NCTAudioPlayer2.dll <Not Verified; NCT Company Ltd.; NCTAudioPlayer2 ActiveX DLL>
2008-01-05 22:27:14 647168 --a

C:\WINDOWS\system32\NCTAudioLibrary.dll <Not Verified; NCT Company Ltd.; NCTAudioLibrary ActiveX DLL>
2008-01-05 22:27:14 892928 --a

C:\WINDOWS\system32\NCTAudioInformation.dll <Not Verified; NCT Company Ltd.; NCTAudioInformation ActiveX DLL>
2008-01-05 22:27:14 327680 --a

C:\WINDOWS\system32\NCTAudioGrabber.dll <Not Verified; NCT Company; NCTAudioGrabber ActiveX DLL>
2008-01-05 22:27:14 1839104 --a

C:\WINDOWS\system32\NCTAudioFile2.dll <Not Verified; NCT Company Ltd.; NCTAudioFile2 ActiveX DLL>
2008-01-05 22:27:14 1703936 --a

C:\WINDOWS\system32\NCTAudioFile.dll <Not Verified; NCT Company; NCTAudioFile ActiveX DLL>
2008-01-05 22:27:14 1662976 --a

C:\WINDOWS\system32\NCTAudioCompress2.dll <Not Verified; NCT Company Ltd.; NCTAudioCompress2 Module>
2008-01-05 22:27:12 101888 --a

C:\WINDOWS\system32\VB6STKIT.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-01-05 22:27:12 413760 --a

C:\WINDOWS\system32\mpg4c32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec>
2008-01-05 01:42:25 0 d

C:\Program Files\Nero
2008-01-05 01:42:25 0 d

C:\Program Files\Common Files\Nero
2008-01-05 01:42:25 0 d

C:\Documents and Settings\All Users\Application Data\Nero
2008-01-04 23:37:35 0 d

C:\Program Files\Stardock
2008-01-04 23:37:35 0 d

C:\Program Files\Common Files\Stardock
2008-01-04 21:27:26 0 d

C:\Program Files\Common Files\Adobe Systems Shared
2008-01-04 18:51:54 0 d

C:\Program Files\Easy Video Joiner
2008-01-04 18:27:05 0 d

C:\Documents and Settings\Vash Patel\Application Data\Thinstall
2008-01-04 16:38:08 0 d

C:\Program Files\MSXML 4.0
2008-01-04 16:01:25 0 d

C:\Program Files\Microsoft Works
2008-01-04 15:58:32 0 d

C:\WINDOWS\SHELLNEW
2008-01-04 15:58:03 0 d

C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-04 15:57:45 0 dr-h

C:\MSOCache
2008-01-04 15:52:37 0 d

C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-01-04 15:49:55 0 d

C:\Documents and Settings\All Users\Application Data\Adobe
2008-01-04 15:39:39 0 d

C:\Program Files\Common Files\Macrovision Shared
2008-01-04 15:38:39 0 d

C:\Program Files\Common Files\Adobe
2008-01-04 15:32:31 0 d

C:\Program Files\PowerISO
2008-01-03 22:09:35 0 d

C:\WINDOWS\Sun
2008-01-03 22:09:35 0 d

C:\Documents and Settings\Vash Patel\Application Data\Sun
2008-01-03 22:08:50 0 d

C:\Program Files\Java
2008-01-03 22:07:20 0 d

C:\Program Files\Common Files\Java
2008-01-03 17:01:19 0 d

C:\Documents and Settings\Vash Patel\Application Data\DivX
2008-01-02 20:37:41 0 d

C:\Program Files\Microsoft Games
2008-01-02 20:19:42 0 d

C:\Documents and Settings\Vash Patel\My Games
2008-01-02 20:19:34 0 d

C:\Documents and Settings\All Users\Microsoft
2008-01-02 20:14:08 0 d--h

C:\WINDOWS\msdownld.tmp
2008-01-02 20:13:13 0 d

C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-01-02 20:06:44 0 d--hs---- C:\WINDOWS\ftpcache
2008-01-02 18:48:44 0 d

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-02 18:25:57 0 d

C:\Documents and Settings\Vash Patel\Application Data\vlc
2008-01-02 16:27:18 0 dr

C:\Documents and Settings\Vash Patel\Application Data\Brother
2008-01-02 16:15:36 50 --a

C:\WINDOWS\system32\bridf06a.dat
2008-01-02 16:15:10 52736 --a

C:\WINDOWS\system32\brinsstr.dll <Not Verified; Brother Industries,Ltd.; Brother MFL-Pro>
2008-01-02 16:15:07 188416

n--- C:\WINDOWS\system32\PDRVINST.DLL <Not Verified; brother; installer>
2008-01-02 16:15:07 34816

n--- C:\WINDOWS\system32\BrWiaNCp.dll <Not Verified; Brother Industries,Ltd.; Brother MFC Network Scanner>
2008-01-02 16:15:07 69632

n--- C:\WINDOWS\system32\BRWEBUP.EXE <Not Verified; brother; brother brwebup>
2008-01-02 16:15:07 86016

n--- C:\WINDOWS\system32\BrWebIns.dll <Not Verified; brother; brother BrWebIns>
2008-01-02 16:15:07 37376

n--- C:\WINDOWS\system32\Brnsplg.dll <Not Verified; Brother Industries,Ltd; Brother Insustries,Ltd>
2008-01-02 16:15:07 54784

n--- C:\WINDOWS\system32\BrNetSti.dll <Not Verified; Brother Industries, Ltd.; Brother Industries, Ltd.>
2008-01-02 16:15:03 1492480 --a

C:\WINDOWS\system32\BrWia06a.dll <Not Verified; Brother Industries, Ltd.; Brother Industries, Ltd.>
2008-01-02 16:15:02 0 d

C:\Brother
2008-01-02 16:15:01 163840

n--- C:\WINDOWS\system32\NSSearch.dll <Not Verified; brother; brother NSSearch>
2008-01-02 16:15:01 106496

n--- C:\WINDOWS\system32\BrMuSNMP.dll
2008-01-02 16:15:01 53248

n--- C:\WINDOWS\system32\BrMfNt.dll <Not Verified; Brother Industries,LTD.; Brother BrMfNt>
2008-01-02 16:15:01 126976

n--- C:\WINDOWS\system32\BrfxD05a.dll <Not Verified; Brother Industries,LTD; Brother PC-FAX DIAL Dynamic Link Library>
2008-01-02 16:15:01 147456 --a

C:\WINDOWS\brunin03.dll <Not Verified; Brother Industries,Ltd.; Brother MFL-Pro>
2008-01-02 16:15:01 0 --a

C:\WINDOWS\brdfxspd.dat
2008-01-02 16:15:01 0 d

C:\Program Files\Brother
2008-01-02 16:11:02 0 d

C:\Documents and Settings\All Users\Application Data\Brother
2008-01-02 16:07:53 0 d

C:\Program Files\CCleaner
2008-01-02 16:04:45 0 d

C:\Program Files\Steam
2008-01-02 15:59:01 0 d

C:\Program Files\BearShare
2008-01-02 15:41:33 1288 --a

C:\WINDOWS\mozver.dat
2008-01-02 15:26:16 0 d

C:\Program Files\PeerGuardian2
2008-01-02 15:22:26 0 d

C:\Documents and Settings\Vash Patel\Application Data\Google
2008-01-02 15:21:30 0 d

C:\Program Files\Trillian
2008-01-02 15:17:45 0 d

C:\Program Files\VideoLAN
2008-01-02 15:16:59 0 d

C:\Program Files\MP3Gain
2008-01-02 15:15:32 0 d

C:\Program Files\Google
2008-01-02 15:14:35 0 d

C:\Program Files\DivX
2008-01-01 21:55:48 0 d

C:\Program Files\Synaptics
2008-01-01 21:51:16 0 --a

C:\WINDOWS\nsreg.dat
2008-01-01 21:51:12 0 d

C:\Documents and Settings\Vash Patel\Application Data\Mozilla
2008-01-01 21:46:14 0 d

C:\WINDOWS\network diagnostic
2008-01-01 21:44:32 0 d

C:\WINDOWS\RegisteredPackages
2008-01-01 21:43:26 0 d

C:\Program Files\Winamp
2008-01-01 21:43:26 0 d

C:\Documents and Settings\Vash Patel\Application Data\Winamp
2008-01-01 21:42:44 270336 --a

C:\ID3Remover.exe <Not Verified; Markus Eriksson; ID3Remover>
2008-01-01 21:42:44 0 d

C:\Documents and Settings\Vash Patel\Application Data\WinRAR
2008-01-01 21:29:39 0 d

C:\My Downloads
2008-01-01 20:42:17 0 d

C:\WINDOWS\system32\PreInstall
2008-01-01 20:38:53 0 d--h

C:\WINDOWS\$hf_mig$
2008-01-01 20:37:40 0 d

C:\WINDOWS\system32\Lang
2008-01-01 20:35:54 49152 --a

C:\WINDOWS\system32\ChCfg.exe
2008-01-01 20:35:32 0 d

C:\WINDOWS\system32\RTCOM
2008-01-01 20:34:49 520192 --a

C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-01-01 20:34:49 315392 --a

C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-01-01 20:14:39 0 d

C:\Documents and Settings\Vash Patel\Application Data\Adobe
2008-01-01 20:14:24 0 d

C:\Documents and Settings\Vash Patel\Application Data\Macromedia
2008-01-01 20:12:43 0 d

C:\WINDOWS\system32\SoftwareDistribution
2008-01-01 20:12:36 0 d--hs---- C:\Documents and Settings\Vash Patel\UserData
2008-01-01 20:10:20 0 d

C:\WINDOWS\system32\ReinstallBackups
2008-01-01 20:10:17 53248 --a

C:\WINDOWS\system32\CSVer.dll <Not Verified; Windows XP Bundled build C-Centric Single User; Windows XP Bundled build C-Centric Single User CSVer>
2008-01-01 20:10:17 0 d

C:\Program Files\Intel
2008-01-01 20:10:02 0 d

C:\Intel
2008-01-01 20:09:27 0 d

C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-01-01 20:07:35 1626112 --a

C:\WINDOWS\system32\nwiz.exe
2008-01-01 20:07:35 1019904 --a

C:\WINDOWS\system32\nvwimg.dll
2008-01-01 20:07:35 1703936 --a

C:\WINDOWS\system32\nvwdmcpl.dll
2008-01-01 20:07:35 466944 --a

C:\WINDOWS\system32\nvshell.dll
2008-01-01 20:07:34 1474560 --a

C:\WINDOWS\system32\nview.dll
2008-01-01 20:07:34 1339392 --a

C:\WINDOWS\system32\nvdspsch.exe
2008-01-01 20:07:34 442368 --a

C:\WINDOWS\system32\nvappbar.exe
2008-01-01 20:07:34 425984 --a

C:\WINDOWS\system32\keystone.exe
2008-01-01 20:07:34 0 d

C:\WINDOWS\nview
2008-01-01 20:07:12 0 d

C:\Program Files\Common Files\InstallShield
2008-01-01 20:06:39 286720 --a

C:\WINDOWS\system32\nvnt4cpl.dll
2008-01-01 20:05:40 0 d

C:\WINDOWS\OPTIONS
2008-01-01 20:05:40 0 d

C:\Program Files\Realtek
2008-01-01 20:05:40 0 d--h

C:\Program Files\InstallShield Installation Information
2008-01-01 20:05:30 0 d

C:\Documents and Settings\Vash Patel\Application Data\InstallShield
2008-01-01 20:04:22 0 d

c- C:\WINDOWS\system32\DRVSTORE
2008-01-01 20:03:26 0 d

C:\Documents and Settings\Vash Patel\Application Data\Identities
2008-01-01 20:03:20 0 d---s---- C:\Documents and Settings\Vash Patel\Favorites
2008-01-01 20:03:20 0 d

C:\Documents and Settings\Vash Patel\Desktop
2008-01-01 20:03:20 0 d--hs---- C:\Documents and Settings\Vash Patel\Cookies
2008-01-01 20:03:20 0 dr-h

C:\Documents and Settings\Vash Patel\Application Data
2008-01-01 20:03:19 0 d--h

C:\Documents and Settings\Vash Patel\Templates
2008-01-01 20:03:19 0 dr

C:\Documents and Settings\Vash Patel\Start Menu
2008-01-01 20:03:19 0 dr-h

C:\Documents and Settings\Vash Patel\SendTo
2008-01-01 20:03:19 0 d--h

C:\Documents and Settings\Vash Patel\PrintHood
2008-01-01 20:03:19 2621440 --ah

C:\Documents and Settings\Vash Patel\NTUSER.DAT
2008-01-01 20:03:19 0 d--h

C:\Documents and Settings\Vash Patel\NetHood
2008-01-01 20:03:19 0 dr

C:\Documents and Settings\Vash Patel\My Documents
2008-01-01 20:03:19 0 d--h

C:\Documents and Settings\Vash Patel\Local Settings
2008-01-01 20:02:30 0 d

C:\WINDOWS\SoftwareDistribution
2008-01-01 20:02:27 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-01-01 20:02:27 0 d

C:\WINDOWS\Prefetch
2008-01-01 20:02:26 262144 --ah

C:\Documents and Settings\LocalService\NTUSER.DAT
2008-01-01 20:02:26 0 d--h

C:\Documents and Settings\LocalService\Local Settings
2008-01-01 20:02:26 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-01-01 20:02:26 0 d

C:\Documents and Settings\LocalService\Application Data
2008-01-01 20:02:26 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-01-01 20:02:12 225280 --ah

C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-01-01 20:02:12 0 d--h

C:\Documents and Settings\NetworkService\Local Settings
2008-01-01 20:02:12 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-01-01 20:02:12 0 d

C:\Documents and Settings\NetworkService\Application Data
2008-01-01 20:02:12 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-01-01 19:59:01 0 d

C:\WINDOWS\system32\xircom
2008-01-01 19:59:01 0 d

C:\Program Files\microsoft frontpage
2008-01-01 19:58:58 225280 ---h

C:\Documents and Settings\Default User\NTUSER.DAT
2008-01-01 19:58:50 0 -rahs---- C:\MSDOS.SYS
2008-01-01 19:58:50 0 -rahs---- C:\IO.SYS
2008-01-01 19:58:50 0 --a

C:\CONFIG.SYS
2008-01-01 19:58:50 0 --a

C:\AUTOEXEC.BAT
2008-01-01 19:57:59 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-01-01 19:57:50 0 dr

C:\WINDOWS\Offline Web Pages
2008-01-01 19:57:50 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-01-01 19:57:40 0 d--h

C:\Program Files\WindowsUpdate
2008-01-01 19:57:18 0 d

C:\WINDOWS\system32\DirectX
2008-01-01 19:56:42 0 d---s---- C:\WINDOWS\Tasks
2008-01-01 19:56:41 0 d

C:\Program Files\Common Files\MSSoap
2008-01-01 19:56:36 0 d

C:\WINDOWS\system32\Macromed
2008-01-01 19:56:36 0 d

C:\WINDOWS\srchasst
2008-01-01 19:56:27 0 d

C:\Program Files\Movie Maker
2008-01-01 19:56:18 0 d

C:\WINDOWS\system32\Restore
2008-01-01 19:55:57 21640 --a

C:\WINDOWS\system32\emptyregdb.dat
2008-01-01 19:55:36 0 d

C:\WINDOWS\Registration
2008-01-01 19:55:07 0 d

C:\Program Files\Online Services
2008-01-01 19:55:01 0 d

C:\Program Files\Messenger
2008-01-01 19:54:57 0 d

C:\Program Files\MSN Gaming Zone
2008-01-01 19:54:14 0 d

C:\Program Files\Windows NT
2008-01-01 19:54:11 0 d

C:\WINDOWS\system32\MsDtc
2008-01-01 19:54:09 0 d

C:\WINDOWS\system32\Com
2008-01-01 14:46:50 0 d--hs---- C:\WINDOWS\Installer
2008-01-01 14:46:49 0 d

C:\Program Files\Common Files\ODBC
2008-01-01 14:46:46 0 d

C:\Program Files\Common Files\SpeechEngines
2008-01-01 14:46:45 0 dr

C:\Program Files
2008-01-01 14:46:45 0 d

C:\Program Files\Common Files
2008-01-01 14:46:17 0 d--h

C:\Documents and Settings\Default User\Templates
2008-01-01 14:46:17 0 dr

C:\Documents and Settings\Default User\Start Menu
2008-01-01 14:46:17 0 dr-h

C:\Documents and Settings\Default User\SendTo
2008-01-01 14:46:17 0 d--h

C:\Documents and Settings\Default User\Recent
2008-01-01 14:46:17 0 d--h

C:\Documents and Settings\Default User\PrintHood
2008-01-01 14:46:17 0 d--h

C:\Documents and Settings\Default User\NetHood
2008-01-01 14:46:17 0 d

C:\Documents and Settings\Default User\My Documents
2008-01-01 14:46:17 0 dr-h

C:\Documents and Settings\Default User\Local Settings
2008-01-01 14:46:17 0 d

C:\Documents and Settings\Default User\Favorites
2008-01-01 14:46:17 0 d

C:\Documents and Settings\Default User\Desktop
2008-01-01 14:46:17 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-01-01 14:46:17 0 d--h

C:\Documents and Settings\All Users\Templates
2008-01-01 14:46:17 0 dr

C:\Documents and Settings\All Users\Start Menu
2008-01-01 14:46:17 0 d

C:\Documents and Settings\All Users\Favorites
2008-01-01 14:46:17 0 dr

C:\Documents and Settings\All Users\Documents
2008-01-01 14:46:17 0 d

C:\Documents and Settings\All Users\Desktop
2008-01-01 14:46:05 0 d

C:\WINDOWS\system32\CatRoot2
2008-01-01 14:46:05 0 d

C:\WINDOWS\system32\CatRoot
2008-01-01 14:45:59 0 dr-h

C:\Documents and Settings\Default User\Application Data
2008-01-01 14:45:59 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-01-01 14:45:59 0 dr-h

C:\Documents and Settings\All Users\Application Data
2008-01-01 14:45:59 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-01-01 14:45:29 0 d--hs---- C:\System Volume Information
2008-01-01 14:45:29 0 d

C:\Documents and Settings
2008-01-01 14:37:29 0 d

C:\WINDOWS
2008-01-01 14:37:29 0 d

C:\WINDOWS\WinSxS
2008-01-01 14:37:29 0 dr

C:\WINDOWS\Web
2008-01-01 14:37:29 0 d

C:\WINDOWS\twain_32
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\wins
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\wbem
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\usmt
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\spool
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\ShellExt
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\Setup
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\ras
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\oobe
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\npp
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\mui
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\inetsrv
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\IME
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\icsxml
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\ias
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\export
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\drivers
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\drivers\etc
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\drivers\disdn
2008-01-01 14:37:29 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\dhcp
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\config
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\3com_dmi
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\3076
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\2052
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1054
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1042
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1041
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1037
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1033
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1031
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1028
2008-01-01 14:37:29 0 d

C:\WINDOWS\system32\1025
2008-01-01 14:37:29 0 d

C:\WINDOWS\system
2008-01-01 14:37:29 0 d

C:\WINDOWS\security
2008-01-01 14:37:29 0 d

C:\WINDOWS\Resources
2008-01-01 14:37:29 0 d

C:\WINDOWS\repair
2008-01-01 14:37:29 0 d

C:\WINDOWS\Provisioning
2008-01-01 14:37:29 0 d

C:\WINDOWS\PeerNet
2008-01-01 14:37:29 0 d

C:\WINDOWS\pchealth
2008-01-01 14:37:29 0 d

C:\WINDOWS\mui
2008-01-01 14:37:29 0 d

C:\WINDOWS\msapps
2008-01-01 14:37:29 0 d

C:\WINDOWS\msagent
2008-01-01 14:37:29 0 d

C:\WINDOWS\Media
2008-01-01 14:37:29 0 d

C:\WINDOWS\java
2008-01-01 14:37:29 0 d--h

C:\WINDOWS\inf
2008-01-01 14:37:29 0 d

C:\WINDOWS\ime
2008-01-01 14:37:29 0 d

C:\WINDOWS\Help
2008-01-01 14:37:29 0 dr--s---- C:\WINDOWS\Fonts
2008-01-01 14:37:29 0 d

C:\WINDOWS\Driver Cache
2008-01-01 14:37:29 0 d

C:\WINDOWS\Debug
2008-01-01 14:37:29 0 d

C:\WINDOWS\Cursors
2008-01-01 14:37:29 0 d

C:\WINDOWS\Connection Wizard
2008-01-01 14:37:29 0 d

C:\WINDOWS\Config
2008-01-01 14:37:29 0 d

C:\WINDOWS\AppPatch
2008-01-01 14:37:29 0 d

C:\WINDOWS\addins

-- Find3M Report

2008-01-01 14:46:17 62 --ahs---- C:\Documents and Settings\Vash Patel\Application Data\desktop.ini
2007-12-03 20:33:18 802816 --a

C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-12-03 20:33:18 823296 --a

C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 20:33:18 823296 --a

C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 20:33:16 682496 --a

C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-11-29 17:30:28 3596288 --a

C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 17:28:24 196608 --a

C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-11-29 17:28:24 81920 --a

C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-11-28 16:52:32 12288 --a

C:\WINDOWS\system32\DivXWMPExtType.dll

-- Registry Dump

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [12/06/2007 05:20 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [11/11/2007 12:51 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 01/12/2008 08:28 PM 9216 C:\WINDOWS\system32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2e721da9-c207-11dc-a1d2-0016d4fbe1d1}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

-- End of Deckard's System Scanner: finished at 2008-01-13 21:53:49

Extra:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.

-- System Information

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 CPU T5300 @ 1.73GHz
CPU 1: Intel(R) Core(TM)2 CPU T5300 @ 1.73GHz
Percentage of Memory in Use: 13%
Physical Memory (total/avail): 3070.04 MiB / 2649.47 MiB
Pagefile Memory (total/avail): 4960.04 MiB / 4625.15 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.02 MiB

C: is Fixed (NTFS) - 186.3 GiB total, 132.84 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - TOSHIBA MK2035GSS - 186.31 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 186.3 GiB - C:

-- Security Center

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntivirusOverride is set.
FirewallOverride is set.

FW: AVG Firewall 7.5.500 v7.5.500 (@Company_Name)
AV: AVG 7.5.516 v7.5.516 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"

-- Environment Variables

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Vash Patel\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=GTM-EC5B928869A
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Vash Patel
LOGONSERVER=\\GTM-EC5B928869A
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\VASHPA~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\VASHPA~1\LOCALS~1\Temp
USERDOMAIN=GTM-EC5B928869A
USERNAME=Vash Patel
USERPROFILE=C:\Documents and Settings\Vash Patel
windir=C:\WINDOWS

-- User Profiles

Vash Patel (admin)

-- Add/Remove Programs

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\NuNInst.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Audition 3.0 --> msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
BearShare --> C:\PROGRA~1\BEARSH~1\UNWISE.EXE C:\PROGRA~1\BEARSH~1\INSTALL.LOG
Brother MFL-Pro Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x9 Brunin03.dll -removeonly
Call of Duty 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/2630
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Counter-Strike --> "C:\Program Files\Steam\steam.exe" steam://uninstall/10
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Video Joiner 5.21 --> "C:\Program Files\Easy Video Joiner\unins000.exe"
Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Half-Life 2 --> "C:\Program Files\Steam\steam.exe" steam://uninstall/220
Half-Life(R) 2 --> MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
IconPackager --> C:\PROGRA~1\Stardock\OBJECT~1\ICONPA~1\iconpackager.exe /uninstallwise
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Lugaru v1.05 --> "C:\Program Files\Lugaru\unins000.exe"
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 8 --> MsiExec.exe /X{B944FA21-81AF-4A77-8328-CE4F4CC51033}
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oblivion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9 -removeonly
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver --> C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
Trillian --> C:\Program Files\Trillian\trillian.exe /uninstall
Unlocker 1.8.5 --> C:\Program Files\Unlocker\uninst.exe
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
VirtualCloneDrive --> "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

-- Application Event Log

Event Record #/Type297 / Error
Event Submitted/Written: 01/13/2008 09:52:16 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type296 / Error
Event Submitted/Written: 01/13/2008 09:52:16 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type295 / Error
Event Submitted/Written: 01/13/2008 09:52:16 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

Event Record #/Type294 / Error
Event Submitted/Written: 01/13/2008 09:51:44 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type293 / Error
Event Submitted/Written: 01/13/2008 09:51:42 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

-- Security Event Log

No Errors/Warnings found.

-- System Event Log

Event Record #/Type2563 / Error
Event Submitted/Written: 01/13/2008 09:45:46 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service failed to start due to the following error:
%%3

Event Record #/Type2544 / Error
Event Submitted/Written: 01/13/2008 02:25:38 PM
Event ID/Source: 1002 / Dhcp
Event Description:
The IP address lease 192.168.1.101 for the Network Card with network address 0016D4FBE1D1 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Event Record #/Type2543 / Warning
Event Submitted/Written: 01/13/2008 02:25:35 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0016D4FBE1D1. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type2537 / Error
Event Submitted/Written: 01/13/2008 01:50:02 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the service.

Event Record #/Type2536 / Error
Event Submitted/Written: 01/13/2008 01:49:32 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the AVP service.

-- End of Deckard's System Scanner: finished at 2008-01-13 21:52:54

Trogan · January 2008

DSS is showing up clean.

Your computer is free of any malware according to the logs, but I don't know what's the problems.

V-P · January 2008

Trogan wrote:

DSS is showing up clean.

Your computer is free of any malware according to the logs, but I don't know what's the problems.

Well we can at least say I don't need any firewalls.

Trogan · January 2008

That is your choice.

My PC is acting strange

Comments