Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't Open Internet Explorer7


  • This topic is locked This topic is locked
3 replies to this topic

#1 Harly9

Harly9

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 27 May 2008 - 06:59 PM

Since yesterday I have been unable to open IE at all. It immediately gives me a message saying "Internet Explorer has stopped working and will now close..." which it does with no solution found. I have reset IE to it's defaults and tried to open it with no addons without any luck. I even restored my computer to a point before I installed the last item, which was an update to Adobe's Shockwave Player. Nothing has changed my inability to start IE. I am running Vista Home Basic with Windows Firewall and Defender on as default. The only thing I can think of is my nephew installing something when I left the computer running while away for the weekend (although nothing shows up in Add and Remove Programs). That said, here are my DSS logs. Any help will be greatly appreciated.

Deckard's System Scanner v20071014.68
Run by Ken on 2008-05-27 18:33:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
12: 2008-05-27 22:55:50 UTC - RP732 - ComboFix created restore point
11: 2008-05-27 03:05:14 UTC - RP731 - Restore Operation
10: 2008-05-27 01:57:27 UTC - RP730 - Shockwave Player
9: 2008-05-26 21:00:48 UTC - RP728 - Scheduled Checkpoint
8: 2008-05-25 08:16:28 UTC - RP727 - Scheduled Checkpoint


-- First Restore Point --
1: 2008-05-21 05:25:26 UTC - RP720 - Installed VersaCheck ActiveCheck Server


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-27 18:37:00
Platform: Windows Vista Service Pack 1 (6.00.6001)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\System32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\BPK\bpk.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Users\Ken\Desktop\dss.exe
C:\Windows\System32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - C:\Program Files\BPK\bpkwb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [bpk] C:\Program Files\BPK\bpk.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html (file missing)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/7.../OGAControl.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/5/b...heckControl.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/...NPUplden-us.cab
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/instal...osticsVista.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://premium1.tds.net/files/tds/onlinescanner/fscax.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://spike.tomotherapy.com/dana-cached/s...perSetupSP1.cab
O18 - Protocol: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\Windows\System32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: cfm - Unknown owner - C:\Windows\System32\cfmom.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\System32\CTSVCCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\System32\drivers\XAudio.exe


--
End of file - 11673 bytes

-- HijackThis Fixed Entries (C:\HiJackThis\backups\) ---------------------------

backup-20070421-011833-548 O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\Windows\system32\mwwthtat.dll
backup-20070421-013052-126 O13 - Gopher Prefix:
backup-20070506-121532-437 O20 - Winlogon Notify: byxuvst - C:\Windows\SYSTEM32\byxuvst.dll
backup-20070506-121533-497 O20 - Winlogon Notify: qoppoon - C:\Windows\SYSTEM32\qoppoon.dll
backup-20070506-121634-105 O20 - Winlogon Notify: qoppoon - C:\Windows\SYSTEM32\qoppoon.dll
backup-20070521-125523-215 O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\Windows\system32\slhiygmf.dll (file missing)
backup-20070521-125523-459 O2 - BHO: (no name) - {99C6E605-5BC0-4014-9510-DD91576FF949} - C:\Windows\system32\ljjkk.dll
backup-20070521-125523-763 O20 - Winlogon Notify: ljjkk - C:\Windows\system32\ljjkk.dll
backup-20070521-125523-820 O2 - BHO: (no name) - {6418E868-1DCB-4225-ACAF-30ABB940A2EB} - C:\Windows\system32\qoppoon.dll
backup-20070521-125523-911 O20 - Winlogon Notify: qoppoon - C:\Windows\SYSTEM32\qoppoon.dll
backup-20070521-125523-949 O4 - HKLM\..\Run: [setup] rundll32.exe "C:\Windows\system32\fyltyrfh.dll",realset
backup-20070521-125717-209 O2 - BHO: (no name) - {C3BF0895-D3FC-40C8-B074-81330A992200} - C:\Windows\system32\ljjkk.dll
backup-20070521-125717-596 O20 - Winlogon Notify: ljjkk - C:\Windows\system32\ljjkk.dll
backup-20070522-113022-202 O2 - BHO: (no name) - {55DB983C-BDBF-426f-86F0-187B02DDA39B} - C:\Windows\system32\xuofoktu.dll
backup-20070522-113022-712 O2 - BHO: (no name) - {7B00424E-3AD9-41BF-9402-1AEF6617DA05} - C:\Windows\system32\ljjkk.dll
backup-20070522-113022-863 O20 - Winlogon Notify: ljjkk - C:\Windows\system32\ljjkk.dll
backup-20070522-124903-650 O2 - BHO: (no name) - {7B00424E-3AD9-41BF-9402-1AEF6617DA05} - C:\Windows\system32\ljjkk.dll (file missing)
backup-20070525-125206-120 O4 - HKLM\..\Run: [setup] rundll32.exe "C:\Windows\system32\pewbhfln.dll",realset
backup-20070627-130943-712 O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\Windows\system32\pkptixxa.dll",realset
backup-20070627-131026-902 O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\Windows\system32\vvfeabjm.dll
backup-20071011-051145-688 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071011-051145-911 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20071011-052315-121 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
backup-20071011-052315-470 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20071011-052315-636 O1 - Hosts: ::1 localhost
backup-20071011-052315-765 O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
backup-20071016-012251-232 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071106-055926-416 O2 - BHO: (no name) - {AEE735DE-13F0-4FCE-97C9-EB8FB82FC265} - C:\Windows\system32\aurifgrg.dll
backup-20071108-181012-353 O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe
backup-20071108-181012-542 O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
backup-20071108-181012-563 O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
backup-20071108-181012-595 O4 - HKCU\..\Run: [Yyurl] C:\Users\Ken\Documents\??curity\m?hta.exe
backup-20071108-181012-599 O4 - HKCU\..\Run: [Words] C:\Program Files\Words\Words.exe
backup-20071108-181012-668 O4 - HKCU\..\Run: [okwr] C:\PROGRA~1\COMMON~1\okwr\okwrm.exe
backup-20071108-181012-773 O4 - HKCU\..\Run: [Ieuu] "C:\Users\Ken\AppData\Roaming\CROSOF~1.NET\dexplore.exe" -vt yazb
backup-20071108-181012-783 O4 - HKLM\..\Run: [runner1] C:\Windows\mrofinu173.exe 61A847B5BBF728133598284503996897C881250221C8670836AC4FA7C88332017491394661A64DB7C8F0287E55C266022DBE528F9FC17D446BC57D5775FA0FB68AD6
backup-20071108-181012-862 O4 - HKCU\..\Run: [WinTouch] C:\Users\Ken\AppData\Roaming\WinTouch\WinTouch.exe
backup-20071108-181012-866 O2 - BHO: (no name) - {C2DDD333-15AF-3F5C-8929-3CE679810892} - C:\Windows\system32\iktquc.dll
backup-20071108-181012-958 O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
backup-20071108-181012-999 O4 - HKCU\..\Run: [SfKg6w] C:\Users\Ken\AppData\Roaming\Microsoft\Windows\rayiou.exe
backup-20071108-182055-635 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071108-182055-862 O4 - HKLM\..\RunOnce: [RemoveInstallPath] cmd.exe C:\Windows\system32\cmd.exe /c rmdir /S /Q "C:\PROGRA~1\Words" > nul
backup-20071108-182208-473 O23 - Service: Command Service (cmdService) - Unknown owner - C:\Windows\S2Vu\command.exe
backup-20071108-182208-851 O23 - Service: DomainService - - C:\Windows\system32\khxpbrsv.exe
backup-20071113-000641-104 O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)
backup-20071113-000641-470 O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\Windows\system32\WinNB58.dll
backup-20071113-000641-543 O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
backup-20071113-000641-584 O23 - Service: DomainService - - C:\Windows\system32\gmdkgcbl.exe
backup-20071113-000641-637 O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
backup-20071113-000641-666 O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\Windows\system32\WinNB58.dll
backup-20071113-000641-700 O4 - HKLM\..\Run: [tejeduta] C:\Program Files\Reference Assemblies\tejeduta77798.exe
backup-20071113-000641-784 O4 - HKLM\..\Run: [runner1] C:\Windows\mrofinu173.exe 61A847B5BBF728133598284503996897C881250221C8670836AC4FA7C8833201749139
backup-20071113-000641-825 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071113-000641-836 O15 - Trusted Zone: http://click.getmirar.com (HKLM)
backup-20071115-214653-795 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071125-181416-937 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071125-181747-499 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071125-182110-470 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071125-182224-764 O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
backup-20071125-183531-424 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20071126-214309-232 O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
backup-20071126-214310-112 O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
backup-20071211-054200-318 O3 - Toolbar: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - c:\program files\peoplepc\toolbar\PPCToolbar.dll
backup-20071211-054200-722 O2 - BHO: PeoplePC FixedBandBHO - {3DE88907-3E38-11D4-BEB2-CBE76C0598DD} - C:\Program Files\ISP50\bin\BandObject.dll
backup-20071211-054200-798 O2 - BHO: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - c:\program files\peoplepc\toolbar\PPCToolbar.dll
backup-20071223-134051-385 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
backup-20080320-180110-213 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
backup-20080320-180110-223 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
backup-20080320-180110-298 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
backup-20080320-180110-398 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
backup-20080320-180110-697 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
backup-20080320-180110-832 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
backup-20080401-050612-224 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
backup-20080420-232645-200 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20080514-015112-454 O4 - HKLM\..\Run: [mscdti] C:\Windows\cdti.exe /nosrv
backup-20080514-015112-794 O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
backup-20080514-015112-890 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
backup-20080517-191122-685 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
backup-20080517-191123-375 O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
backup-20080517-191123-623 O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
backup-20080517-200733-249 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
backup-20080517-200733-382 O23 - Service: cfm - Unknown owner - C:\Windows\system32\cfmom.exe
backup-20080517-200733-603 O4 - HKLM\..\Run: [mscdti] C:\Windows\cdti.exe /nosrv
backup-20080527-175022-172 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20080527-175022-511 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080527-175054-516 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080527-175054-702 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shlddrv.sys <Not Verified; Panda Software; Panda®Shield>
R1 VClone - c:\windows\system32\drivers\vclone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
R3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S2 PavProc (Panda Process Protection Driver) - \??\c:\windows\system32\drivers\pavproc.sys
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - \??\c:\windows\system32\drivers\nsdriver.sys
S3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - \??\c:\windows\system32\drivers\awrtpd.sys
S3 Ad-Watch Registry Filter (Ad-Watch Registry Kernel Filter) - \??\c:\windows\system32\drivers\awrtrd.sys
S3 usbsermptxp (Motorola USB Modem Driver for MPT XP) - c:\windows\system32\drivers\usbsermptxp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>

S2 ACS (TP-LINK Configuration Service) - c:\windows\system32\acs.exe
S2 PavPrSrv (Panda Process Protection Service) - "c:\program files\common files\panda software\pavshld\pavprsrv.exe" <Not Verified; Panda Software; PandaShield>
S4 cfm - c:\windows\system32\cfmom.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-05-27 17:04:24 414 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{B59E0071-C2D7-40DD-97DB-85DCC5B2B5AA}.job
2008-05-09 20:33:51 386 --a------ C:\Windows\Tasks\1-Click Maintenance.job


-- Files created between 2008-04-27 and 2008-05-27 -----------------------------

2008-05-27 18:12:52 161792 --a------ C:\Windows\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-05-26 20:58:49 0 d-------- C:\Windows\system32\Adobe
2008-05-25 12:40:35 0 d-------- C:\Program Files\Autorun Eater
2008-05-25 00:02:13 98304 --a------ C:\Windows\system32\qttask.exe <Not Verified; Apple Computer, Inc.; QuickTime>
2008-05-24 23:58:37 0 d-------- C:\Windows\system32\QuickTime
2008-05-24 23:58:33 1122304 --a------ C:\Windows\system32\mplvpx.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-05-24 23:58:33 1552384 --a------ C:\Windows\system32\mplvm6.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-05-24 23:58:32 1581056 --a------ C:\Windows\system32\mplvw7.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-05-24 23:58:32 1650688 --a------ C:\Windows\system32\mplva6.dll <Not Verified; Ligos Corporation; MPL Video Library>
2008-05-24 23:58:32 77824 --a------ C:\Windows\system32\mplaw7.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-05-24 23:58:32 65536 --a------ C:\Windows\system32\mplapx.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-05-24 23:58:32 65536 --a------ C:\Windows\system32\mplam6.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-05-24 23:58:32 77824 --a------ C:\Windows\system32\mplaa6.dll <Not Verified; Ligos Corporation; MPL Audio Library>
2008-05-24 23:58:32 19968 --a------ C:\Windows\system32\cpuinf32.dll
2008-05-24 23:58:31 152064 --a------ C:\Windows\system32\unrar.dll
2008-05-24 23:58:29 761856 --a------ C:\Windows\system32\xvidcore.dll
2008-05-24 23:58:25 0 d-------- C:\Program Files\ACE Mega CoDecS Pack
2008-05-24 23:32:14 0 d-------- C:\Program Files\Ligos
2008-05-24 21:53:54 0 d-------- C:\Program Files\Adobe Media Player
2008-05-24 21:53:50 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-05-24 20:11:57 0 d-------- C:\Program Files\Common Files\PX Storage Engine
2008-05-24 20:11:51 0 d-------- C:\Program Files\DivX
2008-05-22 19:18:00 0 d-------- C:\Users\All Users\Apple
2008-05-22 19:18:00 0 d-------- C:\Program Files\Apple Software Update
2008-05-21 00:06:51 0 d-------- C:\Program Files\Common Files\G7PS Shared
2008-05-21 00:04:15 0 d-------- C:\Users\All Users\G7PS
2008-05-21 00:03:51 0 d-------- C:\Program Files\gs
2008-05-21 00:03:51 0 d-------- C:\Program Files\Common Files\G7PS
2008-05-21 00:03:31 0 d-------- C:\Program Files\G7PS
2008-05-20 23:58:58 0 d-------- C:\Windows\system32\URTTEMP
2008-05-19 20:43:16 0 d-------- C:\Users\All Users\Simple Star Shared
2008-05-19 20:43:14 0 d-------- C:\Program Files\Common Files\Simple Star Shared
2008-05-18 17:39:15 0 d-------- C:\Program Files\Wyzo
2008-05-18 15:56:08 0 d-------- C:\Program Files\eToro
2008-05-18 15:43:43 0 d-------- C:\Program Files\QuickTime
2008-05-18 15:43:39 0 d-------- C:\Users\All Users\Apple Computer
2008-05-18 14:19:51 0 d-------- C:\Program Files\Swypeout Battle Racing
2008-05-18 14:00:50 0 d-------- C:\Users\All Users\{3792767E-9C51-403C-A990-3BFBBB5850FF}
2008-05-18 05:48:01 20480 --a------ C:\Windows\system32\SysRestore.dll <Not Verified; Ascentive LLC; prjSysRestore>
2008-05-18 05:48:00 208896 --a------ C:\Windows\system32\ConTest.dll <Not Verified; Ascentive; ConnectionTester>
2008-05-17 19:47:12 1483284 --a------ C:\Windows\system32\cfmom.exe
2008-05-17 19:47:12 1483284 --a------ C:\Windows\cdti.exe
2008-05-14 17:27:55 0 d-------- C:\Program Files\Recover Files
2008-05-14 02:18:35 5776 --a------ C:\Windows\ upd.dll
2008-05-14 02:10:06 53248 --a------ C:\Windows\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-05-14 02:02:31 68096 --a------ C:\Windows\zip.exe
2008-05-14 02:02:31 49152 --a------ C:\Windows\VFind.exe
2008-05-14 02:02:31 136704 --a------ C:\Windows\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-05-14 02:02:31 98816 --a------ C:\Windows\sed.exe
2008-05-14 02:02:31 80412 --a------ C:\Windows\grep.exe
2008-05-14 02:02:31 73728 --a------ C:\Windows\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-05-14 02:02:00 212480 --a------ C:\Windows\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-05-14 01:28:25 467968 --a------ C:\Windows\ IEXPLORE.EXE
2008-05-14 01:08:45 0 d-------- C:\Program Files\Smart PC Solutions
2008-05-14 01:02:22 0 d-------- C:\Downloads
2008-05-14 00:39:25 0 d-------- C:\Program Files\Data Doctor Recovery Digital Camera (Demo)
2008-05-13 23:43:13 0 d-------- C:\Program Files\Memory Card Data Recovery (Demo)
2008-05-12 20:53:16 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2008-05-12 20:50:16 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-12 20:50:16 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-02 20:48:31 0 d-------- C:\Program Files\Security Task Manager


-- Find3M Report ---------------------------------------------------------------

2008-05-27 18:36:16 0 d-------- C:\Program Files\BPK
2008-05-26 19:16:25 40 --a------ C:\Windows\popcinfo.dat
2008-05-25 17:39:16 0 d-------- C:\Program Files\Microsoft Silverlight
2008-05-24 21:59:08 0 d-------- C:\Users\Ken\AppData\Roaming\DivX
2008-05-24 21:54:05 0 d-------- C:\Users\Ken\AppData\Roaming\Adobe
2008-05-24 21:53:50 0 d-------- C:\Program Files\Common Files
2008-05-24 21:24:41 0 d-------- C:\Program Files\LimeWire
2008-05-24 21:24:12 0 d-------- C:\Users\Ken\AppData\Roaming\LimeWire
2008-05-21 00:07:21 0 d-------- C:\Users\Ken\AppData\Roaming\G7PS
2008-05-20 23:01:18 0 d-------- C:\Program Files\Common Files\Nero
2008-05-20 22:30:44 0 d-------- C:\Program Files\Nero
2008-05-20 22:30:43 0 d-------- C:\Users\Ken\AppData\Roaming\Nero
2008-05-20 22:15:50 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-20 18:32:40 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-19 20:44:00 2 --a------ C:\Users\Ken\AppData\Roaming\7zip_progress_0C7E7B01-26A9-4ED9-9F6A-6E34AE02A1B7.txt
2008-05-19 20:42:22 0 d-------- C:\Users\Ken\AppData\Roaming\Simple Star
2008-05-15 03:02:47 0 d-------- C:\Program Files\Windows Mail
2008-05-14 01:09:15 0 d-------- C:\Users\Ken\AppData\Roaming\GetRightToGo
2008-05-04 23:15:10 0 d-------- C:\Program Files\Yahoo!
2008-05-02 19:33:10 0 d-------- C:\Users\Ken\AppData\Roaming\Help
2008-04-30 19:32:24 0 d-------- C:\Program Files\Citrix
2008-04-28 17:10:49 0 d-------- C:\Program Files\FontLab
2008-04-26 13:03:01 0 d-------- C:\Program Files\Common Files\FontLab
2008-04-15 16:58:30 0 d-------- C:\Program Files\G7 Productivity Systems
2008-04-01 23:03:55 0 d-------- C:\Program Files\MSN Messenger
2008-03-31 19:52:12 174 --ahs---- C:\Program Files\desktop.ini
2008-03-31 19:42:48 0 d-------- C:\Program Files\Windows Calendar
2008-03-31 19:42:47 0 d-------- C:\Program Files\Windows Sidebar
2008-03-31 19:42:47 0 d-------- C:\Program Files\Windows Photo Gallery
2008-03-31 19:42:47 0 d-------- C:\Program Files\Windows Collaboration
2008-03-31 19:42:47 0 d-------- C:\Program Files\Movie Maker
2008-03-31 19:42:45 0 d-------- C:\Program Files\Windows Defender
2008-03-16 22:46:20 53 --a------ C:\Windows\DelToolbox.bat
2008-03-08 19:02:28 315392 --a------ C:\Windows\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}]
05/26/2006 09:17 AM 40960 --a------ C:\Program Files\BPK\bpkwb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [09/28/2006 08:42 AM]
"ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [07/11/2006 08:12 PM]
"RtHDVCpl"="RtHDVCpl.exe" [01/15/2008 12:26 PM C:\Windows\RtHDVCpl.exe]
"bpk"="C:\Program Files\BPK\bpk.exe" [05/26/2006 09:17 AM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [09/06/2007 05:06 AM]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [04/11/2007 03:32 PM C:\Windows\KHALMNPR.Exe]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [02/16/2005 08:15 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Performance Center"="C:\Program Files\Ascentive\Performance Center\ApcMain.exe" []
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [02/16/2005 08:15 PM]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [04/13/2007 02:07 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [11/2/2007 6:09:36 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
"EnableUIADesktopToggle"=0 (0x0)
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"=2 (0x2)
"DontDisplayLogonHoursWarnings"=1 (0x1)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Compaq Connections.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Compaq Connections.lnk
backup=C:\Windows\pss\Compaq Connections.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor.lnk
backup=C:\Windows\pss\Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Gloria^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Users\Gloria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ken^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire Turbo Accelerator.lnk]
path=C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire Turbo Accelerator.lnk
backup=C:\Windows\pss\LimeWire Turbo Accelerator.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ken^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Users\Ken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
"C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bart Station]
C:\Program Files\ISP50\hta\station.sbrt

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bpk]
C:\Program Files\BPK\bpk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"c:\Program Files\Common Files\Symantec Shared\ccApp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
"C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DPService]
"C:\Program Files\HP\DVDPlay\DPService.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\himem]
"c:\windows\himem.exe" 3fff 8ffff

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
"c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanzarL2007]
"C:\Users\Ken\AppData\Local\Temp\{17AF48F7-5EEF-4391-AA30-ED7E985C62A8}\{D1DA2BA7-2592-4036-9BB2-DCCABDE8DC1A}\..\..\L2007tmp\Setup.exe" /SETUP:"/l0x0009"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero PhotoShow Media Manager]
C:\PROGRA~1\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
"c:\Program Files\Norton Internet Security\osCheck.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC SpeedScan Pro]
C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Performance Center]
C:\Program Files\Ascentive\Performance Center\APCMain.exe -m

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Windows\System32\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Service Host]
C:\Users\Ken\AppData\Local\Temp\svchost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpiralFrog]
C:\Program Files\SpiralFrog\Spiralfrog.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter]
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWCU]
"C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Storage Toolbox]
C:\Program Files\USB Disk Win98 Driver\Res.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
C:\Windows\vVX3000.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winlogon]
C:\Windows\csrss.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient SstpSvc
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-05-27 18:39:56 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Basic (build 6001) SP 1.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.00GHz
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 1790.58 MiB / 917.44 MiB
Pagefile Memory (total/avail): 3828.69 MiB / 2787.46 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1887.69 MiB

C: is Fixed (NTFS) - 143.29 GiB total, 53.22 GiB free.
D: is Fixed (NTFS) - 5.76 GiB total, 0.88 GiB free.
E: is CDROM (No Media)
F: is Fixed (FAT32) - 9.49 GiB total, 2.37 GiB free.
G: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG HD160JJ/P ATA Device - 149.05 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 143.29 GiB - C:
\PARTITION1 - Installable File System - 5.76 GiB - D:

\\.\PHYSICALDRIVE1 - Initio SV1021H USB Device - 9.5 GiB - 1 partition
\PARTITION0 - Unknown - 9.5 GiB - F:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: avast! antivirus 4.7.1043 [VPS 080527-1] v4.7.1043 (ALWIL Software) Disabled
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: AdwareAlert v ()

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Ken\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=KEN-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Ken
LOCALAPPDATA=C:\Users\Ken\AppData\Local
LOGONSERVER=\\KEN-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\HP\BIN\PYTHON;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE;C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\DLLSHARED;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Presario
PLATFORM=HPD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0602
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
RoxioCentral=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Ken\AppData\Local\Temp
TMP=C:\Users\Ken\AppData\Local\Temp
USERDOMAIN=Ken-PC
USERNAME=Ken
USERPROFILE=C:\Users\Ken
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Ken (admin)
Crystal
Gloria
Guest (guest)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\HP Games\Airstrike 2 - Gulf Thunder\Uninstall.exe"
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"
Acoustica CD/DVD Label Maker --> C:\Program Files\Acoustica CD Label Maker\cdlabel.exe UNINSTALL
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Media Player --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.amp 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Adobe Media Player --> MsiExec.exe /I{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Alternate's Ascii Artist 2.0 --> C:\Program Files\Alternate's Ascii Artist\uninst.exe
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ArcSoft PhotoImpression 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}\setup.exe" -l0x9
Ares 2.0.9 --> "C:\Program Files\Ares\uninstall.exe"
Autorun Eater v2.2 --> "C:\Program Files\Autorun Eater\unins000.exe"
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
AVI/MPEG/RM/WMV Joiner 4.82 --> "C:\Program Files\AVI MPEG RM WMV Joiner\unins000.exe"
AVI/MPEG/RM/WMV Splitter 4.28 --> "C:\Program Files\AVI MPEG RM WMV Splitter\unins000.exe"
Bejeweled 2 Deluxe --> C:\Windows\iun6002ev.exe "C:\Program Files\Bejeweled 2 Deluxe\irunin.ini"
BitPim 1.0.5 --> "C:\Program Files\BitPim\unins000.exe"
Camera Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1B3874F-3057-11D6-B2EA-0050BA18806B}\Setup.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Chinese Traditional Fonts Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-2448-0000-800000000003}
Citrix Presentation Server Client --> MsiExec.exe /I{E89956F9-5B89-470E-818D-BD46102D0A01}
CloneDVD 4.1.0.23 --> "C:\Program Files\CloneDVD\unins000.exe"
Compaq 7500 INF and ICM software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9449C1CF-2A3B-4008-9621-0358F984FCEE}\Setup.exe" -l0x9
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
Creative ZEN V Series (R2) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}\SETUP.EXE" -l0x9 /remove
CueClub --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\Real\RealGames\CueClub\setup.exe"
Data Doctor Recovery Digital Camera (Demo) 3.0.1.5 --> C:\Program Files\Data Doctor Recovery Digital Camera (Demo)\Uninstall.exe
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Play --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
eToro --> C:\PROGRA~1\eToro\UNWISE.EXE C:\PROGRA~1\eToro\INSTALL.LOG
FileCroc 2.0.0 --> "C:\Program Files\FileCroc\uninstall.exe"
FontLab ScanFont 5 --> "C:\Program Files\FontLab\ScanFont5\Uninstall.exe" "C:\Program Files\FontLab\ScanFont5\install.log" -u
FontLab Studio 5 --> "C:\Program Files\FontLab\Studio5\Uninstall.exe" "C:\Program Files\FontLab\Studio5\install.log"
HijackThis 2.0.0 --> "C:\HiJackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 8.0 --> C:\Program Files\Hewlett-Packard\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Driver Diagnostics --> MsiExec.exe /I{ED3F469E-D9EC-4DF1-968F-5812CE2F30F8}
HP Imaging Device Functions 8.0 --> C:\Program Files\Hewlett-Packard\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0 --> C:\Program Files\Hewlett-Packard\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B --> C:\Program Files\Hewlett-Packard\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Solution Center 8.0 --> C:\Program Files\Hewlett-Packard\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HPSSupply --> MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
ICQ6 --> C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe -runfromtemp -l0x0009 -removeonly
Indeo® Software --> C:\Windows\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
Japanese Fonts Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5760-0000-800000000003}
Jasc Paint Shop Pro 9 --> MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Jasc Paint Shop Pro 9.01 - (9.0.1.1) --> C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
Jasc Paint Shop Pro 9.01 Patch --> C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
KhalInstallWrapper --> MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
LimeWire PRO 4.17.3 --> "C:\Program Files\LimeWire\uninstall.exe"
LimeWire Turbo Accelerator --> C:\Program Files\LimeWire Turbo Accelerator\uninstall.exe
Logitech SetPoint --> C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0009 -removeonly
Memory Card Data Recovery (Demo) --> C:\Program Files\Memory Card Data Recovery (Demo)\Uninstall.exe
MetaFrame Presentation Server Web Client for Win32 --> C:\Windows\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
Microangelo Toolset 6 --> MsiExec.exe /I{71414EC2-0684-4A15-A85A-E0E259D117AF}
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft LifeCam --> MsiExec.exe /X{06C32EA0-4A22-4919-979A-8700715865B8}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Ultimate 2007 --> MsiExec.exe /X{91120000-002E-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Mini-stream RM-MP3 Converter 2.7.3.700 2006.09.29 --> "C:\Program Files\Mini-stream\Mini-stream RM-MP3 Converter\unins000.exe"
Motorola Driver Installation --> MsiExec.exe /I{75A0EB9D-2D1E-4FB7-BF61-498E33C73EB4}
Motorola Phone Tools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}\setup.exe" -l0x9 -removeonly
Motorola Skins Software - Moto Skin - Skin View - Skin Manager --> "C:\Program Files\Motorola Skins Software\unins000.exe"
Motorola Software Update --> MsiExec.exe /I{3D13B5F1-8FE4-4829-AA6E-6461D4B0B7E8}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MultiTranse 4.5.1 --> "C:\Program Files\MultiTranse\unins000.exe"
My HP Games --> "C:\Program Files\HP Games\Uninstall.exe"
MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
Nero 8 Trial --> MsiExec.exe /X{5FCCD531-1B38-4A94-924C-127F722F1033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 --> "C:\Program Files\Orban\AAC-aacPlus Plugin\unins000.exe"
Pdf995 (installed by TaxCut) --> C:\Program Files\pdf995\setup.exe uninstall
PdfEdit995 (installed by TaxCut) --> C:\Program Files\pdf995\res\utilities\thinsetup.exe - uninstall
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealArcade --> C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Recover Files 2.1 --> "C:\Program Files\Recover Files\unins000.exe"
SanDisk TransferMate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{601C6E14-DF1E-4113-A8C8-F9DB90CB0D88}\Setup.exe" -l0x9
Security Task Manager 1.7e --> C:\Program Files\Security Task Manager\Uninstal.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager"
Smart Data Recovery v4.0 --> "C:\Program Files\Smart PC Solutions\Smart Data Recovery\unins000.exe"
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.INF
SolidWorks 2004 SP0 --> MsiExec.exe /I{DC76EAE7-72B6-442E-AAD0-6A67F915C23D}
SolSuite --> C:\PROGRA~1\SolSuite\UNWISE.EXE C:\PROGRA~1\SolSuite\INSTALL.LOG
SolSuite Graphics Pack Volume 1 --> C:\PROGRA~1\SolSuite\UNWISE.EXE C:\PROGRA~1\SolSuite\INSTALL_GP_01.LOG
SolSuite Graphics Pack Volume 2 --> C:\PROGRA~1\SolSuite\UNWISE.EXE C:\PROGRA~1\SolSuite\INSTALL_GP_02.LOG
SpiralFrog Download Manager 0.8.24 --> MsiExec.exe /X{95738B44-49CF-4C62-A620-320F1007B14A}
StuffIt Expander --> MsiExec.exe /X{57DC8980-73DA-481E-AFD4-5E2D44B7F1AD}
Super DVD Creator 9.25.0 --> "C:\Program Files\Super DVD Creator 9.25.0\unins000.exe"
Super Granny from WildTangent (remove only) --> "C:\Program Files\WildTangent Games\Super Granny\Uninstall.exe"
SuperCow --> C:\Program Files\SuperCow\Uninstal.exe
Swypeout Battle Racing --> "C:\ProgramData\{3792767E-9C51-403C-A990-3BFBBB5850FF}\Setup_Swypeout.exe" REMOVE=TRUE MODIFY=FALSE
TaxCut Premium + State 2007 --> MsiExec.exe /X{663E217E-FC26-4249-9E8E-F190CD63E737}
TaxCut Wisconsin 2007 --> MsiExec.exe /X{A973071E-0979-4E23-A0BD-9009450E63FF}
Total Video Converter 3.02 --> "C:\Program Files\Total Video Converter\unins000.exe"
Trillian --> C:\Program Files\Trillian\trillian.exe /uninstall
TubeHunter Ultra --> MsiExec.exe /I{3A4BEF94-179B-43DC-8380-76EEC6DB5EF4}
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VersaCheck 2001 Personal Express --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{977CB175-9A19-11D4-8117-00902723CDB3}\setup.exe" anything
VersaCheck ActiveCheck Client --> MsiExec.exe /I{3D99A112-ED5A-4156-94D7-BA08AD393184}
VersaCheck ActiveCheck Server --> MsiExec.exe /I{3BED6714-ECD2-4DD8-A037-BDEA6C57E752}
VersaCheck Platinum 2007 --> MsiExec.exe /I{7AA8968B-E188-4F38-A718-A954BE3DDBCE}
VirtualCloneDrive --> "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Xenon 2000 - Project PCF --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93EE3C83-725F-4EA4-891A-CD6B019FCDC1}\Setup.exe"
Xilisoft 3GP Video Converter --> C:\Program Files\Xilisoft\3GP Video Converter 3\Uninstall.exe
Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe
ZENcast Organizer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove
Zuma Deluxe 1.0 --> C:\Program Files\PopCap Games\Zuma Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Zuma Deluxe\Install.log"


-- Application Event Log -------------------------------------------------------

Event Record #/Type40725 / Error
Event Submitted/Written: 05/27/2008 06:25:38 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6001.18000, time stamp 0x47918f11, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0x80000003, fault offset 0x038f75ba,
process id 0x9f4, application start time 0xiexplore.exe0.

Event Record #/Type40718 / Success
Event Submitted/Written: 05/27/2008 06:13:23 PM
Event ID/Source: 903 / Software Licensing Service
Event Description:
The Software Licensing service has stopped.

Event Record #/Type40715 / Error
Event Submitted/Written: 05/27/2008 06:04:50 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6001.18000, time stamp 0x47918f11, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0x80000003, fault offset 0x036c75ba,
process id 0xce8, application start time 0xiexplore.exe0.

Event Record #/Type40704 / Error
Event Submitted/Written: 05/27/2008 05:49:08 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6001.18000, time stamp 0x47918f11, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0x80000003, fault offset 0x034175ba,
process id 0xd34, application start time 0xiexplore.exe0.

Event Record #/Type40703 / Error
Event Submitted/Written: 05/27/2008 05:24:22 PM
Event ID/Source: 1002 / Application Hang
Event Description:
The program TaskMan.exe version 1.7.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 37c
Start Time: 01c8c0483503a673
Termination Time: 9



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type150757 / Warning
Event Submitted/Written: 05/27/2008 06:37:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Ken-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Ken-PC27 can't undo changes that you allow.

For more information please see the following:
%Ken-PC275

Scan ID: {15B38206-7BFB-46AE-9AA3-78736B0714C4}

User: Ken-PC\Ken

Name: %Ken-PC271

ID: %Ken-PC272

Severity ID: %Ken-PC273

Category ID: %Ken-PC274

Path Found: %Ken-PC276

Alert Type: %Ken-PC278

Detection Type: 1.1.1600.02

Event Record #/Type150756 / Warning
Event Submitted/Written: 05/27/2008 06:37:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Ken-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Ken-PC27 can't undo changes that you allow.

For more information please see the following:
%Ken-PC275

Scan ID: {A213D107-4E49-4CC3-B3F7-42D37147B75E}

User: Ken-PC\Ken

Name: %Ken-PC271

ID: %Ken-PC272

Severity ID: %Ken-PC273

Category ID: %Ken-PC274

Path Found: %Ken-PC276

Alert Type: %Ken-PC278

Detection Type: 1.1.1600.02

Event Record #/Type150755 / Warning
Event Submitted/Written: 05/27/2008 06:37:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Ken-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Ken-PC27 can't undo changes that you allow.

For more information please see the following:
%Ken-PC275

Scan ID: {B2F9A334-866C-40F3-B17C-2F3D63F8822F}

User: Ken-PC\Ken

Name: %Ken-PC271

ID: %Ken-PC272

Severity ID: %Ken-PC273

Category ID: %Ken-PC274

Path Found: %Ken-PC276

Alert Type: %Ken-PC278

Detection Type: 1.1.1600.02

Event Record #/Type150754 / Warning
Event Submitted/Written: 05/27/2008 06:37:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Ken-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Ken-PC27 can't undo changes that you allow.

For more information please see the following:
%Ken-PC275

Scan ID: {B4B114DF-BC3F-4B00-8310-09C930F2F511}

User: Ken-PC\Ken

Name: %Ken-PC271

ID: %Ken-PC272

Severity ID: %Ken-PC273

Category ID: %Ken-PC274

Path Found: %Ken-PC276

Alert Type: %Ken-PC278

Detection Type: 1.1.1600.02

Event Record #/Type150753 / Warning
Event Submitted/Written: 05/27/2008 06:37:18 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Ken-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Ken-PC27 can't undo changes that you allow.

For more information please see the following:
%Ken-PC275

Scan ID: {90AE14AC-A259-43F4-A4BB-FE2408DAD6F5}

User: Ken-PC\Ken

Name: %Ken-PC271

ID: %Ken-PC272

Severity ID: %Ken-PC273

Category ID: %Ken-PC274

Path Found: %Ken-PC276

Alert Type: %Ken-PC278

Detection Type: 1.1.1600.02



-- End of Deckard's System Scanner: finished at 2008-05-27 18:39:56 ------------

BC AdBot (Login to Remove)

 


m

#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:11:58 PM

Posted 28 June 2008 - 03:46 PM

Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new HijackThis log. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 Harly9

Harly9
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:58 PM

Posted 29 June 2008 - 04:49 PM

Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new HijackThis log. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.


After uninstalling several more programs and running Spybot and AdAware in safe mode I was able to almost completely eliminate the problem of IE stopping for no reason. If it becomes an issue in the future I will ask for assistance in this forum. Thank you for your reply.

#4 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:11:58 PM

Posted 30 June 2008 - 01:16 PM

Thank you for letting me know. If we can assist in the future, please post a HijackThis log in the forum.

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users