Deckard's System Scanner v20071014.68
Run by jayyap on 2007-10-24 18:12:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
32: 2007-10-24 10:12:54 UTC - RP59 - Deckard's System Scanner Restore Point
31: 2007-10-18 01:40:48 UTC - RP58 - Installed Java(tm) 6 Update 3
30: 2007-10-17 06:12:36 UTC - RP57 - Installed QUICKfind
29: 2007-09-29 10:53:14 UTC - RP56 - System Checkpoint
28: 2007-09-25 12:40:46 UTC - RP55 - System Checkpoint
-- First Restore Point --
1: 2007-08-31 06:19:33 UTC - RP28 - restore point
Backed up registry hives.
Performed disk cleanup.
[color=\"red\"]Total Physical Memory: 511 MiB (512 MiB recommended).[/color]
[color=\"red\"]System Drive C: has 3.35 GiB (less than 15%) free.[/color]
-- HijackThis (run as jayyap.exe) ----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:13:51 PM, on 10/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\lxcrcoms.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Documents and Settings\jayyap\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\jayyap.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
https://login.live.com/ppsecure/sha1auth.srf?lc=1033R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.Email Removed.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/microsoftu...b?1188542148000O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftu...b?1188542134593O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: lxcr_device - - C:\WINDOWS\System32\lxcrcoms.exe
--
End of file - 7471 bytes
-- File Associations -----------------------------------------------------------
[color=\"red\"].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser %1,%*[/color]
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
S3 catchme - c:\docume~1\jayyap\locals~1\temp\catchme.sys (file missing)
S3 FoxAwdWINFLASH - c:\program files\superutility\foxawdwinflash.sys
S3 FXDRV - c:\program files\superutility\fxdrv.sys <Not Verified; Foxconn; FoxUtility Suite>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2007-09-24 and 2007-10-24 -----------------------------
2066-08-16 23:06:34 0 d-------- C:\Program Files\Common Files\ODBC
2066-08-16 23:06:31 0 d-------- C:\Program Files\Common Files\SpeechEngines
2066-08-16 23:06:30 0 d-------- C:\Program Files
2066-08-16 23:06:30 0 d-------- C:\Program Files\Common Files
2066-08-16 23:06:06 0 d--h----- C:\Documents and Settings\Default User\Templates
2066-08-16 23:06:06 0 dr------- C:\Documents and Settings\Default User\Start Menu
2066-08-16 23:06:06 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2066-08-16 23:06:06 0 d--h----- C:\Documents and Settings\Default User\Recent
2066-08-16 23:06:06 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2066-08-16 23:06:06 0 d--h----- C:\Documents and Settings\Default User\NetHood
2066-08-16 23:06:06 0 d-------- C:\Documents and Settings\Default User\My Documents
2066-08-16 23:06:06 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2066-08-16 23:06:06 0 d-------- C:\Documents and Settings\Default User\Favorites
2066-08-16 23:06:06 0 d-------- C:\Documents and Settings\Default User\Desktop
2066-08-16 23:06:06 0 d---s---- C:\Documents and Settings\Default User\Cookies
2066-08-16 23:06:06 0 d--h----- C:\Documents and Settings\All Users\Templates
2066-08-16 23:06:06 0 d-------- C:\Documents and Settings\All Users\Start Menu
2066-08-16 23:06:06 0 d-------- C:\Documents and Settings\All Users\Favorites
2066-08-16 23:06:06 0 dr------- C:\Documents and Settings\All Users\Documents
2066-08-16 23:06:06 0 d-------- C:\Documents and Settings\All Users\Desktop
2066-08-16 23:05:56 0 d-------- C:\WINDOWS\System32\CatRoot2
2066-08-16 23:05:56 0 d-------- C:\WINDOWS\System32\CatRoot
2066-08-16 23:05:51 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2066-08-16 23:05:51 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2066-08-16 23:05:50 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2066-08-16 23:05:50 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2066-08-16 23:05:29 0 d-------- C:\Documents and Settings
2066-08-16 23:00:35 0 d-------- C:\WINDOWS
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\WinSxS
2066-08-16 23:00:35 0 dr------- C:\WINDOWS\Web
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\twain_32
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\system32
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\wins
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\wbem
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\usmt
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\spool
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\ShellExt
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\Setup
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\ras
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\oobe
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\npp
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\mui
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\inetsrv
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\IME
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\icsxml
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\ias
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\export
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\drivers
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\drivers\etc
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\drivers\disdn
2066-08-16 23:00:35 0 dr-hs--c- C:\WINDOWS\System32\dllcache
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\dhcp
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\config
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\3com_dmi
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\3076
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\2052
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1054
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1042
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1041
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1037
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1033
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1031
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1028
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\System32\1025
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\system
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\security
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Resources
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\repair
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\mui
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\msapps
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\msagent
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Media
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\java
2066-08-16 23:00:35 0 d--h----- C:\WINDOWS\inf
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\ime
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Help
2066-08-16 23:00:35 0 dr--s---- C:\WINDOWS\Fonts
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Driver Cache
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Debug
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Cursors
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Connection Wizard
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\Config
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\AppPatch
2066-08-16 23:00:35 0 d-------- C:\WINDOWS\addins
2007-10-22 18:39:03 0 dr-h----- C:\Documents and Settings\jayyap\Recent
2007-10-21 19:09:30 0 d-------- C:\BackUpMSNCleaner
2007-10-17 14:12:38 160768 --a------ C:\WINDOWS\System32\ILLKRN.DLL <Not Verified; TEXTware A/S; Illuminator 2.0>
2007-10-17 14:12:38 0 d-------- C:\Program Files\TEXTware
2007-10-17 14:12:38 0 d-------- C:\Program Files\IDM
2007-10-17 14:12:37 205312 --a------ C:\WINDOWS\System32\Illprs.dll <Not Verified; TEXTware A/S; Illuminator 2.0>
2007-10-17 14:12:12 86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>
2007-10-17 14:11:36 0 d-------- C:\WINDOWS\System32\QuickTime
2007-10-17 14:11:36 0 d-------- C:\Program Files\QuickTime
2007-10-17 14:11:25 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2007-10-17 14:09:35 0 d-------- C:\Program Files\Oxford
2007-10-10 21:28:19 0 d-------- C:\Doraemon
2007-10-10 21:27:43 327168 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-10-08 13:26:39 0 d-------- C:\Program Files\KONAMI
2007-10-06 13:12:09 0 --a------ C:\WINDOWS\System32\cid_store.dat
2007-10-06 13:12:09 0 d-------- C:\Documents and Settings\All Users\Application Data\thunder_vod_cache
2007-10-06 13:11:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Thunder Network
2007-10-06 13:11:07 0 d-------- C:\Program Files\Thunder Network
2007-10-06 13:02:14 2560 --a------ C:\WINDOWS\System32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2007-10-06 13:02:13 0 d-------- C:\Downloads
2007-10-06 13:02:05 0 d-------- C:\Program Files\BitComet
2007-10-04 21:28:09 0 d-------- C:\Program Files\CCleaner
2007-10-01 22:13:16 0 d--h----- C:\WINDOWS\PIF
2007-09-27 18:02:24 0 d-------- C:\Program Files\Aimersoft
2007-09-27 18:01:36 0 d-------- C:\Profiles
2007-09-24 23:27:26 69 --a------ C:\WINDOWS\System32\3gpvideoconverterb.dat
2007-09-24 23:27:26 69 --a------ C:\WINDOWS\System32\3gpvideoconvertera.dat
2007-09-24 22:40:47 394240 --a------ C:\WINDOWS\System32\Smab.dll
2007-09-24 22:40:46 70656 --a------ C:\WINDOWS\System32\i420vfw.dll <Not Verified;
www.helixcommunity.org; Helix I420 YUV Codec>
2007-09-24 22:40:46 27648 --a------ C:\WINDOWS\System32\AVSredirect.dll
2007-09-24 22:40:46 66560 --a------ C:\WINDOWS\MOTA113.exe
2007-09-24 22:40:45 217073 --a------ C:\WINDOWS\meta4.exe
2007-09-24 22:40:37 31232 -r-hs---- C:\WINDOWS\System32\msfDX.dll <Not Verified; Hans Mayerl; msfDX.dll>
2007-09-24 22:40:37 163328 -r-hs---- C:\WINDOWS\System32\flvDX.dll <Not Verified; Gabest; FLV Splitter>
2007-09-24 22:40:27 0 d-------- C:\Program Files\eRightSoft
2007-09-24 21:38:24 0 d-------- C:\temp
2007-09-24 21:38:24 0 d-------- C:\MediaOut
2007-09-24 21:38:11 0 d-------- C:\Program Files\PMPro Mobile Phone Video Converter
2007-09-24 19:45:48 0 d-------- C:\Program Files\Boilsoft MP4 Converter
2007-09-24 15:27:12 0 d-------- C:\Program Files\AviSynth 2.5
-- Find3M Report ---------------------------------------------------------------
2066-08-16 23:06:06 62 --ahs---- C:\Documents and Settings\jayyap\Application Data\desktop.ini
2007-10-20 11:31:09 0 d-------- C:\Program Files\lx_cats
2007-10-18 09:45:10 0 d-------- C:\Program Files\Java
2007-10-17 14:12:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-16 23:47:36 0 d-------- C:\Program Files\SpywareBlaster
2007-09-22 00:26:55 203264 --a------ C:\WINDOWS\System32\FFTD Screensaver.scr <Not Verified; ScreenTime Media; ScreenTime For Flash>
2007-09-22 00:17:52 0 d-------- C:\Program Files\Xtreme Desktop
2007-09-21 22:59:00 0 d-------- C:\Program Files\MSN Messenger
2007-09-12 22:10:13 48640 --a------ C:\WINDOWS\grwprocs.dll
2007-09-12 22:10:13 405504 --a------ C:\WINDOWS\18be.scr
2007-09-12 22:10:13 397968 --a------ C:\WINDOWS\18be.dat <Not Verified; Macromedia, Inc.; Flash 5.0>
2007-09-11 18:37:24 1290 --a------ C:\WINDOWS\mozver.dat
2007-09-11 18:37:23 0 d-------- C:\Program Files\DivX
2007-09-09 19:00:40 0 d-------- C:\Program Files\NewLive All Audio To Mp3 Converter
2007-09-02 12:11:27 0 d-------- C:\Program Files\Disc2Phone
2007-09-02 10:49:40 0 d-------- C:\Documents and Settings\jayyap\Application Data\Teleca
2007-09-02 10:47:48 0 d-------- C:\Program Files\Common Files\Teleca Shared
2007-09-02 10:47:31 0 d-------- C:\Program Files\Sony Ericsson
2007-09-02 10:45:38 0 d-------- C:\Program Files\Common Files\InstallShield
2007-08-31 16:28:51 0 d-------- C:\Program Files\Electronic Arts
2007-08-29 14:41:53 0 d-------- C:\Documents and Settings\jayyap\Application Data\DivX
2007-08-24 13:28:05 0 d-------- C:\Documents and Settings\jayyap\Application Data\Google
2007-08-24 13:26:56 0 d-------- C:\Program Files\Google
2007-08-18 13:07:18 0 --a------ C:\WINDOWS\nsreg.dat
2007-08-16 17:40:01 50688 --a------ C:\WINDOWS\System32\wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines>
2007-08-16 15:20:30 0 -rahs---- C:\MSDOS.SYS
2007-08-16 15:20:30 0 -rahs---- C:\IO.SYS
2007-08-16 15:20:30 0 --a------ C:\CONFIG.SYS
2007-08-16 15:20:30 0 --a------ C:\AUTOEXEC.BAT
2007-08-16 15:17:26 21640 --a------ C:\WINDOWS\System32\emptyregdb.dat
2007-07-31 11:41:30 249344 --a------ C:\WINDOWS\Mitsubishi Lancer 2.scr
2007-07-31 11:41:30 1010460 --a------ C:\WINDOWS\creamplayer.exe <Not Verified; Macromedia, Inc.; Director MX 2004>
2007-07-31 11:41:28 1383373 --a------ C:\WINDOWS\Mitsubishi Lancer 2.bin
2007-07-31 11:40:26 249344 --a------ C:\WINDOWS\Mitsubishi Lancer.scr
2007-07-31 11:40:26 323021 --a------ C:\WINDOWS\Mitsubishi Lancer.bin
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/28/2002 09:38 PM]
"PHIME2002ASync"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [08/28/2002 09:39 PM]
"PHIME2002A"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [08/28/2002 09:39 PM]
"SoundMan"="SOUNDMAN.EXE" [11/11/2005 02:07 PM C:\WINDOWS\soundman.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/05/2005 09:05 PM]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [05/15/2007 06:22 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/16/2007 06:29 PM]
"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [01/23/2006 01:45 AM]
"EzPrint"="C:\Program Files\Lexmark 2400 Series\ezprint.exe" [02/07/2006 01:10 PM]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [02/02/2006 04:11 PM]
"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [12/02/2005 02:38 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [09/06/2007 06:06 PM]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [10/26/2005 04:17 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [08/29/2002 03:41 AM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
-- End of Deckard's System Scanner: finished at 2007-10-24 18:16:06 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® D CPU 2.66GHz
CPU 1: Intel® Pentium® D CPU 2.66GHz
Percentage of Memory in Use: 51%
Physical Memory (total/avail): 510.42 MiB / 248.29 MiB
Pagefile Memory (total/avail): 1249.54 MiB / 975.21 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1922.19 MiB
A: is Removable (Unformatted)
C: is Fixed (NTFS) - 39.06 GiB total, 3.35 GiB free.
D: is Fixed (NTFS) - 72.72 GiB total, 66.25 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE1 - SAMSUNG HD080HJ - 74.53 GiB - 0 partitions
\\.\PHYSICALDRIVE0 - WDC WD1200JS-00MHB0 - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 39.06 GiB - C:
\PARTITION1 - Installable File System - 72.72 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is enabled.
Unable to create WMI object.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\jayyap\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YAP-QNI9GRX7HO5
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA6
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\jayyap
LOGONSERVER=\\YAP-QNI9GRX7HO5
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Teleca Shared
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0407
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\jayyap\LOCALS~1\Temp
TMP=C:\DOCUME~1\jayyap\LOCALS~1\Temp
USERDOMAIN=YAP-QNI9GRX7HO5
USERNAME=jayyap
USERPROFILE=C:\Documents and Settings\jayyap
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
lihhorng
(admin)jayyap
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
? 4.6.8 --> "C:\Program Files\TTPlayer\uninst.exe"
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Ad-Aware 2007 --> MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
BitComet 0.93 --> C:\Program Files\BitComet\uninst.exe
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Disc2Phone --> MsiExec.exe /I{6E65247F-58F9-41CA-BE69-0316F7907170}
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Doraemon --> C:\WINDOWS\IsUninst.exe -fC:\Doraemon\Uninst.isu
Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE
FFTD Screensaver --> C:\WINDOWS\System32\FFTD Screensaver.scr /u
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(tm) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(tm) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
K-Lite Codec Pack 3.3.0 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lexmark 2400 Series --> C:\Program Files\Lexmark 2400 Series\Install\x86\Uninst.exe
Lexmark Fax Solutions --> C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe /R:faxunst
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Mitsubishi Lancer 1.0 --> C:\Program Files\Mitsubishi Lancer\uninst.exe
Mitsubishi Lancer 2 2.0 --> C:\Program Files\Mitsubishi Lancer 2\uninst.exe
Mozilla Firefox (2.0.0.
--> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Need for Speedâ„¢ Carbon --> C:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
Oxford Advanced Learner's Dictionary - 7th edition --> "C:\Program Files\Oxford\OALD7\uninstall.exe"
QUICKfind --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{593AFFA4-D08E-4272-BABB-420949D32A10}\Setup.exe" -l0x9
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\110\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE
Sony Ericsson PC Suite 1.20.173 --> MsiExec.exe /I{C5ADA65A-7828-4D85-B071-ECC52B51F794}
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SUPER © Version 2007.bld.23 (July 4, 2007) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SuperUtility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10E33F6D-16E6-400E-BA1E-DF9F1BCD1B30}\setup.exe" -l0x9
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Winning Eleven 9 --> "C:\Program Files\KONAMI\Winning Eleven 9\unins000.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xtreme Desktop --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E742E0-DF42-4685-A210-B26445939248}\setup.exe" -l0x9 -removeonly
-- Application Event Log -------------------------------------------------------
Event Record #/Type1357 / Success
Event Submitted/Written: 10/23/2007 10:46:30 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1350 / Success
Event Submitted/Written: 10/23/2007 08:18:46 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1335 / Success
Event Submitted/Written: 10/23/2007 06:08:32 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1329 / Success
Event Submitted/Written: 10/22/2007 04:43:16 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1328 / Error
Event Submitted/Written: 10/22/2007 04:40:39 PM
Event ID/Source: 1015 / Perflib
Event Description:
The timeout waiting for the performance data collection function "PerfOS"
in the "C:\WINDOWS\System32\perfos.dll" Library to finish has expired. There may be a problem with
this extensible counter or the service it is collecting data from or the
system may have been very busy when this call was attempted.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
No Errors/Warnings found.
-- End of Deckard's System Scanner: finished at 2007-10-24 18:16:06 ------------
