Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware Alarm? Slow Start up, help needed!


  • Please log in to reply

#1
JVB0122

JVB0122

    New Member

  • Member
  • Pip
  • 6 posts
Hi. a little background on what has been going on with my computer lately. Somehow a program called "malware alarm" tricked my parents into using it the other night and ever since then my computer has been running terrible!!.

Computer is running extremely slow.
the start tool bar on the bottom of the screen will disspear after a few minutes of being turned on.
there are icons on the desktop that can not be deleted.
i get this message when i start up the computer now "IMportant - potential errors found in system - - during a scan of the files at system startup,potential errors in the system reg. were found. P-07-0100 irql: 1F sysver 0xff00024 NT_kennel error 1256 KMODE_exception_not_handled"

I also get a system warning pop up thats says "windows has performed illegal operation. your system files could have critical errors. it could cause unpredictable or erratic behavior, freezes, and crashes. fixing these errors can increase your computer's performance and prevent data your personal data loss. would you like to open system troubleshooting center to fix the problem (recommended) - i don't click anything b/c of the fear of it being a trick.

i have noticed that in the "my documents" folder i have over 5,000 tmp files that were never there before

not sure what exactly is happening to my computer

I ran the AVG anti-spyware program. I was not able to save a log of the scan and i hope that will not be problem since it took nearly 5 hours to run the scan.

I ran super anti spyware and hijack this. ever since i ran the super anti spyware program i am unable to open it again. here is my hijack this log. anything you suggest will be of great help. thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:14:14 PM, on 1/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.cnn.com
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157759651\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [PhotoExplosionCalCheck] C:\Program Files\Nova Development\Photo Explosion Deluxe 3.0\calcheck.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8003 bytes
  • 0

Advertisements


#2
JVB0122

JVB0122

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I have figured out that whenever i click on the SUPERAntiSpyware icon on the desktop is when my computer really slows down and creates those tmp files. so i went into the programs folder in the mycomputer part and opened SUPERAntiSpyware that way. there was two different .exe files for SUPERAntiSpyware. i clicked on that one that was the oldest and the program opened up fine.


SUPERAntiSpyware Scan Log
Generated 01/25/2008 at 11:03 PM

Application Version : 3.6.1000

Core Rules Database Version : 3389
Trace Rules Database Version: 1383

Scan type : Complete Scan
Total Scan Time : 01:56:22

Memory items scanned : 630
Memory threats detected : 1
Registry items scanned : 6050
Registry threats detected : 4
File items scanned : 108590
File threats detected : 23

Unclassified.Unknown Origin/System
C:\WINDOWS\SYSTEM32\AWVTR.DLL
C:\WINDOWS\SYSTEM32\AWVTR.DLL

Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{A95B2816-1D7E-4561-A202-68C0DE02353A}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}
HKCR\CLSID\{A95B2816-1D7E-4561-A202-68C0DE02353A}

Adware.Tracking Cookie
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][1].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][2].txt
C:\Documents and Settings\Owner.BETHANDBRUCE\Cookies\[email protected][1].txt

Trojan.Unknown Origin
HKLM\SOFTWARE\Microsoft\MSSMGR

Trojan.Downloader-Gen/DDC
C:\DOCUMENTS AND SETTINGS\OWNER.BETHANDBRUCE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\1KXBO1CA\GAMADRIL20071203[1]
C:\WINDOWS\SYSTEM32\AHAMBBSA.EXE
C:\WINDOWS\SYSTEM32\GUCVOOLF.EXE
C:\WINDOWS\SYSTEM32\KXVGQIEB.EXE
C:\WINDOWS\SYSTEM32\MFWSLXFU.EXE
C:\WINDOWS\SYSTEM32\NGAPCSMA.EXE
C:\WINDOWS\Prefetch\AHAMBBSA.EXE-0CF32B44.pf

Malware.MalwareStopper
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1E2B5DEE-A9DF-4BEB-80A4-D17E3B9C3CEA}\RP325\A0034742.DLL

Trojan.Vundo/Variant-Installer
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1E2B5DEE-A9DF-4BEB-80A4-D17E3B9C3CEA}\RP326\A0034759.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{1E2B5DEE-A9DF-4BEB-80A4-D17E3B9C3CEA}\RP328\A0034920.EXE
  • 0

#3
JVB0122

JVB0122

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
icons onthe desktop that can't be taken off are "help and support" and "Windows Update" they look like offical windows icons but they are directed towards http://storageprotector.com websites
  • 0

#4
JVB0122

JVB0122

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
now today if i close all programs the entire desktop screen goes blank and there is nothing to click on, no toolbars or anything
  • 0

#5
JVB0122

JVB0122

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
now i am getting an error message on the toolbar that has the computer clock and programs. i dont know if it is a trick or not so i don't click on it. the message reads (red X) A critical error could occur ***STOP: 0x000007B (0xF20184, 0x00000, 0xCC0034) Inaccessible handler or device click this balloon to fix the problem
  • 0

#6
JVB0122

JVB0122

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
i ran the DSS program and here are my two logs from it...

main

eckard's System Scanner v20071014.68
Run by Owner on 2008-01-27 16:37:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
7: 2008-01-27 21:37:15 UTC - RP331 - Deckard's System Scanner Restore Point
6: 2008-01-26 21:44:36 UTC - RP330 - Installed Adobe Reader 8.1.1
5: 2008-01-26 21:43:33 UTC - RP329 - Removed Adobe Reader 7.0.9
4: 2008-01-26 02:05:07 UTC - RP328 - Installed SUPERAntiSpyware Free Edition
3: 2008-01-26 01:44:50 UTC - RP327 - Configured iTunes


-- First Restore Point --
1: 2008-01-25 20:55:25 UTC - RP325 - jan252008


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 78% (more than 75%).
Total Physical Memory: 383 MiB (512 MiB recommended).


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:38:32 PM, on 1/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\oepjkpev.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware .exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe
C:\Program Files\McAfee\MSK\MskAlert.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Documents and Settings\Owner.BETHANDBRUCE\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
C:\WINDOWS\system32\windows

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.cnn.com
O2 - BHO: (no name) - {37803B92-D856-4AFA-B22F-8DFF82A53D56} - C:\WINDOWS\system32\awvtr.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\xvsvtycn.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157759651\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [PhotoExplosionCalCheck] C:\Program Files\Nova Development\Photo Explosion Deluxe 3.0\calcheck.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: cbxxxvu - cbxxxvu.dll (file missing)
O20 - Winlogon Notify: qklpxqpk - qklpxqpk.dll (file missing)
O20 - Winlogon Notify: winrzf32 - winrzf32.dll (file missing)
O20 - Winlogon Notify: xvsvtycn - C:\WINDOWS\SYSTEM32\xvsvtycn.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\oepjkpev.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8906 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 DomainService - c:\windows\system32\oepjkpev.exe /service <Not Verified; ; DDC>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-01-01 01:00:39 352 --a------ C:\WINDOWS\Tasks\McQcTask.job
2007-11-15 01:08:21 350 --a------ C:\WINDOWS\Tasks\McDefragTask.job


-- Files created between 2007-12-27 and 2008-01-27 -----------------------------

2008-01-27 16:38:31 7168 --a------ C:\WINDOWS\system32\windows
2008-01-27 15:13:57 330752 --a------ C:\WINDOWS\system32\awvtr.exe
2008-01-27 09:09:12 89152 --a------ C:\WINDOWS\system32\dtdigiae.dll
2008-01-27 09:06:11 74304 --a------ C:\WINDOWS\system32\oepjkpev.exe <Not Verified; ; DDC>
2008-01-27 09:04:15 76352 --a------ C:\WINDOWS\system32\ydkecuss.dll
2008-01-26 20:12:34 0 d-------- C:\Program Files\Trend Micro
2008-01-26 16:45:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-01-26 16:44:53 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-25 23:15:26 163904 -----n--- C:\WINDOWS\system32\xvsvtycn.dll
2008-01-25 23:15:24 163904 --a------ C:\WINDOWS\system32\rvbbgnfk.dll
2008-01-25 21:05:08 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-25 21:04:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-25 20:24:50 87104 --a------ C:\WINDOWS\system32\nmvfbcqf.dll
2008-01-25 20:21:55 76352 --a------ C:\WINDOWS\system32\alkekxex.dll
2008-01-24 20:22:38 2161 --a------ C:\WINDOWS\mozver.dat
2008-01-24 19:47:17 87616 --a------ C:\WINDOWS\system32\atqxakdp.dll
2008-01-24 19:44:17 76352 --a------ C:\WINDOWS\system32\ibjyvfls.dll
2008-01-23 19:50:46 87616 --a------ C:\WINDOWS\system32\wmjvjwmg.dll
2008-01-23 19:44:47 76352 --a------ C:\WINDOWS\system32\eqdjuoxq.dll
2008-01-22 19:48:12 89664 --a------ C:\WINDOWS\system32\rvfwaouo.dll
2008-01-22 19:42:12 76352 --a------ C:\WINDOWS\system32\bseyqavb.dll
2008-01-19 17:43:08 0 d-------- C:\Program Files\Poker Grapher
2008-01-18 00:16:27 86592 --a------ C:\WINDOWS\system32\lbnmcmxl.dll
2008-01-18 00:10:27 76352 --a------ C:\WINDOWS\system32\dpvkxttj.dll
2008-01-17 16:37:10 0 d-------- C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\Mozilla
2008-01-16 16:15:41 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-16 16:14:45 0 d-------- C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\SUPERAntiSpyware.com
2008-01-16 16:09:01 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-01-16 09:57:19 86592 --a------ C:\WINDOWS\system32\lxsqdsej.dll
2008-01-16 09:54:19 163904 --a------ C:\WINDOWS\system32\bvthvocf.dll
2008-01-16 09:48:20 76352 --a------ C:\WINDOWS\system32\asaudnxv.dll
2008-01-15 19:41:57 2852 --a------ C:\WINDOWS\system32\tmp.reg
2008-01-15 00:05:15 39424 --a------ C:\WINDOWS\system32\pmnmnmm.dll
2008-01-14 23:33:07 39424 --a------ C:\WINDOWS\system32\rqrrsts.dll
2008-01-14 21:21:10 348156 --ahs---- C:\WINDOWS\system32\rtvwa.ini2
2008-01-14 21:20:01 327168 -----n--- C:\WINDOWS\system32\awvtr.dll
2008-01-14 21:09:55 39424 --a------ C:\WINDOWS\system32\pmnkkkh.dll
2008-01-09 23:35:07 0 d-------- C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\Help
2008-01-09 23:33:41 29184 --a------ C:\WINDOWS\system32\WINMM16.DLL <Not Verified; Microsoft Corporation; Microsoft Win32s Libraries for Window>
2008-01-09 23:33:41 167424 --a------ C:\WINDOWS\system32\WIN32S16.DLL <Not Verified; Microsoft Corporation; Microsoft Win32s Libraries for Window>
2008-01-09 23:33:41 12112 --a------ C:\WINDOWS\system32\W32SYS.DLL <Not Verified; Microsoft Corporation; Microsoft Win32s Libraries for Window>
2008-01-09 23:33:36 0 d-------- C:\Program Files\Borland
2008-01-09 23:33:36 0 d-------- C:\Program Files\Avery LabelPro
2008-01-09 15:27:27 0 d-------- C:\WINDOWS\MVUNINST
2008-01-09 15:27:27 0 d-------- C:\Program Files\AVYMEDIA
2008-01-03 16:10:53 0 d-------- C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\Grisoft
2008-01-03 16:10:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-03 14:21:54 0 d-------- C:\Program Files\Windows Installer Clean Up
2008-01-03 14:21:36 0 d-------- C:\Program Files\MSECACHE


-- Find3M Report ---------------------------------------------------------------

2008-01-26 16:44:53 0 d-------- C:\Program Files\Common Files
2008-01-25 20:52:39 0 d-------- C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\SiteAdvisor
2008-01-25 20:45:38 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-25 20:45:30 0 d-------- C:\Program Files\iTunes
2008-01-15 19:31:17 0 d-------- C:\Program Files\QuickTime
2008-01-15 19:31:11 0 d-------- C:\Program Files\Digital Media Reader
2008-01-15 19:31:04 0 d-------- C:\Program Files\America Online 9.0
2008-01-10 12:53:31 4450 --a------ C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\wklnhst.dat
2008-01-03 14:20:00 0 d-------- C:\Program Files\MSN Encarta Plus
2008-01-03 14:19:59 0 d-------- C:\Program Files\Poker Tracker V2
2008-01-03 14:19:59 0 d-------- C:\Program Files\Microsoft Works
2008-01-03 14:19:58 0 d-------- C:\Program Files\The Print Shop Ensemble III
2008-01-03 14:19:58 0 d-------- C:\Program Files\Microsoft Digital Image 2006
2008-01-03 14:19:57 0 d-------- C:\Program Files\Messenger
2008-01-03 14:19:57 0 d-------- C:\Program Files\DivX
2008-01-03 14:19:45 0 d-------- C:\Program Files\AIM
2007-12-18 19:05:00 0 d-------- C:\Program Files\SiteAdvisor
2007-12-18 09:36:37 0 d-------- C:\Program Files\McAfee
2007-12-07 15:53:03 0 d-------- C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\Adobe
2007-11-12 10:34:53 68900 --a----c- C:\WINDOWS\hpoins05.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{37803B92-D856-4AFA-B22F-8DFF82A53D56}]
01/14/2008 09:20 PM 327168 --------- C:\WINDOWS\system32\awvtr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
01/25/2008 11:15 PM 163904 --------- C:\WINDOWS\system32\xvsvtycn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"readericon"="C:\Program Files\Digital Media Reader\readericon45G.exe" []
"RTHDCPL"="RTHDCPL.EXE" [01/11/2006 08:23 PM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 09:43 PM C:\WINDOWS\Alcmtr.exe]
"CHotkey"="zHotkey.exe" []
"HostManager"="C:\Program Files\Common Files\AOL\1157759651\ee\AOLSoftware.exe" []
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" []
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" []
"MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" []
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" []
"PhotoExplosionCalCheck"="C:\Program Files\Nova Development\Photo Explosion Deluxe 3.0\calcheck.exe" []
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="NA" []
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" []
"AOL Fast Start"="C:\Program Files\America Online 9.0\AOL.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [01/27/2008 03:13 PM]

C:\Documents and Settings\Owner.BETHANDBRUCE\Start Menu\Programs\Startup\
Cyber-shot Viewer Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [4/7/2007 12:54:28 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [9/8/2006 6:49:01 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 7:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 7:50:52 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"=0 (0x0)
"ForceActiveDesktopOn"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{040CF5CF-AFC4-4393-B3AE-30B65A5460C4}"= C:\WINDOWS\system32\cbxxxvu.dll [ ]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxxxvu]
cbxxxvu.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qklpxqpk]
qklpxqpk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrzf32]
winrzf32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xvsvtycn]
xvsvtycn.dll 01/25/2008 11:15 PM 163904 C:\WINDOWS\system32\xvsvtycn.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\awvtr

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aa04d3d5-3f91-11db-b463-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480




-- End of Deckard's System Scanner: finished at 2008-01-27 16:45:21 ------------


extra

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.06GHz
CPU 1: Intel® Pentium® 4 CPU 3.06GHz
Percentage of Memory in Use: 57%
Physical Memory (total/avail): 382.48 MiB / 164.15 MiB
Pagefile Memory (total/avail): 918.23 MiB / 411.07 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1940.93 MiB

C: is Fixed (NTFS) - 181.6 GiB total, 166.26 GiB free.
D: is Fixed (FAT32) - 4.7 GiB total, 2.73 GiB free.
E: is CDROM (CDFS)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)

\\.\PHYSICALDRIVE0 - WDC WD2000BB-22RDA0 - 186.31 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 181.6 GiB - C:
\PARTITION1 - Unknown - 4.71 GiB - D:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device

\\.\PHYSICALDRIVE5 - HP PSC 1610 USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1157759651\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1157759651\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AOL\\1157759651\\EE\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1157759651\\EE\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\\DOCUME~1\\OWNER~1.BET\\LOCALS~1\\Temp\\win439.exe"="C:\\DOCUME~1\\OWNER~1.BET\\LOCALS~1\\Temp\\win439.exe:*:Enabled:win439"
"C:\\WINDOWS\\TEMP\\win3AA.exe"="C:\\WINDOWS\\TEMP\\win3AA.exe:*:Enabled:win3AA"
"C:\\WINDOWS\\TEMP\\win377.exe"="C:\\WINDOWS\\TEMP\\win377.exe:*:Enabled:win377"
"C:\\WINDOWS\\system32\\emanmtwr.exe"="C:\\WINDOWS\\system32\\ema"
"C:\\WINDOWS\\TEMP\\winE94.exe"="C:\\WINDOWS\\TEMP\\winE94.exe:*:Enabled:winE94"
"C:\\WINDOWS\\system32\\mfwslxfu.exe"="C:\\WINDOWS\\system32\\mfw"
"C:\\WINDOWS\\system32\\gucvoolf.exe"="C:\\WINDOWS\\system32\\guc"
"C:\\WINDOWS\\system32\\kxvgqieb.exe"="C:\\WINDOWS\\system32\\kxv"
"C:\\WINDOWS\\system32\\ahambbsa.exe"="C:\\WINDOWS\\system32\\aha"
"C:\\WINDOWS\\system32\\oepjkpev.exe"="C:\\WINDOWS\\system32\\oep"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BETHANDBRUCE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner.BETHANDBRUCE
LOGONSERVER=\\BETHANDBRUCE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Nova Development\Photo Explosion Deluxe 3.0\;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Ulead Systems\DVD
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0409
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\OWNER~1.BET\LOCALS~1\Temp
TMP=C:\DOCUME~1\OWNER~1.BET\LOCALS~1\Temp
USERDOMAIN=BETHANDBRUCE
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner.BETHANDBRUCE
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner.BETHANDBRUCE (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
555 Games XP Championship --> "C:\Program Files\Selectsoft\555 Games XP Championship\uninstall.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
AOL Coach Version 2.0(Build:20041026.5 en) --> C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,[email protected] -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Parental Control & Encoder --> MsiExec.exe /I{9862B19F-4CAD-4EED-920F-2F378D84393F}
Avery LabelPro 3.0 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Avery LabelPro\DeIsL1.isu"
Avery Media Software 32 bit --> C:\WINDOWS\MVUNINST\App1\unwise.exe C:\WINDOWS\MVUNINST\App1\INSTALL.LOG "Avery Media Software Uninstall"
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Bejeweled 2 Deluxe --> "C:\Program Files\Gateway Games\Bejeweled 2 Deluxe\Uninstall.exe"
Best Games Hits --> "C:\Program Files\Selectsoft\Best Game Hits\uninstall.exe"
Bicycle Card Games 2.0 --> "C:\Program Files\Microsoft Games\Bicycle Card Games 2.0\UNINSTAL.EXE" /runtemp /addremove
Bicycle® Totally Cool Card Games --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Expert Software\Totally Cool\Uninst.isu"
BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
Blackhawk Striker 2 --> "C:\Program Files\Gateway Games\Blackhawk Striker 2\Uninstall.exe"
Blasterball 2 Revolution --> "C:\Program Files\Gateway Games\Blasterball 2 Revolution\Uninstall.exe"
Browser Address Error Redirector --> regsvr32 /u /s "c:\windows\system32\BAE.dll"
Digital Media Reader --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875} /l1033
Diner Dash --> "C:\Program Files\Gateway Games\Diner Dash\Uninstall.exe"
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Solution --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
FATE --> "C:\Program Files\Gateway Games\FATE\Uninstall.exe"
Full Tilt Poker --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -l0x9 -removeonly
Gateway Game Console --> "C:\Program Files\WildTangent\Apps\Gateway Game Console\Uninstall.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Extended Capabilities 4.7 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 4.7 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.7 --> "C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Software Update --> MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Jeopardy! --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hasbro Interactive\Jeopardy!\Uninst.isu"
Mahjongg XP Championship 2006 Platinum Edition --> "C:\Program Files\Selectsoft\Mahjongg Platinum\uninstall.exe"
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
McAfee Uninstall Wizard --> C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm
Microsoft Digital Image Starter Edition 2006 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Web Publishing Wizard 1.52 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Multimedia Keyboard Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}\Setup.exe" -l0x9
Napster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9
Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
Penguins! --> "C:\Program Files\Gateway Games\Penguins!\Uninstall.exe"
Photo Explosion Deluxe 3.0 --> MsiExec.exe /X{1034BE34-1569-4889-831D-C2C3F2CB2F73}
Poker Grapher --> MsiExec.exe /I{E31E2A9F-D76D-49DD-9851-930DD1B0A081}
Poker Tracker Omaha Version 1.10.02 --> "C:\Documents and Settings\Owner.BETHANDBRUCE\My Documents\Justin's Goodies\Poker Tracker Omaha\unins000.exe"
Poker Tracker Version 2.16.02b --> "C:\Documents and Settings\Owner.BETHANDBRUCE\My Documents\Justin's Goodies\Poker Tracker V2\Poker Tracker V2\unins000.exe"
Polar Bowler --> "C:\Program Files\Gateway Games\Polar Bowler\Uninstall.exe"
Polar Golfer --> "C:\Program Files\Gateway Games\Polar Golfer\Uninstall.exe"
Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Pure Networks Port Magic --> C:\Program Files\Pure Networks\Port Magic\PortAOL.exe -Uninstall -ShowUI
Puzzle XP Championship 3000 --> "C:\Program Files\Selectsoft\Puzzle XP Championship 3000\uninstall.exe"
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
SCRABBLE --> "C:\Program Files\Gateway Games\SCRABBLE\Uninstall.exe"
Security Update for Step By Step Interactive Training (KB898458) -->
Smilebox --> "C:\Documents and Settings\Owner.BETHANDBRUCE\Application Data\Smilebox\uninstall.exe"
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F40&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDBRYCM5K.inf
Sony Picture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
The Print Shop Ensemble III --> C:\WINDOWS\uninst.exe -fC:\WINDOWS\DeIsL1.isu
Tradewinds --> "C:\Program Files\Gateway Games\Tradewinds\Uninstall.exe"
Ultimate Family Tree 3.0 --> C:\WINDOWS\IsUninst.exe -fC:\UFT\Uninst.isu
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Viewpoint Toolbar --> C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\Uninstaller.exe /u /k /url "http://www.viewpoint...completed.html"
Wheel Of Fortune --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hasbro Interactive\Wheel Of Fortune\Uninst.isu"
Who Wants To Be A Millionaire --> C:\WINDOWS\IsUninst.exe -fC:\PROGRA~1\DISNEY~1\WHOWAN~1\DeIsL1.isu
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
WinASO Disk Cleaner 1.61 --> "C:\Program Files\WinASO\Disk Cleaner 1.6\unins000.exe"
WinASO Registry Optimizer 3.0.5 --> "C:\Program Files\WinASO\Registry Optimizer 3.0\unins000.exe"
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type6966 / Error
Event Submitted/Written: 01/27/2008 04:42:50 PM
Event ID/Source: 5051 / McLogEvent
Event Description:
A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2780 (0xadc)

Thread address : 0x120C02E3

Thread message :

Build VSCORE.13.3.2.101 / 5100.194
Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\drivers\cdr4_xp.sys
by C:\Documents and Settings\Owner.BETHANDBRUCE\Desktop\dss.exe
4(1282)(0)
4(844)(0)
7200(297)(0)
7595(297)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Event Record #/Type6965 / Error
Event Submitted/Written: 01/27/2008 04:20:52 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application aim.exe, version 5.9.6089.0, faulting module locateui.ocm, version 5.9.6089.0, fault address 0x00015627.
Processing media-specific event for [aim.exe!ws!]

Event Record #/Type6915 / Error
Event Submitted/Written: 01/25/2008 11:44:34 PM / 01/25/2008 11:44:35 PM
Event ID/Source: 5051 / McLogEvent
Event Description:
A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2696 (0xa88)

Thread address : 0x120D6ACF

Thread message :

Build VSCORE.13.3.2.101 / 5100.194
Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee.com\Agent\mcupdate.exe
by C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
4(547)(0)
4(547)(0)
7200(547)(0)
7595(547)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Event Record #/Type6883 / Error
Event Submitted/Written: 01/24/2008 09:08:19 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application McProxy.exe, version 1.2.138.0, faulting module McAdaptr.dll, version 8.2.137.0, fault address 0x0000259f.
Processing media-specific event for [McProxy.exe!ws!]

Event Record #/Type6826 / Error
Event Submitted/Written: 01/19/2008 11:09:35 PM / 01/19/2008 11:09:36 PM
Event ID/Source: 5051 / McLogEvent
Event Description:
A thread in process C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2716 (0xa9c)

Thread address : 0x120325DB

Thread message :

Build VSCORE.13.3.2.101 / 5100.194
Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee.com\Agent\McUpdate.exe
by C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
4(969)(0)
4(782)(0)
7200(297)(0)
7595(297)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type27841 / Error
Event Submitted/Written: 01/27/2008 03:16:16 PM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /.
The error:
"%%2"
Happened while starting this command:
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe -Embedding

Event Record #/Type27836 / Error
Event Submitted/Written: 01/27/2008 00:58:37 PM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /.
The error:
"%%2"
Happened while starting this command:
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe -Embedding

Event Record #/Type27835 / Error
Event Submitted/Written: 01/27/2008 00:58:27 PM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /.
The error:
"%%2"
Happened while starting this command:
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe -Embedding

Event Record #/Type27834 / Error
Event Submitted/Written: 01/27/2008 00:58:17 PM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /.
The error:
"%%2"
Happened while starting this command:
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe -Embedding

Event Record #/Type27833 / Error
Event Submitted/Written: 01/27/2008 00:58:07 PM
Event ID/Source: 10001 / DCOM
Event Description:
Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /.
The error:
"%%2"
Happened while starting this command:
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe -Embedding



-- End of Deckard's System Scanner: finished at 2008-01-27 16:45:21 ------------
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP