Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vundo Infection? Popup to hopelessromantic.com [RESOLVED]

Started by Cloud_D , Jan 28 2008 08:34 AM

  • This topic is locked This topic is locked

#16
Rorschach112
Posted 03 February 2008 - 11:07 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

Delete your version of ComboFix.exe and the folder C:\qoobox then do the following



Download ComboFix from one of the locations below, and save it to your Desktop.

Link 1
Link 2
Link 3

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
  • 0

Advertisements

#17
Cloud_D
Posted 03 February 2008 - 06:21 PM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Hi,

I don't have any folder named qoobox in C: or any of my other drives. Ran a search with hidden folders and didn't find anything.

I also still have problems running combofix. The same error occurs even when I run it in safe mode.
  • 0

#18
Rorschach112
Posted 03 February 2008 - 06:29 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Do this

click on Start, click on Run
copy and paste the following in bold in the open window and then click OK
"%userprofile%\desktop\dss.exe" /config
This will open up DSS configuration
click on Check All
click Scan
DSS will now run again when finished
Please post back both logs that open in notepad
Main txt and extra txt



If you know that the Event Logs are giving a user a problem, have them run "%userprofile%/desktop/dss.exe" /config and have them uncheck "Event Logs". That should allow you to at least get a DSS report.
  • 0

#19
Cloud_D
Posted 04 February 2008 - 04:08 AM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Hi, this is main.txt:

Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2008-02-04 17:59:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
12: 2008-02-03 10:20:37 UTC - RP67 - Installed Adobe Reader 8.1.1
11: 2008-02-03 07:52:46 UTC - RP66 - Before Adobe uninstall
10: 2008-02-03 07:49:07 UTC - RP65 - Installed Windows Installer Clean Up
9: 2008-02-03 07:42:51 UTC - RP64 - Removed Adobe Reader 7.0.5
8: 2008-02-03 03:26:41 UTC - RP63 - Removed Adobe Reader 7.0.5


-- First Restore Point --
1: 2008-02-01 17:21:01 UTC - RP56 - Removed J2SE Runtime Environment 5.0 Update 10


Performed disk cleanup.

Percentage of Memory in Use: 88% (more than 75%).
Total Physical Memory: 1023 MiB (1024 MiB recommended).


-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01, on 2008-02-04
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
G:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
G:\Program Files\Gmail Notifier\gnotify.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
G:\Program Files\Spyware Doctor\SDTrayApp.exe
G:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
G:\Program Files\Mindjet\MindManager 6\MmReminderService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
G:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
G:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Windows\System32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
G:\Program Files\D-Link\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
G:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
C:\Program Files\McAfee\VirusScan\Mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\svchost.exe
G:\Program Files\Spyware Doctor\svcntaux.exe
G:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Windows\system32\svchost.exe
G:\Program Files\ThreatFire\TFService.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
G:\Program Files\mIRC\mirc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\McAfee\VirusScan\mcsysmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Compaq_Owner\Desktop\dss.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\HP\KBD\KBD.EXE
C:\Windows\system32\conime.exe
G:\PROGRA~1\TRENDM~1\HIJACK~1\COMPAQ~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - G:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - G:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] G:\Program Files\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "G:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [ThreatFire] G:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MMReminderService] G:\Program Files\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [uTorrent] "G:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [µTorrent] "G:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = G:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: Download with GetRight - G:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - G:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send To &Bluetooth - G:\Program Files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - G:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendo....a/usbaptest.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvi...iveXClient1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemreq.../sysreqlab2.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {F4AF4B32-1AF4-4773-B1A3-75C699A1CB5D} (webSysInfo.ctlSysInfo) - http://dev.cite.nie..../webSysInfo.ocx
O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - G:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - G:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NBService - Nero AG - G:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - G:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - G:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: ThreatFire - PC Tools - G:\Program Files\ThreatFire\TFService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 14921 bytes

-- HijackThis Fixed Entries (G:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080202-010648-104 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R1 SASDIFSV - \??\g:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - \??\g:\program files\superantispyware\saskutil.sys
R2 BTSERIAL (Bluetooth Serial Driver) - \??\c:\windows\system32\drivers\btserial.sys
R2 BTSLBCSP (Bluetooth Port Client Driver) - \??\c:\windows\system32\drivers\btslbcsp.sys
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>

S3 SASENUM - \??\g:\program files\superantispyware\sasenum.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >

S3 NBService - g:\program files\nero 7\nero backitup\nbservice.exe
S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Process Modules -------------------------------------------------------------

C:\Windows\explorer.exe (pid 1820)
2005-07-26 14:24:56 1019981 --a------ C:\Windows\System32\BTNeighborhood.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:07:52 565309 --a------ C:\Windows\System32\wbtapi.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:16:46 45056 --a------ C:\Windows\System32\btwpimif.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:16:06 118784 --a------ C:\Windows\System32\btosif.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:10:30 3096576 --a------ C:\Windows\System32\btrez.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2004-09-17 13:55:20 50176 --a------ C:\Windows\System32\CSH.DLL <Not Verified; Blue Sky Software Corporation; What's This? Help Composer>
-- :: 0 --------- C:\Users\COMPAQ~1\AppData\Local\Temp\IadHide5.dll
2007-01-29 13:06:14 28672 --a------ G:\Program Files\VCOM\Fix-It\WinHook.dll <Not Verified; Avanquest Publishing USA, Inc.; Fix-It Utilities>
2005-07-26 14:10:12 65536 --a------ C:\Windows\System32\BTNCopy.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>

C:\Windows\System32\rundll32.exe (pid 2184)
2007-01-29 13:06:14 28672 --a------ G:\Program Files\VCOM\Fix-It\WinHook.dll <Not Verified; Avanquest Publishing USA, Inc.; Fix-It Utilities>

C:\Windows\System32\rundll32.exe (pid 2388)
-- :: 0 --------- C:\Users\COMPAQ~1\AppData\Local\Temp\IadHide5.dll
2007-01-29 13:06:14 28672 --a------ G:\Program Files\VCOM\Fix-It\WinHook.dll <Not Verified; Avanquest Publishing USA, Inc.; Fix-It Utilities>


-- Scheduled Tasks -------------------------------------------------------------

2008-02-04 17:52:54 452 --a------ C:\Windows\Tasks\RegCure Program Check.job
2008-02-01 01:01:48 370 --a------ C:\Windows\Tasks\McQcTask.job
2008-01-22 16:59:02 386 --a------ C:\Windows\Tasks\RegCure.job
2008-01-04 11:40:04 284 --a------ C:\Windows\Tasks\AppleSoftwareUpdate.job
2007-09-15 01:00:08 278 --a------ C:\Windows\Tasks\McDefragTask.job


-- Files created between 2008-01-04 and 2008-02-04 -----------------------------

2008-02-04 01:28:32 68096 --a------ C:\Windows\system32\zip.exe
2008-02-04 01:28:32 98816 --a------ C:\Windows\system32\sed.exe
2008-02-04 01:28:32 80412 --a------ C:\Windows\system32\grep.exe
2008-02-04 01:28:32 73728 --a------ C:\Windows\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-02-03 15:49:34 0 d-------- C:\Program Files\Windows Installer Clean Up
2008-02-03 15:48:39 0 d-------- C:\Program Files\MSECACHE
2008-02-03 13:06:11 0 d-------- C:\Users\All Users\PC Tools
2008-02-03 12:49:57 0 d-a------ C:\Users\All Users\TEMP
2008-02-02 11:57:11 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-02-02 03:05:24 53248 --a------ C:\Windows\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-02-02 01:42:55 0 d-------- C:\Users\Compaq_Owner\.SunDownloadManager
2008-01-28 20:01:22 0 d-------- C:\Windows\pss
2008-01-28 19:32:14 0 d-------- C:\Users\All Users\Grisoft
2008-01-27 21:10:12 0 d-------- C:\VundoFix Backups
2008-01-16 23:26:38 0 d--h----- C:\_Backup
2008-01-16 23:24:23 0 d-------- C:\Users\All Users\VCOM
2008-01-16 23:20:51 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-16 19:51:58 0 d-------- C:\Users\All Users\NVIDIA
2008-01-16 16:44:03 86144 --a------ C:\Windows\system32\drivers\ipfltdrvv.sys
2008-01-16 15:27:40 0 d-------- C:\Windows\Panther
2008-01-16 15:27:22 94208 --a------ C:\Windows\system32\ipcoin5.dll <Not Verified; Microsoft Corporation; Microsoft IntelliPoint>
2008-01-16 15:27:22 20352 --a------ C:\Windows\system32\drivers\point32.sys <Not Verified; Microsoft Corporation; Microsoft IntelliPoint>
2008-01-16 15:27:21 94208 --a------ C:\Windows\system32\itpcoin4.dll <Not Verified; Microsoft Corporation; Microsoft IntelliType Pro>
2008-01-16 15:16:46 0 d--h----- C:\$WINDOWS.~Q
2008-01-16 15:13:27 0 d--h----- C:\$INPLACE.~TR
2008-01-16 13:23:32 0 d-------- C:\Users\All Users\DFX
2008-01-16 01:05:08 0 d--h----- C:\Users\All Users\CanonBJ
2008-01-16 00:50:13 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2008-01-16 00:44:06 0 d-------- C:\Program Files\Microsoft IntelliPoint
2008-01-16 00:43:12 0 d-------- C:\Windows\PCHEALTH
2008-01-16 00:23:56 0 dr------- C:\Users\Compaq_Owner\Searches
2008-01-16 00:10:14 22732 --a------ C:\Windows\system32\emptyregdb.dat
2008-01-16 00:02:20 0 d-------- C:\Users\Default\WINDOWS
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Videos
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Templates
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Start Menu
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\SendTo
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Saved Games
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Recent
2008-01-15 23:40:47 0 d--h----- C:\Users\Compaq_Owner\PrintHood
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Pictures
2008-01-15 23:40:47 5242880 --ahs---- C:\Users\Compaq_Owner\NTUSER.DAT
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\NetHood
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\My Documents
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Music
2008-01-15 23:40:47 0 d--h----- C:\Users\Compaq_Owner\Local Settings
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Links
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Favorites
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Downloads
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Documents <DOCUME~1>
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Desktop
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Cookies
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Application Data
2008-01-15 23:40:47 0 d--h----- C:\Users\Compaq_Owner\AppData
2008-01-15 23:39:26 0 d-------- C:\Windows\system32\URTTEMP
2008-01-15 23:39:18 0 d--hs---- C:\Windows\Installer
2008-01-15 23:34:50 0 d-------- C:\Windows\system32\RTCOM
2008-01-15 23:33:15 0 d-------- C:\Windows\Debug
2008-01-15 23:29:12 0 d-------- C:\Windows\Prefetch
2008-01-15 23:07:22 0 d--hs---- C:\Boot
2008-01-05 21:29:07 0 d-------- C:\Users\All Users\GlobalSCAPE
2008-01-05 21:14:34 545 --a------ C:\Windows\UC.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\RAR.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\PKZIP.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\PKUNZIP.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\NOCLOSE.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\LHA.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\ARJ.PIF
2008-01-04 10:27:47 64752 --ah----- C:\Windows\system32\mlfcache.dat


-- Find3M Report ---------------------------------------------------------------

2008-02-04 17:58:15 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\uTorrent
2008-02-03 18:22:30 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-03 12:49:30 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\PC Tools
2008-02-02 11:56:32 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\SUPERAntiSpyware.com
2008-02-02 03:03:25 0 d-------- C:\Program Files\Google
2008-02-02 02:07:42 0 d-------- C:\Program Files\Java
2008-01-27 15:55:24 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\BSplayer Pro
2008-01-20 10:53:13 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Thinstall
2008-01-16 23:20:51 0 d-------- C:\Program Files\Common Files
2008-01-16 19:17:01 174 --ahs---- C:\Program Files\desktop.ini
2008-01-16 19:10:53 0 d-------- C:\Program Files\Windows Calendar
2008-01-16 19:10:50 0 d-------- C:\Program Files\Windows Mail
2008-01-16 19:10:47 0 d-------- C:\Program Files\Windows Defender
2008-01-16 19:10:31 0 d-------- C:\Program Files\Windows Sidebar
2008-01-16 16:00:45 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\ZoomBrowser EX
2008-01-16 15:13:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-16 00:17:22 0 d-------- C:\Program Files\McAfee
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Windows Desktop Search
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\WinBatch
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\vlc
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\VCOM
2008-01-15 23:59:41 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\U3
2008-01-15 23:59:41 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Teleca
2008-01-15 23:59:41 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Talkback
2008-01-15 23:59:03 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Sun
2008-01-15 23:59:03 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Sony Ericsson
2008-01-15 23:59:03 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\SmartDraw
2008-01-15 23:59:02 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\SiteAdvisor
2008-01-15 23:59:02 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Screenshot Sender
2008-01-15 23:59:02 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Real
2008-01-15 23:58:59 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\OpenOffice.org2
2008-01-15 23:58:58 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Mozilla
2008-01-15 23:58:52 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Media Player Classic
2008-01-15 23:58:52 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\McAfee
2008-01-15 23:58:52 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Macromedia
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Identities
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\HPQ
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Google
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\GlobalSCAPE
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\GetRightToGo
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\CyberLink
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Canon
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Avanquest
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Apple Computer
2008-01-15 23:58:44 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Ahead
2008-01-15 23:58:44 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\AdobeUM
2008-01-15 23:58:44 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Adobe
2008-01-15 23:47:57 0 d-------- C:\Program Files\Yahoo!
2008-01-15 23:47:55 0 d-------- C:\Program Files\Windows Live
2008-01-15 23:47:55 0 d-------- C:\Program Files\Tracker Software
2008-01-15 23:47:55 0 d-------- C:\Program Files\SystemRequirementsLab
2008-01-15 23:47:55 0 d-------- C:\Program Files\Symantec
2008-01-15 23:47:54 0 d-------- C:\Program Files\Sunbelt Software
2008-01-15 23:47:48 0 d-------- C:\Program Files\Sonic
2008-01-15 23:47:43 0 d-------- C:\Program Files\SiteAdvisor
2008-01-15 23:47:38 0 d-------- C:\Program Files\Real
2008-01-15 23:47:38 0 d-------- C:\Program Files\QuickTime
2008-01-15 23:47:28 0 d-------- C:\Program Files\PowerQuest
2008-01-15 23:47:28 0 d-------- C:\Program Files\PC-Doctor for DOS
2008-01-15 23:47:28 0 d-------- C:\Program Files\PC-Doctor 5 for Windows
2008-01-15 23:47:09 0 d-------- C:\Program Files\Online Services
2008-01-15 23:47:05 0 d-------- C:\Program Files\Oberon Media
2008-01-15 23:45:55 0 d-------- C:\Program Files\MSXML 6.0
2008-01-15 23:45:55 0 d-------- C:\Program Files\MSN Gaming Zone
2008-01-15 23:45:54 0 d-------- C:\Program Files\Microsoft.NET
2008-01-15 23:45:54 0 d-------- C:\Program Files\Microsoft Works
2008-01-15 23:45:54 0 d-------- C:\Program Files\microsoft frontpage
2008-01-15 23:45:54 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-15 23:45:54 0 d-------- C:\Program Files\McAfee.com
2008-01-15 23:45:22 0 d-------- C:\Program Files\iPod
2008-01-15 23:45:16 0 d-------- C:\Program Files\InterActual
2008-01-15 23:45:14 0 d-------- C:\Program Files\HP
2008-01-15 23:44:50 0 d-------- C:\Program Files\Hewlett-Packard
2008-01-15 23:44:42 0 d-------- C:\Program Files\Escntl
2008-01-15 23:44:39 0 d-------- C:\Program Files\CONEXANT
2008-01-15 23:44:35 0 d-------- C:\Program Files\Compaq Connections
2008-01-15 23:44:35 0 d-------- C:\Program Files\Common Files\xing shared
2008-01-15 23:44:35 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-15 23:44:34 0 d-------- C:\Program Files\Common Files\TiVo Shared
2008-01-15 23:44:34 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-01-15 23:44:33 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-15 23:44:33 0 d-------- C:\Program Files\Common Files\SureThing Shared
2008-01-15 23:44:33 0 d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2008-01-15 23:44:31 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-01-15 23:44:31 0 d-------- C:\Program Files\Common Files\Real
2008-01-15 23:44:29 0 d-------- C:\Program Files\Common Files\ODBC
2008-01-15 23:44:29 0 d-------- C:\Program Files\Common Files\Oberon Media
2008-01-15 23:44:29 0 d-------- C:\Program Files\Common Files\MSSoap
2008-01-15 23:44:23 0 d-------- C:\Program Files\Common Files\McAfee
2008-01-15 23:44:23 0 d-------- C:\Program Files\Common Files\Macromedia Shared
2008-01-15 23:44:23 0 d-a------ C:\Program Files\Common Files\LS Getting Started
2008-01-15 23:44:23 0 d-a------ C:\Program Files\Common Files\LightScribe
2008-01-15 23:44:22 0 d-------- C:\Program Files\Common Files\Java
2008-01-15 23:44:22 0 d-------- C:\Program Files\Common Files\InstallShield
2008-01-15 23:44:21 0 d-------- C:\Program Files\Common Files\HP
2008-01-15 23:44:20 0 d-------- C:\Program Files\Common Files\Canon
2008-01-15 23:44:09 0 d-------- C:\Program Files\Common Files\Apple
2008-01-15 23:44:09 0 d-------- C:\Program Files\Common Files\Ahead
2008-01-15 23:44:06 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-01-15 23:43:57 0 d-------- C:\Program Files\Canon
2008-01-15 23:43:57 0 d-------- C:\Program Files\AviSynth 2.5
2008-01-15 23:43:54 0 d-------- C:\Program Files\Apple Software Update
2007-12-18 13:06:09 203264 --a------ C:\Windows\system32\Žž–Y‚ę‚Ě–Ŕ‹{XNŠ[“Z[o[.scr <Not Verified; FIVESTAR interactive; ScreenTime For Flash>
2007-12-16 08:07:20 4096 --a------ C:\Windows\d3dx.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-16 17:19]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 20:34]
"iTunesHelper"="G:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 20:14]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2006-07-25 04:28]
"Sony Ericsson PC Suite"="G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 01:07]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="G:\Program Files\Gmail Notifier\gnotify.exe" [2005-07-16 05:48]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 12:01]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-28 01:59]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-28 01:59]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-28 01:59]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 05:52 C:\Windows\RtHDVCpl.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42]
"SDTray"="G:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-10-02 16:27]
"ThreatFire"="G:\Program Files\ThreatFire\TFTray.exe" [2007-12-20 11:13]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-09-18 19:43]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"MMReminderService"="G:\Program Files\Mindjet\MindManager 6\MMReminderService.exe" [2006-08-16 17:53]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-16 16:56]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-11-02 17:45]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"pdfSaver3"="C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe" [2004-09-05 17:20]
"uTorrent"="G:\Program Files\uTorrent\utorrent.exe" [2007-10-03 15:42]
"µTorrent"="G:\Program Files\uTorrent\uTorrent.exe" [2007-10-03 15:42]

C:\Users\Compaq_Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
OneNote 2007 Screen Clipper and Launcher.lnk - G:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - G:\Program Files\D-Link\Bluetooth Software\BTTray.exe [2005-07-26 14:28:52]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-09-18 20:03:37]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
G:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 G:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
WudfServiceGroup WUDFSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-02-04 18:05:40 ------------
  • 0

#20
Cloud_D
Posted 04 February 2008 - 04:09 AM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: Intel® Pentium® D CPU 3.40GHz
Percentage of Memory in Use: 86%
Physical Memory (total/avail): 1022.81 MiB / 138.48 MiB
Pagefile Memory (total/avail): 2511.65 MiB / 1016.83 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1936.93 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 35.84 GiB total, 7.08 GiB free.
D: is Fixed (FAT32) - 5.75 GiB total, 0.96 GiB free.
E: is CDROM (No Media)
F: is Fixed (NTFS) - 68.38 GiB total, 14.81 GiB free.
G: is Fixed (NTFS) - 39.06 GiB total, 32.56 GiB free.
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Removable (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG HD160JJ/P ATA Device - 149.05 GiB - 4 partitions
\PARTITION0 (bootable) - Installable File System - 35.84 GiB - C:
\PARTITION1 - Unknown - 5.76 GiB - D:
\PARTITION2 - Extended w/Extended Int 13 - 107.45 GiB - F: - G:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
AS: McAfee VirusScan v (McAfee)
AS: Spyware Doctor v5.1.0.272 (PC Tools)
AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"G:\\Program Files\\iTunes\\iTunes.exe"="G:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"G:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="G:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\\Program Files\\uTorrent\\utorrent.exe"="G:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Compaq_Owner\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-8ABC512DA0
ComSpec=C:\Windows\system32\cmd.exe
DEFAULT_CA_NR=CA18
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Compaq_Owner
LOCALAPPDATA=C:\Users\Compaq_Owner\AppData\Local
LOGONSERVER=\\YOUR-8ABC512DA0
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Python22;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0604
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\COMPAQ~1\AppData\Local\Temp
TMP=C:\Users\COMPAQ~1\AppData\Local\Temp
USERDOMAIN=YOUR-8ABC512DA0
USERNAME=Compaq_Owner
USERPROFILE=C:\Users\Compaq_Owner
windir=C:\Windows
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Compaq_Owner (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> G:\Program Files\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
µTorrent --> "G:\Program Files\uTorrent\uninstall.exe"
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2Wire Setup Wizard --> G:\Program Files\2Wire\Uninstaller.exe
2Wire Wireless Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}\Setup.exe" -l0x9 -L0x9
7 Wonders of the Ancient World --> "C:\Program Files\Oberon Media\7 Wonders of the Ancient World\Uninstall.exe" "C:\Program Files\Oberon Media\7 Wonders of the Ancient World\install.log"
ABBYY FineReader 4.0 Sprint --> C:\WINDOWS\bitdeins.exe G:\PROGRA~1\ABBYYF~1.0SP\bitdeins.ini
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Anti-Rootkit Free --> G:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bejeweled 2 Deluxe --> "C:\Program Files\Oberon Media\Bejeweled 2 Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Bejeweled 2 Deluxe\install.log"
Bengal - Game of Gods --> "C:\Program Files\Oberon Media\Bengal - Game of Gods\Uninstall.exe" "C:\Program Files\Oberon Media\Bengal - Game of Gods\install.log"
BeTrapped! --> "C:\Program Files\Oberon Media\BeTrapped!\Uninstall.exe" "C:\Program Files\Oberon Media\BeTrapped!\install.log"
BitComet 0.79 --> G:\Program Files\BitComet\uninst.exe
Bookworm Deluxe --> "C:\Program Files\Oberon Media\Bookworm Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Bookworm Deluxe\install.log"
Bricks of Atlantis --> "C:\Program Files\Oberon Media\Bricks of Atlantis\Uninstall.exe" "C:\Program Files\Oberon Media\Bricks of Atlantis\install.log"
Bricks of Egypt --> "C:\Program Files\Oberon Media\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Oberon Media\Bricks of Egypt\install.log"
BS.Player PRO --> "G:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Cake Mania --> "C:\Program Files\Oberon Media\Cake Mania\Uninstall.exe" "C:\Program Files\Oberon Media\Cake Mania\install.log"
Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon i550 --> C:\WINDOWS\system32\CNMCP49.exe "-PRINTERNAMECanon i550" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i550 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i550 Installer\Inst2\cnmi0409.dll"
Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Chuzzle --> "C:\Program Files\Oberon Media\Chuzzle\Uninstall.exe" "C:\Program Files\Oberon Media\Chuzzle\install.log"
Combined Community Codec Pack 2007-07-22 --> "G:\Program Files\Combined Community Codec Pack\unins000.exe"
Compaq Connections (remove only) --> C:\WINDOWS\HPCPCUninstall-5577497\HPBWSetup.exe -appid 5577497 -uninstall
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
CuteFTP 8 Professional --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91F34319-08DE-457A-99C0-0BCDFAC145B9}\Setup.exe" -l0x9
D-Link Bluetooth Software --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
Direct Show Ogg Vorbis Filter (remove only) --> "C:\WINDOWS\system32\OggDSuninst.exe"
DirectVobSub (remove only) --> "G:\Program Files\DirectVobSub\uninstall.exe"
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DivX Content Uploader --> G:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> G:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
EPSON Scan Tool --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F57DB08-26D6-11D6-8AA5-0000E22DA3A0}\setup.exe" -l0x9
Fix-It Utilities 7 Professional --> MsiExec.exe /I{5158974E-2D28-4018-9335-7694C2974746}
Gem Shop --> "C:\Program Files\Oberon Media\Gem Shop\Uninstall.exe" "C:\Program Files\Oberon Media\Gem Shop\install.log"
GetRight --> G:\Program Files\GetRight\GETRIGHT.EXE /UNINSTALL
Google Gmail Notifier --> "G:\Program Files\Gmail Notifier\UninstallGmail.exe"
GunboundWC --> "G:\Program Files\softnyx\unins000.exe"
Hexic --> "C:\Program Files\Oberon Media\Hexic\Uninstall.exe" "C:\Program Files\Oberon Media\Hexic\install.log"
HijackThis 2.0.2 --> "G:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Insaniquarium Deluxe --> "C:\Program Files\Oberon Media\Insaniquarium Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Insaniquarium Deluxe\install.log"
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes --> MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Jewel of Atlantis --> "C:\Program Files\Oberon Media\Jewel of Atlantis\Uninstall.exe" "C:\Program Files\Oberon Media\Jewel of Atlantis\install.log"
Jewel Quest --> "C:\Program Files\Oberon Media\Jewel Quest\Uninstall.exe" "C:\Program Files\Oberon Media\Jewel Quest\install.log"
Jigsaw 365 --> "C:\Program Files\Oberon Media\Jigsaw 365\Uninstall.exe" "C:\Program Files\Oberon Media\Jigsaw 365\install.log"
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia FreeHand MXa --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939740B5-0064-4779-854A-8C1086181C05}\Setup.exe" -l0x9 UNINSTALL
Magic Ball 2 --> "C:\Program Files\Oberon Media\Magic Ball 2\Uninstall.exe" "C:\Program Files\Oberon Media\Magic Ball 2\install.log"
Magic Match --> "C:\Program Files\Oberon Media\Magic Match\Uninstall.exe" "C:\Program Files\Oberon Media\Magic Match\install.log"
Mahjong Match --> "C:\Program Files\Oberon Media\Mahjong Match\Uninstall.exe" "C:\Program Files\Oberon Media\Mahjong Match\install.log"
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Messenger Plus! Live --> "G:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Mindjet MindManager Pro 6 --> MsiExec.exe /I{A4DC1EC1-1DFE-48B5-B226-CFBE30BB8B4A}
mIRC --> "G:\Program Files\mIRC\mirc.exe" -uninstall
Mosiac - Tomb of Mystery --> "C:\Program Files\Oberon Media\Mosiac - Tomb of Mystery\Uninstall.exe" "C:\Program Files\Oberon Media\Mosiac - Tomb of Mystery\install.log"
Mozaki Blocks --> "C:\Program Files\Oberon Media\Mozaki Blocks\Uninstall.exe" "C:\Program Files\Oberon Media\Mozaki Blocks\install.log"
Mozilla Firefox (2.0.0.11) --> G:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 Parser and SDK --> MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Mystery Case Files - Huntsville --> "C:\Program Files\Oberon Media\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Oberon Media\Mystery Case Files - Huntsville\install.log"
Nero 7 Ultra Edition --> MsiExec.exe /I{11DACFE7-DD42-4630-AB6C-47DE04BD1033}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Ocean Express --> "C:\Program Files\Oberon Media\Ocean Express\Uninstall.exe" "C:\Program Files\Oberon Media\Ocean Express\install.log"
PangYa (NtreevSoft) --> G:\Program Files\NtreevSoft\PangYa\uninstall.exe
Pat Sajak’s Lucky Letters --> "C:\Program Files\Oberon Media\Pat Sajaks Lucky Letters\Uninstall.exe" "C:\Program Files\Oberon Media\Pat Sajaks Lucky Letters\install.log"
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PDF-XChange 3.0 --> "C:\Program Files\Tracker Software\PDF-XChange 3\unins000.exe"
PlayOnline Viewer and Tetra Master --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{47004155-7376-403E-89E9-4C9F44AAF0D0}
Poker Superstars 2 --> "C:\Program Files\Oberon Media\Poker Superstars 2\Uninstall.exe" "C:\Program Files\Oberon Media\Poker Superstars 2\install.log"
PowerQuest PartitionMagic 8.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
PSP Video 9 1.74 --> G:\Program Files\pspvideo9\uninst.exe
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
Rainbow Web --> "C:\Program Files\Oberon Media\Rainbow Web\Uninstall.exe" "C:\Program Files\Oberon Media\Rainbow Web\install.log"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
RegCure 1.5.0.0 --> G:\Program Files\RegCure\uninst.exe
Ricochet Lost Worlds --> "C:\Program Files\Oberon Media\Ricochet Lost Worlds\Uninstall.exe" "C:\Program Files\Oberon Media\Ricochet Lost Worlds\install.log"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Slingo --> "C:\Program Files\Oberon Media\Slingo\Uninstall.exe" "C:\Program Files\Oberon Media\Slingo\install.log"
SmartDraw 2007 --> G:\PROGRA~1\SMARTD~1\UNWISE.EXE G:\PROGRA~1\SMARTD~1\install.log
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.INF
Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony Ericsson PC Suite --> MsiExec.exe /I{FE6397C1-CECA-4EC3-B064-42AED7676898}
Spyware Doctor 5.1 --> G:\Program Files\Spyware Doctor\unins000.exe /LOG
Starcraft --> C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
ThreatFire 3.0 --> "G:\Program Files\ThreatFire\unins000.exe"
Tiks Texas Hold em --> "C:\Program Files\Oberon Media\Tiks Texas Hold em\Uninstall.exe" "C:\Program Files\Oberon Media\Tiks Texas Hold em\install.log"
VideoLAN VLC media player 0.8.6d --> G:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11 --> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinRAR archiver --> G:\Program Files\Winrar\uninstall.exe
Wonderland - Secret Worlds --> "C:\Program Files\Oberon Media\Wonderland - Secret Worlds\Uninstall.exe" "C:\Program Files\Oberon Media\Wonderland - Secret Worlds\install.log"
Zuma Deluxe --> "C:\Program Files\Oberon Media\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Zuma Deluxe\install.log"


-- Application Event Log -------------------------------------------------------

Event Record #/Type3853 / Success
Event Submitted/Written: 02/04/2008 05:55:49 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type3848 / Success
Event Submitted/Written: 02/04/2008 05:53:48 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Windows Management Instrumentation Service subsystems initialized successfully

Event Record #/Type3847 / Success
Event Submitted/Written: 02/04/2008 05:53:43 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
Windows Management Instrumentation Service started sucessfully

Event Record #/Type3841 / Success
Event Submitted/Written: 02/04/2008 05:52:54 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type3821 / Success
Event Submitted/Written: 02/04/2008 08:27:12 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type14716 / Warning
Event Submitted/Written: 02/04/2008 06:01:29 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {49AED0DA-8C26-493E-849B-BC2F332B0B74}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02

Event Record #/Type14715 / Warning
Event Submitted/Written: 02/04/2008 06:01:29 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {9CF81B08-22E6-4935-BD8D-12296FAAF021}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02

Event Record #/Type14714 / Warning
Event Submitted/Written: 02/04/2008 06:01:29 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {568D6720-FB61-4BE0-8A75-2E2101E2C934}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02

Event Record #/Type14713 / Warning
Event Submitted/Written: 02/04/2008 06:01:29 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {3C42193D-4DFD-4ED0-BD4C-33933BDB94A6}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02

Event Record #/Type14712 / Warning
Event Submitted/Written: 02/04/2008 06:01:29 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {B12420E3-DCBF-4F9E-834F-336333909CB2}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02



-- End of Deckard's System Scanner: finished at 2008-02-04 18:05:40 ------------
  • 0

#21
Rorschach112
Posted 04 February 2008 - 07:28 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present):

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.



Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    C:\Windows\system32\drivers\ipfltdrvv.sys
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light blue bar) and choose Paste.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    purity
  • Return to OTMoveIt2, right click in the "Paste List Of Files/Patterns To Search For and Move" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


Reboot and post a new DSS log
  • 0

#22
Cloud_D
Posted 04 February 2008 - 08:46 AM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
OTMoveIt:

C:\Windows\system32\drivers\ipfltdrvv.sys moved successfully.
[Custom Input]
< purity >

OTMoveIt2 v1.0.17 log created on 02042008_222807

Main

Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2008-02-04 22:39:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
10: 2008-02-03 10:20:37 UTC - RP67 - Installed Adobe Reader 8.1.1
9: 2008-02-03 07:52:46 UTC - RP66 - Before Adobe uninstall
8: 2008-02-03 07:49:07 UTC - RP65 - Installed Windows Installer Clean Up
7: 2008-02-03 07:42:51 UTC - RP64 - Removed Adobe Reader 7.0.5
6: 2008-02-03 03:26:41 UTC - RP63 - Removed Adobe Reader 7.0.5


-- First Restore Point --
1: 2008-02-01 18:06:20 UTC - RP58 - Installed Java™ 6 Update 4


Performed disk cleanup.

Percentage of Memory in Use: 90% (more than 75%).
Total Physical Memory: 1023 MiB (1024 MiB recommended).


-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:41, on 2008-02-04
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
G:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
G:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
G:\Program Files\iTunes\iTunesHelper.exe
G:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\McAfee\VirusScan\Mcshield.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\svchost.exe
G:\Program Files\Spyware Doctor\svcntaux.exe
G:\Program Files\Spyware Doctor\swdsvc.exe
G:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\Windows\system32\svchost.exe
G:\Program Files\ThreatFire\TFService.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
G:\Program Files\Gmail Notifier\gnotify.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Windows\System32\rundll32.exe
G:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
G:\Program Files\Mindjet\MindManager 6\MmReminderService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
G:\Program Files\D-Link\Bluetooth Software\BTTray.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\McAfee\VirusScan\mcsysmon.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\setup_wm.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Compaq_Owner\Desktop\dss.exe
C:\HP\KBD\KBD.EXE
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
G:\PROGRA~1\TRENDM~1\HIJACK~1\COMPAQ~1.EXE
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - G:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - G:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [iTunesHelper] "G:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] G:\Program Files\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "G:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [ThreatFire] G:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [MMReminderService] G:\Program Files\Mindjet\MindManager 6\MMReminderService.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [uTorrent] "G:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [µTorrent] "G:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = G:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: Download with GetRight - G:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://G:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - G:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Send To &Bluetooth - G:\Program Files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - G:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - G:\Program Files\D-Link\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {040F4385-8DAD-4306-94BF-B8291D841FAE} (USBAPTester Class) - http://www.nintendo....a/usbaptest.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://www.windowsvi...iveXClient1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemreq.../sysreqlab2.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {F4AF4B32-1AF4-4773-B1A3-75C699A1CB5D} (webSysInfo.ctlSysInfo) - http://dev.cite.nie..../webSysInfo.ocx
O20 - Winlogon Notify: !SASWinLogon - G:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - G:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Fix-It Task Manager - Avanquest Publishing USA, Inc. - G:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NBService - Nero AG - G:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - G:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - G:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: ThreatFire - PC Tools - G:\Program Files\ThreatFire\TFService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15000 bytes

-- HijackThis Fixed Entries (G:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080202-010648-104 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20080204-222415-590 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R1 SASDIFSV - \??\g:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - \??\g:\program files\superantispyware\saskutil.sys
R2 BTSERIAL (Bluetooth Serial Driver) - \??\c:\windows\system32\drivers\btserial.sys
R2 BTSLBCSP (Bluetooth Port Client Driver) - \??\c:\windows\system32\drivers\btslbcsp.sys
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>

S3 SASENUM - \??\g:\program files\superantispyware\sasenum.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >

S3 NBService - g:\program files\nero 7\nero backitup\nbservice.exe
S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Process Modules -------------------------------------------------------------

C:\Windows\explorer.exe (pid 224)
2005-07-26 14:24:56 1019981 --a------ C:\Windows\System32\BTNeighborhood.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:07:52 565309 --a------ C:\Windows\System32\wbtapi.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:16:46 45056 --a------ C:\Windows\System32\btwpimif.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:16:06 118784 --a------ C:\Windows\System32\btosif.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2005-07-26 14:10:30 3096576 --a------ C:\Windows\System32\btrez.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2303>
2004-09-17 13:55:20 50176 --a------ C:\Windows\System32\CSH.DLL <Not Verified; Blue Sky Software Corporation; What's This? Help Composer>
2007-01-29 13:06:14 28672 --a------ G:\Program Files\VCOM\Fix-It\WinHook.dll <Not Verified; Avanquest Publishing USA, Inc.; Fix-It Utilities>
-- :: 0 --------- C:\Users\COMPAQ~1\AppData\Local\Temp\IadHide5.dll

C:\Windows\System32\rundll32.exe (pid 3564)
2007-01-29 13:06:14 28672 --a------ G:\Program Files\VCOM\Fix-It\WinHook.dll <Not Verified; Avanquest Publishing USA, Inc.; Fix-It Utilities>

C:\Windows\System32\rundll32.exe (pid 3612)
2007-01-29 13:06:14 28672 --a------ G:\Program Files\VCOM\Fix-It\WinHook.dll <Not Verified; Avanquest Publishing USA, Inc.; Fix-It Utilities>


-- Scheduled Tasks -------------------------------------------------------------

2008-02-04 22:34:00 452 --a------ C:\Windows\Tasks\RegCure Program Check.job
2008-02-01 01:01:48 370 --a------ C:\Windows\Tasks\McQcTask.job
2008-01-22 16:59:02 386 --a------ C:\Windows\Tasks\RegCure.job
2008-01-04 11:40:04 284 --a------ C:\Windows\Tasks\AppleSoftwareUpdate.job
2007-09-15 01:00:08 278 --a------ C:\Windows\Tasks\McDefragTask.job


-- Files created between 2008-01-04 and 2008-02-04 -----------------------------

2008-02-04 01:28:32 68096 --a------ C:\Windows\system32\zip.exe
2008-02-04 01:28:32 98816 --a------ C:\Windows\system32\sed.exe
2008-02-04 01:28:32 80412 --a------ C:\Windows\system32\grep.exe
2008-02-04 01:28:32 73728 --a------ C:\Windows\system32\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-02-03 15:49:34 0 d-------- C:\Program Files\Windows Installer Clean Up
2008-02-03 15:48:39 0 d-------- C:\Program Files\MSECACHE
2008-02-03 13:06:11 0 d-------- C:\Users\All Users\PC Tools
2008-02-03 12:49:57 0 d-a------ C:\Users\All Users\TEMP
2008-02-02 11:57:11 0 d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-02-02 03:05:24 53248 --a------ C:\Windows\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-02-02 01:42:55 0 d-------- C:\Users\Compaq_Owner\.SunDownloadManager
2008-01-28 20:01:22 0 d-------- C:\Windows\pss
2008-01-28 19:32:14 0 d-------- C:\Users\All Users\Grisoft
2008-01-27 21:10:12 0 d-------- C:\VundoFix Backups
2008-01-16 23:26:38 0 d--h----- C:\_Backup
2008-01-16 23:24:23 0 d-------- C:\Users\All Users\VCOM
2008-01-16 23:20:51 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-16 19:51:58 0 d-------- C:\Users\All Users\NVIDIA
2008-01-16 15:27:40 0 d-------- C:\Windows\Panther
2008-01-16 15:27:22 94208 --a------ C:\Windows\system32\ipcoin5.dll <Not Verified; Microsoft Corporation; Microsoft IntelliPoint>
2008-01-16 15:27:22 20352 --a------ C:\Windows\system32\drivers\point32.sys <Not Verified; Microsoft Corporation; Microsoft IntelliPoint>
2008-01-16 15:27:21 94208 --a------ C:\Windows\system32\itpcoin4.dll <Not Verified; Microsoft Corporation; Microsoft IntelliType Pro>
2008-01-16 15:16:46 0 d--h----- C:\$WINDOWS.~Q
2008-01-16 15:13:27 0 d--h----- C:\$INPLACE.~TR
2008-01-16 13:23:32 0 d-------- C:\Users\All Users\DFX
2008-01-16 01:05:08 0 d--h----- C:\Users\All Users\CanonBJ
2008-01-16 00:50:13 0 d-------- C:\Program Files\Microsoft IntelliType Pro
2008-01-16 00:44:06 0 d-------- C:\Program Files\Microsoft IntelliPoint
2008-01-16 00:43:12 0 d-------- C:\Windows\PCHEALTH
2008-01-16 00:23:56 0 dr------- C:\Users\Compaq_Owner\Searches
2008-01-16 00:10:14 22732 --a------ C:\Windows\system32\emptyregdb.dat
2008-01-16 00:02:20 0 d-------- C:\Users\Default\WINDOWS
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Videos
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Templates
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Start Menu
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\SendTo
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Saved Games
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Recent
2008-01-15 23:40:47 0 d--h----- C:\Users\Compaq_Owner\PrintHood
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Pictures
2008-01-15 23:40:47 5242880 --ahs---- C:\Users\Compaq_Owner\NTUSER.DAT
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\NetHood
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\My Documents
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Music
2008-01-15 23:40:47 0 d--h----- C:\Users\Compaq_Owner\Local Settings
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Links
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Favorites
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Downloads
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Documents <DOCUME~1>
2008-01-15 23:40:47 0 dr------- C:\Users\Compaq_Owner\Desktop
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Cookies
2008-01-15 23:40:47 0 d--hs---- C:\Users\Compaq_Owner\Application Data
2008-01-15 23:40:47 0 d--h----- C:\Users\Compaq_Owner\AppData
2008-01-15 23:39:26 0 d-------- C:\Windows\system32\URTTEMP
2008-01-15 23:39:18 0 d--hs---- C:\Windows\Installer
2008-01-15 23:34:50 0 d-------- C:\Windows\system32\RTCOM
2008-01-15 23:33:15 0 d-------- C:\Windows\Debug
2008-01-15 23:29:12 0 d-------- C:\Windows\Prefetch
2008-01-15 23:07:22 0 d--hs---- C:\Boot
2008-01-05 21:29:07 0 d-------- C:\Users\All Users\GlobalSCAPE
2008-01-05 21:14:34 545 --a------ C:\Windows\UC.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\RAR.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\PKZIP.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\PKUNZIP.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\NOCLOSE.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\LHA.PIF
2008-01-05 21:14:34 545 --a------ C:\Windows\ARJ.PIF
2008-01-04 10:27:47 64752 --ah----- C:\Windows\system32\mlfcache.dat


-- Find3M Report ---------------------------------------------------------------

2008-02-04 22:36:07 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\uTorrent
2008-02-03 18:22:30 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-03 12:49:30 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\PC Tools
2008-02-02 11:56:32 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\SUPERAntiSpyware.com
2008-02-02 03:03:25 0 d-------- C:\Program Files\Google
2008-02-02 02:07:42 0 d-------- C:\Program Files\Java
2008-01-27 15:55:24 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\BSplayer Pro
2008-01-20 10:53:13 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Thinstall
2008-01-16 23:20:51 0 d-------- C:\Program Files\Common Files
2008-01-16 19:17:01 174 --ahs---- C:\Program Files\desktop.ini
2008-01-16 19:10:53 0 d-------- C:\Program Files\Windows Calendar
2008-01-16 19:10:50 0 d-------- C:\Program Files\Windows Mail
2008-01-16 19:10:47 0 d-------- C:\Program Files\Windows Defender
2008-01-16 19:10:31 0 d-------- C:\Program Files\Windows Sidebar
2008-01-16 16:00:45 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\ZoomBrowser EX
2008-01-16 15:13:56 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-16 00:17:22 0 d-------- C:\Program Files\McAfee
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Windows Desktop Search
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\WinBatch
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\vlc
2008-01-15 23:59:42 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\VCOM
2008-01-15 23:59:41 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\U3
2008-01-15 23:59:41 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Teleca
2008-01-15 23:59:41 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Talkback
2008-01-15 23:59:03 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Sun
2008-01-15 23:59:03 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Sony Ericsson
2008-01-15 23:59:03 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\SmartDraw
2008-01-15 23:59:02 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\SiteAdvisor
2008-01-15 23:59:02 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Screenshot Sender
2008-01-15 23:59:02 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Real
2008-01-15 23:58:59 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\OpenOffice.org2
2008-01-15 23:58:58 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Mozilla
2008-01-15 23:58:52 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Media Player Classic
2008-01-15 23:58:52 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\McAfee
2008-01-15 23:58:52 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Macromedia
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Identities
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\HPQ
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Google
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\GlobalSCAPE
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\GetRightToGo
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\CyberLink
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Canon
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Avanquest
2008-01-15 23:58:46 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Apple Computer
2008-01-15 23:58:44 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Ahead
2008-01-15 23:58:44 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\AdobeUM
2008-01-15 23:58:44 0 d-------- C:\Users\Compaq_Owner\AppData\Roaming\Adobe
2008-01-15 23:47:57 0 d-------- C:\Program Files\Yahoo!
2008-01-15 23:47:55 0 d-------- C:\Program Files\Windows Live
2008-01-15 23:47:55 0 d-------- C:\Program Files\Tracker Software
2008-01-15 23:47:55 0 d-------- C:\Program Files\SystemRequirementsLab
2008-01-15 23:47:55 0 d-------- C:\Program Files\Symantec
2008-01-15 23:47:54 0 d-------- C:\Program Files\Sunbelt Software
2008-01-15 23:47:48 0 d-------- C:\Program Files\Sonic
2008-01-15 23:47:43 0 d-------- C:\Program Files\SiteAdvisor
2008-01-15 23:47:38 0 d-------- C:\Program Files\Real
2008-01-15 23:47:38 0 d-------- C:\Program Files\QuickTime
2008-01-15 23:47:28 0 d-------- C:\Program Files\PowerQuest
2008-01-15 23:47:28 0 d-------- C:\Program Files\PC-Doctor for DOS
2008-01-15 23:47:28 0 d-------- C:\Program Files\PC-Doctor 5 for Windows
2008-01-15 23:47:09 0 d-------- C:\Program Files\Online Services
2008-01-15 23:47:05 0 d-------- C:\Program Files\Oberon Media
2008-01-15 23:45:55 0 d-------- C:\Program Files\MSXML 6.0
2008-01-15 23:45:55 0 d-------- C:\Program Files\MSN Gaming Zone
2008-01-15 23:45:54 0 d-------- C:\Program Files\Microsoft.NET
2008-01-15 23:45:54 0 d-------- C:\Program Files\Microsoft Works
2008-01-15 23:45:54 0 d-------- C:\Program Files\microsoft frontpage
2008-01-15 23:45:54 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-15 23:45:54 0 d-------- C:\Program Files\McAfee.com
2008-01-15 23:45:22 0 d-------- C:\Program Files\iPod
2008-01-15 23:45:16 0 d-------- C:\Program Files\InterActual
2008-01-15 23:45:14 0 d-------- C:\Program Files\HP
2008-01-15 23:44:50 0 d-------- C:\Program Files\Hewlett-Packard
2008-01-15 23:44:42 0 d-------- C:\Program Files\Escntl
2008-01-15 23:44:39 0 d-------- C:\Program Files\CONEXANT
2008-01-15 23:44:35 0 d-------- C:\Program Files\Compaq Connections
2008-01-15 23:44:35 0 d-------- C:\Program Files\Common Files\xing shared
2008-01-15 23:44:35 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-15 23:44:34 0 d-------- C:\Program Files\Common Files\TiVo Shared
2008-01-15 23:44:34 0 d-------- C:\Program Files\Common Files\Teleca Shared
2008-01-15 23:44:33 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-15 23:44:33 0 d-------- C:\Program Files\Common Files\SureThing Shared
2008-01-15 23:44:33 0 d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2008-01-15 23:44:31 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-01-15 23:44:31 0 d-------- C:\Program Files\Common Files\Real
2008-01-15 23:44:29 0 d-------- C:\Program Files\Common Files\ODBC
2008-01-15 23:44:29 0 d-------- C:\Program Files\Common Files\Oberon Media
2008-01-15 23:44:29 0 d-------- C:\Program Files\Common Files\MSSoap
2008-01-15 23:44:23 0 d-------- C:\Program Files\Common Files\McAfee
2008-01-15 23:44:23 0 d-------- C:\Program Files\Common Files\Macromedia Shared
2008-01-15 23:44:23 0 d-a------ C:\Program Files\Common Files\LS Getting Started
2008-01-15 23:44:23 0 d-a------ C:\Program Files\Common Files\LightScribe
2008-01-15 23:44:22 0 d-------- C:\Program Files\Common Files\Java
2008-01-15 23:44:22 0 d-------- C:\Program Files\Common Files\InstallShield
2008-01-15 23:44:21 0 d-------- C:\Program Files\Common Files\HP
2008-01-15 23:44:20 0 d-------- C:\Program Files\Common Files\Canon
2008-01-15 23:44:09 0 d-------- C:\Program Files\Common Files\Apple
2008-01-15 23:44:09 0 d-------- C:\Program Files\Common Files\Ahead
2008-01-15 23:44:06 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-01-15 23:43:57 0 d-------- C:\Program Files\Canon
2008-01-15 23:43:57 0 d-------- C:\Program Files\AviSynth 2.5
2008-01-15 23:43:54 0 d-------- C:\Program Files\Apple Software Update
2007-12-18 13:06:09 203264 --a------ C:\Windows\system32\Žž–Y‚ę‚Ě–Ŕ‹{XNŠ[“Z[o[.scr <Not Verified; FIVESTAR interactive; ScreenTime For Flash>
2007-12-16 08:07:20 4096 --a------ C:\Windows\d3dx.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-16 17:19]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 20:34]
"iTunesHelper"="G:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 20:14]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2006-07-25 04:28]
"Sony Ericsson PC Suite"="G:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 01:07]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="G:\Program Files\Gmail Notifier\gnotify.exe" [2005-07-16 05:48]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 12:01]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-28 01:59]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-28 01:59]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-28 01:59]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 05:52 C:\Windows\RtHDVCpl.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42]
"SDTray"="G:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-10-02 16:27]
"ThreatFire"="G:\Program Files\ThreatFire\TFTray.exe" [2007-12-20 11:13]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-09-18 19:43]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"MMReminderService"="G:\Program Files\Mindjet\MindManager 6\MMReminderService.exe" [2006-08-16 17:53]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-16 16:56]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-11-02 17:45]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"pdfSaver3"="C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe" [2004-09-05 17:20]
"uTorrent"="G:\Program Files\uTorrent\utorrent.exe" [2007-10-03 15:42]
"µTorrent"="G:\Program Files\uTorrent\uTorrent.exe" [2007-10-03 15:42]

C:\Users\Compaq_Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
OneNote 2007 Screen Clipper and Launcher.lnk - G:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - G:\Program Files\D-Link\Bluetooth Software\BTTray.exe [2005-07-26 14:28:52]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-09-18 20:03:37]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
G:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 G:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
WudfServiceGroup WUDFSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-02-04 22:45:12 ------------
  • 0

#23
Cloud_D
Posted 04 February 2008 - 08:47 AM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: Intel® Pentium® D CPU 3.40GHz
Percentage of Memory in Use: 90%
Physical Memory (total/avail): 1022.81 MiB / 92.88 MiB
Pagefile Memory (total/avail): 2511.65 MiB / 1023.5 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1947.07 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 35.84 GiB total, 7.13 GiB free.
D: is Fixed (FAT32) - 5.75 GiB total, 0.96 GiB free.
E: is CDROM (No Media)
F: is Fixed (NTFS) - 68.38 GiB total, 13.34 GiB free.
G: is Fixed (NTFS) - 39.06 GiB total, 32.28 GiB free.
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Removable (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG HD160JJ/P ATA Device - 149.05 GiB - 4 partitions
\PARTITION0 (bootable) - Installable File System - 35.84 GiB - C:
\PARTITION1 - Unknown - 5.76 GiB - D:
\PARTITION2 - Extended w/Extended Int 13 - 107.45 GiB - F: - G:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is disabled.

FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
AS: McAfee VirusScan v (McAfee)
AS: Spyware Doctor v5.1.0.272 (PC Tools)
AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"="C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe:*:Enabled:Compaq Connections"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"G:\\Program Files\\iTunes\\iTunes.exe"="G:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"G:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="G:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\\Program Files\\uTorrent\\utorrent.exe"="G:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Compaq_Owner\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-8ABC512DA0
ComSpec=C:\Windows\system32\cmd.exe
DEFAULT_CA_NR=CA18
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Compaq_Owner
LOCALAPPDATA=C:\Users\Compaq_Owner\AppData\Local
LOGONSERVER=\\YOUR-8ABC512DA0
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;c:\Python22;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0604
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\COMPAQ~1\AppData\Local\Temp
TMP=C:\Users\COMPAQ~1\AppData\Local\Temp
USERDOMAIN=YOUR-8ABC512DA0
USERNAME=Compaq_Owner
USERPROFILE=C:\Users\Compaq_Owner
windir=C:\Windows
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Compaq_Owner (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> G:\Program Files\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
µTorrent --> "G:\Program Files\uTorrent\uninstall.exe"
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2Wire Setup Wizard --> G:\Program Files\2Wire\Uninstaller.exe
2Wire Wireless Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}\Setup.exe" -l0x9 -L0x9
7 Wonders of the Ancient World --> "C:\Program Files\Oberon Media\7 Wonders of the Ancient World\Uninstall.exe" "C:\Program Files\Oberon Media\7 Wonders of the Ancient World\install.log"
ABBYY FineReader 4.0 Sprint --> C:\WINDOWS\bitdeins.exe G:\PROGRA~1\ABBYYF~1.0SP\bitdeins.ini
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Anti-Rootkit Free --> G:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bejeweled 2 Deluxe --> "C:\Program Files\Oberon Media\Bejeweled 2 Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Bejeweled 2 Deluxe\install.log"
Bengal - Game of Gods --> "C:\Program Files\Oberon Media\Bengal - Game of Gods\Uninstall.exe" "C:\Program Files\Oberon Media\Bengal - Game of Gods\install.log"
BeTrapped! --> "C:\Program Files\Oberon Media\BeTrapped!\Uninstall.exe" "C:\Program Files\Oberon Media\BeTrapped!\install.log"
BitComet 0.79 --> G:\Program Files\BitComet\uninst.exe
Bookworm Deluxe --> "C:\Program Files\Oberon Media\Bookworm Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Bookworm Deluxe\install.log"
Bricks of Atlantis --> "C:\Program Files\Oberon Media\Bricks of Atlantis\Uninstall.exe" "C:\Program Files\Oberon Media\Bricks of Atlantis\install.log"
Bricks of Egypt --> "C:\Program Files\Oberon Media\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Oberon Media\Bricks of Egypt\install.log"
BS.Player PRO --> "G:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Cake Mania --> "C:\Program Files\Oberon Media\Cake Mania\Uninstall.exe" "C:\Program Files\Oberon Media\Cake Mania\install.log"
Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon i550 --> C:\WINDOWS\system32\CNMCP49.exe "-PRINTERNAMECanon i550" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i550 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i550 Installer\Inst2\cnmi0409.dll"
Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.1.0.0\Uninst.exe" "G:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Chuzzle --> "C:\Program Files\Oberon Media\Chuzzle\Uninstall.exe" "C:\Program Files\Oberon Media\Chuzzle\install.log"
Combined Community Codec Pack 2007-07-22 --> "G:\Program Files\Combined Community Codec Pack\unins000.exe"
Compaq Connections (remove only) --> C:\WINDOWS\HPCPCUninstall-5577497\HPBWSetup.exe -appid 5577497 -uninstall
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
CuteFTP 8 Professional --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91F34319-08DE-457A-99C0-0BCDFAC145B9}\Setup.exe" -l0x9
D-Link Bluetooth Software --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
Direct Show Ogg Vorbis Filter (remove only) --> "C:\WINDOWS\system32\OggDSuninst.exe"
DirectVobSub (remove only) --> "G:\Program Files\DirectVobSub\uninstall.exe"
Disc2Phone --> MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DivX Content Uploader --> G:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> G:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
EPSON Scan Tool --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F57DB08-26D6-11D6-8AA5-0000E22DA3A0}\setup.exe" -l0x9
Fix-It Utilities 7 Professional --> MsiExec.exe /I{5158974E-2D28-4018-9335-7694C2974746}
Gem Shop --> "C:\Program Files\Oberon Media\Gem Shop\Uninstall.exe" "C:\Program Files\Oberon Media\Gem Shop\install.log"
GetRight --> G:\Program Files\GetRight\GETRIGHT.EXE /UNINSTALL
Google Gmail Notifier --> "G:\Program Files\Gmail Notifier\UninstallGmail.exe"
GunboundWC --> "G:\Program Files\softnyx\unins000.exe"
Hexic --> "C:\Program Files\Oberon Media\Hexic\Uninstall.exe" "C:\Program Files\Oberon Media\Hexic\install.log"
HijackThis 2.0.2 --> "G:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Insaniquarium Deluxe --> "C:\Program Files\Oberon Media\Insaniquarium Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Insaniquarium Deluxe\install.log"
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes --> MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Jewel of Atlantis --> "C:\Program Files\Oberon Media\Jewel of Atlantis\Uninstall.exe" "C:\Program Files\Oberon Media\Jewel of Atlantis\install.log"
Jewel Quest --> "C:\Program Files\Oberon Media\Jewel Quest\Uninstall.exe" "C:\Program Files\Oberon Media\Jewel Quest\install.log"
Jigsaw 365 --> "C:\Program Files\Oberon Media\Jigsaw 365\Uninstall.exe" "C:\Program Files\Oberon Media\Jigsaw 365\install.log"
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia FreeHand MXa --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939740B5-0064-4779-854A-8C1086181C05}\Setup.exe" -l0x9 UNINSTALL
Magic Ball 2 --> "C:\Program Files\Oberon Media\Magic Ball 2\Uninstall.exe" "C:\Program Files\Oberon Media\Magic Ball 2\install.log"
Magic Match --> "C:\Program Files\Oberon Media\Magic Match\Uninstall.exe" "C:\Program Files\Oberon Media\Magic Match\install.log"
Mahjong Match --> "C:\Program Files\Oberon Media\Mahjong Match\Uninstall.exe" "C:\Program Files\Oberon Media\Mahjong Match\install.log"
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Messenger Plus! Live --> "G:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Mindjet MindManager Pro 6 --> MsiExec.exe /I{A4DC1EC1-1DFE-48B5-B226-CFBE30BB8B4A}
mIRC --> "G:\Program Files\mIRC\mirc.exe" -uninstall
Mosiac - Tomb of Mystery --> "C:\Program Files\Oberon Media\Mosiac - Tomb of Mystery\Uninstall.exe" "C:\Program Files\Oberon Media\Mosiac - Tomb of Mystery\install.log"
Mozaki Blocks --> "C:\Program Files\Oberon Media\Mozaki Blocks\Uninstall.exe" "C:\Program Files\Oberon Media\Mozaki Blocks\install.log"
Mozilla Firefox (2.0.0.11) --> G:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 Parser and SDK --> MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Mystery Case Files - Huntsville --> "C:\Program Files\Oberon Media\Mystery Case Files - Huntsville\Uninstall.exe" "C:\Program Files\Oberon Media\Mystery Case Files - Huntsville\install.log"
Nero 7 Ultra Edition --> MsiExec.exe /I{11DACFE7-DD42-4630-AB6C-47DE04BD1033}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Ocean Express --> "C:\Program Files\Oberon Media\Ocean Express\Uninstall.exe" "C:\Program Files\Oberon Media\Ocean Express\install.log"
PangYa (NtreevSoft) --> G:\Program Files\NtreevSoft\PangYa\uninstall.exe
Pat Sajak’s Lucky Letters --> "C:\Program Files\Oberon Media\Pat Sajaks Lucky Letters\Uninstall.exe" "C:\Program Files\Oberon Media\Pat Sajaks Lucky Letters\install.log"
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
PDF-XChange 3.0 --> "C:\Program Files\Tracker Software\PDF-XChange 3\unins000.exe"
PlayOnline Viewer and Tetra Master --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{47004155-7376-403E-89E9-4C9F44AAF0D0}
Poker Superstars 2 --> "C:\Program Files\Oberon Media\Poker Superstars 2\Uninstall.exe" "C:\Program Files\Oberon Media\Poker Superstars 2\install.log"
PowerQuest PartitionMagic 8.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
PSP Video 9 1.74 --> G:\Program Files\pspvideo9\uninst.exe
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
Rainbow Web --> "C:\Program Files\Oberon Media\Rainbow Web\Uninstall.exe" "C:\Program Files\Oberon Media\Rainbow Web\install.log"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
RegCure 1.5.0.0 --> G:\Program Files\RegCure\uninst.exe
Ricochet Lost Worlds --> "C:\Program Files\Oberon Media\Ricochet Lost Worlds\Uninstall.exe" "C:\Program Files\Oberon Media\Ricochet Lost Worlds\install.log"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Slingo --> "C:\Program Files\Oberon Media\Slingo\Uninstall.exe" "C:\Program Files\Oberon Media\Slingo\install.log"
SmartDraw 2007 --> G:\PROGRA~1\SMARTD~1\UNWISE.EXE G:\PROGRA~1\SMARTD~1\install.log
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.INF
Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Sony Ericsson PC Suite --> MsiExec.exe /I{FE6397C1-CECA-4EC3-B064-42AED7676898}
Spyware Doctor 5.1 --> G:\Program Files\Spyware Doctor\unins000.exe /LOG
Starcraft --> C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
ThreatFire 3.0 --> "G:\Program Files\ThreatFire\unins000.exe"
Tiks Texas Hold em --> "C:\Program Files\Oberon Media\Tiks Texas Hold em\Uninstall.exe" "C:\Program Files\Oberon Media\Tiks Texas Hold em\install.log"
VideoLAN VLC media player 0.8.6d --> G:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11 --> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinRAR archiver --> G:\Program Files\Winrar\uninstall.exe
Wonderland - Secret Worlds --> "C:\Program Files\Oberon Media\Wonderland - Secret Worlds\Uninstall.exe" "C:\Program Files\Oberon Media\Wonderland - Secret Worlds\install.log"
Zuma Deluxe --> "C:\Program Files\Oberon Media\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Oberon Media\Zuma Deluxe\install.log"


-- Application Event Log -------------------------------------------------------

Event Record #/Type3891 / Success
Event Submitted/Written: 02/04/2008 10:38:31 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type3885 / Success
Event Submitted/Written: 02/04/2008 10:34:41 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Windows Management Instrumentation Service subsystems initialized successfully

Event Record #/Type3884 / Success
Event Submitted/Written: 02/04/2008 10:34:27 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
Windows Management Instrumentation Service started sucessfully

Event Record #/Type3876 / Success
Event Submitted/Written: 02/04/2008 10:33:56 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type3853 / Success
Event Submitted/Written: 02/04/2008 05:55:49 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type14878 / Warning
Event Submitted/Written: 02/04/2008 10:41:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {84B9BB48-9D57-4FAE-9C78-E93C25C8C72E}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02

Event Record #/Type14877 / Warning
Event Submitted/Written: 02/04/2008 10:41:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {FF9A295D-22D0-4CF2-9778-B0CEA3918A69}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02

Event Record #/Type14847 / Error
Event Submitted/Written: 02/04/2008 10:35:31 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
sptd

Event Record #/Type14769 / Warning
Event Submitted/Written: 02/04/2008 10:34:52 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {5B041634-AC59-41FA-9D02-6D59D6240BF7}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02

Event Record #/Type14768 / Warning
Event Submitted/Written: 02/04/2008 10:34:51 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%YOUR-8ABC512DA027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %YOUR-8ABC512DA027 can't undo changes that you allow.

For more information please see the following:
%YOUR-8ABC512DA0275

Scan ID: {6F092682-1257-44C6-A76B-3E80307C0E88}

User: YOUR-8ABC512DA0\Compaq_Owner

Name: %YOUR-8ABC512DA0271

ID: %YOUR-8ABC512DA0272

Severity ID: %YOUR-8ABC512DA0273

Category ID: %YOUR-8ABC512DA0274

Path Found: %YOUR-8ABC512DA0276

Alert Type: %YOUR-8ABC512DA0278

Detection Type: 1.1.1505.02



-- End of Deckard's System Scanner: finished at 2008-02-04 22:45:12 ------------
  • 0

#24
Rorschach112
Posted 04 February 2008 - 08:56 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Looks good

How is your PC running ? Any problems
  • 0

#25
Cloud_D
Posted 04 February 2008 - 09:46 AM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
There's no problems now, especially with the annoying pop-ups gone.

Thanks for the help!
  • 0

Advertisements

#26
Rorschach112
Posted 04 February 2008 - 09:49 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Your logs are clean ! We need to do a few things


Now we need to create a new System Restore point.

Click Start Menu > Run > type (or copy and paste)

%SystemRoot%\System32\restore\rstrui.exe

Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close.

Next goto Start Menu > Run > type

cleanmgr

Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.



  • Make sure you have an Internet Connection.
  • Double-click OTMoveIt2.exe to run it.
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OtMoveit2 to rech the Internet, please allow the application to do so.
  • Click Yes to beging the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.



Below I have included a number of recommendations for how to protect your computer against malware infections.

* Keep Windows updated by regularly checking their website at :
http://windowsupdate.microsoft.com/
This will ensure your computer has always the latest security updates available installed on your computer.

* To reduce re-infection for malware in the future, I strongly recommend installing these free programs:
SpywareBlaster protects against bad ActiveX
IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all
Have a look at this tutorial for IE-Spyad here

* SpywareGuard offers realtime protection from spyware installation attempts.

Make Internet Explorer more secure
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
  • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

* Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
Here

* Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'
Here

Thank you for your patience, and performing all of the procedures requested.
  • 0

#27
Cloud_D
Posted 04 February 2008 - 11:36 PM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Done. Thanks so much for the help!

Edit: One question, I still have a folder C:/Combofix. Is it ok to delete that?

Edited by Cloud_D, 04 February 2008 - 11:42 PM.

  • 0

#28
Rorschach112
Posted 05 February 2008 - 08:08 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Yes you can delete that and any other folders from the programs that we used


Let me know if you have any more questions
  • 0

#29
Cloud_D
Posted 05 February 2008 - 09:17 AM

Cloud_D

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Thanks!
  • 0

#30
Rorschach112
Posted 05 February 2008 - 09:47 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP