Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PAK_GENERIC.001


  • Please log in to reply

#1
SarahP

SarahP

    New Member

  • Member
  • Pip
  • 3 posts
I can't get this off my computer. I ran trendmicro and it said that it couldn't remove it. Firefox won't run an entire housecall for some reason, probably a hack. I've cleaned everything off except this. I scanned through some other threads about it so I already dl'd the dss and ran it and have the notepad documents to post here below:

main.txt:

Deckard's System Scanner v20071014.68
Run by Pardew Family on 2008-01-28 19:28:32
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
31: 2008-01-28 13:39:23 UTC - RP148 - Opera 9.25 ? ??????????
30: 2008-01-28 04:31:58 UTC - RP147 - Device Driver Package Install: Trend Micro Network Service
29: 2008-01-28 04:30:36 UTC - RP146 - Installed Trend Micro Internet Security
28: 2008-01-28 04:25:27 UTC - RP145 - Windows Defender Checkpoint
27: 2008-01-27 22:29:15 UTC - RP143 - Installed Ad-Aware 2007


-- First Restore Point --
1: 2007-12-29 07:49:10 UTC - RP115 - Scheduled Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Pardew Family.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:29:34 PM, on 1/28/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Video Add-on\icthis.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Video Add-on\icmntr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Pardew Family\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Pardew Family.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - C:\Program Files\Video Add-on\isfmdl.dll (file missing)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: IE Custom Tools - {8113B5DE-F7EB-4154-A311-497FB80D8BD0} - C:\Program Files\Video Add-on\ictmdl.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\WinSecureAv\bm.exe" dm=http://winsecureav.com ad=http://winsecureav.com sd=http://ykeeper.winsecureav.com
O4 - HKLM\..\Run: [ptask] C:\Program Files\WinSecureAv\ptask.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
O13 - Gopher Prefix:
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace....ploader1005.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecu...asyInstallX.CAB
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8177 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys

S3 MREMP50 (MREMP50 NDIS Protocol Driver) - \??\c:\progra~1\common~1\motive\mremp50.sys
S3 MRESP50 (MRESP50 NDIS Protocol Driver) - \??\c:\progra~1\common~1\motive\mresp50.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-12-28 and 2008-01-28 -----------------------------

2008-01-28 07:39:48 0 d-------- C:\Program Files\Opera
2008-01-27 23:26:25 0 d-------- C:\!KillBox
2008-01-27 22:31:16 0 d-------- C:\Users\All Users\Trend Micro
2008-01-27 17:41:51 0 d-------- C:\Program Files\Trend Micro
2008-01-27 16:29:31 0 d-------- C:\Users\All Users\Lavasoft
2008-01-27 15:55:35 0 d--hs---- C:\WinSecureAv
2008-01-27 15:55:17 0 dr------- C:\Users\Public\Application Data
2008-01-27 15:55:17 0 dr------- C:\Users\Public\Application Data\SalesMon
2008-01-27 13:21:42 0 d-------- C:\Program Files\Helper
2008-01-27 13:21:32 0 d-------- C:\Program Files\Video Add-on


-- Find3M Report ---------------------------------------------------------------

2008-01-28 07:40:10 0 d-------- C:\Users\Pardew Family\AppData\Roaming\Opera
2008-01-27 18:01:43 0 d-------- C:\Program Files\Common Files
2008-01-27 15:55:34 0 d-------- C:\Users\Pardew Family\AppData\Roaming\WinSecureAv
2008-01-27 15:38:17 3452 --ahs---- C:\Windows\system32\KGyGaAvL.sys
2008-01-10 03:08:44 0 d-------- C:\Program Files\Windows Mail
2008-01-10 03:00:58 0 d-------- C:\Program Files\Windows Sidebar
2007-12-11 22:25:02 0 d-------- C:\Program Files\Imikimi
2007-12-09 14:16:47 0 d-------- C:\Users\Pardew Family\AppData\Roaming\Corel
2007-12-09 14:14:44 0 d-------- C:\Program Files\Common Files\Corel
2007-12-09 14:13:32 0 d-------- C:\Program Files\Corel
2007-12-09 13:56:30 0 d-------- C:\Users\Pardew Family\AppData\Roaming\uTorrent
2007-12-09 13:55:35 0 d-------- C:\Program Files\PowerISO
2007-12-07 18:31:23 0 d-------- C:\Program Files\uTorrent
2007-12-06 06:51:27 0 d-------- C:\Program Files\PowerArchiver
2007-12-05 20:04:06 88 -r-hs---- C:\Windows\system32\79A22B96D3.sys
2007-12-01 14:36:51 0 d-------- C:\Users\Pardew Family\AppData\Roaming\InstallShield


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}]
C:\Program Files\Video Add-on\isfmdl.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{8113B5DE-F7EB-4154-A311-497FB80D8BD0}"= C:\Program Files\Video Add-on\ictmdl.dll [01/27/2008 01:21 PM 73216]

[-HKEY_CLASSES_ROOT\CLSID\{8113B5DE-F7EB-4154-A311-497FB80D8BD0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [10/03/2007 09:45 AM]
"ECenter"="C:\Dell\E-Center\EULALauncher.exe" [05/25/2007 12:03 AM]
"RtHDVCpl"="RtHDVCpl.exe" [03/15/2007 07:32 AM C:\Windows\RtHDVCpl.exe]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [09/22/2007 10:11 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [09/22/2007 10:11 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [09/22/2007 10:11 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/03/2006 10:37 AM]
"@"="" []
"dscactivate"="c:\dell\dsca.exe" [07/30/2007 01:40 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [10/03/2007 02:17 AM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [10/03/2006 10:35 AM]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [08/06/2007 06:05 PM]
"Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" []
"Corel File Shell Monitor"="C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [10/30/2007 07:52 PM]
"bm"="C:\Program Files\Common Files\WinSecureAv\bm.exe" []
"ptask"="C:\Program Files\WinSecureAv\ptask.exe" []
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [12/16/2007 06:53 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 11:09 AM]
"Aim6"="" []
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [09/27/2007 07:17 PM]
"PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [11/30/2007 09:08 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"some"=C:\Program Files\Video Add-on\icthis.exe
"start"=C:\Program Files\Video Add-on\isfmntr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
AutoRun\command- H:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7159b18c-7185-11dc-8d13-806e6f6e6963}]
AutoRun\command- E:\Setup.exe -check


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-01-28 19:30:17 ------------

extra.txt:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: AMD Athlon™ 64 X2 Dual Core Processor 5000+
Percentage of Memory in Use: 50%
Physical Memory (total/avail): 1981.88 MiB / 977.95 MiB
Pagefile Memory (total/avail): 4185.38 MiB / 3202.12 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1912.2 MiB

C: is Fixed (NTFS) - 455.71 GiB total, 365.99 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 6.25 GiB free.
E: is CDROM (CDFS)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST350063 0AS SCSI Disk Device - 465.76 GiB - 3 partitions
\PARTITION0 - Unknown - 47.03 MiB
\PARTITION1 - Installable File System - 10 GiB - D:
\PARTITION2 (bootable) - Installable File System - 455.71 GiB - C:

\\.\PHYSICALDRIVE1 - HP psc 2410 USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AntiVirusDisableNotify is set.
AntivirusOverride is set.

AV: Trend Micro AntiVirus v16.05.1015 ()
AS: Trend Micro AntiVirus v16.05.1015 ()
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Pardew Family\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PARDEWFAMILY-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Pardew Family
LOCALAPPDATA=C:\Users\Pardew Family\AppData\Local
LOGONSERVER=\\PARDEWFAMILY-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6b01
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\PARDEW~1\AppData\Local\Temp
TMP=C:\Users\PARDEW~1\AppData\Local\Temp
USERDOMAIN=PardewFamily-PC
USERNAME=Pardew Family
USERPROFILE=C:\Users\Pardew Family
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Pardew Family


-- Add/Remove Programs ---------------------------------------------------------

µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Browser Address Error Redirector --> MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Corel Paint Shop Pro Photo X2 --> MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}
Dell DataSafe Online --> MsiExec.exe /I{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}
Dell Support Center --> MsiExec.exe /X{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}
Dell System Customization Wizard --> MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Games, Music, & Photos Launcher --> MsiExec.exe /I{3E25E350-949F-4DB7-8288-2A60E018B4C1}
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Guild Wars --> "C:\Program Files\Guild Wars\Gw.exe" -uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Information Center --> "C:\Program Files\Video Add-on\icun.exe"
Java™ SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MultiMedia Software --> C:\Program Files\Video Add-on\uninst.exe
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIANetworkDiagnostic --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EFAD4066-CAF3-4B27-9669-12EED352C376}
Opera 9.25 --> MsiExec.exe /X{C619B312-19F3-460A-9F7B-443248379F18}
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
PowerArchiver 2007 --> MsiExec.exe /I{C297F052-BB51-43FF-B403-A4045D865816}
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
Product Documentation Launcher --> MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Trend Micro AntiVirus --> C:\Program Files\Trend Micro\Internet Security\remove.exe
Trend Micro AntiVirus --> MsiExec.exe /X{A621B45A-D138-4A95-BE10-7CABA05EF94E}
User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG


-- Application Event Log -------------------------------------------------------

Event Record #/Type4050 / Error
Event Submitted/Written: 01/28/2008 07:43:41 AM
Event ID/Source: 1002 / Application Hang
Event Description:
The program firefox.exe version 1.8.20071.12718 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: a7c
Start Time: 01c861b33bb687ee
Termination Time: 27

Event Record #/Type4038 / Error
Event Submitted/Written: 01/27/2008 11:40:12 PM
Event ID/Source: 5007 / WerSvc
Event Description:
The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Event Record #/Type4033 / Success
Event Submitted/Written: 01/27/2008 11:36:08 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type4031 / Success
Event Submitted/Written: 01/27/2008 11:35:59 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type4028 / Success
Event Submitted/Written: 01/27/2008 11:35:50 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type13976 / Warning
Event Submitted/Written: 01/28/2008 03:29:50 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type13975 / Warning
Event Submitted/Written: 01/28/2008 02:54:54 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type13970 / Warning
Event Submitted/Written: 01/28/2008 01:57:12 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type13969 / Warning
Event Submitted/Written: 01/28/2008 01:28:27 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type13900 / Error
Event Submitted/Written: 01/27/2008 11:37:25 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Parallel port driver%%1058



-- End of Deckard's System Scanner: finished at 2008-01-28 19:30:17 ------------
  • 0

Advertisements


#2
SarahP

SarahP

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
*bump* help please?
  • 0

#3
SarahP

SarahP

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP