ok so here is my main log i tryed to run as adm but i asked for a password and im the adm of the machine so i ran with my user name thanks for getting back to me
Deckard's System Scanner v20071014.68
Run by Z&R on 2008-02-14 20:21:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-02-15 03:21:40 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Z&R.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:22:23 PM, on 2/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe
C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\Dependent\HSChkProxyExe.exe
C:\Documents and Settings\Z&R\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Z&R.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywayR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: TransactionProtector BHO - {C1656CCA-D2EA-4A32-94AE-AE0B180E6449} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Transaction Protector - {E7620C98-FCCC-40E5-92EC-C7685D2E1E40} - C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKCU\..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
http://www.eset.eu/b...lineScanner.cabO23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
--
End of file - 4725 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080214-101335-596 O2 - BHO: (no name) - {E60578D0-14EF-4891-8B70-FFD46123F38E} - (no file)
backup-20080214-101335-816 O2 - BHO: {3506626b-6f26-a53b-0f74-bc2afcc2364a} - {a4632ccf-a2cb-47f0-b35a-62f6b6266053} - (no file)
backup-20080214-101335-899 O2 - BHO: (no name) - {5E042651-BD9D-EB61-ECE9-C76E8B9DC8B8} - (no file)
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.6) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1>
R3 dvd43llh - c:\windows\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>
R3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT®>
R3 mohfilt - c:\windows\system32\drivers\mohfilt.sys <Not Verified; Intel Corporation; Intel® 537EP V9x DFV PCI Modem>
R3 neokdss - c:\windows\system32\drivers\neokdss.sys (file missing)
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 PRISM_A02 (Belkin 54Mbps Wireless USB Network Adapter) - c:\windows\system32\drivers\prismaxp.sys <Not Verified; GlobespanVirata, Inc.; PRISM 802.11 Wireless LAN>
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys (file missing)
S3 Ad-Watch Real-Time Scanner (AW Real-Time Scanner) - c:\windows\system32\drivers\awrtpd.sys (file missing)
S3 Ad-Watch Registry Filter (Ad-Watch Registry Kernel Filter) - c:\windows\system32\drivers\awrtrd.sys (file missing)
S3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - c:\windows\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
S3 pgfilter - c:\program files\peerguardian2\pgfilter.sys
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 Belkin 54Mbps Wireless USB (Belkin 54Mbps Wireless USB Network Service) - c:\program files\belkin usb wireless monitor\wlservice.exe
S4 Creative Labs Licensing Service - "c:\program files\common files\creative labs shared\service\creativelicensing.exe" <Not Verified; Creative Labs; Creative Labs Licensing Service>
S4 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-01-14 and 2008-02-14 -----------------------------
2008-02-14 20:10:12 0 d-------- C:\Program Files\MSXML 6.0
2008-02-14 10:05:48 0 d-------- C:\8c7e8ee0102d4b6f4ea227383b
2008-02-14 09:36:49 0 d-------- C:\WINDOWS\l2schemas
2008-02-13 22:25:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-13 22:25:38 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-13 21:16:33 192512 --a------ C:\WINDOWS\system32\kdfvmgr.exe <Not Verified; ??????; ?????? KdfVMgr>
2008-02-13 21:16:33 53248 --a------ C:\WINDOWS\system32\Kdfhok.dll <Not Verified; Kings Information & Network; Kings kdfhok>
2008-02-13 21:16:33 77824 --a------ C:\WINDOWS\system32\kdfapi.dll <Not Verified; Kings Information & Network; lab kdfapi>
2008-02-13 21:16:32 849920 --a------ C:\WINDOWS\system32\kdfinj.dll <Not Verified; Bluegem Security; LocalSSL kdfinj Library>
2008-02-13 21:16:32 0 d-------- C:\WINDOWS\kdefense
2008-02-13 21:04:15 0 d-------- C:\WINDOWS\LocalSSL
2008-02-13 20:07:44 0 d-------- C:\Program Files\EsetOnlineScanner
2008-02-13 09:44:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
2008-02-12 21:43:36 0 d-------- C:\WINDOWS\vbSkinner
2008-02-12 21:43:25 0 d-------- C:\Program Files\PFConfig
2008-02-12 17:48:49 0 d-------- C:\Program Files\SpeedFan
2008-02-12 16:38:53 0 d-------- C:\Program Files\uTorrent
2008-02-12 16:33:50 0 dr-h----- C:\Documents and Settings\Z&R\Recent
2008-02-12 16:32:32 0 d-------- C:\Program Files\MSXML 4.0
2008-02-12 15:10:10 0 d-------- C:\Documents and Settings\Z&R\Application Data\uTorrent
2008-02-12 15:06:50 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-12 13:33:56 147456 --a------ C:\WINDOWS\system32\ssleay32.dll
2008-02-12 13:33:56 651264 --a------ C:\WINDOWS\system32\libeay32.dll
2008-02-12 13:33:56 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2008-02-12 13:33:56 15872 --a------ C:\WINDOWS\system32\GTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-02-12 13:33:56 15781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1>
2008-02-12 13:33:56 507904 --a------ C:\WINDOWS\system32\AegisE5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
2008-02-12 13:33:55 0 d-------- C:\Program Files\BELKIN USB Wireless Monitor
2008-02-12 13:01:47 0 d---s---- C:\Documents and Settings\Z&R\UserData
2008-02-12 09:35:49 0 d--hs---- C:\WINDOWS\CSC
2008-02-12 08:27:36 1835008 --a------ C:\Documents and Settings\Z&R\ntuser.dat
2008-02-11 16:43:56 0 d-------- C:\Documents and Settings\Z&R\Application Data\vlc
2008-02-11 16:21:08 0 d-------- C:\Documents and Settings\Z&R\LimeWire Store Purchased
2008-02-11 16:21:08 0 d-------- C:\Documents and Settings\Z&R\LimeWire Shared
2008-02-11 16:21:08 0 d-------- C:\Documents and Settings\Z&R\LimeWire Saved
2008-02-11 16:20:51 0 d-------- C:\Documents and Settings\Z&R\Incomplete <INCOMP~1>
2008-02-11 16:20:43 0 d-------- C:\Documents and Settings\Z&R\Application Data\LimeWire
2008-02-11 16:03:36 0 d--hs---- C:\Diskeeper
2008-02-11 15:18:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
2008-02-11 15:18:50 0 d-------- C:\Program Files\Diskeeper Corporation
2008-02-11 15:14:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-11 15:13:15 0 d-------- C:\Program Files\Alwil Software
2008-02-11 15:00:43 1624 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-11 15:00:25 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-02-11 15:00:25 85504 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-02-11 15:00:25 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-02-11 15:00:25 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2008-02-11 15:00:25 82432 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-02-11 14:54:24 0 d-------- C:\Documents and Settings\Z&R\Application Data\DivX
2008-02-11 14:39:49 0 d-------- C:\Documents and Settings\Z&R\Application Data\HouseCall 6.6
2008-02-11 14:34:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-02-11 14:26:45 0 d-------- C:\Documents and Settings\Z&R\Application Data\Nero
2008-02-11 14:23:15 0 d-------- C:\Program Files\Nero
2008-02-11 14:23:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-02-11 14:23:14 0 d-------- C:\Program Files\Common Files\Nero
2008-02-11 14:15:23 0 d-------- C:\Program Files\danny_kay1710
2008-02-11 14:12:14 0 d-------- C:\Program Files\Yahoo!
2008-02-11 14:12:08 0 d-------- C:\Program Files\CCleaner
2008-02-11 14:02:16 0 d-------- C:\Program Files\Trend Micro
2008-02-11 14:02:11 0 d-------- C:\Documents and Settings\Z&R\Application Data\InstallShield
2008-02-11 13:47:42 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-02-11 13:47:42 47360 --a------ C:\Documents and Settings\Z&R\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-02-11 13:47:40 0 d-------- C:\Documents and Settings\Z&R\Application Data\Vso
2008-02-11 13:47:31 0 d-------- C:\Program Files\DVDFab Platinum 4
2008-02-11 13:44:45 0 d-------- C:\Program Files\DivX
2008-02-11 13:39:13 0 d-------- C:\Program Files\AviSynth 2.5
2008-02-11 13:37:55 0 d-------- C:\Documents and Settings\Z&R\Application Data\Macromedia
2008-02-11 13:37:55 0 d-------- C:\Documents and Settings\Z&R\Application Data\Adobe
2008-02-11 13:37:51 1158 --a------ C:\WINDOWS\mozver.dat
2008-02-11 13:29:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-02-11 13:29:12 0 d-------- C:\Documents and Settings\Z&R\Application Data\Azureus
2008-02-11 13:19:08 0 d-------- C:\WINDOWS\Sun
2008-02-11 13:15:04 0 d-------- C:\Program Files\VideoLAN
2008-02-11 13:10:37 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-02-11 13:10:36 0 d-------- C:\Program Files\DVD Shrink
2008-02-11 13:07:40 0 d-------- C:\Program Files\Azureus
2008-02-11 13:00:32 0 d-------- C:\Documents and Settings\Z&R\Application Data\Talkback
2008-02-11 13:00:13 0 d-------- C:\Documents and Settings\Z&R\Application Data\Mozilla
2008-02-11 12:58:29 292640 --ahs---- C:\WINDOWS\system32\rttss.ini2
2008-02-11 12:54:56 0 d-------- C:\Program Files\LimeWire
2008-02-11 12:54:29 0 d-------- C:\WINDOWS\system32\updater
2008-02-11 12:51:40 0 d-------- C:\Program Files\PeerGuardian2
2008-02-11 12:49:57 0 d-------- C:\WINDOWS\system32\PreInstall
2008-02-11 12:47:35 0 d-------- C:\Program Files\WinAVI MP4 Converter
2008-02-11 12:47:32 0 d-------- C:\WINDOWS\system32\M?crosoft.NET
2008-02-11 12:47:19 0 d-------- C:\Documents and Settings\Z&R\Application Data\W?nSxS
2008-02-11 12:47:18 0 d-------- C:\Program Files\Outerinfo
2008-02-11 12:46:47 18816 --a------ C:\WINDOWS\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>
2008-02-11 12:46:46 0 d-------- C:\Program Files\dvd43
2008-02-11 12:46:14 0 d-------- C:\Program Files\DVD Decrypter
2008-02-11 12:45:21 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-02-11 11:44:21 336800 --a------ C:\WINDOWS\system32\drivers\PRISMAXP.SYS <Not Verified; GlobespanVirata, Inc.; PRISM 802.11 Wireless LAN>
2008-02-11 11:39:28 0 d-------- C:\WINDOWS\system32\appmgmt
2008-02-11 11:35:28 0 d-------- C:\WINDOWS\pss
2008-02-11 11:33:51 0 dr------- C:\Documents and Settings\Z&R\Favorites
2008-02-11 11:33:51 0 d-------- C:\Documents and Settings\Z&R\Desktop
2008-02-11 11:33:51 0 d---s---- C:\Documents and Settings\Z&R\Cookies
2008-02-11 11:33:51 0 d--h----- C:\Documents and Settings\Z&R\Application Data
2008-02-11 11:33:51 0 d-------- C:\Documents and Settings\Z&R\Application Data\Sun
2008-02-11 11:33:51 0 d-------- C:\Documents and Settings\Z&R\Application Data\Identities
2008-02-11 11:33:51 0 d--h----- C:\Documents and Settings\Z&R\Application Data\Gtek
2008-02-11 11:33:50 0 d--h----- C:\Documents and Settings\Z&R\Templates
2008-02-11 11:33:50 0 dr------- C:\Documents and Settings\Z&R\Start Menu
2008-02-11 11:33:50 0 dr-h----- C:\Documents and Settings\Z&R\SendTo
2008-02-11 11:33:50 0 d--h----- C:\Documents and Settings\Z&R\PrintHood
2008-02-11 11:33:50 0 d--h----- C:\Documents and Settings\Z&R\NetHood
2008-02-11 11:33:50 0 dr------- C:\Documents and Settings\Z&R\My Documents
2008-02-11 11:33:50 0 d--h----- C:\Documents and Settings\Z&R\Local Settings
2008-02-11 11:33:34 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT
2008-02-11 11:33:28 0 d-------- C:\Documents and Settings\Default User\Application Data\Sun
2008-02-11 11:33:28 0 d-------- C:\Documents and Settings\Default User\Application Data\Identities
2008-02-11 09:39:26 253952 --a------ C:\WINDOWS\system32\OnlineScannerDLLA.dll <Not Verified; ; OnlineScanner Dynamic Link Library>
2008-02-11 09:39:18 237568 --a------ C:\WINDOWS\system32\OnlineScannerDLLW.dll <Not Verified; ; OnlineScanner Dynamic Link Library>
2008-02-08 13:53:46 110592 --a------ C:\WINDOWS\system32\OnlineScannerLang.dll <Not Verified; ; OnlineScanner Language Library>
2008-02-05 08:48:04 77824 --a------ C:\WINDOWS\system32\OnlineScannerUninstaller.exe <Not Verified; ; OnlineScannerUninstaller>
-- Find3M Report ---------------------------------------------------------------
2008-02-12 15:06:50 0 d-------- C:\Program Files\Common Files
2008-02-11 15:26:59 0 d-------- C:\Documents and Settings\Z&R\Application Data\W?nSxS
2008-02-11 14:02:15 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-11 13:47:58 34 --a------ C:\Documents and Settings\Z&R\Application Data\pcouffin.log
2008-02-11 13:47:42 1144 --a------ C:\Documents and Settings\Z&R\Application Data\pcouffin.inf
2008-02-11 13:47:42 7887 --a------ C:\Documents and Settings\Z&R\Application Data\pcouffin.cat
2008-02-11 13:21:40 0 d-------- C:\Program Files\Java
2008-02-11 11:40:19 0 d-------- C:\Program Files\MUSICMATCH
2008-02-11 11:39:21 0 d-------- C:\Program Files\Common Files\Corel
2008-02-11 11:38:38 0 d-------- C:\Program Files\Common Files\AOL
2007-12-03 18:33:18 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-12-03 18:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 18:33:18 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-03 18:33:16 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-11-29 15:30:28 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 15:28:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-11-29 15:28:24 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-11-28 14:52:32 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C1656CCA-D2EA-4A32-94AE-AE0B180E6449}]
09/16/2007 07:21 AM 103760 --a------ C:\Program Files\Trend Micro\TrendSecure\TransactionProtector\TSToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [01/21/2008 12:16 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrendSecure Remote File Lock"="C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe" [09/17/2007 01:15 AM]
-- End of Deckard's System Scanner: finished at 2008-02-14 20:23:01 ------------
and here is my extra:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.80GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 1014.07 MiB / 567.57 MiB
Pagefile Memory (total/avail): 2441.3 MiB / 2117.7 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1938.15 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 144.34 GiB total, 128.67 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - WDC WD1600JS-75NCB1 - 149.01 GiB - 3 partitions
\PARTITION0 - Unknown - 31.35 MiB
\PARTITION1 (bootable) - Installable File System - 144.34 GiB - C:
\PARTITION2 - Unknown - 4.64 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FirewallOverride is set.
FW: Trend Micro Personal Firewall v5.1 (Trend Micro Inc.)
AV: Trend Micro Internet Security Pro v16.05.1022 ()
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Disabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Disabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Disabled:AOL"
"C:\\Program Files\\Azureus\\jre\\bin\\javaw.exe"="C:\\Program Files\\Azureus\\jre\\bin\\javaw.exe:LocalSubNet:Enabled:javaw"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:72.20.34.145/255.255.255.255:Enabled:µTorrent"
"C:\\Documents and Settings\\Z&R\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\Z&R\\Desktop\\utorrent.exe:*:Enabled:µTorrent"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Z&R\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ZACKANDRAYNE
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Z&R
LOGONSERVER=\\ZACKANDRAYNE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\PROGRA~1\DISKEE~1\DISKEE~1\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Z&R\LOCALS~1\Temp
TMP=C:\DOCUME~1\Z&R\LOCALS~1\Temp
USERDOMAIN=ZACKANDRAYNE
USERNAME=Z&R
USERPROFILE=C:\Documents and Settings\Z&R
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Z&R
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
-- Application Event Log -------------------------------------------------------
Event Record #/Type354 / Error
Event Submitted/Written: 02/14/2008 09:13:48 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application mmc.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type353 / Error
Event Submitted/Written: 02/14/2008 09:12:46 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application mmc.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type322 / Error
Event Submitted/Written: 02/12/2008 06:25:47 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application firefox.exe, version 1.8.20080.20121, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type311 / Error
Event Submitted/Written: 02/12/2008 04:31:35 PM
Event ID/Source: 11920 / MsiInstaller
Event Description:
Product: Ad-Aware 2007 -- Error 1920. Service 'Ad-Aware 2007 Service' (aawservice) failed to start. Verify that you have sufficient privileges to start system services.
Event Record #/Type310 / Error
Event Submitted/Written: 02/12/2008 04:31:05 PM
Event ID/Source: 11920 / MsiInstaller
Event Description:
Product: Ad-Aware 2007 -- Error 1920. Service 'Ad-Aware 2007 Service' (aawservice) failed to start. Verify that you have sufficient privileges to start system services.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type1454 / Warning
Event Submitted/Written: 02/12/2008 01:25:23 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0030BDAEBFCC. The following
error occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type1424 / Warning
Event Submitted/Written: 02/12/2008 01:14:39 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0030BDAEBFCC. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type1342 / Warning
Event Submitted/Written: 02/12/2008 00:57:10 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0030BDAEBFCC. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type1336 / Warning
Event Submitted/Written: 02/12/2008 00:52:14 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type1331 / Warning
Event Submitted/Written: 02/12/2008 00:40:15 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0030BDAEBFCC. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
-- End of Deckard's System Scanner: finished at 2008-02-14 20:23:01 ------------