Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

my DSS and Hijack this log

Started by ss4gogeta0 , Feb 16 2008 07:33 PM

  • Please log in to reply

#1
ss4gogeta0
Posted 16 February 2008 - 07:33 PM

ss4gogeta0

    Member

  • Member
  • PipPip
  • 13 posts
since its been a couple months since yall answered me i decided to download a shitload of anti virus programs and games cuz i was bored...
heres my main.txt log(also Byond is not that dangerous trust me ..ive had it for 3 years)
Deckard's System Scanner v20071014.68
Run by papabuch on 2008-02-16 17:15:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Unable to create WMI object; The operation completed successfully.


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 256 MiB (512 MiB recommended).
System Drive C: has 1.01 GiB (less than 15%) free.


-- HijackThis (run as papabuch.exe) --------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-16 17:26:28
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\devldr32.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Movie Maker\moviemk.exe
C:\Documents and Settings\papabuch\Desktop\StageViewer\Stage Viewer .67 Beta\Stage Viewer.exe
C:\Program Files\BYOND\bin\dreamseeker.exe
C:\Program Files\BYOND\bin\byond.exe
C:\Documents and Settings\papabuch\Desktop\kremove.exe
C:\Documents and Settings\papabuch\Local Settings\Temp\WZSE0.TMP\VREMTOOL.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\papabuch\Desktop\dss.exe
C:\WINDOWS\SYSTEM32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\papabuch.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,Search = http://www.byond.com
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ptd.net/tiki-...p?page=HomePage
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = http://www.google.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL (file missing)
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (file missing)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
O4 - HKLM\..\Run: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck /autofix
O4 - HKLM\..\Run: [madexe] C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe
O4 - HKLM\..\Run: [RxMon] C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon9x.exe
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe "papabuch"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\RunServicesOnce: [washindex] C:\Program Files\Washer\washidx.exe
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: Send Image to Photo Library - file://C:\Program Files\MGI\MGI PhotoSuite III SE\Temp\MGI00000.html
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://downloadcente...trolLite_EN.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...ector/swdir.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} () - http://v4.windowsupd...7939.9208796296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ash/swflash.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{8115F3E3-5EEF-49B2-B31C-EDC7D32A9F00}: NameServer = 207.173.225.3,216.67.192.3
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ndwiat - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - Unknown owner - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - Unknown owner - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - Unknown owner - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - Unknown owner - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe
O24 - Desktop Component 0: - C:\Documents and Settings\papabuch\My Documents\My Pictures\3intub.JPG

--
End of file - 8438 bytes

-- HijackThis Fixed Entries (C:\Documents and Settings\papabuch\Desktop\backups\) --------------------------------------------------------------------------------

backup-20080214-061400-470 O4 - HKUS\S-1-5-21-73586283-1677128483-1343024091-1004\..\Run: [Miro] C:\Program Files\Participatory Culture Foundation\Miro\Miro.exe (User '?')
backup-20080214-061400-574 O4 - Startup: V CAST Music Monitor.lnk.disabled
backup-20080214-061400-611 O4 - Global Startup: hpoddt01.exe.lnk.disabled
backup-20080214-061400-521 O4 - Global Startup: Resolution Assistant.lnk.disabled
backup-20080214-061400-830 O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk.disabled
backup-20080214-061400-350 O4 - Global Startup: Office Startup.lnk.disabled
backup-20080214-061400-221 O4 - Global Startup: Microsoft Works Calendar Reminders.lnk.disabled
backup-20080214-061400-306 O4 - Global Startup: hp psc 1000 series.lnk.disabled
backup-20080214-061401-316 O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
backup-20080214-061401-807 O24 - Desktop Component 0: (no name) - C:\Documents and Settings\papabuch\My Documents\My Pictures\3intub.JPG
backup-20080214-062121-561 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.n...lbar2.0/search/
backup-20080214-062121-802 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
backup-20080214-062121-721 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
backup-20080214-062121-785 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
backup-20080214-062121-864 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
backup-20080214-062121-362 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/
backup-20080214-062121-133 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
backup-20080214-062121-967 R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (file missing)
backup-20080214-062121-975 R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
backup-20080214-062121-917 O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
backup-20080214-062121-355 O4 - HKUS\S-1-5-21-73586283-1677128483-1343024091-1004\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User '?')
backup-20080214-062121-205 O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
backup-20080214-062121-677 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
backup-20080214-062124-890 O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (file missing)
backup-20080214-062125-110 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
backup-20080214-062125-311 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
backup-20080214-062125-705 O23 - Service: McAfee HackerWatch Service - Unknown owner - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe (file missing)
backup-20080214-062125-989 O23 - Service: McAfee Update Manager (mcmispupdmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe (file missing)
backup-20080214-062125-402 O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (file missing)
backup-20080214-062125-430 O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - c:\program files\common files\mcafee\mna\mcnasvc.exe (file missing)
backup-20080214-062125-611 O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (file missing)
backup-20080214-062125-801 O23 - Service: McAfee Protection Manager (mcpromgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe (file missing)
backup-20080214-062125-701 O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (file missing)
backup-20080214-062125-267 O23 - Service: McAfee Redirector Service (McRedirector) - Unknown owner - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe (file missing)
backup-20080214-062125-211 O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
backup-20080214-062125-571 O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
backup-20080214-062125-959 O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
backup-20080214-062125-328 O23 - Service: McAfee Privacy Service (MPS9) - Unknown owner - C:\PROGRA~1\McAfee\MPS\mps.exe (file missing)
backup-20080214-062125-219 O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
backup-20080214-062125-625 O24 - Desktop Component 0: (no name) - C:\Documents and Settings\papabuch\My Documents\My Pictures\3intub.JPG

-- File Associations -----------------------------------------------------------

.bat - unable to read key
.bat - unable to read key
.bat - unable to read key
.cmd - unable to read key
.cmd - unable to read key
.cmd - unable to read key
.chm - unable to read key
.chm - unable to read key
.com - unable to read key
.com - unable to read key
.cpl - unable to read key
.cpl - unable to read key
.exe - unable to read key
.exe - unable to read key
.hlp - unable to read key
.hlp - unable to read key
.inf - unable to read key
.inf - unable to read key
.ini - unable to read key
.ini - unable to read key
.js - unable to read key
.js - unable to read key
.lnk - unable to read key
.pif - unable to read key
.reg - unable to read key
.reg - unable to read key
.reg - unable to read key
.scr - unable to read key
.txt - unable to read key
.txt - unable to read key
.vbs - unable to read key
.vbs - unable to read key
.vbs - unable to read key


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3 DVC (USB DVC Svc) - c:\windows\system32\drivers\dvc.sys <Not Verified; Your Corporation; Your Product Name>
3 RimUsb (RIM Handheld) - system32\drivers\rimusb.sys (file missing)
3 satmepvc - c:\docume~1\papabuch\locals~1\temp\satmepvc.sys (file missing)
3 SymEvent - c:\program files\symantec\symevent.sys (file missing)
2 X4HSX32 - c:\program files\gametap\bin\release\x4hsx32.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

3 Emproxy (McAfee E-mail Proxy) - c:\progra~1\common~1\mcafee\emproxy\emproxy.exe (file missing)
4 McAfee HackerWatch Service - c:\program files\common files\mcafee\hackerwatch\hwapi.exe (file missing)
3 mcmispupdmgr (McAfee Update Manager) - c:\progra~1\mcafee\msc\mcupdmgr.exe (file missing)
2 mcmscsvc (McAfee Services) - c:\progra~1\mcafee\msc\mcmscsvc.exe (file missing)
2 McNASvc (McAfee Network Agent) - c:\program files\common files\mcafee\mna\mcnasvc.exe (file missing)
2 McODS (McAfee Scanner) - c:\progra~1\mcafee\viruss~1\mcods.exe (file missing)
2 mcpromgr (McAfee Protection Manager) - c:\progra~1\mcafee\msc\mcpromgr.exe (file missing)
2 McProxy (McAfee Proxy Service) - c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe (file missing)
2 McRedirector (McAfee Redirector Service) - c:\progra~1\common~1\mcafee\redirsvc\redirsvc.exe (file missing)
2 McShield (McAfee Real-time Scanner) - c:\progra~1\mcafee\viruss~1\mcshield.exe (file missing)
2 McSysmon (McAfee SystemGuards) - c:\progra~1\mcafee\viruss~1\mcsysmon.exe (file missing)
2 MpfService (McAfee Personal Firewall Service) - c:\program files\mcafee\mpf\mpfsrv.exe (file missing)
2 MPS9 (McAfee Privacy Service) - c:\progra~1\mcafee\mps\mps.exe (file missing)
2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Unable to create WMI object.

-- Scheduled Tasks -------------------------------------------------------------

2008-02-16 13:25:04 418 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2008-02-15 19:45:00 266 --a------ C:\WINDOWS\Tasks\Disk Cleanup.job
2008-02-15 19:44:52 338 --a------ C:\WINDOWS\Tasks\wmplayer.job
2008-02-15 19:44:40 290 --a------ C:\WINDOWS\Tasks\Dream Seeker.job
2008-02-15 19:44:34 338 --a------ C:\WINDOWS\Tasks\mplayer2.job
2008-02-15 19:44:32 308 --a------ C:\WINDOWS\Tasks\BYOND.job
2008-02-14 16:00:02 342 --ah----- C:\WINDOWS\Tasks\{35693C35-5B9F-4F1C-AB51-F0459064E7A4}_papabuch.job
2008-02-13 09:00:02 342 --ah----- C:\WINDOWS\Tasks\{1F66C99F-631F-4359-A9E9-FE90AB1F8C30}_papabuch.job
2007-12-14 16:00:02 342 --ah----- C:\WINDOWS\Tasks\{D1D3A78A-C85F-418B-A131-BB452171EC67}_papabuch.job


-- Files created between 2008-01-16 and 2008-02-16 -----------------------------

2008-02-16 16:47:52 0 d-------- C:\Program Files\Network Associates
2008-02-16 16:36:37 0 d-------- C:\Documents and Settings\papabuch\Application Data\Uniblue
2008-02-16 16:36:18 0 d-------- C:\Program Files\Uniblue
2008-02-15 14:17:22 0 d-------- C:\Program Files\WMA-MP3.com
2008-02-15 14:13:43 0 d-------- C:\Documents and Settings\All Users\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}
2008-02-15 14:12:50 0 d-------- C:\Documents and Settings\papabuch\Application Data\Seven Zip
2008-02-14 18:13:57 0 d-------- C:\Program Files\XBox 360 Controller for Windows Software
2008-02-14 14:24:56 0 d-------- C:\Program Files\Ack! Zombies
2008-02-13 12:54:43 0 d-------- C:\mugen
2008-02-12 18:16:55 0 dr-h----- C:\Documents and Settings\papabuch\Recent
2008-02-10 12:23:57 0 d-------- C:\Documents and Settings\papabuch\Application Data\Mozilla
2008-02-08 14:25:30 0 d--hs---- C:\Recycled
2008-02-06 13:52:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-01 12:11:41 0 d-------- C:\SmitfraudFix
2008-02-01 12:09:55 0 d-------- C:\!KillBox
2008-02-01 12:02:42 0 d-------- C:\Program Files\Trend Micro
2008-01-29 16:14:06 286720 --a------ C:\WINDOWS\system32\NCTWMAFile2.dll <Not Verified; NCT Company Ltd.; NCTWMAFile2 ActiveX DLL>
2008-01-29 16:14:06 143872 --a------ C:\WINDOWS\system32\NCTWMAFile.dll <Not Verified; NCT Company; NCTWMAFile ActiveX DLL>
2008-01-29 16:14:06 168448 --a------ C:\WINDOWS\system32\NCTAudioPlayer.dll <Not Verified; NCT Company; NCTAudioPlayer ActiveX DLL>
2008-01-29 16:14:05 573440 --a------ C:\WINDOWS\system32\NCTAudioInformation2.dll <Not Verified; NCT Company Ltd.; NCTAudioInformation2 ActiveX DLL>
2008-01-29 16:14:05 491520 --a------ C:\WINDOWS\system32\NCTAudioFile.dll <Not Verified; NCT Company; NCTAudioFile ActiveX DLL>
2008-01-29 16:14:05 120832 --a------ C:\WINDOWS\system32\lame_enc.dll
2008-01-28 14:20:28 0 d-------- C:\Program Files\iTunes Sync
2008-01-26 20:17:17 0 d-------- C:\WINDOWS\system32\NtmsData
2008-01-26 12:56:54 0 d-------- C:\Documents and Settings\papabuch\Application Data\AOL
2008-01-26 12:55:01 0 d-------- C:\Program Files\Tencent
2008-01-26 12:54:22 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-01-26 12:54:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-01-26 12:53:53 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-01-26 12:53:53 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-01-26 12:53:35 0 d-------- C:\Program Files\Common Files\AOL
2008-01-24 15:03:41 0 d-------- C:\Program Files\BYOND
2008-01-22 12:58:07 0 d-------- C:\PerfLogs


-- Find3M Report ---------------------------------------------------------------

2008-02-16 12:38:42 13824 --a------ C:\Documents and Settings\papabuch\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-02-13 10:22:48 1632 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-02-05 17:16:56 1744 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-23 13:02:38 212992 --a------ C:\WINDOWS\uninst.exe
2008-01-12 11:28:14 0 d-------- C:\Documents and Settings\papabuch\Application Data\WMTools Downloaded Files


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"LTWinModem1"="ltmsg.exe" [04/03/2001 10:38 AM C:\WINDOWS\SYSTEM32\ltmsg.exe]
"tgcmd"="C:\Program Files\Support.com\bin\tgcmd.exe" [03/07/2007 10:58 AM]
"SpybotSnD"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" [05/31/2005 01:04 AM]
"madexe"="C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe" [05/18/2000 11:56 AM]
"RxMon"="C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon9x.exe" [07/30/2000 07:06 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [03/01/2007 10:37 AM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [05/31/2005 01:04 AM]
"Washer"="C:\Program Files\Washer\washer.exe" [07/17/2002 04:07 AM]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" []
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [12/05/2007 04:06 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservicesonce]
"washindex"=C:\Program Files\Washer\washidx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservicesonce]
"washindex"=C:\Program Files\Washer\washidx.exe "papabuch"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Documents and Settings\papabuch\My Documents\My Pictures\3intub.JPG
FriendlyName=

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=C:\WINDOWS\Updreg.exe
"Microsoft Works Portfolio"=C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
"PE2CKFNT SE"=C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
"Speed racer"=C:\Program Files\Creative\PlayCenter\CTSRReg.exe
"AudioHQ"=C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
"WorksFUD"=C:\Program Files\Microsoft Works\wkfud.exe
"RegisterDropHandler"=C:\PROGRA~1\TEXTBR~1.0\BIN\REGIST~1.EXE
"Microsoft Works Update Detection"=C:\Program Files\Microsoft Works\WkDetect.exe
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
"nwiz"=nwiz.exe /install
"EPSON Stylus Photo 820 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0EIC1.EXE /P29 "EPSON Stylus Photo 820 Series" /O6 "USB001" /M "Stylus Photo 820"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"New.net Startup"=rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
"Norton Auto-Protect"=C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
"MotiveMonitor"=C:\Program Files\Motive\motmon.exe
"AdaptecDirectCD"="C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
"Date Manager"="C:\PROGRA~1\Date Manager\DateManager.exe"
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"LTWinModem1"=ltmsg.exe 9
"Gearbox"="C:\Program Files\Gearbox Connection Kit\bin\confsvr.exe"
"Internat Conf"=\bootconf.exe
"QuickTime Task"="C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"RegisterDropHandler"=C:\PROGRA~1\TEXTBR~2.0\BIN\REGIST~1.EXE

*Newly Created Service* - ALERTER
*Newly Created Service* - MNMSRVC

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install
"C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
C:\WINDOWS\SYSTEM32\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl



-- Hosts -----------------------------------------------------------------------

127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com

9035 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-02-16 17:30:04 ------------

heres extra.txt
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Unable to create WMI object.

Architecture: X86; Language: English

Percentage of Memory in Use: 70%
Physical Memory (total/avail): 255.3 MiB / 75.6 MiB
Pagefile Memory (total/avail): 618.8 MiB / 398.55 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1936.75 MiB

A: is Removable (No Media)
C: is Fixed (FAT32) - 18.64 GiB total, 1.01 GiB free.
D: is CDROM (CDFS)
E: is CDROM (Unformatted)
F: is Removable (FAT)


-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

Unable to create WMI object.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\papabuch\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ZAMBONI
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\papabuch
LOGONSERVER=\\ZAMBONI
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\COMMAND;C:\PROGRA~1\DELL\RESOLU~1\COMMON\BIN;C:\WINDOWS\system32\WBEM;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0806
ProgramFiles=C:\Program Files
PROMPT=$p$g
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\papabuch\LOCALS~1\Temp
TMP=C:\DOCUME~1\papabuch\LOCALS~1\Temp
USERDOMAIN=ZAMBONI
USERNAME=papabuch
USERPROFILE=C:\Documents and Settings\papabuch
winbootdir=C:\WINDOWS
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

papabuch (admin)
Administrator (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\PROGRA~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /UNINSTALL /PROMPT
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\Launcher\Launcher.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\PlayCenter\Player.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\Recorder\Recorder.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\AudioHQ.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\Diagnose.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\HTML.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\Midi.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\Restore.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\SBLiveXP.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\SoundFont.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\Wstudio.isu"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
4U WMA MP3 Converter 6.0.2 --> "C:\Program Files\4U Computing\WMA MP3 Converter\unins000.exe"
Ack! Zombies --> C:\Program Files\Ack! Zombies\Uninstal.exe
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\98\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\98\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
Backup Dell-Installed Programs --> MsiExec.exe /X{2A2766A4-6AE4-11D4-AC8E-52544C1966EE}
BitTorrent 6.0.2 --> C:\Program Files\BitTorrent\uninst.exe
Build Your Own Net Dream (remove only) --> C:\Program Files\BYOND\Uninst.exe
Build Your Own Net Dream (remove only) --> C:\Program Files\BYOND\Uninst.exe
Comcast High-Speed Internet Install Wizard --> C:\Program Files\support.com\uninstall\chsi_uninstaller.exe
Comcast Toolbar --> C:\Program Files\ComcastToolbar\uninstall.exe
Dell Resolution Assistant --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Dell\Resolution Assistant\Uninst.isu" -c"C:\Program Files\Dell\Resolution Assistant\UninstDll.dll"
Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\ENGINE\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Desktop Doctor --> "C:\Program Files\Support.com\providerComcast\Uninstall.exe" /c "Remove Desktop Doctor?"
DNA --> "C:\Program Files\DNA\btdna.exe" /UNINSTALL
Drone --> C:\PROGRA~1\EGAMES\DRONE\UNWISE.EXE C:\PROGRA~1\EGAMES\DRONE\INSTALL.LOG
DVC5.0 Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57E0EA5F-D0A3-4036-A69B-269A469EC5B4}\Setup.exe"
Fishing Special Edition --> C:\PROGRA~1\EGAMES\FISHIN~1\UNWISE.EXE C:\PROGRA~1\EGAMES\FISHIN~1\INSTALL.LOG
FoneSync --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\FoneSync\Uninst.isu" -c"C:\Program Files\FoneSync\UninstSupport.dll"
G-Scoutmate 5.23.2 (32-Bit) --> C:\PROGRA~1\GSCOUT\UNWISE.EXE C:\PROGRA~1\GSCOUT\INSTALL.LOG
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.0 --> "C:\Documents and Settings\papabuch\Desktop\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp instant support --> C:\PROGRA~1\HEWLET~1\hpis\Uninstall.exe /s CeS
HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - All-in-One --> MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
HP Photo and Imaging 2.0 - All-in-One Drivers --> MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - hp psc 1200 series --> C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
hp psc 1200 series --> MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
InterVideo WinDVD --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\InterVideo\WinDVD\Uninst.isu"
iTunes --> MsiExec.exe /I{01B51908-02EF-453B-87A9-815182E8C2F2}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Jumpstart First Grade v1.4 --> C:\WINDOWS\IsUninst.exe -fC:\KA\FG\DeIsL1.isu
LiveUpdate 2.0 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Lucent Win Modem --> C:\WINDOWS\System32\ltremove.exe -s
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Encarta Encyclopedia Standard 2001 --> MsiExec.exe /I{01001202-5D65-445A-B3B4-3DCE72BA0C6C}
Microsoft Excel Viewer 97 --> C:\Program Files\XLView\setup\setup.exe
Microsoft Money 2001 --> MsiExec.exe /I{D085A1B6-90A4-11D3-82B7-00C04FA309DE}
Microsoft Office 97, Professional Edition --> C:\Program Files\Microsoft Office\Office\Setup\Acme.exe /w Off97Pro.STF
Microsoft Picture It! Publishing 2001 --> MsiExec.exe /I{15D9EB74-998E-4A04-B468-51C2E7B32182}
Microsoft Streets and Trips 2001 --> MsiExec.exe /I{3D719053-5593-11D3-8F25-0060085C1758}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Word 2000 SR-1 --> MsiExec.exe /I{00170409-78E1-11D2-B60F-006097C998E7}
Microsoft Works 6.0 --> MsiExec.exe /I{F8D0829C-9C6F-11D3-8080-00C04FA329AA}
Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{5F629FE8-5B4C-4863-937A-AFC2961F7DD3}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nv4_disp.inf
Personalized Learning Center --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\The Learning Company\Personalized Learning Center\Uninst.isu"
Protected Music Converter 0.99.46b --> "C:\Program Files\WMA-MP3.com\Protected Music Converter\unins000.exe"
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Samsung Camcorder USB-D03 Capture Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A52E1D3-7C17-4EE9-9137-D4B1B3060653}\Setup.exe" customuninstall
Samsung USB Driver (MCCI 4.34) WHQL v3.0 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{FAD03728-DA19-4313-959F-872A9C432A86}
ScanToWeb --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\ENGINE\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
Search Assistant --> C:\Program Files\Common Files\WinTools\WToolsA.exe uninstadkw
Shockwave --> C:\WINDOWS\SYSTEM32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\MACROMED\SHOCKW~1\INSTALL.LOG
Solution Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\ENGINE\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B0ED720-87D3-11D4-A188-0050DA2DDF19}\SETUP.EXE"
Sound Blaster Live! Value --> C:\Program Files\Creative\SBLive\PROGRAM\CTUNINST.EXE
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Thomas Guide DE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{085FE193-B676-11D4-82BC-00A0C993905F}\setup.exe" -l0x9 AnyText
Trellix Web --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Trellix Web\Uninst.isu"
Ulead Photo Express 4.0 SE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBC0D330-C37B-4472-BFB9-AA217CF0C95F}\Setup.exe" -l0x9
Uniblue RegistryBooster 2 --> "C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
V CAST Music Essentials Manager --> C:\PROGRA~1\VERIZO~1\VCASTM~1\Setup.exe /remove /q0
Ventrilo --> C:\PROGRA~1\VENTRILO\UNWISE.EXE C:\PROGRA~1\VENTRILO\INSTALL.LOG
WebSearch Tools --> C:\Program Files\Common Files\WinTools\WToolsA.exe uninstesies
Window Washer --> C:\WINDOWS\unwash.exe
Windows Blaster Worm Removal Tool (KB833330) --> C:\WINDOWS\$NtUninstallKB833330$\spuninst\spuninst.exe
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type20117 / Error
Event Submitted/Written: 02/16/2008 02:39:26 PM
Event ID/Source: 4689 / COM+
Event Description:
The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in d:\qxp_slp\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 80070005: InitEventCollector failed

Event Record #/Type20116 / Success
Event Submitted/Written: 02/16/2008 02:39:08 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type20103 / Error
Event Submitted/Written: 02/16/2008 02:37:03 PM
Event ID/Source: 4209 / MSDTC
Event Description:
A critical error occurred in an MS DTC component therefore the process is terminating.
The category field identifies the component that encountered the error.
Please contact Microsoft Product Support. Error Specifics: d:\qxp_slp\com\com1x\dtc\dtc\msdtc\src\cservice.cpp:436, Pid: 192
No Callstack,
CmdLine: C:\WINDOWS\System32\msdtc.exe

Event Record #/Type20101 / Error
Event Submitted/Written: 02/16/2008 02:35:58 PM
Event ID/Source: 4822 / COM+
Event Description:
A condition has occurred that indicates this COM+ application is in an unstable state or is not functioning correctly. Assertion Failure: SUCCEEDED(hr)

Server Application ID: {02D4B3F1-FD88-11D1-960D-00805FC79235}
Server Application Instance ID:
{996CEAE8-339B-4092-BB12-89B15D23913C}
Server Application Name: System Application
The serious nature of this error has caused the process to terminate.
Error Code = 0x8000ffff : Catastrophic failure
COM+ Services Internals Information:
File: d:\qxp_slp\com\com1x\src\comsvcs\tracker\trksvr\trksvrimpl.cpp, Line: 3000
Comsvcs.dll file version: ENU 2001.12.4414.308 shp

Event Record #/Type20100 / Error
Event Submitted/Written: 02/16/2008 02:35:58 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80004002 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type290504 / Warning
Event Submitted/Written: 02/16/2008 04:18:40 PM
Event ID/Source: 1005 / Dhcp
Event Description:
Your computer has detected that the IP address 70.15.67.21 for the Network Card
with network address 0000E814FDAE is already in use on the network.
Your computer will automatically attempt to obtain a different address.

Event Record #/Type290503 / Warning
Event Submitted/Written: 02/16/2008 04:18:40 PM
Event ID/Source: 1005 / Dhcp
Event Description:
Your computer has detected that the IP address 70.15.67.21 for the Network Card
with network address 0000E814FDAE is already in use on the network.
Your computer will automatically attempt to obtain a different address.

Event Record #/Type290490 / Error
Event Submitted/Written: 02/16/2008 02:39:19 PM
Event ID/Source: 3095 / NETLOGON
Event Description:
This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Event Record #/Type290467 / Error
Event Submitted/Written: 02/16/2008 02:36:16 PM
Event ID/Source: 7003 / Service Control Manager
Event Description:
The Computer Browser service depends on the following nonexistent service: LanmanServer

Event Record #/Type290455 / Error
Event Submitted/Written: 02/16/2008 02:35:10 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Application Management service terminated with the following error:
%%126



-- End of Deckard's System Scanner: finished at 2008-02-16 17:30:04 ------------
  • 0

Advertisements

#2
ss4gogeta0
Posted 16 February 2008 - 08:01 PM

ss4gogeta0

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
sorry for the double post but im gonna explain what some of those running proccess are
Kremove=mc afees klez removal tool(was checking)
stage viewer=Mugen stage viewer(i do mugen)
dream seeker=my current Internet Browser..(think of it as IE except with only a address bar and foward and back buttons)used with BYOND
Byond=Build your own net dream(for designing games and such)
i was making a small movie on WMM tho can only save project files...
and i did not know MSN was running
here are some of the stuff i downloaded
!ACK ZOMBIES=a zombie game i used to play
smit fraud=doesnt work
tried mozilla but it wont download
NCT???
Seven Zip???
i did try to install aol again for AIM
Kill BOX :)
Xbox 360???
uniblue=Virus scanner
D: i had Resident evil outbreak in it to see if that would work cuz cds arent
F: was my PSP
E: for some reason is unformatted?
PROBLEMS IM HAVING
i found out i cannot open regedit
or any properties bars
i cant change desktop or screen saver
i can only run programs by going to
Start>Run>C:>browse>:filename:
Mcafee was infected or hijacked because it would abort scans
my desktop is full of useless .dll and .lnk files
I found out that java wont work but when i go to the website to download it it says i have it. but when i download it anyway all that comes up is a new window full of commands and stuff(i will try to take a picture of it)
Rundll somehow got deleted
and this
Your computer has detected that the IP address 70.15.67.21 for the Network Card
with network address 0000E814FDAE is already in use on the network.
Your computer will automatically attempt to obtain a different address.

Edited by ss4gogeta0, 16 February 2008 - 08:06 PM.

  • 0

#3
ss4gogeta0
Posted 16 February 2008 - 08:04 PM

ss4gogeta0

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
PLZ DELETE

Edited by ss4gogeta0, 16 February 2008 - 08:05 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP