Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HealthCheck before SP2 Install


  • Please log in to reply

#1
Francis9555

Francis9555

    New Member

  • Member
  • Pip
  • 9 posts
Greetings,
Computer Model = HP Pavilion 753n
OS = Windows XP no Service Pack installed.

My computer recently blue-screened. I performed an HP Recovery and was able to get past the Blue-Screen and back into the operating system. I figured the original blue-screen was probably caused by virus/malware.

I ran through all preliminary scans from the instructions "Must-Read-Before-Posting-Hijackthis-Log-t2852.html"
I was wondering if you could give my scan logs a look-over before I install SP2, as I understand Installing SP2 with existing spyware, malware, viruses could cause additional harm. I also have four logs total:
- Hijack This
- Activescan.txt
- SUPERAntiSpyware Scan Log - 02-18-2008 - 19-15-55.log

###############################
My Hijack This Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:36:58 PM, on 2/19/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us6.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Ovulation Calendar.lnk = C:\Program Files\Ovulation Calendar\OvuCal.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9808781-9D7B-419B-A97E-72CA5F0C57BF}: NameServer = 192.168.0.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 5984 bytes

###############################
My Activescan.txt log


Incident Status Location

Virus:trj/torpig.a Disinfected Operating system
Adware:adware/dollarrevenue Not disinfected c:\windows\timessquare1.dat
Adware:adware/webattaker Not disinfected c:\windows\uniq
Spyware:Cookie/Buydomains Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b12ol16r.default\cookies.txt[.www47.buydomains.com/]
Spyware:Cookie/Luckynugget Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\b12ol16r.default\cookies.txt[.www.luckynugget.com/]
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/KillApp.A Not disinfected C:\hp\bin\Terminator.exe
Adware:Adware/PurityScan Not disinfected C:\Program Files\Common Files\A?pPatch\s?chost.exe
Adware:Adware/InternetSpeedMonitor Not disinfected C:\Program Files\ISM\ism.exe
Adware:Adware/InternetSpeedMonitor Not disinfected C:\Program Files\ISM\Uninstall.exe
Adware:Adware/InternetSpeedMonitor Not disinfected C:\Program Files\QdrDrive\QdrDrive10.dll
Adware:Adware/Popadd Not disinfected C:\Program Files\QdrModule\QdrModule12.exe
Virus:Trj/Agent.HYH Disinfected C:\Program Files\QdrPack\QdrPack12.exe
Potentially unwanted tool:Application/ViewPoint Not disinfected C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
Adware:Adware/Vog Not disinfected C:\WINDOWS\DHU.exe[DHTool.exe]
Virus:Generic Malware Disinfected C:\WINDOWS\Help\aputil.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\fqunvz.dll
Virus:W32/Sdbot.ftp.worm Disinfected C:\WINDOWS\system32\i
Adware:Adware/InternetSpeedMonitor Not disinfected C:\WINDOWS\system32\L8573.tmp[ism.exe]
Adware:Adware/InternetSpeedMonitor Not disinfected C:\WINDOWS\system32\L8573.tmp[QdrDrive10.dll]
Adware:Adware/Popadd Not disinfected C:\WINDOWS\system32\L8573.tmp[QdrModule12.exe]
Adware:Adware/InternetSpeedMonitor Not disinfected C:\WINDOWS\system32\LFBB2.tmp[ism.exe]
Adware:Adware/InternetSpeedMonitor Not disinfected C:\WINDOWS\system32\LFBB2.tmp[QdrDrive10.dll]
Adware:Adware/Popadd Not disinfected C:\WINDOWS\system32\LFBB2.tmp[QdrModule12.exe]
Adware:Adware/InternetSpeedMonitor Not disinfected C:\WINDOWS\system32\LFE2C.tmp[ism.exe]
Adware:Adware/InternetSpeedMonitor Not disinfected C:\WINDOWS\system32\LFE2C.tmp[QdrDrive10.dll]
Adware:Adware/Popadd Not disinfected C:\WINDOWS\system32\LFE2C.tmp[QdrModule12.exe]
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\wvrgpp.dll
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\system32\yvjnergk.dll
#############################
###########################
My SUPERAntiSpyware Scan Log - 02-18-2008 - 19-15-55.log

SUPERAntiSpyware Scan Log
Generated 02/18/2008 at 07:15 PM

Application Version : 3.6.1000

Core Rules Database Version : 3190
Trace Rules Database Version: 1200

Scan type : Complete Scan
Total Scan Time : 01:16:36

Memory items scanned : 301
Memory threats detected : 0
Registry items scanned : 3742
Registry threats detected : 0
File items scanned : 81619
File threats detected : 35

Trojan.SpySheriff
c:\secure32.html

Adware.SurfSideKick
C:\Program Files\Common Files\VCClient\ClientUpdater.bat
C:\Program Files\Common Files\VCClient\ICSharpCode.SharpZipLib.dll
C:\Program Files\Common Files\VCClient\temp.txt
C:\Program Files\Common Files\VCClient\VCClient.exe.config
C:\Program Files\Common Files\VCClient\VCUpdate.exe.config
C:\Program Files\Common Files\VCClient\Version.txt
C:\Program Files\Common Files\VCClient

Trojan.ZQuest
C:\WINDOWS\dh.ini

Adware.ClickSpring/Yazzle
C:\Documents and Settings\Owner\Start Menu\Programs\Yazzle Sudoku\Uninstall Yazzle Sudoku.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Yazzle Sudoku\Yazzle Sudoku License.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Yazzle Sudoku\Yazzle Sudoku.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Yazzle Sudoku
C:\Program Files\Yazzle Sudoku\License.txt
C:\Program Files\Yazzle Sudoku\uninstaller.exe
C:\Program Files\Yazzle Sudoku
C:\PROGRAM FILES\COMMON FILES\YAZZLE1552OINUNINSTALLER.EXE

Adware.ClickSpring/Outer Info Network
C:\Program Files\Outerinfo\FF\chrome.manifest
C:\Program Files\Outerinfo\FF\components\FF.dll
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\Outerinfo\FF\components
C:\Program Files\Outerinfo\FF\install.rdf
C:\Program Files\Outerinfo\FF
C:\Program Files\Outerinfo\OiUninstaller.exe
C:\Program Files\Outerinfo\outerinfo.ico
C:\Program Files\Outerinfo\Terms.rtf
C:\Program Files\Outerinfo
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Documents and Settings\Owner\Start Menu\Programs\Outerinfo

Browser Hijacker.Favorites
C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\CLICK TO FIND AND FIX ERRORS.URL

Adware.Unknown Origin
C:\PROGRAM FILES\COMMON FILES\RQWK\RQWKD\CLASS-BARREL

Malware.SystemDoctor
C:\PROGRAM FILES\SYSTEM DOCTOR\INSTHELP.EXE

Trojan.Unknown Origin
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B762F5BE-1DFD-40DA-9793-F321C2185D05}\RP4\A0000307.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B762F5BE-1DFD-40DA-9793-F321C2185D05}\RP4\A0000308.EXE


Thanks,
- Francis

Edited by Francis9555, 23 February 2008 - 01:17 PM.

  • 0

Advertisements


#2
Francis9555

Francis9555

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Support:

I have viruses that Panda found, but was unable to remove. I decided to save you some time and work ahead. I noticed that most posts suggest running a deeper scan using the DSS tool. I ran this. Here are my scan logs:

#########################
main.txt log:

Deckard's System Scanner v20071014.68
Run by Owner on 2008-02-20 19:43:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-02-21 01:43:28 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 511 MiB (512 MiB recommended).


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:44:34 PM, on 2/20/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Techutils\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Ovulation Calendar.lnk = C:\Program Files\Ovulation Calendar\OvuCal.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9808781-9D7B-419B-A97E-72CA5F0C57BF}: NameServer = 192.168.0.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 6188 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 drvmcdb - c:\windows\system32\drivers\drvmcdb.sys <Not Verified; VERITAS Software, Inc.; >
R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R1 sscdbhk5 - c:\windows\system32\drivers\sscdbhk5.sys <Not Verified; VERITAS Software, Inc.; >
R1 ssrtln - c:\windows\system32\drivers\ssrtln.sys <Not Verified; VERITAS Software, Inc.; >
R2 drvnddm - c:\windows\system32\drivers\drvnddm.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnboio - c:\windows\system32\dla\tfsnboio.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsncofs - c:\windows\system32\dla\tfsncofs.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsndrct - c:\windows\system32\dla\tfsndrct.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsndres - c:\windows\system32\dla\tfsndres.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnifs - c:\windows\system32\dla\tfsnifs.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnopio - c:\windows\system32\dla\tfsnopio.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnpool - c:\windows\system32\dla\tfsnpool.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnudf - c:\windows\system32\dla\tfsnudf.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnudfa - c:\windows\system32\dla\tfsnudfa.sys <Not Verified; VERITAS Software, Inc.; >
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda® Antivirus>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-02-19 11:01:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-01-20 and 2008-02-20 -----------------------------

2008-02-19 20:20:22 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-02-19 20:19:25 0 d-------- C:\VundoFix Backups
2008-02-19 19:36:11 0 d-------- C:\Program Files\Trend Micro
2008-02-18 21:18:22 44928 --a------ C:\WINDOWS\System32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
2008-02-18 20:59:07 0 d-------- C:\WINDOWS\System32\ActiveScan
2008-02-18 17:57:37 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-18 17:57:31 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-02-18 17:57:31 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-02-18 16:58:24 0 d-------- C:\Techutils
2008-02-18 16:57:45 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Grisoft
2008-02-18 16:56:56 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\Local Settings
2008-02-18 16:56:56 0 dr------- C:\Documents and Settings\Administrator.HP753PC\Favorites
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Desktop
2008-02-18 16:56:56 0 d---s---- C:\Documents and Settings\Administrator.HP753PC\Cookies
2008-02-18 16:56:56 0 dr-h----- C:\Documents and Settings\Administrator.HP753PC\Application Data
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\VERITAS
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Symantec
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Share-to-Web Upload Folder
2008-02-18 16:56:56 0 d---s---- C:\Documents and Settings\Administrator.HP753PC\Application Data\Microsoft
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\InterTrust
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Identities
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Adobe
2008-02-18 16:56:55 0 d-------- C:\Documents and Settings\Administrator.HP753PC\WINDOWS
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\Templates
2008-02-18 16:56:55 0 dr------- C:\Documents and Settings\Administrator.HP753PC\Start Menu
2008-02-18 16:56:55 0 dr-h----- C:\Documents and Settings\Administrator.HP753PC\SendTo
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\Recent
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\PrintHood
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\NetHood
2008-02-18 16:56:55 0 dr------- C:\Documents and Settings\Administrator.HP753PC\My Documents
2008-02-18 16:56:54 643072 --a------ C:\Documents and Settings\Administrator.HP753PC\NTUSER.DAT
2008-02-18 16:52:52 0 d-------- C:\Documents and Settings\Owner\Application Data\Grisoft
2008-02-18 12:45:21 0 d-------- C:\WINDOWS\System32\CatRoot2
2008-02-11 18:28:42 0 d-------- C:\Program Files\RcvSystem
2008-02-10 10:56:40 0 d-------- C:\Program Files\QdrPack
2008-02-10 10:56:34 0 d-------- C:\Program Files\QdrModule
2008-02-10 10:56:34 0 d-------- C:\Program Files\QdrDrive
2008-02-10 10:56:34 0 d-------- C:\Program Files\ISM


-- Find3M Report ---------------------------------------------------------------

2008-02-20 19:38:19 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-02-19 20:46:57 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-02-19 20:45:04 0 d-------- C:\Program Files\Java
2008-02-19 19:31:30 0 d-------- C:\Program Files\Common Files\A?pPatch
2008-02-18 21:44:09 0 d-------- C:\Program Files\FinePixViewer
2008-02-18 17:57:14 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-18 16:33:29 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-18 14:01:09 0 d-------- C:\Program Files\Norton AntiVirus
2008-02-18 12:34:28 0 d-------- C:\Program Files\Windows NT
2008-02-18 12:34:23 0 d-------- C:\Program Files\Movie Maker
2008-02-18 12:34:22 0 d-------- C:\Program Files\Messenger
2008-01-18 09:22:20 0 d-------- C:\Program Files\Common Files\M?crosoft
2008-01-05 15:06:33 0 d-------- C:\Program Files\LimeWire
2007-12-30 14:56:05 0 d-------- C:\Program Files\iTunes
2007-12-30 14:56:02 0 d-------- C:\Program Files\iPod
2007-12-30 14:54:22 0 d-------- C:\Program Files\QuickTime
2007-12-30 14:50:57 0 d-------- C:\Program Files\Apple Software Update
2007-12-04 04:54:35 7227 --ahs---- C:\Documents and Settings\Owner\Application Data\E006D5D903884C638AB2368AD966CBD9.sta
2007-12-04 04:54:35 63638 --ahs---- C:\Documents and Settings\Owner\Application Data\E006D5D903884C638AB2368AD966CBD9.rul


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [05/07/1998 05:04 PM]
"nwiz"="nwiz.exe" [05/03/2002 06:06 PM C:\WINDOWS\system32\nwiz.exe]
"CamMonitor"="c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [06/18/2002 12:11 AM]
"KBD"="C:\HP\KBD\KBD.EXE" [07/06/2001 10:56 PM]
"StorageGuard"="C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" [05/09/2002 09:01 AM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [07/16/2002 09:03 AM]
"DDCM"="C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" [06/08/2002 02:18 AM]
"DDCActiveMenu"="C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" [06/08/2002 02:20 AM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [12/19/2001 12:39 AM]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [05/15/2002 04:29 AM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [05/15/2002 04:20 AM]
"PS2"="C:\WINDOWS\system32\ps2.exe" [06/14/2002 05:39 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 03:25 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [12/21/2007 09:27 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [08/02/2001 03:14 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/27/2007 11:39 AM]

C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Ovulation Calendar.lnk - C:\Program Files\Ovulation Calendar\OvuCal.exe [12/1/2007 9:22:38 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [1/9/2002 8:53:14 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 2:15:54 AM]
Task Manager.lnk - C:\WINDOWS\system32\taskmgr.exe [8/5/2002 8:05:46 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll


-- End of Deckard's System Scanner: finished at 2008-02-20 19:45:09 ------------

#########################
extra.txt log:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600)
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.53GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 510.48 MiB / 280.96 MiB
Pagefile Memory (total/avail): 1250.22 MiB / 1012.45 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1950.79 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 69.5 GiB total, 53.88 GiB free.
D: is Fixed (FAT32) - 5.02 GiB total, 1 GiB free.
E: is CDROM (CDFS)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST380020A - 74.53 GiB - 2 partitions
\PARTITION0 - Unknown - 5.03 GiB - D:
\PARTITION1 (bootable) - Installable File System - 69.5 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
AUState says computer is in an unknown state.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HP753PC
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\HP753PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program files\PC-Doctor for Windows XP\WINDSAPI
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0207
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=HP753PC
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)
Administrator.HP753PC (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {09DA4F91-2A09-4232-AB8C-6BC740096DE3}
--> c:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> c:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
ArcSoft ShowBiz --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Arcsoft\Showbiz\Uninst.isu"
ArcSoft Software Suite --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\Software Suite\Uninst.isu"
Atomic Pop --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {96777B4D-1A97-492E-B5DA-C624AA675280}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Betty Bad --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {A27EAF80-CBFC-4F56-94E1-929A401D7515}
Blackhawk Striker --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5415BC25-6D6C-46C4-B34C-EA8470FE56D5}
Blasterball 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {357ECB62-CD36-4B63-B57E-769D0CA174F4}
Blasterball Wild --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {28BA89E7-2F60-4BE7-BAA2-7949EB3FE527}
Dark Orbit --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {7841B68B-B7DD-408E-8B45-D5CA39608185}
Detto IntelliMover Demo --> MsiExec.exe /X{E62C706B-1352-4DCA-B4D4-81C24750B70F}
Disney's Lilo and Stitch Pinball --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {63272979-21F0-48EF-9B97-A83DBC05BE39}
DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
easy Internet sign-up --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B5DDB2C-0807-47FD-9C11-80EA761902C0}\Setup.exe" -l0x9
GemMaster 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4EDAE550-ACA5-4EF6-88BD-9F2B8BC2982D}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
hp center --> C:\WINDOWS\BWUnin-6.1.0.153.exe -AppId 137903
HP Instant Support --> C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Memories Disc --> MsiExec.exe /X{FF384BDE-429B-45AD-A0C6-E593393D9D1C}
HP Photo and Imaging 1.1 - Photosmart Cameras --> MsiExec.exe /X{1EEE2A9F-6471-42fa-8923-E8879168CE26}
hp toolkit --> c:\Windows\HPTK\unhptkit.exe
Inactive HP Printer Drivers (Remove only) --> RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
Intel® 845G Chipset Graphics Driver Software --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
KBD --> C:\HP\KBD\KBD.EXE uninstalled
Kublox --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {F7A4D9BE-D989-45B9-BB49-2C0EA34B9991}
Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
MUSICMATCH Jukebox --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
Panda ActiveScan --> C:\WINDOWS\System32\ASUninst.exe Panda ActiveScan
PC-Doctor for Windows --> C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\PC-DOC~1\INSTALL.LOG
PigPen --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {B279B0DA-6F60-4FBD-9847-0C9AB79A3674}
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken Financial Center --> C:\PROGRA~1\QUICKE~1\rem\UNWISE.EXE /s C:\PROGRA~1\QUICKE~1\rem\INSTALL.LOG
RecordNow --> MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
RecordNow Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
S3Display --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
SabreWing 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {922B6E62-57DC-4153-97E3-12443BB5F9AE}
Snowboard Extreme --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {753FE96B-D926-4B6C-BCFB-CC59153D004A}
Space Rocks --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {9FA01E11-9015-4140-B10A-5C6AA949B2FC}
Speedway --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {D6CAB2F4-26A4-48F4-A35D-CA83063E3928}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Virtual Warfare --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4F0AE1FB-4082-4A27-8363-05D292D92FB0}
WildTangent Channel Manager --> C:\Program Files\WildTangent\DDC\DDCManager\Uninstall.exe
WordPerfect Productivity Pack --> C:\WINDOWS\Corel\Uninst32.exe
WordPerfect Productivity Pack --> C:\WINDOWS\Corel\uninst32.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type17 / Error
Event Submitted/Written: 02/18/2008 08:50:21 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-02-19 02:50:21,046 HP753PC [001448:001436] ERROR 000 AVG7.CC.plugins.CPluginManager plugin {491A5626-1E72-4BD9-B454-299127582DA5} action 390 running failed: Error 0x80004004

Event Record #/Type16 / Error
Event Submitted/Written: 02/18/2008 08:50:08 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-02-19 02:50:08,781 HP753PC [001448:001436] ERROR 000 AVG7.CC.plugins.CPluginManager plugin {491A5626-1E72-4BD9-B454-299127582DA5} action 390 running failed: Error 0x80004004

Event Record #/Type9 / Error
Event Submitted/Written: 02/18/2008 04:57:04 PM
Event ID/Source: 8193 / VSS
Event Description:
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.

Event Record #/Type8 / Error
Event Submitted/Written: 02/18/2008 04:57:04 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type640 / Error
Event Submitted/Written: 02/19/2008 08:27:57 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

Event Record #/Type639 / Error
Event Submitted/Written: 02/19/2008 08:27:51 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

Event Record #/Type618 / Error
Event Submitted/Written: 02/19/2008 07:07:05 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

Event Record #/Type617 / Error
Event Submitted/Written: 02/19/2008 07:06:59 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

Event Record #/Type616 / Error
Event Submitted/Written: 02/19/2008 06:26:22 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.

-- End of Deckard's System Scanner: finished at 2008-02-20 19:45:09 ------------


Hope this helps. Thanks in advance.
- Francis

Edited by Francis9555, 23 February 2008 - 01:28 PM.

  • 0

#3
Francis9555

Francis9555

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Support,
You can close this post. I was having trouble running Windows Update services, so I figured the Viruses I had did some damage to the OS. I successfully ran a Recovery/Rebuild and the OS is working fine now.
It looks like you guys are growing in popularity, I can see how busy you are.

Keep up the great work, this is a terrific site.
- Francis
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP