Support:
I have viruses that Panda found, but was unable to remove. I decided to save you some time and work ahead. I noticed that most posts suggest running a deeper scan using the DSS tool. I ran this. Here are my scan logs:
#########################
main.txt log:
Deckard's System Scanner v20071014.68
Run by Owner on 2008-02-20 19:43:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.
-- Last 1 Restore Point(s) --
1: 2008-02-21 01:43:28 UTC - RP1 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 511 MiB (512 MiB recommended).-- HijackThis (run as Owner.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:44:34 PM, on 2/20/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Techutils\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us6.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us6.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us6.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://srch-us6.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us6.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us6.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us6.hpwis.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://srch-us6.hpwis.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://us6.hpwis.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://srch-us6.hpwis.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://srch-us6.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -Background
O4 - HKLM\..\Run: [DDCActiveMenu] "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -boot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: Ovulation Calendar.lnk = C:\Program Files\Ovulation Calendar\OvuCal.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Task Manager.lnk = C:\WINDOWS\system32\taskmgr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{D9808781-9D7B-419B-A97E-72CA5F0C57BF}: NameServer = 192.168.0.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 6188 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 drvmcdb - c:\windows\system32\drivers\drvmcdb.sys <Not Verified; VERITAS Software, Inc.; >
R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R1 sscdbhk5 - c:\windows\system32\drivers\sscdbhk5.sys <Not Verified; VERITAS Software, Inc.; >
R1 ssrtln - c:\windows\system32\drivers\ssrtln.sys <Not Verified; VERITAS Software, Inc.; >
R2 drvnddm - c:\windows\system32\drivers\drvnddm.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnboio - c:\windows\system32\dla\tfsnboio.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsncofs - c:\windows\system32\dla\tfsncofs.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsndrct - c:\windows\system32\dla\tfsndrct.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsndres - c:\windows\system32\dla\tfsndres.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnifs - c:\windows\system32\dla\tfsnifs.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnopio - c:\windows\system32\dla\tfsnopio.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnpool - c:\windows\system32\dla\tfsnpool.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnudf - c:\windows\system32\dla\tfsnudf.sys <Not Verified; VERITAS Software, Inc.; >
R2 tfsnudfa - c:\windows\system32\dla\tfsnudfa.sys <Not Verified; VERITAS Software, Inc.; >
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda® Antivirus>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-02-19 11:01:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-01-20 and 2008-02-20 -----------------------------
2008-02-19 20:20:22 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-02-19 20:19:25 0 d-------- C:\VundoFix Backups
2008-02-19 19:36:11 0 d-------- C:\Program Files\Trend Micro
2008-02-18 21:18:22 44928 --a------ C:\WINDOWS\System32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
2008-02-18 20:59:07 0 d-------- C:\WINDOWS\System32\ActiveScan
2008-02-18 17:57:37 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-18 17:57:31 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-02-18 17:57:31 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-02-18 16:58:24 0 d-------- C:\Techutils
2008-02-18 16:57:45 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Grisoft
2008-02-18 16:56:56 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\Local Settings
2008-02-18 16:56:56 0 dr------- C:\Documents and Settings\Administrator.HP753PC\Favorites
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Desktop
2008-02-18 16:56:56 0 d---s---- C:\Documents and Settings\Administrator.HP753PC\Cookies
2008-02-18 16:56:56 0 dr-h----- C:\Documents and Settings\Administrator.HP753PC\Application Data
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\VERITAS
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Symantec
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Share-to-Web Upload Folder
2008-02-18 16:56:56 0 d---s---- C:\Documents and Settings\Administrator.HP753PC\Application Data\Microsoft
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\InterTrust
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Identities
2008-02-18 16:56:56 0 d-------- C:\Documents and Settings\Administrator.HP753PC\Application Data\Adobe
2008-02-18 16:56:55 0 d-------- C:\Documents and Settings\Administrator.HP753PC\WINDOWS
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\Templates
2008-02-18 16:56:55 0 dr------- C:\Documents and Settings\Administrator.HP753PC\Start Menu
2008-02-18 16:56:55 0 dr-h----- C:\Documents and Settings\Administrator.HP753PC\SendTo
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\Recent
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\PrintHood
2008-02-18 16:56:55 0 d--h----- C:\Documents and Settings\Administrator.HP753PC\NetHood
2008-02-18 16:56:55 0 dr------- C:\Documents and Settings\Administrator.HP753PC\My Documents
2008-02-18 16:56:54 643072 --a------ C:\Documents and Settings\Administrator.HP753PC\NTUSER.DAT
2008-02-18 16:52:52 0 d-------- C:\Documents and Settings\Owner\Application Data\Grisoft
2008-02-18 12:45:21 0 d-------- C:\WINDOWS\System32\CatRoot2
2008-02-11 18:28:42 0 d-------- C:\Program Files\RcvSystem
2008-02-10 10:56:40 0 d-------- C:\Program Files\QdrPack
2008-02-10 10:56:34 0 d-------- C:\Program Files\QdrModule
2008-02-10 10:56:34 0 d-------- C:\Program Files\QdrDrive
2008-02-10 10:56:34 0 d-------- C:\Program Files\ISM
-- Find3M Report ---------------------------------------------------------------
2008-02-20 19:38:19 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-02-19 20:46:57 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-02-19 20:45:04 0 d-------- C:\Program Files\Java
2008-02-19 19:31:30 0 d-------- C:\Program Files\Common Files\A?pPatch
2008-02-18 21:44:09 0 d-------- C:\Program Files\FinePixViewer
2008-02-18 17:57:14 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-18 16:33:29 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-18 14:01:09 0 d-------- C:\Program Files\Norton AntiVirus
2008-02-18 12:34:28 0 d-------- C:\Program Files\Windows NT
2008-02-18 12:34:23 0 d-------- C:\Program Files\Movie Maker
2008-02-18 12:34:22 0 d-------- C:\Program Files\Messenger
2008-01-18 09:22:20 0 d-------- C:\Program Files\Common Files\M?crosoft
2008-01-05 15:06:33 0 d-------- C:\Program Files\LimeWire
2007-12-30 14:56:05 0 d-------- C:\Program Files\iTunes
2007-12-30 14:56:02 0 d-------- C:\Program Files\iPod
2007-12-30 14:54:22 0 d-------- C:\Program Files\QuickTime
2007-12-30 14:50:57 0 d-------- C:\Program Files\Apple Software Update
2007-12-04 04:54:35 7227 --ahs---- C:\Documents and Settings\Owner\Application Data\E006D5D903884C638AB2368AD966CBD9.sta
2007-12-04 04:54:35 63638 --ahs---- C:\Documents and Settings\Owner\Application Data\E006D5D903884C638AB2368AD966CBD9.rul
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [05/07/1998 05:04 PM]
"nwiz"="nwiz.exe" [05/03/2002 06:06 PM C:\WINDOWS\system32\nwiz.exe]
"CamMonitor"="c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [06/18/2002 12:11 AM]
"KBD"="C:\HP\KBD\KBD.EXE" [07/06/2001 10:56 PM]
"StorageGuard"="C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" [05/09/2002 09:01 AM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [07/16/2002 09:03 AM]
"DDCM"="C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" [06/08/2002 02:18 AM]
"DDCActiveMenu"="C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" [06/08/2002 02:20 AM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [12/19/2001 12:39 AM]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [05/15/2002 04:29 AM]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [05/15/2002 04:20 AM]
"PS2"="C:\WINDOWS\system32\ps2.exe" [06/14/2002 05:39 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 03:25 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [12/21/2007 09:27 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [08/02/2001 03:14 PM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/27/2007 11:39 AM]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Ovulation Calendar.lnk - C:\Program Files\Ovulation Calendar\OvuCal.exe [12/1/2007 9:22:38 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [1/9/2002 8:53:14 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 2:15:54 AM]
Task Manager.lnk - C:\WINDOWS\system32\taskmgr.exe [8/5/2002 8:05:46 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
-- End of Deckard's System Scanner: finished at 2008-02-20 19:45:09 ------------
#########################
extra.txt log:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600)
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.53GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 510.48 MiB / 280.96 MiB
Pagefile Memory (total/avail): 1250.22 MiB / 1012.45 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1950.79 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 69.5 GiB total, 53.88 GiB free.
D: is Fixed (FAT32) - 5.02 GiB total, 1 GiB free.
E: is CDROM (CDFS)
F: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST380020A - 74.53 GiB - 2 partitions
\PARTITION0 - Unknown - 5.03 GiB - D:
\PARTITION1 (bootable) - Installable File System - 69.5 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
AUState says computer is in an unknown state.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HP753PC
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\HP753PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program files\PC-Doctor for Windows XP\WINDSAPI
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0207
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=HP753PC
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Owner
(admin)Administrator.HP753PC
(new local, admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {09DA4F91-2A09-4232-AB8C-6BC740096DE3}
--> c:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> c:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
ArcSoft ShowBiz --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Arcsoft\Showbiz\Uninst.isu"
ArcSoft Software Suite --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\Software Suite\Uninst.isu"
Atomic Pop --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {96777B4D-1A97-492E-B5DA-C624AA675280}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Betty Bad --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {A27EAF80-CBFC-4F56-94E1-929A401D7515}
Blackhawk Striker --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {5415BC25-6D6C-46C4-B34C-EA8470FE56D5}
Blasterball 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {357ECB62-CD36-4B63-B57E-769D0CA174F4}
Blasterball Wild --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {28BA89E7-2F60-4BE7-BAA2-7949EB3FE527}
Dark Orbit --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {7841B68B-B7DD-408E-8B45-D5CA39608185}
Detto IntelliMover Demo --> MsiExec.exe /X{E62C706B-1352-4DCA-B4D4-81C24750B70F}
Disney's Lilo and Stitch Pinball --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {63272979-21F0-48EF-9B97-A83DBC05BE39}
DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
easy Internet sign-up --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B5DDB2C-0807-47FD-9C11-80EA761902C0}\Setup.exe" -l0x9
GemMaster 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4EDAE550-ACA5-4EF6-88BD-9F2B8BC2982D}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
hp center --> C:\WINDOWS\BWUnin-6.1.0.153.exe -AppId 137903
HP Instant Support --> C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Memories Disc --> MsiExec.exe /X{FF384BDE-429B-45AD-A0C6-E593393D9D1C}
HP Photo and Imaging 1.1 - Photosmart Cameras --> MsiExec.exe /X{1EEE2A9F-6471-42fa-8923-E8879168CE26}
hp toolkit --> c:\Windows\HPTK\unhptkit.exe
Inactive HP Printer Drivers (Remove only) --> RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
Intel® 845G Chipset Graphics Driver Software --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
KBD --> C:\HP\KBD\KBD.EXE uninstalled
Kublox --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {F7A4D9BE-D989-45B9-BB49-2C0EA34B9991}
Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
MUSICMATCH Jukebox --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
Panda ActiveScan --> C:\WINDOWS\System32\ASUninst.exe Panda ActiveScan
PC-Doctor for Windows --> C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\PC-DOC~1\INSTALL.LOG
PigPen --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {B279B0DA-6F60-4FBD-9847-0C9AB79A3674}
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quicken Financial Center --> C:\PROGRA~1\QUICKE~1\rem\UNWISE.EXE /s C:\PROGRA~1\QUICKE~1\rem\INSTALL.LOG
RecordNow --> MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
RecordNow Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
S3Display --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
SabreWing 2 --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {922B6E62-57DC-4153-97E3-12443BB5F9AE}
Snowboard Extreme --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {753FE96B-D926-4B6C-BCFB-CC59153D004A}
Space Rocks --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {9FA01E11-9015-4140-B10A-5C6AA949B2FC}
Speedway --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {D6CAB2F4-26A4-48F4-A35D-CA83063E3928}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Virtual Warfare --> "C:\Program Files\WildTangent\DDC\ActiveMenu\DDCActiveMenu.exe" -UninstallItem {4F0AE1FB-4082-4A27-8363-05D292D92FB0}
WildTangent Channel Manager --> C:\Program Files\WildTangent\DDC\DDCManager\Uninstall.exe
WordPerfect Productivity Pack --> C:\WINDOWS\Corel\Uninst32.exe
WordPerfect Productivity Pack --> C:\WINDOWS\Corel\uninst32.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type17 / Error
Event Submitted/Written: 02/18/2008 08:50:21 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-02-19 02:50:21,046 HP753PC [001448:001436] ERROR 000 AVG7.CC.plugins.CPluginManager plugin {491A5626-1E72-4BD9-B454-299127582DA5} action 390 running failed: Error 0x80004004
Event Record #/Type16 / Error
Event Submitted/Written: 02/18/2008 08:50:08 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-02-19 02:50:08,781 HP753PC [001448:001436] ERROR 000 AVG7.CC.plugins.CPluginManager plugin {491A5626-1E72-4BD9-B454-299127582DA5} action 390 running failed: Error 0x80004004
Event Record #/Type9 / Error
Event Submitted/Written: 02/18/2008 04:57:04 PM
Event ID/Source: 8193 / VSS
Event Description:
Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040206.
Event Record #/Type8 / Error
Event Submitted/Written: 02/18/2008 04:57:04 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type640 / Error
Event Submitted/Written: 02/19/2008 08:27:57 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
Event Record #/Type639 / Error
Event Submitted/Written: 02/19/2008 08:27:51 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
Event Record #/Type618 / Error
Event Submitted/Written: 02/19/2008 07:07:05 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
Event Record #/Type617 / Error
Event Submitted/Written: 02/19/2008 07:06:59 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
Event Record #/Type616 / Error
Event Submitted/Written: 02/19/2008 06:26:22 PM
Event ID/Source: 7 / Disk
Event Description:
The device, \Device\Harddisk0\D, has a bad block.
-- End of Deckard's System Scanner: finished at 2008-02-20 19:45:09 ------------
Hope this helps. Thanks in advance.
- Francis
Edited by Francis9555, 23 February 2008 - 01:28 PM.