Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hijack this log [CLOSED]

Started by chemical art , Jun 18 2008 09:41 AM

  • This topic is locked This topic is locked

#1
chemical art
Posted 18 June 2008 - 09:41 AM

chemical art

    New Member

  • Member
  • Pip
  • 3 posts
Hello, I suspect I have some problems with my computer, but nothing bold has come up, I shall go down the list of steps of the tests, etc. that I have performed.

Malwarebytes' Anti-Malware- Nothing
Superantispyware- Nothing

Panda scan at the moment seems to be down, heres the error i got: Reference #97.c430dbc3.1213803122.54f2832

Heres is an older scan, it might help:

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-27 16:49:46
PROTECTIONS: 1
MALWARE: 20
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
Norton 360 2007 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00101555 Application/KillApp.B HackTools No 0 Yes No C:\hp\bin\KillIt.exe
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@doubleclick[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.fastclick.net/]
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@clickbank[1].txt
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@findwhat[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\eric@statcounter[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-05-04 000013\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-27 000010\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-20 000004\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No D:\ERIC-PC\Backup Set 2008-01-13 160112\Backup Files 2008-04-13 000019\Backup files 1.zip[C\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\xtnofgdl.default\cookies.txt][.apmebf.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@burstnet[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@realmedia[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@zedo[3].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@adrevolver[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@atwola[1].txt
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Cookies\Low\eric@enhance[1].txt
02913340 Adware/InternetSpeedMonitor Adware No 0 No No C:\Windows\two222222.exe[ism.exe]
02938171 Spyware/Virtumonde Spyware No 1 No No C:\Windows\four444444.exe[■%%\²¬Ç]
02938552 Adware/InternetSpeedMonitor Adware No 0 No No C:\Program Files\VnrPack\ilaupd.exe[qdrloader.exe]
02938552 Adware/InternetSpeedMonitor Adware No 0 No No C:\Windows\two222222.exe[qdrloader.exe]
02941449 Generic Trojan Virus/Trojan No 0 Yes No C:\Users\Eric\Documents\LimeWire\Saved\COMMAND.AND.CONQUER.GENERALS.ZERO.HOUR-DEViANCE-www.softzone.org-Crack.zip[COMMAND.AND.CONQUER.GENERALS.ZERO.HOUR-DEViANCE-www.softzone.org-Crack.exe]
02974527 Adware/InternetSpeedMonitor Adware No 0 Yes No C:\Windows\two222222.exe
02974528 Spyware/Virtumonde Spyware No 1 Yes No C:\Windows\four444444.exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location ����
3
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description ����
3
;===============================================================================
=================================================================================
===================
184379 MEDIUM MS08-001 ����
3
182048 HIGH MS07-069 ����
3
176382 HIGH MS07-057 ����
3
170906 HIGH MS07-045 ����
3
164913 HIGH MS07-033 ����
3
160623 HIGH MS07-027 ����
3
;===============================================================================
=================================================================================
===================


Windows update: Up to date.


OK, I was told the last time I had problems to perform an additional test, here are its results:

Deckard's System Scanner v20071014.68
Run by Eric on 2008-06-18 10:19:59
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
18: 2008-06-16 22:09:42 UTC - RP194 - Windows Backup
17: 2008-06-08 18:13:18 UTC - RP193 - Windows Update
16: 2008-06-08 04:00:09 UTC - RP192 - Windows Backup
15: 2008-06-07 04:00:15 UTC - RP191 - Scheduled Checkpoint
14: 2008-06-06 04:00:13 UTC - RP190 - Scheduled Checkpoint


-- First Restore Point --
1: 2008-05-14 07:00:36 UTC - RP176 - Windows Update


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 76% (more than 75%).
Total Physical Memory: 894 MiB (1024 MiB recommended).


-- HijackThis (run as Eric.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:46 AM, on 6/18/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Windows\System32\notepad.exe
C:\Users\Eric\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Eric.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: (no name) - {3814DEE6-F161-4E41-B4F1-06CCE04D14EE} - C:\Program Files\Windows NT\fery66225.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7991 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080524-221956-127 O4 - HKCU\..\Run: [VnrPack15] "C:\Program Files\VnrPack\VnrPack15.exe"
backup-20080524-221956-679 O4 - HKCU\..\Run: [VnrPack16] "C:\Program Files\VnrPack\VnrPack16.exe"

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Compact Flash
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20021111153705700&0#
Manufacturer: Generic-
Name: Compact Flash
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.00#20021111153705700&0#
Service: WUDFRd


-- Scheduled Tasks -------------------------------------------------------------

2008-06-16 20:00:01 544 --a------ C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Eric.job


-- Files created between 2008-05-18 and 2008-06-18 -----------------------------

2008-05-24 21:58:17 0 d-------- C:\Users\All Users\Malwarebytes
2008-05-24 21:58:16 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-24 20:28:38 0 d-------- C:\Program Files\Panda Security
2008-05-24 20:18:39 0 d-------- C:\Program Files\Trend Micro


-- Find3M Report ---------------------------------------------------------------

2008-06-10 12:49:58 0 d-------- C:\Users\Eric\AppData\Roaming\LimeWire
2008-06-08 22:31:46 0 d-------- C:\Program Files\SwiftKit
2008-06-08 17:04:21 0 d-------- C:\Program Files\Norton 360
2008-06-08 17:03:51 0 d-------- C:\Program Files\Symantec
2008-05-24 21:58:29 0 d-------- C:\Users\Eric\AppData\Roaming\Malwarebytes
2008-05-24 21:57:44 0 d-------- C:\Users\Eric\AppData\Roaming\Download Manager
2008-05-16 21:42:45 0 d-------- C:\Program Files\Windows NT
2008-05-16 21:22:54 0 d-------- C:\Program Files\Lavasoft
2008-05-16 21:21:49 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-15 15:32:37 0 d-------- C:\Program Files\MSBuild
2008-05-15 15:32:31 399943 --a------ C:\Windows\four444444.exe
2008-05-15 15:32:29 266607 --a------ C:\Windows\two222222.exe
2008-05-15 15:31:39 0 d-------- C:\Program Files\VnrPack
2008-05-14 03:01:26 0 d-------- C:\Program Files\Windows Mail
2008-05-13 15:54:45 0 d-------- C:\Program Files\Java
2008-05-13 15:52:30 0 d-------- C:\Program Files\Common Files
2008-05-13 15:52:30 0 d-------- C:\Program Files\Common Files\Java
2008-05-13 15:49:36 0 d-------- C:\Program Files\LimeWire
2008-05-05 21:24:33 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-05 21:24:31 611 --a------ C:\Windows\eReg.dat
2008-05-05 21:01:29 0 d-------- C:\Program Files\EA Games
2008-05-01 19:30:54 0 d-------- C:\Users\Eric\AppData\Roaming\My Battle for Middle-earth™ II Files
2008-04-25 19:48:51 0 d-------- C:\Program Files\Electronic Arts
2008-04-25 19:43:43 0 d-------- C:\Users\Eric\AppData\Roaming\WinRAR
2008-04-18 22:56:22 0 d-------- C:\Program Files\Battleships Forever
2008-04-06 20:59:33 0 --a------ C:\Windows\nsreg.dat
2008-04-06 20:27:45 174 --ahs---- C:\Program Files\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3814DEE6-F161-4E41-B4F1-06CCE04D14EE}]
C:\Program Files\Windows NT\fery66225.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/06/2008 08:09 PM]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [09/28/2006 09:42 AM]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [02/15/2007 06:59 AM]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [02/10/2007 08:18 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [02/10/2007 08:18 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [02/10/2007 08:18 PM]
"RtHDVCpl"="RtHDVCpl.exe" [03/01/2007 11:38 AM C:\Windows\RtHDVCpl.exe]
"@"="" []
"SnapfishMediaDetector"="C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe" [03/02/2007 05:55 PM]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/17/2005 02:11 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/10/2007 01:59 AM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [01/29/2008 05:38 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [04/06/2008 08:00 PM]
"HPAdvisor"="C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" []
"Uniblue RegistryBooster 2"="c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe" [12/05/2007 04:51 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"Launcher"=%WINDIR%\SMINST\launcher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish Media Detector.lnk - C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe [3/2/2007 5:55:02 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a943dfd8-f5b0-11db-a717-806e6f6e6963}]
AutoRun\command- E:\autorun.exe

*Newly Created Service* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-06-18 10:24:56 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: AMD Athlon™ 64 X2 Dual Core Processor 3800+
Percentage of Memory in Use: 84%
Physical Memory (total/avail): 893.94 MiB / 137.34 MiB
Pagefile Memory (total/avail): 2910.23 MiB / 1385.84 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.08 MiB

C: is Fixed (NTFS) - 224.12 GiB total, 149.99 GiB free.
D: is Fixed (NTFS) - 8.76 GiB total, 0.24 GiB free.
E: is CDROM (UDF)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)

\\.\PHYSICALDRIVE0 - Hitachi HDT725025VLA SCSI Disk Device - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 224.12 GiB - C:
\PARTITION1 - Installable File System - 8.76 GiB - D:

\\.\PHYSICALDRIVE1 - Generic- Compact Flash USB Device

\\.\PHYSICALDRIVE4 - Generic- MS/MS-Pro USB Device

\\.\PHYSICALDRIVE3 - Generic- SD/MMC USB Device

\\.\PHYSICALDRIVE2 - Generic- SM/xD-Picture USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: Norton 360 v2007 (SYMANTEC Corporation)
AV: Norton 360 v2007 (SYMANTEC Corperation)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: Norton 360 v2007 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Eric\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ERIC-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Eric
LOCALAPPDATA=C:\Users\Eric\AppData\Local
LOGONSERVER=\\ERIC-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Presario
PLATFORM=HPD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4b02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=c:\windows\temp
TMP=c:\windows\temp
USERDOMAIN=Eric-PC
USERNAME=Eric
USERPROFILE=C:\Users\Eric
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Eric


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
--> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
--> "C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
--> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
--> "C:\Program Files\HP Games\Cue Master\Uninstall.exe"
--> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
--> "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
--> "C:\Program Files\HP Games\FATE\Uninstall.exe"
--> "C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
--> "C:\Program Files\HP Games\Flip Words\Uninstall.exe"
--> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
--> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
--> "C:\Program Files\HP Games\Otto\Uninstall.exe"
--> "C:\Program Files\HP Games\Overball\Uninstall.exe"
--> "C:\Program Files\HP Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\HP Games\Phoenix Assault\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Tubing\Uninstall.exe"
--> "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
--> "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
--> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
--> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
--> "C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
--> "C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Age of Empires III --> C:\Program Files\InstallShield Installation Information\{70F8B183-99EB-4304-BA35-080E2DFFD2A3}\setup.exe -runfromtemp -l0x0409
AMD Power Monitor --> MsiExec.exe /X{9DD3BF8E-0399-4B15-878B-CE48CE4961F9}
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
AV --> MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Battleships Forever v0.88 --> "C:\Users\Eric\Battleships Forever\unins000.exe"
ccCommon --> MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Command & Conquer Generals --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
GearDrvs --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
GPGNet --> MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
Hardware Diagnostic Tools --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Feedback --> MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP On-Screen Cap/Num/Scroll Lock Indicator --> C:\Windows\system32\OsdRemove.exe
HP Photosmart Essential 2.0 --> C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
LimeWire 4.16.7 --> "C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate 3.2 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 6.0 --> C:\Program Files\InstallShield Installation Information\{6AF49698-949A-4C89-9B31-041D2CCB5FBD}\setup.exe -runfromtemp -l0x0009 -removeonly
My HP Games --> "C:\Program Files\HP Games\Uninstall.exe"
Norton 360 --> MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360 --> MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360 --> MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360 --> MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton 360 --> MsiExec.exe /I{F413B69D-4AD6-42ab-AEA5-0548989FAD50}
Norton 360 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X
Norton 360 Help --> MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}
Norton Confidential Browser Component --> MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Authentification Component --> MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}
Norton Confidential Web Protection Component --> MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Python 2.4.3 --> MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Rhapsody --> C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Roxio Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio --> MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9 --> MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy --> MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive --> MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools --> MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3 --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9 --> MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
Snapfish Media Detector --> MsiExec.exe /X{4EF6FDB0-3B11-4820-9860-8E08E9965195}
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.inf
SPBBC 32bit --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Star Wars Empire at War --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe" -l0x9 -removeonly
Star Wars Empire at War Forces of Corruption --> C:\Program Files\InstallShield Installation Information\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}\setup.exe -runfromtemp -l0x0009 -removeonly
Star Wars Galactic Battlegrounds: Saga --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10133CDD-50B9-4783-B336-8B48F3653715}\Setup.exe" -l0x9
SuppSoft --> MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}
Supreme Commander --> C:\Program Files\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x0009 -removeonly
SwiftKit --> C:\Program Files\SwiftKit\Uninstall.exe
Symantec Technical Support Controls --> MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
The Battle for Middle-earth ™ II --> C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\EAUninstall.exe
Uniblue RegistryBooster 2 --> "C:\Program Files\Uniblue\RegistryBooster 2\unins000.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Toolbar for Internet Explorer --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type51241 / Success
Event Submitted/Written: 06/16/2008 05:59:36 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type51240 / Success
Event Submitted/Written: 06/16/2008 05:59:36 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type51236 / Success
Event Submitted/Written: 06/16/2008 05:59:32 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type51213 / Success
Event Submitted/Written: 06/15/2008 00:43:12 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type51212 / Success
Event Submitted/Written: 06/15/2008 00:43:11 PM
Event ID/Source: 5615 / WinMgmt
Event Description:




-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type34899 / Warning
Event Submitted/Written: 06/18/2008 10:23:39 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB951376(Security Update) is not applicable for this system

Event Record #/Type34880 / Warning
Event Submitted/Written: 06/18/2008 10:23:22 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB905866(Update) is not applicable for this system

Event Record #/Type34860 / Warning
Event Submitted/Written: 06/18/2008 10:22:22 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB950762(Security Update) is not applicable for this system

Event Record #/Type34843 / Warning
Event Submitted/Written: 06/18/2008 10:21:35 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB951698(Security Update) is not applicable for this system

Event Record #/Type34734 / Warning
Event Submitted/Written: 06/18/2008 10:18:14 AM
Event ID/Source: 4374 / Microsoft-Windows-Servicing
Event Description:
Windows Servicing identified that package KB950759(Security Update) i
  • 0

Advertisements

#2
fenzodahl512
Posted 28 June 2008 - 09:41 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello chemical art.. My name is fenzodahl512 and welcome to Geekstogo..


Since its already over a week, please post a fresh Deckard System Scanner log for further review..


Regards
fenzodahl512
  • 0

#3
fenzodahl512
Posted 06 July 2008 - 08:59 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP