Deckard's System Scanner v20071014.68
Run by alan on 2008-07-05 20:10:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
79: 2008-07-06 00:10:23 UTC - RP560 - Deckard's System Scanner Restore Point
78: 2008-07-06 00:02:16 UTC - RP559 - Removed SUPERAntiSpyware Free Edition
77: 2008-07-05 12:40:57 UTC - RP558 - System Checkpoint
76: 2008-07-04 11:54:28 UTC - RP557 - System Checkpoint
75: 2008-07-03 11:35:52 UTC - RP556 - System Checkpoint
-- First Restore Point --
1: 2008-05-24 18:49:37 UTC - RP482 - System Checkpoint
Performed disk cleanup.
-- HijackThis (run as alan.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:12:23 PM, on 7/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Documents and Settings\alan\Application Data\Microsoft\dtsc\7716.exe
C:\WINDOWS\system32\DOBE~1\dvdplay.exe
C:\Program Files\uTorrent\uTorrent.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Common Files\S?mantec\w?auclt.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\alan\Desktop\dss.exe
C:\DOCUME~1\alan\Desktop\Norwich\alan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {995CB5A5-6176-4AE5-A3A7-4FA8DA83E123} - C:\WINDOWS\system32\ddcbCVNd.dll (file missing)
O2 - BHO: (no name) - {B157538C-1F8C-469D-8A8D-F6F46860F404} - C:\WINDOWS\system32\vtUlLBsq.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: {0cb71574-2956-df7b-a804-0da0328b4bbc} - {cbb4b823-0ad0-408a-b7fd-659247517bc0} - C:\WINDOWS\system32\wgneig.dll
O2 - BHO: (no name) - {F910E133-54D9-2E07-F949-7BA2979E1FB6} - C:\WINDOWS\system32\tnoh.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Microsoft Windows Installer] C:\Documents and Settings\alan\Application Data\Microsoft\dtsc\7716.exe
O4 - HKCU\..\Run: [Uaol] "C:\WINDOWS\system32\DOBE~1\dvdplay.exe" -vt yazb
O4 - HKCU\..\Run: [A00F660FE.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F660FE.exe
O4 - HKCU\..\Run: [A00F218BF3.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F218BF3.exe
O4 - HKCU\..\Run: [Njssrbvc] "C:\Program Files\Common Files\S?mantec\w?auclt.exe"
O4 - HKCU\..\Run: [A00F4964B2.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F4964B2.exe
O4 - HKCU\..\Run: [A00F32C51.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F32C51.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alan\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\alan\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\PROGRA~1\mcafee\SPAMKI~1\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -
http://zone.msn.com/...UI.cab55579.cabO16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) -
http://zone.msn.com/...dy.cab55579.cabO16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -
http://zone.msn.com/...at.cab55579.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://cdn2.zone.msn...ro.cab56649.cabO16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) -
http://zone.msn.com/...xy.cab55579.cabO16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} (MSN Games – Backgammon) -
http://zone.msn.com/...on.cab64162.cabO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL iuoilcsp.dll
O20 - Winlogon Notify: __c00C2416 - C:\WINDOWS\system32\__c00C2416.dat
O20 - Winlogon Notify: __c00D446 - C:\WINDOWS\system32\__c00D446.dat (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
--
End of file - 10923 bytes
-- HijackThis Fixed Entries (C:\DOCUME~1\alan\Desktop\Norwich\backups\) --------
backup-20080702-193213-163 O4 - HKCU\..\Run: [A00FAF972.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FAF972.exe
backup-20080702-193213-166 O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\WinUpdater\update.exe" /background
backup-20080702-193213-170 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
backup-20080702-193213-227 O4 - HKCU\..\Run: [Gilwqib] C:\WINDOWS\?ymantec\?explore.exe
backup-20080702-193213-244 O4 - HKCU\..\Run: [A00F79519.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F79519.exe
backup-20080702-193213-262 O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\1028u.exe
backup-20080702-193213-306 O4 - HKCU\..\Run: [A00F194F7.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F194F7.exe
backup-20080702-193213-313 O4 - HKCU\..\Run: [A00F89478.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F89478.exe
backup-20080702-193213-498 O4 - HKCU\..\Run: [A00F536D1BE.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F536D1BE.exe
backup-20080702-193213-520 O4 - HKCU\..\Run: [A00F2755D3.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F2755D3.exe
backup-20080702-193213-558 O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\1028u.exe
backup-20080702-193213-565 O4 - HKCU\..\Run: [A00F99AEC.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F99AEC.exe
backup-20080702-193213-573 O4 - HKCU\..\Run: [A00FBD50D.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FBD50D.exe
backup-20080702-193213-576 O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1028u.exe
backup-20080702-193213-804 O4 - HKCU\..\Run: [A00FE609A.exe] C:\DOCUME~1\alan\LOCALS~1\Temp\_A00FE609A.exe
backup-20080702-193213-808 O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\rwwnw64d.exe
backup-20080702-193213-867 R3 - URLSearchHook: (no name) - - (no file)
backup-20080702-193213-896 O4 - HKCU\..\Run: [Xrxncau] "C:\Program Files\?dobe\?hkntfs.exe"
backup-20080702-193213-899 O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1028u.exe
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 drmkk - c:\windows\system32\drivers\drmkk.sys
R1 MPFIREWL - c:\windows\system32\drivers\mpfirewall.sys <Not Verified; McAfee; McAfee Personal Firewall>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 ScsiAccess - c:\windows\system32\scsiaccess.exe
S2 MskService (McAfee SpamKiller Server) - c:\progra~1\mcafee\spamki~1\msksrvr.exe <Not Verified; McAfee Inc.; McAfee SpamKiller>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Process Modules -------------------------------------------------------------
C:\WINDOWS\system32\winlogon.exe (pid 644)
-- :: 0 --------- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
C:\WINDOWS\system32\rundll32.exe (pid 2920)
2008-05-25 17:56:25 315136 -----n--- C:\WINDOWS\system32\vtUlLBsq.dll
2005-08-17 10:38:00 143360 --a------ C:\Program Files\McAfee\SpamKiller\MSKOEPlg.dll <Not Verified; McAfee Inc.; McAfee SpamKiller>
2008-07-05 00:37:28 24576 --a------ C:\WINDOWS\system32\__c00C2416.dat
2005-09-26 18:12:52 98304 --a------ C:\Program Files\McAfee.com\VSO\McVSSkt.Dll <Not Verified; McAfee, Inc.; McAfee VirusScan>
C:\WINDOWS\explorer.exe (pid 1832)
2005-08-17 10:38:00 143360 --a------ C:\Program Files\McAfee\SpamKiller\MSKOEPlg.dll <Not Verified; McAfee Inc.; McAfee SpamKiller>
2008-05-25 17:56:25 315136 -----n--- C:\WINDOWS\system32\vtUlLBsq.dll
2005-09-26 18:12:52 98304 --a------ C:\Program Files\McAfee.com\VSO\McVSSkt.Dll <Not Verified; McAfee, Inc.; McAfee VirusScan>
2008-07-05 00:37:28 24576 --a------ C:\WINDOWS\system32\__c00C2416.dat
2008-07-05 00:31:11 106240 --a------ C:\WINDOWS\system32\wgneig.dll
-- Scheduled Tasks -------------------------------------------------------------
2008-07-05 00:37:04 348 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (ALSPC64-alan).job
-- Files created between 2008-06-05 and 2008-07-05 -----------------------------
2008-07-05 00:37:58 644979 --ahs---- C:\WINDOWS\system32\qsBLlUtv.ini2
2008-07-05 00:37:25 24576 --a------ C:\WINDOWS\system32\__c00C2416.dat
2008-07-05 00:31:16 82240 --a------ C:\WINDOWS\system32\cvwyjlrv.dll
2008-07-05 00:31:16 24576 --a------ C:\WINDOWS\system32\__c00192A4.dat
2008-07-05 00:31:15 37888 --a------ C:\WINDOWS\system32\rrgvownm.exe
2008-07-05 00:31:11 106240 --a------ C:\WINDOWS\system32\wgneig.dll
2008-07-05 00:31:11 106240 --a------ C:\WINDOWS\system32\kbdqoqrb.dll
2008-07-03 23:13:09 106192 --a------ C:\WINDOWS\system32\wpiaxbvh.dll
2008-07-03 23:13:09 106192 --a------ C:\WINDOWS\system32\dokuct.dll
2008-07-03 23:10:10 24576 --a------ C:\WINDOWS\system32\__c00B9173.dat
2008-07-03 23:10:08 37888 --a------ C:\WINDOWS\system32\sxeawfcl.exe
2008-07-03 23:07:08 85376 --a------ C:\WINDOWS\system32\wprnsgfw.dll
2008-07-03 21:51:58 0 d-------- C:\Program Files\Common Files\S?mantec
2008-07-03 21:51:57 60928 --a------ C:\WINDOWS\system32\tnoh.dll
2008-07-03 21:47:20 0 d-------- C:\!KillBox
2008-07-02 23:13:50 85248 --a------ C:\WINDOWS\system32\rqisjqsm.dll
2008-07-02 23:10:51 106272 --a------ C:\WINDOWS\system32\ysxwst.dll
2008-07-02 23:10:50 106272 --a------ C:\WINDOWS\system32\cekgtxpq.dll
2008-07-02 23:07:51 24576 --a------ C:\WINDOWS\system32\__c0039D92.dat
2008-07-02 23:07:50 37888 --a------ C:\WINDOWS\system32\tymauxqv.exe
2008-07-02 19:57:48 0 d-------- C:\VundoFix Backups
2008-07-02 19:02:09 1718700 ---hs---- C:\WINDOWS\system32\qravhsie.ini2
2008-06-27 22:29:01 85024 --a------ C:\WINDOWS\system32\eishvarq.dll
2008-06-27 22:28:57 105904 --a------ C:\WINDOWS\system32\steevx.dll
2008-06-27 22:28:57 105904 --a------ C:\WINDOWS\system32\nxwjhmyl.dll
2008-06-27 22:28:55 24576 --a------ C:\WINDOWS\system32\__c002FF84.dat
2008-06-27 22:28:54 37888 --a------ C:\WINDOWS\system32\pmcuqhif.exe
2008-06-27 22:28:51 90528 --a------ C:\WINDOWS\system32\ivgkpmco.dll
2008-06-26 23:00:56 0 d-------- C:\Documents and Settings\alan\Application Data\Grisoft
2008-06-26 23:00:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-26 00:10:47 0 d-------- C:\WINDOWS\?ymantec
2008-06-25 00:05:58 0 d-------- C:\Program Files\Common Files\W?nSxS
2008-06-24 22:43:49 0 d-------- C:\Program Files\Common Files\Java
2008-06-24 20:43:17 0 d-------- C:\Documents and Settings\alan\Application Data\uTorrent
2008-06-23 23:10:46 0 d-------- C:\WINDOWS\system32\?ecurity
2008-06-23 23:10:46 0 d-------- C:\Program Files\Outerinfo
2008-06-18 20:15:15 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-18 20:14:59 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-18 20:14:57 0 d-------- C:\Documents and Settings\alan\Application Data\SUPERAntiSpyware.com
2008-06-18 19:35:12 0 d-------- C:\WINDOWS\pss
2008-06-18 19:21:58 0 d-------- C:\WINDOWS\system32\LogFiles
-- Find3M Report ---------------------------------------------------------------
2008-07-05 20:02:23 0 d-------- C:\Program Files\Common Files
2008-07-03 21:51:58 0 d-------- C:\Program Files\Common Files\S?mantec
2008-06-26 22:54:34 0 d-------- C:\Program Files\?dobe
2008-06-25 00:05:58 0 d-------- C:\Program Files\Common Files\W?nSxS
2008-06-24 22:44:35 0 d-------- C:\Program Files\Java
2008-06-24 20:38:02 0 d-------- C:\Program Files\Common Files\AOL
2008-06-24 20:36:00 0 d-------- C:\Program Files\PopCap Games
2008-06-18 21:48:03 0 d-------- C:\Program Files\Spyware Doctor
2008-06-18 19:25:35 0 d-------- C:\Program Files\Google
2008-06-18 19:21:55 0 d-------- C:\Program Files\Dl_cats
2008-05-26 12:34:54 83216 -----n--- C:\WINDOWS\system32\ndmofcru.dll
2008-05-26 12:34:27 2560 -----n--- C:\WINDOWS\system32\dpykvvru.exe
2008-05-26 12:32:31 100672 -----n--- C:\WINDOWS\system32\lxwyublv.dll
2008-05-26 12:32:19 90896 -----n--- C:\WINDOWS\system32\vgrghgnj.dll
2008-05-26 09:50:27 166 -----n--- C:\WINDOWS\popcreg.dat
2008-05-26 09:50:27 34 -----n--- C:\WINDOWS\popcinfot.dat
2008-05-26 08:14:12 83216 -----n--- C:\WINDOWS\system32\faeaftyl.dll
2008-05-26 08:14:11 2560 -----n--- C:\WINDOWS\system32\kapqfujx.exe
2008-05-26 08:11:12 100672 -----n--- C:\WINDOWS\system32\ucaorern.dll
2008-05-26 08:08:52 90896 -----n--- C:\WINDOWS\system32\ctnjgfyj.dll
2008-05-26 08:08:09 315168 -----n--- C:\WINDOWS\system32\byXqqRiF.dll
2008-05-25 18:43:09 0 d-------- C:\Documents and Settings\alan\Application Data\Help
2008-05-25 18:05:27 100608 -----n--- C:\WINDOWS\system32\mluevktp.dll
2008-05-25 18:02:26 2560 -----n--- C:\WINDOWS\system32\hqbflmfq.exe
2008-05-25 17:57:07 90896 -----n--- C:\WINDOWS\system32\dklaistf.dll
2008-05-25 17:56:25 315136 -----n--- C:\WINDOWS\system32\vtUlLBsq.dll
2008-05-25 15:00:52 0 d-------- C:\Documents and Settings\alan\Application Data\PC Tools
2008-05-25 14:50:00 0 d-------- C:\Program Files\SpywareIsolator
2008-05-25 13:49:06 0 d-------- C:\Program Files\Activision Value
2008-05-24 14:41:36 0 d-------- C:\Program Files\Microsoft Games
2008-05-24 11:26:26 0 d-------- C:\Documents and Settings\alan\Application Data\Microsoft Games
2008-05-24 11:25:44 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-24 11:05:55 0 d-------- C:\Program Files\uTorrent
2008-05-24 11:05:48 26384 -----n--- C:\WINDOWS\system32\wvUlmlMg.dll
2008-05-24 11:05:46 0 d-------- C:\Program Files\ISM
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{995CB5A5-6176-4AE5-A3A7-4FA8DA83E123}]
C:\WINDOWS\system32\ddcbCVNd.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B157538C-1F8C-469D-8A8D-F6F46860F404}]
05/25/2008 05:56 PM 315136 --------- C:\WINDOWS\system32\vtUlLBsq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cbb4b823-0ad0-408a-b7fd-659247517bc0}]
07/05/2008 12:31 AM 106240 --a------ C:\WINDOWS\system32\wgneig.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F910E133-54D9-2E07-F949-7BA2979E1FB6}]
05/29/2008 02:34 PM 60928 --a------ C:\WINDOWS\system32\tnoh.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [09/29/2005 02:01 PM]
"SigmatelSysTrayApp"="stsystra.exe" [03/22/2005 11:20 PM C:\WINDOWS\stsystra.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/05/2005 09:05 PM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [06/10/2005 10:44 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/10/2005 10:44 AM]
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [07/08/2005 06:18 PM]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [08/11/2005 10:02 PM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [09/22/2005 06:29 PM]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [01/11/2006 12:05 PM]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [08/12/2005 04:16 PM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [09/08/2005 05:20 AM]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [09/26/2005 10:26 AM]
"VirusScan Online"="C:\Program Files\McAfee.com\VSO\mcvsshld.exe" [08/10/2005 12:49 PM]
"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [11/11/2005 05:00 PM]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [09/14/2005 12:50 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 11:09 AM]
"Microsoft Windows Installer"="C:\Documents and Settings\alan\Application Data\Microsoft\dtsc\7716.exe" [05/24/2008 11:05 AM]
"Uaol"="C:\WINDOWS\system32\DOBE~1\dvdplay.exe" [05/24/2008 11:06 AM]
"A00F660FE.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F660FE.exe" []
"A00F218BF3.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F218BF3.exe" []
"Njssrbvc"="C:\Program Files\Common Files\S?mantec\w?auclt.exe" [05/29/2008 02:35 PM]
"A00F4964B2.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F4964B2.exe" []
"A00F32C51.exe"="C:\DOCUME~1\alan\LOCALS~1\Temp\_A00F32C51.exe" []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [8/12/2006 6:13:57 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__c00C2416]
C:\WINDOWS\system32\__c00C2416.dat 07/05/2008 12:37 AM 24576 C:\WINDOWS\system32\__c00C2416.dat
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__c00D446]
C:\WINDOWS\system32\__c00D446.dat
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL iuoilcsp.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vtUlLBsq
"IEUpdate"= C:\WINDOWS\system32\1028u.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk
backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]
"C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
"C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IEUpdate]
C:\WINDOWS\system32\1028u.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spywareisolator]
C:\Program Files\SpywareIsolator\spywareisolator.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe
-- Hosts -----------------------------------------------------------------------
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
8520 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-07-05 20:14:22 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® D CPU 2.66GHz
CPU 1: Intel® Pentium® D CPU 2.66GHz
Percentage of Memory in Use: 51%
Physical Memory (total/avail): 1022.07 MiB / 500.32 MiB
Pagefile Memory (total/avail): 2458.98 MiB / 2066.01 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1879.93 MiB
C: is Fixed (NTFS) - 69.79 GiB total, 56.27 GiB free.
D: is CDROM (CDFS)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3808110AS - 74.5 GiB - 3 partitions
\PARTITION0 - Unknown - 54.88 MiB
\PARTITION1 (bootable) - Installable File System - 69.79 GiB - C:
\PARTITION2 - Unknown - 4.64 GiB
\\.\PHYSICALDRIVE1 - TEAC USB HS-CF Card USB Device
\\.\PHYSICALDRIVE3 - TEAC USB HS-MS Card USB Device
\\.\PHYSICALDRIVE4 - TEAC USB HS-SD Card USB Device
\\.\PHYSICALDRIVE2 - TEAC USB HS-xD/SM USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: McAfee Personal Firewall Plus v (McAfee)
AV: McAfee VirusScan v (McAfee)
Outdated[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"="C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\alan\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ALSPC64
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\alan
LOGONSERVER=\\ALSPC64
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Roxio Shared\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0407
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\alan\LOCALS~1\Temp
TMP=C:\DOCUME~1\alan\LOCALS~1\Temp
USERDOMAIN=ALSPC64
USERNAME=alan
USERPROFILE=C:\Documents and Settings\alan
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
alan
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /appid=MSK /uninstall=1 /interact=1 /script_proactive=0 /start="c:\PROGRA~1\mcafee.com\agent\uninst\mskremui.dll::uninstall.htm"
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=mpf /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\mpfrem.ui::uninstall.htm
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=vso /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui.dll::uninstall.htm
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
924PLC32 --> MsiExec.exe /I{94721EA3-7EA6-43EA-B99C-A5D0E3C66240}
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Absolute Poker --> C:\Program Files\_uninstallation_info\Absolute Poker\CasinoUninstall.exe
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AOLIcon --> MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
aspi --> MsiExec.exe /I{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Bookworm Adventures --> "C:\Program Files\Dell Games\Bookworm Adventures\Uninstall.exe"
Bookworm Adventures Deluxe 1.0 --> C:\Program Files\PopCap Games\Bookworm Adventures Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Bookworm Adventures Deluxe\Install.log"
Bookworm Deluxe 1.13 --> C:\Program Files\PopCap Games\Bookworm Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Bookworm Deluxe\Install.log"
CCHelp --> MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Corel Photo Album 6 --> MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
Dell CinePlayer --> MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Game Console --> "C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"
Dell Photo AIO Printer 924 --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dlccUNST.EXE -NOLICENSE
Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Content Portal --> MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Documentation & Support Launcher --> MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
EducateU --> MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ELIcon --> MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
ESPNMotion --> C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
ESSAdpt --> MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP --> MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCAM --> MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSTUTOR --> MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
Games, Music, & Photos Launcher --> MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
GemMaster Mystic --> "C:\Program Files\GemMaster\uninstallgemmaster.exe"
Get High Speed Internet! --> MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Documents and Settings\alan\Desktop\Norwich\HijackThis.exe" /uninstall
HLPCCTR --> MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}
HLPIndex --> MsiExec.exe /I{78F79C84-BFD5-4D79-A07D-F39A3CF428DC}
HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
Hoyle Casino 4 --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\CASINO4\Uninst.isu
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet for Wired Connections --> MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
Internet Service Offers Launcher --> MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
Internet Speed Monitor --> C:\Program Files\ISM\Uninstall.exe
Jasc Paint Shop Pro Studio, Dell Editon --> MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
Java™ 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_0_280d3903\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
McAfee Uninstaller --> C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm
MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
Outerinfo --> C:\Program Files\Outerinfo\OiUninstaller.exe
PCDLNCH --> MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Roxio DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio MyDVD LE --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Search Assist --> MsiExec.exe /X{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}
SFR --> MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2 --> MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
Sonic Activation Module --> MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spin Palace Casino --> C:\MicroGaming\Casino\SpinPalace\install.exe -uninstall
Spin Palace Casino --> C:\PROGRA~1\SPINPA~1\UNWISE.EXE C:\PROGRA~1\SPINPA~1\INSTALL.LOG
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
VCAMCEN --> MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}
Venture Africa (remove only) --> "C:\Program Files\MumboJumbo\VentureAfrica\Uninstall.exe"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WebCyberCoach 3.2 Dell --> "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067 -->
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
Zoo Tycoon 2 - Dino Danger Pack --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F568B133-170C-4818-B06A-712C6D91B9F7}
Zoo Tycoon2 - Marine Mania Demo --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{FDBE4583-26AB-4DBE-8263-07836871002D}
-- Application Event Log -------------------------------------------------------
Event Record #/Type1362 / Warning
Event Submitted/Written: 07/05/2008 00:37:22 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}', feature 'PaintShopProStudio' failed during request for component '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}'
Event Record #/Type1361 / Warning
Event Submitted/Written: 07/05/2008 00:37:22 AM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}', feature 'PaintShopProStudio', component '{9756BC4D-C647-4986-915E-0127D0A9A7AB}' failed. The resource 'HKEY_CURRENT_USER\Software\Jasc\Paint Shop Pro Studio 1\Installer\CacheFolder' does not exist.
Event Record #/Type1360 / Warning
Event Submitted/Written: 07/05/2008 00:37:19 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}', feature 'PaintShopProStudio' failed during request for component '{D2D7B4BF-6CCA-11D5-8B3F-00105A9846E9}'
Event Record #/Type1359 / Warning
Event Submitted/Written: 07/05/2008 00:37:18 AM / 07/05/2008 00:37:19 AM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}', feature 'PaintShopProStudio', component '{9756BC4D-C647-4986-915E-0127D0A9A7AB}' failed. The resource 'HKEY_CURRENT_USER\Software\Jasc\Paint Shop Pro Studio 1\Installer\CacheFolder' does not exist.
Event Record #/Type1356 / Error
Event Submitted/Written: 07/05/2008 00:30:31 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x1000b1db.
Processing media-specific event for [!ws!]
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type9033 / Error
Event Submitted/Written: 07/05/2008 08:01:40 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1058" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Event Record #/Type9032 / Warning
Event Submitted/Written: 07/05/2008 02:16:35 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.
Event Record #/Type9031 / Error
Event Submitted/Written: 07/05/2008 00:41:15 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The McAfee SpamKiller Server service failed to start due to the following error:
%%1053
Event Record #/Type9030 / Error
Event Submitted/Written: 07/05/2008 00:41:15 AM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the McAfee SpamKiller Server service to connect.
Event Record #/Type9029 / Error
Event Submitted/Written: 07/05/2008 00:41:15 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1053" attempting to start the service MskService with arguments ""
in order to run the server:
{5109B8D8-73AF-4C41-A70E-73707E1F908A}
-- End of Deckard's System Scanner: finished at 2008-07-05 20:14:22 ------------
This topic is locked
If you don't understand something, don't be afraid to ask!
Sign In
Create Account
