thank you
RRUSSELL
Deckard's System Scanner v20071014.68
Run by Randy on 2008-06-28 16:39:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 4 Restore Point(s) --
4: 2008-06-28 23:40:41 UTC - RP492 - Deckard's System Scanner Restore Point
3: 2008-06-28 23:00:22 UTC - RP491 - Restore Operation
2: 2008-06-28 18:30:27 UTC - RP490 - System Checkpoint
1: 2008-06-28 05:11:39 UTC - RP489 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 384 MiB (512 MiB recommended).
System Drive C: has 0.13 GiB (less than 15%) free.
-- HijackThis (run as Randy.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:45: VIRUS ALERT!, on 6/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MP3 COBY USB Disk Win98 Driver\Res.EXE
C:\Program Files\Canon ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 11\MiniMavis.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DAP\DAP.EXE
C:\Documents and Settings\Randy\Desktop\deckards sys scanner dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Randy.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarerefer...=...6Ojg5&lid=2
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {50C4C776-59ED-4751-AF88-22CC52FB24C3} - C:\WINDOWS\system32\byXrssSj.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7FC6B132-EA18-4D69-86E0-423E7B940BDC} - C:\WINDOWS\system32\mlJDuroo.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Editor plugin - {9AEE9C0D-FD38-45fc-B09A-BA9B6B614780} - barka.dll (file missing)
O2 - BHO: QXK Olive - {9EBD6815-1579-4593-8020-8485B80243FB} - C:\WINDOWS\gfetqaxsnvo.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: gxvpsafm - {5EFBB043-CFEC-4A57-BFE7-38FDC518108F} - C:\WINDOWS\gxvpsafm.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\MP3 COBY USB Disk Win98 Driver\Res.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\Canon ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [68b6af29] rundll32.exe "C:\WINDOWS\system32\kgmstbux.dll",b
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe
O4 - Startup: Mavis Beacon Teaches Typing 11.lnk = C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 11\MiniMavis.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1A595EDD-978A-48C7-B730-AF3B9CC64DAB} - http://63.251.81.180...ZWDLManager.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F3436EC-7864-4DEB-BA66-97920BEAE513}: NameServer = 206.63.224.5,206.63.224.6
O20 - Winlogon Notify: mlJDuroo - C:\WINDOWS\SYSTEM32\mlJDuroo.dll
O21 - SSODL: pntqkflv - {D27EE8E4-1096-487E-BB0E-D021E8FEEED7} - C:\WINDOWS\pntqkflv.dll
O21 - SSODL: qegbdmwf - {E28F8288-1A54-4D8C-9A71-0446D13A074F} - C:\WINDOWS\qegbdmwf.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\system32\ImapiRox.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - http://l.b5z.net/i/u...SkullsB_ezr.JPG
O24 - Desktop Component 1: (no name) - http://l.b5z.net/i/u...eSkullB_ezr.JPG
O24 - Desktop Component 2: (no name) - http://l.b5z.net/i/u...olSucks_ezr.jpg
O24 - Desktop Component 3: (no name) - http://l.b5z.net/i/u...oSkullB_ezr.JPG
O24 - Desktop Component 4: (no name) - http://l.b5z.net/i/u...ategory_ezr.JPG
O24 - Desktop Component 5: (no name) - http://images.hotpro...78070-561-2.gif
O24 - Desktop Component 6: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 9435 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 ewido security suite driver - c:\program files\ewido anti-malware\guard.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 IJPLMSVC (PIXMA Extended Survey Program) - c:\program files\canon\ijplm\ijplmsvc.exe <Not Verified; ; IJPLMSVC>
S2 msupdate (Microsoft security update service) - c:\windows\system32\vhosts.exe (file missing)
S4 ewido security suite guard - c:\program files\ewido anti-malware\ewidoguard.exe <Not Verified; ewido networks; guard>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&268D196D&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&268D196D&0
Service: i8042prt
-- Scheduled Tasks -------------------------------------------------------------
2008-06-28 14:55:12 254 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
-- Files created between 2008-05-28 and 2008-06-28 -----------------------------
2008-06-28 16:43:39 0 d-------- C:\Program Files\Trend Micro
2008-06-28 15:42:02 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-06-28 15:42:02 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-28 15:42:02 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-28 15:42:02 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-06-28 15:42:02 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-28 15:42:02 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-06-28 15:42:02 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-28 15:42:02 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-06-28 15:42:02 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-28 15:42:02 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-28 15:42:01 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-28 15:42:01 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-28 15:42:01 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-28 15:42:01 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-28 15:32:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-28 13:09:00 0 d-------- C:\Documents and Settings\Randy\Application Data\TmpRecentIcons
2008-06-27 23:52:56 91520 --a------ C:\WINDOWS\system32\ijcnwxfe.dll
2008-06-27 22:11:22 6242304 --a------ C:\Documents and Settings\Randy\ntuser.dat
2008-06-27 18:17:48 0 d-------- C:\Program Files\Enigma Software Group
2008-06-27 17:51:24 252892 --ahs---- C:\WINDOWS\system32\jSssrXyb.ini2
2008-06-27 17:51:08 318720 --a------ C:\WINDOWS\system32\byXrssSj.dll
2008-06-27 17:24:51 43008 --a------ C:\WINDOWS\system32\clbdll.dll
2008-06-27 17:24:46 28800 --a------ C:\WINDOWS\system32\mlJDuroo.dll
2008-06-27 17:21:20 303104 --a------ C:\WINDOWS\gfetqaxsnvo.dll
2008-06-27 17:21:19 81920 --a------ C:\WINDOWS\tovafrnm.exe
2008-06-27 17:21:19 180224 --a------ C:\WINDOWS\qegbdmwf.dll
2008-06-27 17:21:19 229376 --a------ C:\WINDOWS\pntqkflv.dll
2008-06-27 17:21:19 151552 --a------ C:\WINDOWS\gxvpsafm.dll
2008-06-27 17:21:19 94208 --a------ C:\WINDOWS\ekaf.exe
2008-06-21 16:02:29 0 d-------- C:\Documents and Settings\Alicianna\Application Data\Apple Computer
2008-06-21 16:01:38 0 d-------- C:\Program Files\iPod
2008-06-21 16:01:11 0 d-------- C:\Program Files\iTunes
2008-06-21 15:59:11 0 d-------- C:\Program Files\QuickTime
2008-06-21 15:59:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-21 15:58:20 0 d-------- C:\Program Files\Apple Software Update
2008-06-21 15:57:25 0 d-------- C:\Program Files\Common Files\Apple
2008-06-21 15:57:23 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-18 18:14:51 0 d-------- C:\Documents and Settings\Alicianna\Application Data\Viewpoint
2008-06-04 03:01:02 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-03 17:02:24 0 d-------- C:\Program Files\Windows Live Toolbar
2008-06-03 17:02:09 0 d-------- C:\Program Files\Windows Live Favorites
2008-06-03 16:45:29 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-03 16:45:01 0 d-------- C:\Program Files\Windows Live
-- Find3M Report ---------------------------------------------------------------
2008-06-27 18:13:02 0 d-------- C:\Program Files\Coupons
2008-06-27 18:12:05 0 d-------- C:\Program Files\Canon
2008-06-27 18:11:55 0 d-------- C:\Documents and Settings\Randy\Application Data\Canon
2008-06-21 15:57:25 0 d-------- C:\Program Files\Common Files
2008-05-02 14:38:01 0 d-------- C:\Documents and Settings\Randy\Application Data\Viewpoint
2008-04-28 20:14:02 1221 --a------ C:\WINDOWS\EReg077.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{50C4C776-59ED-4751-AF88-22CC52FB24C3}]
06/27/2008 17:51: VIRUS ALERT! 318720 --a------ C:\WINDOWS\system32\byXrssSj.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7FC6B132-EA18-4D69-86E0-423E7B940BDC}]
06/27/2008 17:24: VIRUS ALERT! 28800 --a------ C:\WINDOWS\system32\mlJDuroo.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9AEE9C0D-FD38-45fc-B09A-BA9B6B614780}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9EBD6815-1579-4593-8020-8485B80243FB}]
06/27/2008 13:46: VIRUS ALERT! 303104 --a------ C:\WINDOWS\gfetqaxsnvo.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdaptecDirectCD"="C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [09/04/2001 16:31: VIRUS ALERT!]
"WorksFUD"="C:\Program Files\Microsoft Works\wkfud.exe" [10/05/2001 17:34: VIRUS ALERT!]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [08/23/2001 14:52: VIRUS ALERT!]
"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [08/16/2001 21:41: VIRUS ALERT!]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 13:22: VIRUS ALERT!]
"nwiz"="nwiz.exe" [10/22/2006 13:22: VIRUS ALERT! C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/22/2006 13:22: VIRUS ALERT!]
"RegistryMechanic"="" []
"USB Storage Toolbox"="C:\Program Files\MP3 COBY USB Disk Win98 Driver\Res.EXE" [09/14/2005 20:44: VIRUS ALERT!]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [05/27/2008 10:50: VIRUS ALERT!]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [10/25/2006 09:03: VIRUS ALERT!]
"OpwareSE4"="C:\Program Files\Canon ScanSoft\OmniPageSE4\OpwareSE4.exe" [02/04/2007 12:02: VIRUS ALERT!]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [04/14/2008 16:42: VIRUS ALERT!]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 20:51: VIRUS ALERT!]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [01/01/2007 14:22: VIRUS ALERT!]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [06/02/2008 11:13: VIRUS ALERT!]
"68b6af29"="C:\WINDOWS\system32\kgmstbux.dll" []
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [01/23/2008 15:47: VIRUS ALERT!]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34: VIRUS ALERT!]
"antivirus-2008pro.exe"="C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe" []
C:\Documents and Settings\Randy\Start Menu\Programs\Startup\
Mavis Beacon Teaches Typing 11.lnk - C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 11\MiniMavis.exe [4/21/2007 1:15:49 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
"NoColorChoice"=0 (0x0)
"NoSizeChoice"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispCPL"=1 (0x1)
"NoVisualStyleChoice"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoDispAppearancePage"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"DisableRegistryTools"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktopChanges"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"=0 (0x0)
"NoSaveSettings"=0 (0x0)
"NoThemesTab"=0 (0x0)
"ForceActiveDesktopOn"=0 (0x0)
"NoToolbarCustomize"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"NoStartMenuMorePrograms"=1 (0x1)
"NoSetFolders"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\6]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{7FC6B132-EA18-4D69-86E0-423E7B940BDC}"= C:\WINDOWS\system32\mlJDuroo.dll [06/27/2008 17:24: VIRUS ALERT! 28800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"pntqkflv"= {D27EE8E4-1096-487E-BB0E-D021E8FEEED7} - C:\WINDOWS\pntqkflv.dll [06/27/2008 13:46: VIRUS ALERT! 229376]
"qegbdmwf"= {E28F8288-1A54-4D8C-9A71-0446D13A074F} - C:\WINDOWS\qegbdmwf.dll [06/27/2008 13:46: VIRUS ALERT! 180224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJDuroo]
mlJDuroo.dll 06/27/2008 17:24: VIRUS ALERT! 28800 C:\WINDOWS\system32\mlJDuroo.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\byXrssSj
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- End of Deckard's System Scanner: finished at 2008-06-28 16:48:35 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 1.80GHz
Percentage of Memory in Use: 72%
Physical Memory (total/avail): 383.3 MiB / 106.35 MiB
Pagefile Memory (total/avail): 922.17 MiB / 511.75 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1926.16 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 37.24 GiB total, 0.13 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)
\\.\PHYSICALDRIVE0 - WDC WD400BB-75CAA0 - 37.25 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 37.24 GiB - C:
\\.\PHYSICALDRIVE1 - Canon MP470 series USB Device
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: Avira AntiVir PersonalEdition v8.0.1.18 (Avira GmbH)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\BYOND\\bin\\byond.exe"="C:\\Program Files\\BYOND\\bin\\byond.exe:*:Enabled:byond"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Program Files\\accelrator_DAP\\DAP.exe"="C:\\Program Files\\accelrator_DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\FrostWire\\FrostWire.exe"="C:\\Program Files\\FrostWire\\FrostWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\\WINDOWS\\system32\\lxbmcoms.exe"="C:\\WINDOWS\\system32\\lxbmcoms.exe:*:Enabled:Lexmark Communications System"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Randy\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=RANDY-Z7BFIVSUP
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Randy
LOGONSERVER=\\RANDY-Z7BFIVSUP
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 1 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0102
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Randy\LOCALS~1\Temp
TMP=C:\DOCUME~1\Randy\LOCALS~1\Temp
USERDOMAIN=RANDY-Z7BFIVSUP
USERNAME=Randy
USERPROFILE=C:\Documents and Settings\Randy
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Randy (admin)
Family
Alicianna (admin)
Olen
Alania
-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.45 beta --> "C:\Program Files\7-Zip\Uninstall.exe"
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Canon MP470 series --> "C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series /L0x0009
Canon MP470 series User Registration --> C:\Program Files\Canon\IJEREG\MP470 series\UNINST.EXE
Comcast High-Speed Internet Install Wizard --> C:\Program Files\support.com\uninstall\chsi_uninstaller.exe
Corel Applications --> C:\WINDOWS\Corel\Uninst32.exe
CouponBar --> regsvr32 /u /s "C:\WINDOWS\CouponBarIE.dll"
Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
ewido anti-malware --> C:\Program Files\ewido anti-malware\Uninstall.exe
Fisher-Price® Western Town --> .\setup.exe -funinst.ins
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Talk (remove only) --> "C:\Program Files\Google\Google Talk\uninstall.exe"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Highlight Viewer (Windows Live Toolbar) --> MsiExec.exe /X{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}
HP PrecisionScan LTX --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\Uninst.isu" -c"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\HPUninstallIs.dll"
IBM & Crayola Magic Princess --> C:\WINDOWS\uninst.exe -f"C:\.\Program Files\IBM and Crayola\DeIsL1.isu"
iTunes --> MsiExec.exe /I{9F70BF98-003C-491D-81FC-FF9792206AF0}
JumpStart Advanced Kindergarten --> C:\Program Files\Common Files\Knowledge Adventure\Uninstall\UNKinder2002.exe
JumpStart Animal Field Trip --> C:\Program Files\Common Files\Knowledge Adventure\Uninstall\JSAnimFTUn.exe
JumpStart Arts and Crafts --> C:\Program Files\Common Files\Knowledge Adventure\Uninstall\JSArtsCraftsUn.exe
JumpStart Kindergarten Reading v1.0 --> C:\WINDOWS\uninst.exe -fC:\KA\JSKR\DeIsL5.isu
JumpStart Music --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\JumpStart\JumpStart Music\DeIsL1.isu"
JumpStart Phonics --> C:\WINDOWS\IsUninst.exe -fC:\KA\PHONICS\DeIsL2.isu
JumpStart Toddlers v1.3 --> C:\WINDOWS\IsUninst.exe -fC:\KA\TODDLER\DeIsL1.isu
JumpStart World Presents Pet Playground --> C:\Program Files\Common Files\Knowledge Adventure\Uninstall\PetPlaygroundUn.exe
Kid Pix Deluxe 3 --> C:\Program Files\Broderbund\Kid Pix Deluxe 3\uninstal.exe
Leap Ahead Second Grade --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\The Learning Company\Leap Ahead Second Grade\Uninst.isu"
LEGO Friends --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\LEGO Friends\Uninst.isu"
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Madeline Rainy Day Activities --> C:\CWONDERS\MRDA\CWRUN.EXE MadelineRainyDayActivities UninstallExe
Map Button (Windows Live Toolbar) --> MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
Mavis Beacon Teaches Typing 11 --> C:\PROGRA~1\BRODER~1\MAVISB~1\UNINST.EXE
Mickey Mouse Preschool --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{411C452C-7F92-405E-B9A0-EA6BD3C4A630}\setup.exe" -l0x9 Mickey Mouse Preschool
Microsoft Command & Control Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\mscnc.inf, Uninstall
Microsoft Office 2000 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Speech API 3.0 --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\spchapi.inf, Uninstall
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTS.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Word 2002 --> MsiExec.exe /I{911B0409-6000-11D3-8CFE-0050048383C9}
Microsoft Works 2002 Setup Launcher --> C:\Program Files\Microsoft Works Suite 2002\Setup\Launcher.exe D:\
Microsoft Works 6.0 --> MsiExec.exe /I{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}
Microsoft Works Suite Add-in for Microsoft Word --> MsiExec.exe /I{C3A439E4-7303-491F-A678-CEA36A87D517}
Microsoft Zoo Tycoon --> "C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
Millie and Bailey Preschool --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Edmark\Millie and Bailey Preschool\Uninst.isu"
NCR Label Formats for MS Word Setup --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NCR Media Formats\Uninst.isu"
Netflix Movie Viewer --> MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
Nokia USB Drivers --> C:\PROGRA~1\NOKIAU~1\UNWISE.EXE C:\PROGRA~1\NOKIAU~1\INSTALL.LOG
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PIXMA Extended Survey Program --> C:\Program Files\Canon\IJPLM\SETUP.EXE -R
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
QuickTime for Windows (32-bit) --> C:\WINDOWS\QTW32DEL.EXE
Reader Rabbit 1st Grade --> C:\WINDOWS\TLCUninstall.exe -f "C:\Program Files\The Learning Company\Reader Rabbit 1st Grade\Uninstall.xml"
Reader Rabbit 2nd Grade --> C:\WINDOWS\TLCUninstall.exe -f "C:\Program Files\The Learning Company\Reader Rabbit 2nd Grade\Uninstall.xml"
Reader Rabbit Personalized Kindergarten --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\The Learning Company\Reader Rabbit Personalized Kindergarten\Uninst.isu"
Reader Rabbit Personalized Preschool --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\The Learning Company\Reader Rabbit Personalized Preschool\Uninst.isu"
Registry Mechanic 6.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
ScanSoft OmniPage SE 4 --> MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Shockwave --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Smart Menus (Windows Live Toolbar) --> MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpyHunter --> "C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
Stanley Wild for Sharks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EEDB23C9-50AB-4D25-B327-EE4FCDAE265F}\Setup.exe" -l0x9 Stanley Wild for Sharks
Tonka Workshop --> C:\HASBRO\TONKA_W\TW_DEL95.EXE
USB Disk Win98 Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}\Setup.exe"
USB MP3 Player WIN98 Drivers --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MP3\U-MP3\Uninst.isu"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WebVideo Support --> C:\WINDOWS\tovafrnm.exe
Windows Live Favorites for Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar --> MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar Extension (Windows Live Toolbar) --> MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Winnie the Pooh Preschool --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDAC64EB-F3CF-47EC-AB54-42D3BD3A8633}\setup.exe" -l0x9 Winnie the Pooh Preschool
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
-- Application Event Log -------------------------------------------------------
Event Record #/Type8153 / Warning
Event Submitted/Written: 06/28/2008 04:33:23 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{00010409-78E1-11D2-B60F-006097C998E7}', feature 'HTMLSourceEditing' failed during request for component '{9E0B2BE1-DEDA-11D1-A17E-00A0C90AB50F}'
Event Record #/Type8151 / Warning
Event Submitted/Written: 06/28/2008 04:33:13 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{00010409-78E1-11D2-B60F-006097C998E7}', feature 'HTMLSourceEditing' failed during request for component '{9E0B2BE1-DEDA-11D1-A17E-00A0C90AB50F}'
Event Record #/Type8150 / Warning
Event Submitted/Written: 06/28/2008 04:33:02 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
DR/FraudTool.AntiSpyware.AIC:\Documents and Settings\Randy\Desktop\winantivirus setupxv.exe
Event Record #/Type8149 / Warning
Event Submitted/Written: 06/28/2008 04:31:30 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
DR/FraudTool.AntiSpyware.AIC:\Documents and Settings\Randy\Desktop\winantivirus setupxv.exe
Event Record #/Type8148 / Warning
Event Submitted/Written: 06/28/2008 04:30:05 PM
Event ID/Source: 4113 / Avira AntiVir
Event Description:
DR/FraudTool.AntiSpyware.AIC:\Documents and Settings\Randy\Desktop\winantivirus setupxv.exe
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type74885 / Error
Event Submitted/Written: 06/28/2008 04:00:26 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type74884 / Error
Event Submitted/Written: 06/28/2008 03:58:53 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}
Event Record #/Type74883 / Error
Event Submitted/Written: 06/28/2008 03:58:53 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}
Event Record #/Type74882 / Error
Event Submitted/Written: 06/28/2008 03:58:53 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}
Event Record #/Type74878 / Error
Event Submitted/Written: 06/28/2008 03:43:11 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
Avg7Core
Avg7RsW
Avg7RsXP
avgio
avipbb
Fips
Processor
ssmdrv
-- End of Deckard's System Scanner: finished at 2008-06-28 16:48:35 ------------