I have not been getting help anywhere else but here. I did notice that somoen else had the same issue and followed his solution to this problem, but I now have this new issue.
Ands as you requested here are those reports:
Explorer killed successfully
File/Folder C:\WINDOWS\system32\el32.dll not found.
File/Folder C:\FOUND.002 not found.
< HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6ceb7b0-629e-11dd-97e6-000ae64d1ce9} >
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6ceb7b0-629e-11dd-97e6-000ae64d1ce9}\\ not found.
< purity >
< EmptyTemp >
File delete failed. C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp\Perflib_Perfdata_e90.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp\Perflib_Perfdata_b48.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp\Perflib_Perfdata_9fc.dat scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
Explorer started successfully
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08182008_104533
Files moved on Reboot...
File C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp\Perflib_Perfdata_e90.dat not found!
File C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp\Perflib_Perfdata_b48.dat not found!
File C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp\Perflib_Perfdata_9fc.dat not found!
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, August 18, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, August 18, 2008 18:33:05
Records in database: 1105136
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
Z:\
Scan statistics:
Files scanned: 118591
Threat name: 6
Infected objects: 10
Suspicious objects: 0
Duration of the scan: 04:40:34
File name / Threat name / Threats count
C:\Program Files\wsv.exe Infected: Trojan.Win32.Agent.yhk 1
C:\Documents and Settings\David Panther\Desktop\virus helper\SmitfraudFix.zip Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\David Panther\Desktop\virus helper\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\David Panther\Desktop\virus helper\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\David Panther\Desktop\virus helper\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\System Volume Information\_restore{D1661836-DB9E-46C5-8CDE-8809B4029D5E}\RP2\A0001069.exe Infected: not-a-virus:Monitor.Win32.Perflogger.bx 1
E:\Program Files\wsv.exe Infected: Trojan.Win32.Agent.yhk 1
E:\System Volume Information\_restore{D1661836-DB9E-46C5-8CDE-8809B4029D5E}\RP2\A0001070.exe Infected: not-a-virus:Monitor.Win32.Perflogger.163 1
E:\System Volume Information\_restore{D1661836-DB9E-46C5-8CDE-8809B4029D5E}\RP2\A0001070.exe Infected: not-a-virus:Monitor.Win32.Perflogger.ad 1
E:\Temp\Temporary Internet Files\Content.IE5\Q8SXM4H3\ZwinkySetup2.2.60.6[1].exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bx 1
The selected area was scanned.
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon XP 1500+
Percentage of Memory in Use: 62%
Physical Memory (total/avail): 511.48 MiB / 193.31 MiB
Pagefile Memory (total/avail): 1247.79 MiB / 820.88 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1919.14 MiB
A: is Removable (Unformatted)
C: is Fixed (FAT32) - 37.46 GiB total, 11.92 GiB free.
D: is CDROM (CDFS)
E: is Fixed (FAT32) - 65.98 GiB total, 31.26 GiB free.
F: is Fixed (NTFS) - 86.46 GiB total, 15.93 GiB free.
G: is CDROM (No Media)
Z: is Removable (No Media)
\\.\PHYSICALDRIVE0 - Maxtor 6L200P0 - 189.92 GiB - 3 partitions
\PARTITION0 (bootable) - Unknown - 37.47 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 152.45 GiB - E: - F:
\\.\PHYSICALDRIVE1 - WDC WD600AB-32CZA0 - 55.9 GiB - partitions
\\.\PHYSICALDRIVE2 - IMG VP0
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before download.
Windows Internal Firewall is enabled.
AV: AVG 7.5.526 v7.5.526 (Grisoft)
AV: ESET NOD32 Antivirus 3.0 v3.0 (ESET, spol. s r. o.)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"E:\\Program Files\\Paintbrawl4\\PB4.exe"="E:\\Program Files\\Paintbrawl4\\PB4.exe:*:Enabled:Extreme Paintbrawl 4"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\WINDOWS\\System32\\DPNSvr.exe"="C:\\WINDOWS\\System32\\DPNSvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\WINDOWS\\System32\\dxdiag.exe"="C:\\WINDOWS\\System32\\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"E:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"="E:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable"
"C:\\WINDOWS\\System32\\mmc.exe"="C:\\WINDOWS\\System32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\Grisoft\\AVG7\\avgw.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgw.exe:*:Enabled:AVG Test Center"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"E:\\Half-Life 2\\hl2.exe"="E:\\Half-Life 2\\hl2.exe:*:Disabled:hl2"
"E:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"="E:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe:*:Enabled:BF1942"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"E:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe"="E:\\Program Files\\EA GAMES\\Need for Speed Most Wanted\\speed.exe:*:Enabled:speed"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\David Panther\Application Data
BLASTER=A220 I7 D1 H7 P300 T6
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JAX
ComSpec=C:\WINDOWS\system32\cmd.exe
CTSYN=C:\WINDOWS
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\David Panther
LOGONSERVER=\\JAX
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Sonic\MyDVD;;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\ATI Technologies\ATI.ACE;D:\Program Files\QuickTime\QTSystem;;"C:\ProgramFiles\Symantec\NortonGhost2003\";C:\PROGRA~1\SONIC\MYDVD
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0801
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\DAVIDP~1\LOCALS~1\Temp
USERDOMAIN=JAX
USERNAME=David Panther
USERPROFILE=C:\Documents and Settings\David Panther
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
LocalService
David Panther
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Acrobat 7.0 Professional --> msiexec /I {AC76BA86-1033-0000-7760-100000000002}
Adobe Acrobat and Reader 6.0.3 Update --> MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000603}
Adobe Acrobat and Reader 6.0.4 Update --> MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000604}
Adobe Acrobat and Reader 6.0.5 Update --> MsiExec.exe /I{AC76BA86-0000-7EC8-7489-000000000605}
Adobe Atmosphere Player for Acrobat and Adobe Reader --> C:\WINDOWS\atmoUn.exe
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"e:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"e:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Shockwave Player --> C:\WINDOWS\SYSTEM32\MACROMED\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\MACROMED\SHOCKW~1\Install.log
Apple Mobile Device Support --> MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update --> MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Atari: The 80 Classic Games --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Atari\The 80 Classic Games\Uninst.isu"
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> MsiExec.exe /I{7B76034B-B3ED-46D5-8C66-DEB102CB830A}
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Decoder --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EDE28287-D32C-415E-9C97-2BF9F9260150} /l1033
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
ATI Multimedia Center 9.01 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{8988F5D0-C83F-41F4-B41B-86031F9B37F5} /l1033
ATI Remote Wonder 2.3 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3347F781-9C89-4C9B-B471-B1FFC3BC4A84} /l1033
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Battlefield 1942 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
Billeo --> C:\Program Files\Billeo\uninstall.exe
BitComet 1.02 --> C:\Program Files\BitComet\uninst.exe
CloneDVD2 --> "E:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="E:\Program Files\Elaborate Bytes\CloneDVD2"
Creative Launcher --> C:\WINDOWS\CTDELLAU.EXE -[Creative Launcher
Creative Recorder --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Creative\Recorder\DeIsL2.isu"
DAO --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}
DCXtended .9 --> E:\Program Files\EA GAMES\Battlefield 1942\Mods\DC_Extended\uninstall.exe
DesertCombat 0.7 --> C:\WINDOWS\iun6002.exe "E:\Program Files\EA GAMES\Battlefield 1942\DesertCombat.ini"
digestIT 2004 --> MsiExec.exe /I{5B119660-1788-11D8-8EB8-0050BF643EE7}
Dungeon Siege 2 --> "E:\Program Files\Microsoft Games\Dungeon Siege 2\UNINSTAL.EXE" /runtemp /uninstall
Dungeon Siege 2 Broken World --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}\setup.exe" -l0x9 -removeonly
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"
ESET NOD32 Antivirus --> MsiExec.exe /I{2204AF25-80E5-468E-B46D-795685B35DEB}
Excursion 9.5 --> C:\WINDOWS\unvise32.exe d:\downloads\mirc\excursion\uninstal.log
Fable - The Lost Chapters --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
gBurner --> "E:\Program Files\gBurner\uninstall.exe"
Guild Wars --> "F:\Program Files\Guild Wars\Gw.exe" -uninstall
HijackThis 2.0.2 --> "C:\Documents and Settings\David Panther\Desktop\virus helper\HijackThis.exe" /uninstall
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
IGN Download Manager 2.3.3 --> e:\Program Files\IGN\Download Manager\uninst.exe
Java 6 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MaxBlast 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{639858DD-4966-40F3-A706-7C838BCF3A2B}\setup.exe"
MediaDB --> MsiExec.exe /I{4ABE097D-17E8-4697-948F-85820331738A}
MediaWidget 4.0 --> "E:\Program Files\Media Widget\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Web Publishing Wizard 1.52 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
MSN Entertainment Download Troubleshooter --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnediag.inf,Uninstall
MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MyDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\Setup.exe" -l0x9 /SMAINT
Need for Speed™ Most Wanted --> E:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
Nero 7 Ultra Edition --> MsiExec.exe /I{5241FB1B-9CF5-448C-3BFD-1AE58B061033}
Netscape Navigator (9.0.0.5) --> C:\Program Files\Netscape\Navigator 9\uninstall\helper.exe
Norton Spyware Scan provided by Yahoo! --> C:\PROGRA~1\YAHOO!\COMMON\unynss.exe
OpenAL --> "C:\Program Files\OpenAL\oalinst[1].exe" /U
Ozzy Bubbles --> "E:\Program Files\Ozzy Bubbles\ReflexiveArcade\unins000.exe"
PowerISO --> "E:\Program Files\PowerISO\uninstall.exe"
PrintMaster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A304FDE-F4E3-446D-AA0D-31425C897B71}\setup.exe" anything
Quake III Arena --> C:\WINDOWS\IsUninst.exe -f"D:\Program Files\Quake III Arena\QIII.isu"
Quake III Arena Point Release 1.32 --> C:\WINDOWS\unvise32.exe d:\program files\quake iii arena\uninstal5.log
Quake III Team Arena --> C:\WINDOWS\IsUninst.exe -f"D:\Program Files\Quake III Arena\Q3TA.isu"
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RegCure 1.5.0.0 --> C:\Program Files\RegCure\uninst.exe
RegistryFix v3.0 --> "e:\Program Files\RegistryFix\unins000.exe"
Samsung USB Driver (MCCI 4.34) WHQL v3.0 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{FAD03728-DA19-4313-959F-872A9C432A86}
Serious Sam 2 --> E:\Program Files\Serious Sam 2\Bin\Uninstall.exe
Serious Sam: The First Encounter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{815050E5-F545-11D4-9569-004095812ACC}\Setup.exe"
Slingo Quest --> E:\PROGRA~1\GAMEHO~1\SLINGO~1\UNWISE.EXE /U E:\PROGRA~1\GAMEHO~1\SLINGO~1\INSTALL.LOG
Sonic CinePlayer --> MsiExec.exe /X{26792CA7-D87A-4DBE-896B-C2F66B344511}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Sound Blaster Live! Value --> C:\WINDOWS\CTDEL.EXE -[Sound Blaster Live! Value
Sound Blaster Live! Web 2K/XP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}\Setup.exe" -l0x9
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SupportSoft Assisted Service --> MsiExec.exe /I{5A3F6A80-7913-475E-8B96-477A952CFA43}
Symantec Technical Support Web Controls --> MsiExec.exe /X{A0E27BA8-353A-4288-AB60-5DE8EDA18E16}
TomTom HOME --> E:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
Uniblue SpeedUpMyPC 3 --> "C:\Program Files\Uniblue\SpeedUpMyPC 3\unins000.exe"
Unix Utilities for Yahoo! Widgets --> C:\Program Files\Yahoo!\Yahoo! Widget Engine\UnixUtils\uninstall.exe
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Winamp Remote --> "C:\Program Files\Winamp Remote\uninstall.exe"
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip --> "e:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Anti-Spy --> C:\PROGRA~1\YAHOO!\COMMON\unypsr.exe
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Browser Services --> C:\PROGRA~1\YAHOO!\COMMON\unyext.exe
Yahoo! Messenger --> C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection --> C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\YAHOO!~1\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type7694 / Error
Event Submitted/Written: 08/18/2008 10:45:05 AM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 890862850.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.
Event Record #/Type7693 / Error
Event Submitted/Written: 08/18/2008 10:44:46 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application otmoveit2.exe, version 1.0.4.3, faulting module unknown, version 0.0.0.0, fault address 0x1000371d.
Processing media-specific event for [otmoveit2.exe!ws!]
Event Record #/Type7628 / Error
Event Submitted/Written: 08/13/2008 09:29:14 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....uthrootseq.txt> with error: This operation returned because the timeout period expired.
Event Record #/Type7626 / Error
Event Submitted/Written: 08/13/2008 09:24:07 PM
Event ID/Source: 11316 / MsiInstaller
Event Description:
Product: ESET NOD32 Antivirus -- Error 1316. A network error occurred while attempting to read from the file: C:\Documents and Settings\David Panther\Desktop\eav_nt32_enu.msi
Event Record #/Type7550 / Error
Event Submitted/Written: 08/11/2008 01:08:19 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16674, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type47995 / Error
Event Submitted/Written: 08/18/2008 10:47:53 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The PC Tools Spyware Doctor service failed to start due to the following error:
%%3
Event Record #/Type47994 / Error
Event Submitted/Written: 08/18/2008 10:47:53 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The helpsvc service failed to start due to the following error:
%%2
Event Record #/Type47993 / Error
Event Submitted/Written: 08/18/2008 10:47:09 AM / 08/18/2008 10:47:39 AM
Event ID/Source: 4 / sptd
Event Description:
Driver detected an internal error in its data structures for .
Event Record #/Type47988 / Warning
Event Submitted/Written: 08/18/2008 10:39:36 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver HP Officejet 5600 series for Windows NT x86 Version-3 was added or updated. Files:- hpz2ku12.dll, hpzpm312.dll, hpop5612.dat, hpfmom12.hlp, hpzimc12.dll, hpzstw12.exe, hpzslk12.dll, hpzr3212.dll, hpzrm312.dll, hpzcon12.dll, hpzcfg12.exe, hpzeng12.exe, hpzflt12.dll, hpzime12.dll, hpzjui12.dll, hpzpre12.exe, hpzres12.dll, hpzstc12.exe, hpztbi12.dll, hpztbu12.exe, hpztbx12.exe, hpzlnt12.dll, hpzsnt12.dll, hpzcoi12.dll, hpzvip12.dll, hpzims12.dll, hpzpcl12.dll, hpofax08.dll, hpof5612.dat.
Event Record #/Type47987 / Warning
Event Submitted/Written: 08/18/2008 10:38:02 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver HP Officejet 5600 series for Windows NT x86 Version-3 was added or updated. Files:- hpz2ku12.dll, hpzpm312.dll, hpop5612.dat, hpfmom12.hlp, hpzimc12.dll, hpzstw12.exe, hpzslk12.dll, hpzr3212.dll, hpzrm312.dll, hpzcon12.dll, hpzcfg12.exe, hpzeng12.exe, hpzflt12.dll, hpzime12.dll, hpzjui12.dll, hpzpre12.exe, hpzres12.dll, hpzstc12.exe, hpztbi12.dll, hpztbu12.exe, hpztbx12.exe, hpzlnt12.dll, hpzsnt12.dll, hpzcoi12.dll, hpzvip12.dll, hpzims12.dll, hpzpcl12.dll, hpofax08.dll, hpof5612.dat.
-- End of Deckard's System Scanner: finished at 2008-08-18 19:39:29 ------------
Deckard's System Scanner v20071014.68
Run by David Panther on 2008-08-18 19:36:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
7: 2008-08-19 02:37:02 UTC - RP7 - Deckard's System Scanner Restore Point
6: 2008-08-18 02:02:13 UTC - RP6 - System Checkpoint
5: 2008-08-15 03:17:24 UTC - RP5 - Software Distribution Service 3.0
4: 2008-08-14 04:28:02 UTC - RP4 - Installed ESET NOD32 Antivirus
3: 2008-08-14 04:24:07 UTC - RP3 - Installed ESET NOD32 Antivirus
-- First Restore Point --
1: 2008-08-11 18:58:39 UTC - RP1 - System Checkpoint
Performed disk cleanup.
-- HijackThis (run as David Panther.exe) ---------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:26, on 8/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\SVCHOST.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\ctfmon.exe
E:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Billeo\billeo.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\David Panther\desktop\dss.exe
C:\DOCUME~1\DAVIDP~1\Desktop\VIRUSH~1\DAVIDP~1.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.yahoo.com/O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Billeo - {465E08E7-F005-4389-980F-1D8764B3486C} - C:\Program Files\Billeo\billeo.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Billeo - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - C:\Program Files\Billeo\billeo.dll
O4 - HKLM\..\Run: [PestPatrol Control Center] E:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [TomTomHOME.exe] "E:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: billeo.lnk = C:\Program Files\Billeo\billeo.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://F:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Billeo - {97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - C:\Program Files\Billeo\billeo.dll (HKCU)
O15 - Trusted Zone:
http://www.adobe.comO15 - Trusted Zone:
http://acs.pandasoftware.comO15 - Trusted Zone:
http://activescan.pandasoftware.comO15 - Trusted Zone:
http://www.pandasoftware.comO15 - Trusted Zone:
http://www.pandasoftware.esO16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) -
http://www.symantec....trl/tgctlsi.cabO16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) -
http://www.symantec....trl/tgctlsr.cabO16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) -
http://www.creative....030/CTSUEng.cabO16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) -
http://downloadcente...trolLite_EN.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
http://www.symantec....rl/LSSupCtl.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) -
http://www.symantec....rl/SymAData.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplane...C_2.3.3.102.cabO16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
http://www.symantec....trl/tgctlsi.cabO16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) -
http://www.symantec....trl/tgctlsr.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1128389758556O16 - DPF: {712362BF-E411-4F43-99D2-EB15F80AF1DB} (MsneDiag Class) -
http://entimg.msn.co...snediag4616.cabO16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) -
http://www.vzwpix.co...loadControl.cabO16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) -
http://www.superadbl...ivex/sabspx.cabO16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
http://www.symantec....rl/SymAData.cabO16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) -
http://a532.g.akamai...5/installer.exeO16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) -
http://clubgames.pog...sh.1.0.0.80.cabO16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} -
http://www.shockwave...ownloadCtrl.cabO16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) -
http://www.creative....15030/CTPID.cabO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O24 - Desktop Component 0: (no name) - F:\doubletime.html
--
End of file - 11520 bytes
-- File Associations -----------------------------------------------------------
.reg - regfile - shell\open\command - regedit.exe "%1" %*.scr - scrfile - shell\open\command - "%1" %*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 FileDisk - c:\windows\system32\drivers\filedisk.sys <Not Verified; iolo technologies, LLC (based on original work by Bo Brantén); filedisk (based on original work by Bo Brantén)>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 SSHDRV65 - c:\windows\system32\drivers\sshdrv65.sys
R1 SSHDRV85 - c:\windows\system32\drivers\sshdrv85.sys <Not Verified; ; ProtectCD>
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
S1 ATITool (ATITool Overclocking Utility) - c:\windows\system32\drivers\atitool.sys <Not Verified; ; Low-Level Driver>
S3 SGUARD - c:\windows\system32\drivers\sguard.sys <Not Verified; iolo technologies, LLC; Startup Guard™ Registry Driver>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S3 x10nets (X10 Device Network Service) -
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318}
Description: ATI Radeon 9550 / X1050 Series Secondary
Device ID: PCI\VEN_1002&DEV_4173&SUBSYS_04031002&REV_00\4&349B7D1E&0&0110
Manufacturer: ATI Technologies Inc.
Name: ATI Radeon 9550 / X1050 Series Secondary
PNP Device ID: PCI\VEN_1002&DEV_4173&SUBSYS_04031002&REV_00\4&349B7D1E&0&0110
Service: ati2mtag
-- Process Modules -------------------------------------------------------------
C:\WINDOWS\SYSTEM32\WINLOGON.EXE (pid 680)
2006-07-19 20:48:54 596992 --a------ C:\WINDOWS\SYSTEM32\WgaLogon.dll <Not Verified; Microsoft Corporation; Windows Genuine Advantage>
C:\WINDOWS\SYSTEM32\SVCHOST.EXE (pid 1480)
2008-08-18 10:47:40 14336 --a------ C:\WINDOWS\SYSTEM32\el32.dll
C:\WINDOWS\explorer.exe (pid 1436)
2006-03-28 16:49:26 73728 --a------ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll <Not Verified; Nero AG; Nero BackItUp>
2004-08-16 09:00:00 5120 --a------ E:\Program Files\WinZip\WZSHLSTB.DLL <Not Verified; WinZip Computing, Inc.; WinZip>
2004-09-08 19:51:54 121344 --a------ C:\Program Files\WinRAR\RarExt.dll
2005-11-15 12:07:16 1802240 --a------ C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll <Not Verified; Nero AG; Nero Digital Tools>
2006-09-25 09:13:12 73728 --a------ C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll <Not Verified; ; ACE Context Menu>
-- Scheduled Tasks -------------------------------------------------------------
2008-08-18 19:00:02 284 --ah----- C:\WINDOWS\Tasks\AF04E97891A39B50.job
2008-08-18 17:00:14 454 --a------ C:\WINDOWS\Tasks\RegCure Program Check.job
2008-08-18 17:00:06 464 --a------ C:\WINDOWS\Tasks\XoftSpySE 2.job
2008-08-14 03:30:02 442 --a------ C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job
2008-08-12 20:49:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-08-10 14:35:02 286 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
2008-06-01 14:23:54 408 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
2008-04-15 06:04:38 378 --a------ C:\WINDOWS\Tasks\XoftSpySE.job
-- Files created between 2008-07-18 and 2008-08-18 -----------------------------
2008-08-18 10:47:39 14336 --a------ C:\WINDOWS\system32\el32.dll
2008-08-13 21:28:04 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-08-11 19:25:37 0 d-------- C:\Documents and Settings\David Panther\Application Data\Malwarebytes
2008-08-11 19:25:33 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-11 19:25:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-11 17:56:24 1854 --a------ C:\WINDOWS\system32\tmp.reg
2008-08-11 17:46:40 0 d-------- C:\!KillBox
2008-08-11 17:19:55 0 d-------- C:\VundoFix Backups
2008-08-10 12:05:44 11414 --a------ C:\Program Files\wsv.exe
2008-08-09 22:22:04 0 d-------- C:\WINDOWS\ERUNT
2008-08-09 21:46:23 0 d-------- C:\Documents and Settings\David Panther\Application Data\Alawar
2008-08-09 21:46:02 0 d-------- C:\WINDOWS\Jenny's Fish Shop
2008-07-24 20:53:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-24 17:47:39 6200 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-07-21 11:15:44 0 dr-h----- C:\Documents and Settings\David Panther\Recent
-- Find3M Report ---------------------------------------------------------------
2008-08-18 10:46:32 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000002-80271102}.dat
2008-08-18 10:46:32 24 --a------ C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000B-00001102-00000002-80271102}.dat
2008-08-10 18:04:46 26624 --a------ C:\WINDOWS\system32\USERINIT.EXE
2008-07-16 20:27:56 0 d-------- C:\Documents and Settings\David Panther\Application Data\Netscape
2008-07-16 16:43:30 0 d-------- C:\Program Files\Billeo
2008-06-30 20:45:40 2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2008-06-18 19:13:10 0 d-------- C:\Documents and Settings\David Panther\Application Data\BSD
2008-06-18 18:52:36 0 d-------- C:\Program Files\Common Files\eSellerate
2008-06-18 18:26:24 0 d-------- C:\Program Files\Common Files\Apple
2008-05-28 19:28:42 0 --a------ C:\WINDOWS\system32\SBRC.dat
2008-05-28 19:28:42 0 --a------ C:\WINDOWS\system32\SBFC.dat
2008-05-20 17:25:22 125 ---hs---- C:\Documents and Settings\David Panther\Application Data\.zreglib
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PestPatrol Control Center"="E:\PROGRA~1\PESTPA~1\PPControl.exe" [11/15/2004 11:49]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [06/27/2008 19:09]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [09/25/2006 09:12]
"Acrobat Assistant 7.0"="F:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [12/14/2004 02:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [06/10/2008 18:52]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="E:\Program Files\TomTom HOME 2\HOMERunner.exe" [05/06/2008 01:42]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 00:56]
C:\Documents and Settings\David Panther\Start Menu\Programs\Startup\
DESKTOP.INI [10/2/2005 9:53:14 PM]
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe [7/20/2007 10:57:16 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [10/2/2005 9:53:14 PM]
billeo.lnk - C:\Program Files\Billeo\billeo.exe [5/7/2008 7:13:14 PM]
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [7/24/2008 8:56:30 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= F:\doubletime.html
FriendlyName=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9ddaf50-b2b0-11dc-bd05-000ae64d1ce9}]
-- End of Deckard's System Scanner: finished at 2008-08-18 19:39:29 ------------