My Pc is infected with trojan horse PSW.OnlineGames.X,Y,Z.
I followed the instruction given in the forum.
[MAIN.txt]
Deckard's System Scanner v20071014.68
Run by Ratovirus on 2008-03-21 11:06:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
5: 2008-03-21 05:37:08 UTC - RP34 - Deckard's System Scanner Restore Point
4: 2008-03-21 00:16:23 UTC - RP33 - System Checkpoint
3: 2008-03-19 14:52:53 UTC - RP32 - System Checkpoint
2: 2008-03-18 14:05:46 UTC - RP31 - System Checkpoint
1: 2008-03-16 22:20:58 UTC - RP30 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 224 MiB (512 MiB recommended).
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-21 11:09:06
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.5730.11)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Documents and Settings\Ratovirus\Desktop\dss.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ircdown.c...vs=hompag&hl=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ent/swflash.cab
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
O23 - Service: SQL Server Active Directory Helper (MSSQLServerADHelper) - Unknown owner - c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
O23 - Service: Visual Studio 2005 Remote Debugger (msvsmon80) - Unknown owner - C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SQL Server Browser (SQLBrowser) - Unknown owner - c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
O23 - Service: SQL Server VSS Writer (SQLWriter) - Unknown owner - c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
--
End of file - 4958 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 MFFD200F - c:\windows\system32\drivers\mffd200f.sys <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
S3 mffd200s - c:\windows\system32\drivers\mffd200s.sys <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
S3 MFFD200U (LG Electronics MF-FD200 USB Driver) - c:\windows\system32\drivers\mffd200u.sys <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S4 MSSQL$SQLEXPRESS (SQL Server (SQLEXPRESS)) - "c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe" -ssqlexpress (file missing)
S4 MSSQLServerADHelper (SQL Server Active Directory Helper) - "c:\program files\microsoft sql server\90\shared\sqladhlp90.exe" (file missing)
S4 msvsmon80 (Visual Studio 2005 Remote Debugger) - "c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe" /service msvsmon80 (file missing)
S4 SQLBrowser (SQL Server Browser) - "c:\program files\microsoft sql server\90\shared\sqlbrowser.exe" (file missing)
S4 SQLWriter (SQL Server VSS Writer) - "c:\program files\microsoft sql server\90\shared\sqlwriter.exe" (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_134D&DEV_2189&SUBSYS_1002134D&REV_04\3&61AAA01&0&48
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_134D&DEV_2189&SUBSYS_1002134D&REV_04\3&61AAA01&0&48
Service:
-- Files created between 2008-02-21 and 2008-03-21 -----------------------------
2008-03-18 20:57:09 0 d-------- C:\WINDOWS\Applian FLV Player
2008-03-18 20:57:09 0 d-------- C:\Program Files\FLV Player
2008-03-17 11:12:48 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Grisoft
2008-03-16 11:45:06 0 d--hs---- C:\FOUND.000
2008-03-16 02:00:14 53248 --a------ C:\WINDOWS\system32\ImageOle.dll <Not Verified; TODO: <Company name>; TODO: <Product name>>
2008-03-16 02:00:13 0 d-------- C:\Program Files\Garena
2008-03-16 01:59:57 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\InstallShield
2008-03-15 22:18:10 72192 -r-hs---- C:\WINDOWS\system32\amvo1.dll
2008-03-15 19:28:50 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Thunderbird
2008-03-14 21:23:10 0 d-------- C:\Program Files\Steam
2008-03-14 21:00:33 0 d-------- C:\Program Files\K
2008-03-14 20:22:56 164352 --a------ C:\WINDOWS\system32\unrar.dll
2008-03-14 20:22:51 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-03-14 20:22:51 159839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-03-14 20:22:51 755027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-03-14 20:22:50 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-03-14 20:22:50 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-03-14 20:22:49 682496 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-14 20:22:47 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-03-14 20:22:43 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-03-14 20:22:43 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Real
2008-03-14 20:22:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Real
2008-03-14 20:04:51 0 d-------- C:\Program Files\CoreAVC Pro
2008-03-14 20:02:12 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Help
2008-03-14 16:34:54 0 d-------- C:\Program Files\Microsoft SQL Server
2008-03-14 16:33:16 0 d-------- C:\Program Files\Microsoft Device Emulator
2008-03-14 16:32:59 0 d-------- C:\Program Files\Microsoft SQL Server 2005 Mobile Edition
2008-03-14 16:10:38 0 d-------- C:\Program Files\Microsoft.NET
2008-03-14 16:04:04 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-03-13 02:56:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-12 22:06:39 0 d-------- C:\Program Files\Nero
2008-03-12 22:06:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-03-12 20:07:45 0 d-------- C:\WINDOWS\system32\appmgmt
2008-03-12 19:10:42 18528 --a------ C:\Documents and Settings\Ratovirus\Application Data\GDIPFONTCACHEV1.DAT
2008-03-09 16:48:08 0 d-------- C:\Program Files\BigSpeed Peer-to-Peer SDK
2008-03-09 16:08:06 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Ahead
2008-03-09 15:35:16 1158 --a------ C:\WINDOWS\mozver.dat
2008-03-09 15:27:49 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-09 15:26:51 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Mozilla
2008-03-08 17:48:27 0 d-------- C:\Program Files\AdVantage
2008-03-08 17:29:08 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\BSplayer
2008-03-08 17:29:08 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\BSplayer Pro
2008-03-08 17:29:07 0 d-------- C:\Program Files\Webteh
2008-03-08 02:09:49 0 dr-h----- C:\$VAULT$.AVG
2008-03-07 19:55:33 0 d--h----- C:\WINDOWS\PIF
2008-03-07 19:55:28 19568 --a------ C:\WINDOWS\system\CTL3D.DLL <Not Verified; Microsoft Corporation; 3d Windows Control>
2008-03-07 19:55:25 21648 --a------ C:\WINDOWS\system\CTL3DV2.DLL <Not Verified; Microsoft Corporation; 3d Windows Control>
2008-03-07 19:55:19 81920 --a------ C:\WINDOWS\system\BIVBX11.DLL <Not Verified; Borland International; VBX Emulation Library>
2008-03-07 19:55:13 18944 --a------ C:\WINDOWS\system32\BIVBX11S.DLL <Not Verified; Borland International; 16-bit VBX Thunk DLL for Win32s>
2008-03-07 19:55:13 56320 --a------ C:\WINDOWS\system32\BIVBX11N.EXE <Not Verified; Borland International; 16-bit VBX Thunk Server for Windows NT>
2008-03-07 19:55:13 16384 --a------ C:\WINDOWS\system32\BIVBX11C.DLL
2008-03-07 19:55:10 264800 --a------ C:\WINDOWS\system\BOCOLE.DLL
2008-03-07 19:55:07 211488 --a------ C:\WINDOWS\system32\BWCC32.DLL <Not Verified; Borland International; >
2008-03-07 19:55:07 159744 --a------ C:\WINDOWS\system32\BW32000C.DLL
2008-03-07 19:55:07 159744 --a------ C:\WINDOWS\system32\BW320009.DLL <Not Verified; Borland International; >
2008-03-07 19:55:07 159744 --a------ C:\WINDOWS\system32\BW320007.DLL
2008-03-07 19:54:58 589856 --a------ C:\WINDOWS\system32\BOCOLEF.DLL
2008-03-07 19:54:46 96928 --a------ C:\WINDOWS\system\BWCC000C.DLL
2008-03-07 19:54:46 96912 --a------ C:\WINDOWS\system\BWCC0009.DLL <Not Verified; Borland International; >
2008-03-07 19:54:46 97072 --a------ C:\WINDOWS\system\BWCC0007.DLL
2008-03-07 19:54:46 164928 --a------ C:\WINDOWS\system\BWCC.DLL <Not Verified; Borland International; >
2008-03-07 19:54:33 0 d-------- C:\DTEXT23
2008-03-07 19:54:13 0 d-------- C:\BC45
2008-03-07 19:34:32 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Media Player Classic
2008-03-07 19:27:40 0 d-------- C:\Program Files\Ocean Technologies & Media
2008-03-07 18:55:09 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\vlc
2008-03-06 19:52:17 0 d-------- C:\Program Files\VideoLAN
2008-03-06 19:48:40 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-03-06 19:19:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-03-06 19:18:49 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-06 09:32:05 139264 --a------ C:\WINDOWS\system32\mffd200h.dll <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
2008-03-06 09:32:04 36811 --a------ C:\WINDOWS\system32\drivers\mffd200u.sys <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
2008-03-06 09:32:04 52438 --a------ C:\WINDOWS\system32\drivers\mffd200s.sys <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
2008-03-06 09:32:04 14229 -----n--- C:\WINDOWS\system32\drivers\MFFD200F.SYS <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
2008-03-06 09:32:03 30672 -----n--- C:\WINDOWS\system32\drivers\StMp3Rec.sys <Not Verified; LG Electronics, Inc.; LG Electronics MF-FD200>
2008-03-06 09:31:49 0 d-------- C:\Program Files\MP3 Explorer
2008-03-06 09:31:49 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-06 09:31:00 0 d-------- C:\Program Files\Common Files\InstallShield
2008-03-06 01:43:42 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Adobe
2008-03-05 22:23:57 0 d-------- C:\Program Files\uTorrent
2008-03-05 22:23:52 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\uTorrent
2008-03-05 22:21:53 0 d-------- C:\WINDOWS\pss
2008-03-05 22:17:53 0 d-------- C:\Program Files\S3
2008-03-05 22:17:45 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-03-05 22:17:43 0 d-------- C:\Documents and Settings\Ratovirus\WINDOWS
2008-03-05 22:13:34 0 d-------- C:\Program Files\Common Files\Ahead
2008-03-05 22:02:56 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-03-05 22:02:03 0 d-------- C:\WINDOWS\ShellNew
2008-03-05 21:21:02 0 d--hs---- C:\Documents and Settings\Ratovirus\UserData
2008-03-05 21:18:07 0 d--hs---- C:\Recycled
2008-03-05 21:17:05 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Macromedia
2008-03-05 21:16:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-03-05 21:14:44 0 d-------- C:\Program Files\Yahoo!
2008-03-05 21:13:56 0 d-------- C:\WINDOWS\RegisteredPackages
2008-03-05 21:11:02 0 d-------- C:\Program Files\Winamp
2008-03-05 21:09:38 0 d--h----- C:\WINDOWS\$hf_mig$
2008-03-05 21:07:28 592 --a------ C:\WINDOWS\chgkey.vbs
2008-03-05 21:05:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-03-05 20:32:17 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\AVG7
2008-03-05 20:32:06 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-03-05 20:31:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-05 20:31:51 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-03-05 20:26:17 0 d-------- C:\Documents and Settings\Ratovirus\Application Data\Identities
2008-03-05 20:26:06 0 d--h----- C:\Documents and Settings\Ratovirus\Templates
2008-03-05 20:26:06 0 dr------- C:\Documents and Settings\Ratovirus\Start Menu
2008-03-05 20:26:06 0 dr-h----- C:\Documents and Settings\Ratovirus\SendTo
2008-03-05 20:26:06 0 dr-h----- C:\Documents and Settings\Ratovirus\Recent
2008-03-05 20:26:06 0 d--h----- C:\Documents and Settings\Ratovirus\PrintHood
2008-03-05 20:26:06 2621440 --ah----- C:\Documents and Settings\Ratovirus\NTUSER.DAT
2008-03-05 20:26:06 0 d--h----- C:\Documents and Settings\Ratovirus\NetHood
2008-03-05 20:26:06 0 dr------- C:\Documents and Settings\Ratovirus\My Documents
2008-03-05 20:26:06 0 d--h----- C:\Documents and Settings\Ratovirus\Local Settings
2008-03-05 20:26:06 0 dr------- C:\Documents and Settings\Ratovirus\Favorites
2008-03-05 20:26:06 0 d-------- C:\Documents and Settings\Ratovirus\Desktop
2008-03-05 20:26:06 0 d--hs---- C:\Documents and Settings\Ratovirus\Cookies
2008-03-05 20:26:06 0 dr-h----- C:\Documents and Settings\Ratovirus\Application Data
2008-03-05 20:22:57 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-03-05 20:22:57 0 d--hs---- C:\System Volume Information
2008-03-05 20:22:56 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-03-05 20:22:56 0 d-------- C:\WINDOWS\Prefetch
2008-03-05 20:22:54 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-03-05 20:22:54 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-03-05 20:22:54 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-03-05 20:22:54 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-03-05 20:22:54 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-03-05 20:22:45 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-03-05 20:22:45 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-03-05 20:22:45 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-03-05 20:22:45 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-03-05 20:22:45 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-03-05 20:14:05 0 d-------- C:\WINDOWS\system32\xircom
2008-03-05 20:14:05 0 d-------- C:\Program Files\microsoft frontpage
2008-03-05 20:13:37 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-03-05 20:13:28 0 -rahs---- C:\MSDOS.SYS
2008-03-05 20:13:28 0 -rahs---- C:\IO.SYS
2008-03-05 20:13:28 0 --a------ C:\CONFIG.SYS
2008-03-05 20:13:28 0 --a------ C:\AUTOEXEC.BAT
2008-03-05 20:11:52 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-03-05 20:11:34 0 dr------- C:\WINDOWS\Offline Web Pages
2008-03-05 20:11:34 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-03-05 20:11:16 0 d--h----- C:\Program Files\WindowsUpdate
2008-03-05 20:10:50 0 d-------- C:\WINDOWS\system32\DirectX
2008-03-05 20:10:16 0 d---s---- C:\WINDOWS\Tasks
2008-03-05 20:10:15 0 d-------- C:\Program Files\Common Files\MSSoap
2008-03-05 20:10:11 0 d-------- C:\WINDOWS\srchasst
2008-03-05 20:10:10 0 d-------- C:\WINDOWS\system32\Macromed
2008-03-05 20:10:02 0 d-------- C:\Program Files\Movie Maker
2008-03-05 20:09:53 0 d-------- C:\WINDOWS\system32\Restore
2008-03-05 20:08:30 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-05 20:08:11 0 d-------- C:\WINDOWS\Registration
2008-03-05 20:08:04 0 d-------- C:\Program Files\Online Services
2008-03-05 20:07:52 0 d-------- C:\Program Files\Messenger
2008-03-05 20:07:48 0 d-------- C:\Program Files\MSN Gaming Zone
2008-03-05 20:07:10 0 d-------- C:\Program Files\Windows NT
2008-03-05 20:07:07 0 d-------- C:\WINDOWS\system32\MsDtc
2008-03-05 20:07:05 0 d-------- C:\WINDOWS\system32\Com
2008-03-05 20:00:48 0 d-------- C:\WINDOWS\cwcdata
2008-03-05 19:59:23 0 d--hs---- C:\WINDOWS\Installer
2008-03-05 19:59:22 0 d-------- C:\Program Files\Common Files\ODBC
2008-03-05 19:59:19 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-03-05 19:59:18 0 dr------- C:\Program Files
2008-03-05 19:59:18 0 d-------- C:\Program Files\Common Files
2008-03-05 19:58:50 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-03-05 19:58:50 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-03-05 19:58:50 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-03-05 19:58:50 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-03-05 19:58:50 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-03-05 19:58:50 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-03-05 19:58:50 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-03-05 19:58:50 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-03-05 19:58:50 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-03-05 19:58:50 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-03-05 19:58:50 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-03-05 19:58:50 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-03-05 19:58:50 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-03-05 19:58:50 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-03-05 19:58:50 0 dr------- C:\Documents and Settings\All Users\Documents
2008-03-05 19:58:50 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-03-05 19:58:34 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-03-05 19:58:34 0 d-------- C:\WINDOWS\system32\CatRoot
2008-03-05 19:58:28 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-03-05 19:58:28 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-03-05 19:58:28 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-03-05 19:58:28 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-03-05 19:58:07 0 d-------- C:\Documents and Settings
2008-03-05 19:51:57 0 d-------- C:\WINDOWS
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\WinSxS
2008-03-05 19:51:57 0 dr------- C:\WINDOWS\Web
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\twain_32
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\wins
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\wbem
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\usmt
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\spool
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\ShellExt
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\Setup
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\ras
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\oobe
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\npp
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\mui
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\inetsrv
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\IME
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\icsxml
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\ias
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\export
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\drivers
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-03-05 19:51:57 0 dr-hs---- C:\WINDOWS\system32\dllcache
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\dhcp
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\config
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\3076
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\2052
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1054
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1042
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1041
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1037
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1033
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1031
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1028
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system32\1025
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\system
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\security
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Resources
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\repair
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Provisioning
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\PeerNet
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\pchealth
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\mui
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\msapps
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\msagent
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Media
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\java
2008-03-05 19:51:57 0 d--h----- C:\WINDOWS\inf
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\ime
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Help
2008-03-05 19:51:57 0 dr--s---- C:\WINDOWS\Fonts
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\ehome
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Driver Cache
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Debug
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Cursors
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Connection Wizard
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\Config
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\AppPatch
2008-03-05 19:51:57 0 d-------- C:\WINDOWS\addins
-- Find3M Report ---------------------------------------------------------------
2008-03-05 19:58:52 62 --ahs---- C:\Documents and Settings\Ratovirus\Application Data\desktop.ini
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [03/05/2008 08:35 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amva"="C:\WINDOWS\system32\amvo.exe" []
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/09/2006 03:41 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
"C:\Program Files\AdVantage\AdVantage.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva]
C:\WINDOWS\system32\amvo.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SQLWriter"=3 (0x3)
"NMIndexingService"=3 (0x3)
"MSSQL$SQLEXPRESS"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{381ba040-f4cc-11dc-ae57-000795509c66}]
AutoRun\command- F:\xp19.com
explore\Command- F:\xp19.com
open\Command- F:\xp19.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8027c6e1-eaed-11dc-997b-806d6172696f}]
AutoRun\command- ser.com
explore\Command- ser.com
open\Command- ser.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8027c6e2-eaed-11dc-997b-806d6172696f}]
AutoRun\command- D:\ser.com
explore\Command- D:\ser.com
open\Command- D:\ser.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da49cba0-f2ab-11dc-ae4c-cceef8839430}]
Auto\command- F:\Server.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Server.exe
-- End of Deckard's System Scanner: finished at 2008-03-21 11:11:54 ------------
[extra.txt]
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Celeron® CPU 1.70GHz
Percentage of Memory in Use: 77%
Physical Memory (total/avail): 223.48 MiB / 51.09 MiB
Pagefile Memory (total/avail): 547.04 MiB / 232.29 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1912.79 MiB
C: is Fixed (FAT32) - 8.78 GiB total, 4.42 GiB free.
D: is Fixed (FAT32) - 28.5 GiB total, 3.74 GiB free.
E: is Fixed (FAT32) - 19.06 GiB total, 0.52 GiB free.
\\.\PHYSICALDRIVE0 - SAMSUNG SP0411N - 37.31 GiB - 2 partitions
\PARTITION0 (bootable) - Unknown - 8.79 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 28.51 GiB - D:
\\.\PHYSICALDRIVE1 - ST320423A - 19.07 GiB - 1 partition
\PARTITION0 - Unknown - 19.07 GiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is disabled.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AV: AVG 7.5.519 v7.5.519 (Grisoft)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Ocean Technologies & Media\\GG E-Sports Platform\\GGclient.exe"="C:\\Program Files\\Ocean Technologies & Media\\GG E-Sports Platform\\GGclient.exe:*:Enabled:GG E-Sports Platform Client"
"C:\\Program Files\\BigSpeed Peer-to-Peer SDK\\bsP2pAgentDemo.exe"="C:\\Program Files\\BigSpeed Peer-to-Peer SDK\\bsP2pAgentDemo.exe:*:Enabled:bsP2pAgentDemo"
"D:\\Sem8\\Project VPN\\Hub -- FINAL\\Hub -- FINAL\\bin\\Debug\\P2PHub.vshost.exe"="D:\\Sem8\\Project VPN\\Hub -- FINAL\\Hub -- FINAL\\bin\\Debug\\P2PHub.vshost.exe:*:Enabled:vshost.exe"
"C:\\Program Files\\BigSpeed Peer-to-Peer SDK\\bsP2pHubDemo.exe"="C:\\Program Files\\BigSpeed Peer-to-Peer SDK\\bsP2pHubDemo.exe:*:Enabled:Inernet-enabled zip compression control"
"D:\\Sem8\\Project VPN\\Agent - FINAL\\Agent - FINAL\\bin\\Debug\\P2PAgent.vshost.exe"="D:\\Sem8\\Project VPN\\Agent - FINAL\\Agent - FINAL\\bin\\Debug\\P2PAgent.vshost.exe:*:Enabled:vshost.exe"
"C:\\Program Files\\K\\bsP2pAgentDemo.exe"="C:\\Program Files\\K\\bsP2pAgentDemo.exe:*:Enabled:bsP2pAgentDemo"
"C:\\Program Files\\Garena\\Garena.exe"="C:\\Program Files\\Garena\\Garena.exe:*:Enabled:Garena"
"D:\\Program Files\\Valve\\hl.exe"="D:\\Program Files\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Ratovirus\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=STUDENT-EC3F938
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Ratovirus
include=C:\Program Files\Microsoft Visual Studio\VC98\atl\include;C:\Program Files\Microsoft Visual Studio\VC98\mfc\include;C:\Program Files\Microsoft Visual Studio\VC98\include
lib=C:\Program Files\Microsoft Visual Studio\VC98\mfc\lib;C:\Program Files\Microsoft Visual Studio\VC98\lib
LOGONSERVER=\\STUDENT-EC3F938
MSDevDir=C:\Program Files\Microsoft Visual Studio\Common\MSDev98
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft Visual Studio\Common\Tools\WinNT;C:\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin;C:\Program Files\Microsoft Visual Studio\Common\Tools;C:\Program Files\Microsoft Visual Studio\VC98\bin;C:\BC45\BIN
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 1 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0103
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\RATOVI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\RATOVI~1\LOCALS~1\Temp
USERDOMAIN=STUDENT-EC3F938
USERNAME=Ratovirus
USERPROFILE=C:\Documents and Settings\Ratovirus
VS80COMNTOOLS=C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Ratovirus (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\S3\ProSavage\ProSavage.isu"
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
2in1 Counter-Strike 1.6 & Coundition Zero 1.2 release 11082004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B737740D-6749-4C56-986E-3290972E2F98}\Setup.exe" -l0x19
AC-3 ACM Codec --> C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\AC3ACM.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Applian FLV Player --> "C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
BigSpeed Peer-to-Peer SDK (remove only) --> "C:\Program Files\K\uninstall.exe"
BS.Player FREE powered by AdVantage --> "C:\Program Files\Webteh\BSplayer\uninstall.exe"
CoreAVC Pro 1.5.0.0 --> "C:\Program Files\CoreAVC Pro\unins000.exe"
Garena --> C:\Program Files\InstallShield Installation Information\{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}\setup.exe -runfromtemp -l0x0009 -removeonly
K-Lite Mega Codec Pack 3.8.0 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
MF-FD200 Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6783E559-ADFD-4A0F-AB93-FFD08554597D}\Setup.exe" -l0x9
Microsoft Device Emulator version 1.0 - ENU --> MsiExec.exe /X{78B75C6D-E53C-424C-BF83-4B63BD4A6682}
Microsoft Document Explorer 2005 --> C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005 --> MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools --> MsiExec.exe /X{1389C6A4-4965-4AEC-9175-08B54A10FA48}
Microsoft SQL Server Native Client --> MsiExec.exe /I{BF251EAF-8697-4E89-BF09-C998F97BBC40}
Microsoft Visual C++ 6.0 Docs --> "C:\Program Files\Microsoft Visual Studio\MSDN98\VC6intro\1033\Setup\Setup.exe"
Microsoft Visual C++ 6.0 Introductory Edition --> "C:\Program Files\Microsoft Visual Studio\VC98\Setup\1033\Setup.exe"
Microsoft Visual J# 2.0 Redistributable Package --> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Essentials --> MsiExec.exe /X{9D0B763A-627E-47A7-942F-311B1B611033}
ProSavageDDR and Utilities --> C:\PROGRA~1\S3\P4M266\s3setvga.exe -s -fC:\PROGRA~1\S3\P4M266\P4M266.uns
S3Display --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display'
S3Gamma2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2'
S3Info2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2'
S3Overlay --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay'
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger --> C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG
-- Application Event Log -------------------------------------------------------
Event Record #/Type1132 / Warning
Event Submitted/Written: 03/16/2008 02:21:10 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{90280409-6000-11D3-8CFE-0050048383C9}', feature 'TCWP6Files' failed during request for component '{CC29EC81-7BC2-11D1-A921-00A0C91E2AA2}'
Event Record #/Type1130 / Warning
Event Submitted/Written: 03/16/2008 02:20:51 PM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{90280409-6000-11D3-8CFE-0050048383C9}', feature 'TCWP5Files' failed during request for component '{CC29EC7F-7BC2-11D1-A921-00A0C91E2AA2}'
Event Record #/Type1108 / Error
Event Submitted/Written: 03/16/2008 02:41:12 AM
Event ID/Source: 11924 / MsiInstaller
Event Description:
Product: Microsoft SQL Server 2005 Tools Express Edition -- Error 1924. Could not update environment variable 'PATH'. Verify that you have sufficient privileges to modify environment variables.
Event Record #/Type1104 / Error
Event Submitted/Written: 03/16/2008 02:39:54 AM
Event ID/Source: 11404 / MsiInstaller
Event Description:
Product: Microsoft SQL Server VSS Writer -- Error 1404. Could not delete key \System\CurrentControlSet\Services\EventLog\Application\SQLVDI. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Event Record #/Type1101 / Error
Event Submitted/Written: 03/16/2008 02:38:57 AM
Event ID/Source: 11404 / MsiInstaller
Event Description:
Product: Microsoft SQL Server 2005 Express Edition -- Error 1404. Could not delete key \SYSTEM\CurrentControlSet\Services\EventLog\Application\SQLWEP. System error . Verify that you have sufficient access to that key, or contact your support personnel.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type2802 / Warning
Event Submitted/Written: 03/21/2008 08:50:04 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2801 / Warning
Event Submitted/Written: 03/21/2008 07:00:50 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2800 / Warning
Event Submitted/Written: 03/21/2008 06:06:12 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2799 / Warning
Event Submitted/Written: 03/21/2008 05:38:52 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type2798 / Warning
Event Submitted/Written: 03/21/2008 05:23:59 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
-- End of Deckard's System Scanner: finished at 2008-03-21 11:11:54 ------------
please help me.
Thanks.
Viral.