Okay So i figured out how to get it downloaded. Here is the SDfix report and the two DSS logs:
SDFix: Version 1.173
Run by Bri on Mon 04/21/2008 at 10:35 PM
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\Documents and Settings\Bri\Desktop\SDFix.exe.exe - Deleted
C:\Program Files\CPV\CPV7.dll - Deleted
C:\Program Files\JavaCore\JavaCore.exe - Deleted
C:\Program Files\JavaCore\UnInstall.exe - Deleted
C:\Program Files\nvcoi\mst.stt - Deleted
C:\Program Files\nvcoi\nvcoi.exe - Deleted
C:\Program Files\nvcoi\nvcoi.exe.lzma - Deleted
C:\Program Files\Common Files\Yazzle1560OinAdmin.exe - Deleted
C:\Program Files\Common Files\Yazzle1560OinUninstaller.exe - Deleted
C:\WINDOWS\b103.exe - Deleted
C:\WINDOWS\b116.exe - Deleted
C:\WINDOWS\b152.exe - Deleted
C:\WINDOWS\b153.exe - Deleted
C:\WINDOWS\b155.exe - Deleted
C:\WINDOWS\mrofinu1188.exe - Deleted
C:\Documents and Settings\Bri\lsass.exe - Deleted
C:\WINDOWS\Fonts\Setup.exe - Deleted
C:\WINDOWS\Fonts\svchost.exe - Deleted
Folder C:\Program Files\CPV - Removed
Folder C:\Program Files\InetGet2 - Removed
Folder C:\Program Files\JavaCore - Removed
Folder C:\Program Files\nvcoi - Removed
Folder C:\Program Files\Temporary - Removed
Folder C:\WINDOWS\Fonts\' - Removed
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-04-21 23:43:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\system32\MRT.exe 19836024 bytes
IPC error: 109 The pipe has been ended.
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 13
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\IM\\IM.exe"="C:\\Program Files\\IM\\IM.exe:*:Enabled:IM"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Documents and Settings\\Bri\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\Bri\\Desktop\\utorrent.exe:*:Enabled:æTorrent"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Wed 1 Sep 2004 54,384 A..H. --- "C:\Program Files\America Online 9.0\aolphx.exe"
Wed 1 Sep 2004 156,784 A..H. --- "C:\Program Files\America Online 9.0\aoltray.exe"
Wed 1 Sep 2004 31,344 A..H. --- "C:\Program Files\America Online 9.0\RBM.exe"
Sat 30 Sep 2006 88 ..SHR --- "C:\WINDOWS\system32\26FFFAF14E.sys"
Sun 18 Feb 2007 56 ..SHR --- "C:\WINDOWS\system32\4EF1FAFF26.sys"
Sun 18 Feb 2007 5,852 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Fri 28 Mar 2008 68,608 ..SHR --- "C:\WINDOWS\?ymantec\javaw.exe"
Fri 1 Jun 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 11 Apr 2008 230,400 ..SHR --- "C:\Documents and Settings\Bri\Application Data\??crosoft\r?gedit.exe"
Fri 29 Jun 2007 834 A..H. --- "C:\Program Files\Common Files\AOL\IPHSend\IPH.BAK"
Mon 13 Nov 2006 319,456 A..H. --- "C:\Program Files\Common Files\Motorola Shared\MotPCSDrivers\difxapi.dll"
Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ab59ac72525ea90a47679441587835c9\BIT27.tmp"
Wed 3 May 2006 9,506 A.SH. --- "C:\Documents and Settings\Bri\My Documents\My Music\License Backup\drmv2key.bak"
Sun 8 Apr 2007 8 A..H. --- "C:\Documents and Settings\Bri\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Sun 8 Apr 2007 8 A..H. --- "C:\Documents and Settings\Bri\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Sun 8 Apr 2007 8 A..H. --- "C:\Documents and Settings\Bri\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Sun 15 Apr 2007 8 A..H. --- "C:\Documents and Settings\Bri\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"
Fri 27 Apr 2007 8 A..H. --- "C:\Documents and Settings\Bri\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u5\lock.tmp"
Finished!
Main:
Deckard's System Scanner v20071014.68
Run by Bri on 2008-04-23 02:06:59
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
26: 2008-04-23 07:07:06 UTC - RP624 - Deckard's System Scanner Restore Point
25: 2008-04-22 04:39:37 UTC - RP623 - Software Distribution Service 3.0
24: 2008-04-21 02:28:52 UTC - RP622 - System Checkpoint
23: 2008-04-20 02:16:51 UTC - RP621 - System Checkpoint
22: 2008-04-19 01:28:51 UTC - RP620 - System Checkpoint
-- First Restore Point --
1: 2008-03-29 04:46:35 UTC - RP599 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 503 MiB (512 MiB recommended).
-- HijackThis (run as Bri.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:08:20 AM, on 4/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\YMANTE~1\javaw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\?ystem\?ti2evxx.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
c:\program files\panda software\panda internet security 2007\WebProxy.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\Documents and Settings\Bri\Desktop\dss.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\avciman.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\psimreal.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Bri.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://dsl.sbc.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://support.dell....amp;appindex=ds
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {08A8068E-53D1-42B2-B197-6D568843721F} - C:\WINDOWS\system32\khfDwuVm.dll (file missing)
O2 - BHO: TVEngine Helper - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O2 - BHO: {7b478b82-140e-a6fa-84e4-95592f5d7258} - {8527d5f2-9559-4e48-af6a-e04128b874b7} - C:\WINDOWS\system32\fbfdtejh.dll
O2 - BHO: (no name) - {BAAC4286-A632-82E0-4090-A58F715A7FE4} - C:\WINDOWS\system32\nix.dll
O2 - BHO: (no name) - {DE5D52C4-F387-44DB-AA5F-9BE69C702D22} - C:\WINDOWS\system32\opnkIxyw.dll (file missing)
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P35 "EPSON Stylus CX3800 Series (Copy 1)" /O6 "USB002" /M "Stylus CX3800"
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series (Copy 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P35 "EPSON Stylus CX3800 Series (Copy 2)" /O5 "LPT1:" /M "Stylus CX3800"
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [BM5ffe043f] Rundll32.exe "C:\WINDOWS\system32\tupjlyno.dll",s
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Uaol] "C:\WINDOWS\YMANTE~1\javaw.exe" -vt yazb
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Excuph] C:\WINDOWS\?ystem\?ti2evxx.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Bri\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) -
http://forms.real.co...ne_Inst_Win.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by103fd.bay10...es/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.mi...b?1200370412712
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cab
O20 - Winlogon Notify: khfDwuVm - khfDwuVm.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 10067 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080421-211703-101 O15 - Trusted Zone: *.errorprotector.com
backup-20080421-211703-216 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapp...//www.yahoo.com
backup-20080421-211703-264 O4 - HKCU\..\Run: [Uaol] "C:\WINDOWS\YMANTE~1\javaw.exe" -vt yazb
backup-20080421-211703-285 O4 - HKCU\..\Run: [nvcoi] C:\Program Files\nvcoi\nvcoi.exe
backup-20080421-211703-306 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://resultsmaster...omeLeftPane.htm
backup-20080421-211703-324 O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Bri\lsass.exe
backup-20080421-211703-331 O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD325762EA4EBF
968951185EFC412806867680AEDE604D64C2661373F819EBDCD66A47
backup-20080421-211703-332 O15 - Trusted Zone: *.winfixer.com
backup-20080421-211703-339 O4 - HKLM\..\Run: [7B26340860737E225826] Rundll32.exe "C:\WINDOWS\system32\hyawrsuh.dll",s
backup-20080421-211703-347 O15 - Trusted Zone: *.imagesrvr.com (HKLM)
backup-20080421-211703-371 O15 - Trusted Zone: *.errorprotector.com (HKLM)
backup-20080421-211703-439 O15 - Trusted Zone: *.systemdoctor.com
backup-20080421-211703-445 O15 - Trusted Zone: *.drivecleaner.com (HKLM)
backup-20080421-211703-475 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://red.clientapp...//www.yahoo.com
backup-20080421-211703-595 O15 - Trusted Zone: *.errorsafe.com (HKLM)
backup-20080421-211703-603 O15 - Trusted Zone: *.drivecleaner.com
backup-20080421-211703-656 O15 - Trusted Zone: *.imageservr.com (HKLM)
backup-20080421-211703-662 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapp...//www.yahoo.com
backup-20080421-211703-696 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://red.clientapp...//www.yahoo.com
backup-20080421-211703-706 O15 - Trusted Zone: *.imagesrvr.com
backup-20080421-211703-760 O15 - Trusted Zone: *.systemdoctor.com (HKLM)
backup-20080421-211703-769 O4 - HKLM\..\Run: [5ccd37a3] rundll32.exe "C:\WINDOWS\system32\ydyrakor.dll",b
backup-20080421-211703-779 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapp.../search/ie.html
backup-20080421-211703-788 O15 - Trusted Zone: *.winantivirus.com (HKLM)
backup-20080421-211703-815 O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
backup-20080421-211703-823 O15 - Trusted Zone: *.imageservr.com
backup-20080421-211703-859 O15 - Trusted Zone: *.winantivirus.com
backup-20080421-211703-871 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapp.../search/ie.html
backup-20080421-211703-873 O15 - Trusted Zone: *.errorsafe.com
backup-20080421-211703-929 O4 - HKCU\..\Run: [Mijlyrd] C:\WINDOWS\system32\?ystem32\??oolsv.exe
backup-20080421-211703-969 O15 - Trusted Zone: *.winfixer.com (HKLM)
backup-20080421-211703-993 O8 - Extra context menu item: &Search -
-- File Associations -----------------------------------------------------------
.js - JSFile - shell\open\command - C:\PROGRA~1\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
.vbs - VBSFile - shell\open\command - C:\PROGRA~1\PANDAS~1\PANDAI~1\PavScrip.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 netflt (Panda Net Driver [NDIS Layer]) - c:\windows\system32\drivers\netflt.sys <Not Verified; Panda Software International; Panda Residents>
R1 APPFLT (App Filter Plugin) - c:\windows\system32\drivers\appflt.sys <Not Verified; Panda Software; Panda Network Manager>
R1 DSAFLT (DSA Filter Plugin) - c:\windows\system32\drivers\dsaflt.sys <Not Verified; Panda Software International; Panda Residents>
R1 FNETMON (NetMon Filter Plugin) - c:\windows\system32\drivers\fnetmon.sys <Not Verified; Panda Software; Panda Network Manager>
R1 IDSFLT (Ids Filter Plugin) - c:\windows\system32\drivers\idsflt.sys <Not Verified; Panda Software International; Panda residents>
R1 NETFLTDI (Panda Net Driver [TDI Layer]) - c:\windows\system32\drivers\netfltdi.sys <Not Verified; Panda Software; Panda®Network Manager>
R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shlddrv.sys <Not Verified; Panda Software; Panda®Shield>
R1 SMSFLT (SMS Filter Plugin) - c:\windows\system32\drivers\smsflt.sys <Not Verified; Panda Software International; Panda Residents>
R1 WNMFLT (Wifi Monitor Filter Plugin) - c:\windows\system32\drivers\wnmflt.sys <Not Verified; Panda Software International; Panda Residents>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R2 cpoint (Panda CPoint Driver) - c:\windows\system32\drivers\cpoint.sys <Not Verified; Panda Software; © Panda Software 2005>
R2 MCSTRM - c:\windows\system32\drivers\mcstrm.sys <Not Verified; RealNetworks, Inc.; RealNetworks Virtual Path Manager® (32-bit)>
R2 PavProc (Panda Process Protection Driver) - c:\windows\system32\drivers\pavproc.sys <Not Verified; Panda Software; PandaShield>
R3 ComFiltr (Panda Anti-Dialer) - c:\windows\system32\drivers\comfiltr.sys (file missing)
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
S3 catchme - c:\docume~1\bri\locals~1\temp\catchme.sys (file missing)
S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 GEARSecurity - c:\windows\system32\gearsec.exe <Not Verified; GEAR Software; gearsec>
R2 PAVFNSVR (Panda Function Service) - "c:\program files\panda software\panda internet security 2007\pavfnsvr.exe" <Not Verified; Panda Software International; Panda Residents>
R2 PavPrSrv (Panda Process Protection Service) - "c:\program files\common files\panda software\pavshld\pavprsrv.exe" <Not Verified; Panda Software; PandaShield>
R2 PAVSRV (Panda anti-virus service) - "c:\program files\panda software\panda internet security 2007\pavsrv51.exe" <Not Verified; Panda Software International; Panda residents>
R2 pmshellsrv (Panda Antispam Engine) - c:\program files\panda software\panda internet security 2007\antispam\pskmssvc.exe <Not Verified; Panda Software International; Panda Anti-malware>
R2 PNMSRV (Panda Network Manager) - "c:\program files\panda software\panda internet security 2007\firewall\pnmsrv.exe" <Not Verified; Panda Software International; Panda residents>
R2 PSIMSVC (Panda IManager Service) - "c:\program files\panda software\panda internet security 2007\psimsvc.exe" <Not Verified; Panda Software; Panda Antivirus>
R2 sprtsvc_dellsupportcenter (SupportSoft Sprocket Service (dellsupportcenter)) - c:\program files\dell support center\bin\sprtsvc.exe /service /p dellsupportcenter
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-04-22 03:00:00 492 --a------ C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job
2008-04-18 18:30:00 348 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DELL-user).job
2008-04-18 11:46:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-03-23 and 2008-04-23 -----------------------------
2008-04-23 01:29:06 0 d-------- C:\WINDOWS\?ystem
2008-04-23 01:28:55 60928 --a------ C:\WINDOWS\system32\nix.dll
2008-04-21 22:29:18 0 d-------- C:\WINDOWS\ERUNT
2008-04-21 18:13:24 87616 --a------ C:\WINDOWS\system32\ydyrakor.dll
2008-04-21 18:10:25 98368 --a------ C:\WINDOWS\system32\fbfdtejh.dll
2008-04-21 18:09:28 97344 --a------ C:\WINDOWS\system32\tupjlyno.dll
2008-04-21 16:45:26 0 d-------- C:\WINDOWS\??stem
2008-04-13 03:16:32 3648 --a------ C:\WINDOWS\system32\clwpntfl.dll
2008-04-12 03:22:35 92736 --a------ C:\WINDOWS\system32\pgmpnuvp.dll
2008-04-12 03:16:34 3648 --a------ C:\WINDOWS\system32\rskxoyto.dll
2008-04-11 03:25:28 92736 --a------ C:\WINDOWS\system32\dmydolpt.dll
2008-04-11 03:16:28 3648 --a------ C:\WINDOWS\system32\bkhpqllb.dll
2008-04-10 03:19:43 91712 --a------ C:\WINDOWS\system32\aonmwbea.dll
2008-04-10 03:13:57 3648 --a------ C:\WINDOWS\system32\fndirirp.dll
2008-04-09 03:13:26 90688 --a------ C:\WINDOWS\system32\kccbcxjm.dll
2008-04-09 03:13:21 3648 --a------ C:\WINDOWS\system32\edqfguof.dll
2008-04-09 01:58:47 0 d-------- C:\Documents and Settings\Bri\Application Data\??crosoft
2008-04-08 02:22:34 90176 --a------ C:\WINDOWS\system32\dsnvmtoc.dll
2008-04-08 01:31:18 0 d-------- C:\Program Files\Common Files\?ymantec
2008-04-07 12:27:14 40960 --a------ C:\WINDOWS\system32\iifgfcde.dll
2008-04-07 02:25:30 89664 --a------ C:\WINDOWS\system32\altjeghh.dll
2008-04-06 02:19:35 89664 --a------ C:\WINDOWS\system32\kqospofl.dll
2008-04-06 01:24:20 0 d-------- C:\WINDOWS\system32\?ystem32
2008-04-05 02:21:10 0 d-------- C:\WINDOWS\?racle
2008-04-05 02:21:00 37888 --a------ C:\WINDOWS\system32\fccayARH.dll
2008-04-05 02:19:23 90176 --a------ C:\WINDOWS\system32\ejlshssv.dll
2008-03-31 16:28:56 0 d-------- C:\WINDOWS\pss
2008-03-29 23:18:15 297 --a------ C:\271.bat
2008-03-29 20:38:13 90176 --a------ C:\WINDOWS\system32\qjejsfxd.dll
2008-03-29 04:04:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-03-29 02:51:21 39936 --a------ C:\WINDOWS\system32\ddcDSMeF.dll
2008-03-29 01:58:57 0 d-------- C:\Program Files\Trend Micro
2008-03-29 01:36:51 39936 --a------ C:\WINDOWS\system32\urqRJBTJ.dll
2008-03-29 00:44:43 0 d-------- C:\Documents and Settings\Bri\Application Data\AdwareAlert
2008-03-29 00:44:30 0 d-------- C:\Program Files\AdwareAlert
2008-03-29 00:26:12 0 d-------- C:\Program Files\SpywareDetector
2008-03-28 23:53:00 0 d-------- C:\BFU
2008-03-28 23:46:29 4980736 --a------ C:\Documents and Settings\Bri\ntuser.dat
2008-03-28 23:32:12 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-03-28 23:22:08 0 d-------- C:\InDesign CS2 Tryout
2008-03-28 20:57:48 0 d-------- C:\Program Files\Outerinfo
2008-03-28 20:57:47 0 d-------- C:\Documents and Settings\Bri\Application Data\?racle
2008-03-28 20:57:35 0 d-------- C:\WINDOWS\?ymantec
2008-03-28 20:40:20 90688 --a------ C:\WINDOWS\system32\nayxfqwr.dll
2008-03-28 20:37:22 127040 --a------ C:\WINDOWS\system32\hyawrsuh.dll
2008-03-27 20:32:40 426175 --ahs---- C:\WINDOWS\system32\wyxIknpo.ini2
2008-03-27 20:31:19 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>
-- Find3M Report ---------------------------------------------------------------
2008-04-23 01:29:06 0 d-------- C:\Documents and Settings\Bri\Application Data\??crosoft
2008-04-21 22:41:31 0 d-------- C:\Program Files\Common Files
2008-04-08 01:31:18 0 d-------- C:\Program Files\Common Files\?ymantec
2008-04-07 12:17:27 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-06 01:24:20 0 d-------- C:\Documents and Settings\Bri\Application Data\?racle
2008-03-30 02:22:00 0 d-------- C:\Documents and Settings\Bri\Application Data\AdobeUM
2008-03-29 04:06:22 0 d-------- C:\Documents and Settings\Bri\Application Data\Adobe
2008-03-29 00:50:34 0 d-------- C:\Program Files\AIM6
2008-03-29 00:50:32 0 d-------- C:\Program Files\MSN Messenger
2008-03-29 00:50:06 0 d-------- C:\Program Files\LimeWire
2008-03-28 23:32:54 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-19 22:59:52 0 d-------- C:\Program Files\Plaxo
2008-03-01 12:38:24 0 d-------- C:\Program Files\The Weather Channel FW
2008-02-25 17:19:44 0 d-------- C:\Program Files\Common Files\Real
2008-02-25 04:07:14 0 d-------- C:\Program Files\Real
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08A8068E-53D1-42B2-B197-6D568843721F}]
C:\WINDOWS\system32\khfDwuVm.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4B18DD50-C996-44fc-AC52-0FECFF82ED58}]
c:\program files\hbtools\hbtv\hbtvhelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8527d5f2-9559-4e48-af6a-e04128b874b7}]
04/21/2008 06:10 PM 98368 --a------ C:\WINDOWS\system32\fbfdtejh.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BAAC4286-A632-82E0-4090-A58F715A7FE4}]
04/11/2008 12:51 PM 60928 --a------ C:\WINDOWS\system32\nix.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DE5D52C4-F387-44DB-AA5F-9BE69C702D22}]
C:\WINDOWS\system32\opnkIxyw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus CX3800 Series (Copy 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.exe" [02/07/2005 10:00 PM]
"EPSON Stylus CX3800 Series (Copy 2)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.exe" [02/07/2005 10:00 PM]
"SCANINICIO"="C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe" [02/01/2006 06:13 PM]
"APVXDWIN"="C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.exe" [10/11/2006 12:09 PM]
"BM5ffe043f"="C:\WINDOWS\system32\tupjlyno.dll" [04/21/2008 06:09 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [04/27/2007 04:17 PM]
"Uaol"="C:\WINDOWS\YMANTE~1\javaw.exe" [03/28/2008 08:57 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 05:00 AM]
"Excuph"="C:\WINDOWS\?ystem\?ti2evxx.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{08A8068E-53D1-42B2-B197-6D568843721F}"= C:\WINDOWS\system32\khfDwuVm.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 09/27/2005 12:13 PM 45056 C:\WINDOWS\system32\avldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfDwuVm]
khfDwuVm.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwprovau C:\WINDOWS\system32\opnkIxyw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Bri^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Bri\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\5ccd37a3]
rundll32.exe "C:\WINDOWS\system32\irnndrna.dll",b
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\7B26340860737E225826]
Rundll32.exe "C:\WINDOWS\system32\hyawrsuh.dll",s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM5ffe043f]
Rundll32.exe "C:\WINDOWS\system32\tupjlyno.dll",s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\DellSupport\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
"C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
"C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DW4]
"C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX3800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Host Process]
C:\WINDOWS\Fonts\svchost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1148168156\ee\AOLSoftware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPHSend]
C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iprtfg]
"C:\Documents and Settings\Bri\Application Data\??crosoft\r?gedit.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JavaCore]
C:\Program Files\\JavaCore\\JavaCore.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSA Shellu]
C:\Documents and Settings\Bri\lsass.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\WINDOWS\PixArt\PAC207\Monitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\SBCLIG~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0]
"C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvcoi]
C:\Program Files\nvcoi\nvcoi.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlaxoUpdate]
C:\Program Files\Plaxo\2.13.1.3\PlaxoHelper.exe -a
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uaol]
"C:\WINDOWS\YMANTE~1\javaw.exe" -vt yazb
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YBrowser]
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ywxr]
"C:\Documents and Settings\Bri\Application Data\?racle\l?rear.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- D:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-04-23 02:09:10 ------------
Extra:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 3.00GHz
CPU 1: Intel® Pentium® 4 CPU 3.00GHz
Percentage of Memory in Use: 60%
Physical Memory (total/avail): 502.07 MiB / 199.09 MiB
Pagefile Memory (total/avail): 1227.05 MiB / 871.48 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1909.36 MiB
C: is Fixed (NTFS) - 51.21 GiB total, 23.34 GiB free.
D: is Fixed (NTFS) - 18.6 GiB total, 0.94 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (FAT)
\\.\PHYSICALDRIVE0 - ST380819AS - 74.5 GiB - 4 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 51.21 GiB - C:
\PARTITION2 - Installable File System - 18.6 GiB - D:
\PARTITION3 - Unknown - 4.64 GiB
\\.\PHYSICALDRIVE1 - CRS JET007 DISK 2.0 USB Device - 494.19 MiB - 1 partition
\PARTITION0 - MS-DOS V4 Huge - 497.51 MiB - G:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: Platinum 2007 Personal Firewall v11.00.02 (Panda Software)
AV: Platinum 2007 v11.00.02 (Panda Software)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1148168156\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\IM\\IM.exe"="C:\\Program Files\\IM\\IM.exe:*:Enabled:IM"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Documents and Settings\\Bri\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\Bri\\Desktop\\utorrent.exe:*:Enabled:µTorrent"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Bri\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BRICOMPUTER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Bri
LOGONSERVER=\\BRICOMPUTER
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Panda Software\Panda Internet Security 2007\;C:\Program Files\Common Files\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0403
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Bri\LOCALS~1\Temp
TMP=C:\DOCUME~1\Bri\LOCALS~1\Temp
USERDOMAIN=BRICOMPUTER
USERNAME=Bri
USERPROFILE=C:\Documents and Settings\Bri
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Bri
(admin)
Administrator
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\Program Files\SBC LightSpeed Self Support Tool\CustomUninstall.exe SBC
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe InDesign CS2 Trial --> msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AOL Coach Version 1.0(Build:20040229.1 en) --> C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
AOL Connectivity Services --> C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
AOLIcon --> MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
AT&T Yahoo! Applications --> C:\PROGRA~1\Yahoo!\common\uninstall.exe
Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Console Classix 3.8 --> "C:\Program Files\ConsoleClassix.com\unins000.exe"
CPV --> cmd /C regsvr32 /u /s "C:\Program Files\CPV\CPV7.dll" & reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CPV" /f & REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce /v DelOldFile /d "cmd.exe /C del /Q \"C:\Program Files\CPV\"" /f
Dell CinePlayer --> MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Content Portal --> MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Documentation & Support Launcher --> MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
EarthLink setup files --> MsiExec.exe /X{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}
EducateU --> MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ELIcon --> MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
EPSON CX 3800 Guide --> C:\Program Files\epson\guide\cx3800_e\uninstall.exe
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
ESPNMotion --> C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
Games, Music, & Photos Launcher --> MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
Google Toolbar for Firefox --> MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotbar Browser, Weather and Wowpapers Tools --> "C:\Program Files\HbTools\Bin\HbtUninst.exe" Web
Hotbar Outlook Tools --> "C:\Program Files\HbTools\Bin\HbtUninst.exe" Outlook
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet for Wired Connections --> MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
Internet Service Offers Launcher --> MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Motorola Driver Installation --> MsiExec.exe /I{8F4507EF-C5F3-46CE-9718-9D3698821333}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Bri\Application Data\Move Networks\ie_bin\Uninst.exe
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MyEmoticons --> C:\Program Files\MyEmoticons\uninstall.exe
MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
NetZeroInstallers --> MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
Outerinfo --> C:\Program Files\Outerinfo\OiUninstaller.exe
Panda Internet Security 2007 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EEBA9416-3207-47E0-9022-116440599DBC}\SETUP.exe" -l0x9 -removeonly
PC Camer@ --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4815FFA5-64F3-4647-B3FD-9ECA84BD4C31} /l1033
Plaxo Toolbar for Outlook (with AIM Enhancements) --> C:\Program Files\Plaxo\2.13.1.3\uninstall.exe
Qualxserve Service Agreement --> MsiExec.exe /X{0F756CD9-4A1E-409B-B101-601DDC4C03AA}
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Roxio DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
SBC Self Support Tool --> C:\WINDOWS\Motive\SBC\MCCUninst.exe
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sonic Activation Module --> MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
The Weather Channel Desktop --> C:\Program Files\The Weather Channel FW\Desktop Weather\TheWeatherChannelCustomUninstall.exe
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Weather Services --> C:\WINDOWS\system32\control.exe C:\PROGRA~1\THEWEA~1\FRAMEW~1\wxfw.cpl,4
WebCyberCoach 3.2 Dell --> "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type13356 / Error
Event Submitted/Written: 04/23/2008 01:41:21 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16640, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type13355 / Error
Event Submitted/Written: 04/23/2008 01:41:18 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16640, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type13354 / Error
Event Submitted/Written: 04/23/2008 01:38:01 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16640, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type13348 / Error
Event Submitted/Written: 04/22/2008 07:08:16 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16640, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type13347 / Error
Event Submitted/Written: 04/22/2008 07:04:34 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16640, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type14292 / Error
Event Submitted/Written: 04/23/2008 01:59:22 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event Record #/Type14291 / Error
Event Submitted/Written: 04/23/2008 01:59:04 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
APPFLT
DSAFLT
Fips
FNETMON
IDSFLT
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
NETFLTDI
RasAcd
Rdbss
ShldDrv
SMSFLT
Tcpip
WNMFLT
WS2IFSL
Event Record #/Type14290 / Error
Event Submitted/Written: 04/23/2008 01:59:04 AM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31
Event Record #/Type14289 / Error
Event Submitted/Written: 04/23/2008 01:59:04 AM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31
Event Record #/Type14288 / Error
Event Submitted/Written: 04/23/2008 01:59:04 AM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31
-- End of Deckard's System Scanner: finished at 2008-04-23 02:09:10 ------------