Results from SDFix scan:
Deckard's System Scanner v20071014.68
Run by Leslie on 2008-06-02 23:58:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 3 Restore Point(s) --
3: 2008-06-03 03:58:10 UTC - RP611 - Deckard's System Scanner Restore Point
2: 2008-05-27 02:13:39 UTC - RP610 - Last known good configuration
1: 2008-05-27 02:13:33 UTC - RP609 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Leslie.exe) ----------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 23:59:42, on 6/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\vbpdtvdp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\webHancer\Programs\whagent.exe
C:\Documents and Settings\Leslie\Application Data\Microsoft\dtsc\21865.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SpyCatcher 2006\Fingerprint compiler.exe
E:\dss.exe
E:\HIJACK~1\Leslie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://softwarerefer...=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft....k/?LinkId=64646
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\vbpdtvdp.exe,
O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)
O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {2CD7191C-B938-465E-8D1F-B81A0F9A178B} - C:\WINDOWS\system32\mlJCSkih.dll
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)
O2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)
O2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)
O2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)
O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)
O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)
O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)
O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)
O2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)
O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [SpyCatcher Reminder] "C:\Program Files\SpyCatcher 2006\SpyCatcher.exe" reminder
O4 - HKLM\..\Run: [58b10301] rundll32.exe "C:\WINDOWS\system32\lekuohcy.dll",b
O4 - HKCU\..\Run: [Microsoft Windows Installer] C:\Documents and Settings\Leslie\Application Data\Microsoft\dtsc\21865.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher 2006\Scheduler daemon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ?
O4 - Global Startup: SpyCatcher Protector.lnk = C:\Program Files\SpyCatcher 2006\Protector.exe
O4 - Global Startup: Uninstall NETGEAR WG111 Smart Wizard.lnk = C:\Program Files\InstallShield Installation Information\{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}\Setup.exe
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -
http://upload.facebo...toUploader5.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1155843790551
O20 - AppInit_DLLs: interceptor.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 catchme - c:\docume~1\leslie\locals~1\temp\catchme.sys (file missing)
R3 PCANDIS5 (PCANDIS5 Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R4 jot04 - c:\windows\system32\drivers\jot04.sys (file missing)
S3 MREMPR5 (MREMPR5 NDIS Protocol Driver) - c:\program files\common files\motive\mrempr5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
S3 wg111nd5 (NETGEAR WG111 802.11g Wireless USB Adapter Driver) - c:\windows\system32\drivers\wg111nd5.sys <Not Verified; NETGEAR, Inc.; NETGEAR 802.11g Wireless LAN>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NETGEAR WG111 802.11g Wireless USB2.0 Adapter
Device ID: USB\VID_0846&PID_4240\3887-0000
Manufacturer: NETGEAR, Inc.
Name: NETGEAR WG111 802.11g Wireless USB2.0 Adapter
PNP Device ID: USB\VID_0846&PID_4240\3887-0000
Service: wg111nd5
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Scheduled Tasks -------------------------------------------------------------
2008-05-20 07:25:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-05-02 and 2008-06-02 -----------------------------
2008-06-02 23:56:42 95232 --a------ C:\WINDOWS\system32\lekuohcy.dll
2008-06-02 23:40:00 24320 --a------ C:\WINDOWS\y.exe
2008-06-02 23:39:59 30464 --a------ C:\WINDOWS\xplugin.dll
2008-06-02 23:39:59 10752 --a------ C:\WINDOWS\x.exe
2008-06-02 23:39:59 14336 --a------ C:\WINDOWS\winmgnt.exe
2008-06-02 23:39:59 32768 --a------ C:\WINDOWS\window.exe
2008-06-02 23:39:58 10752 --a------ C:\WINDOWS\winajbm.dll
2008-06-02 23:39:58 18944 --a------ C:\WINDOWS\win64.exe
2008-06-02 23:39:58 21760 --a------ C:\WINDOWS\win32e.exe
2008-06-02 23:39:58 29952 --a------ C:\WINDOWS\waol.exe
2008-06-02 23:39:57 32000 --a------ C:\WINDOWS\users32.exe
2008-06-02 23:39:57 26624 --a------ C:\WINDOWS\time.exe
2008-06-02 23:39:57 19456 --a------ C:\WINDOWS\systemcritical.exe
2008-06-02 23:39:56 17152 --a------ C:\WINDOWS\systeem.exe
2008-06-02 23:39:56 26880 --a------ C:\WINDOWS\svcinit.exe
2008-06-02 23:39:56 16640 --a------ C:\WINDOWS\svchost32.exe
2008-06-02 23:39:56 11776 --a------ C:\WINDOWS\sistem.exe
2008-06-02 23:39:56 19456 --a------ C:\WINDOWS\searchword.dll
2008-06-02 23:39:56 8960 --a------ C:\WINDOWS\rundll16.exe
2008-06-02 23:39:56 31744 --a------ C:\WINDOWS\quicken.exe
2008-06-02 23:39:55 32512 --a------ C:\WINDOWS\qttasks.exe
2008-06-02 23:39:55 19200 --a------ C:\WINDOWS\olehelp.exe
2008-06-02 23:39:54 19712 --a------ C:\WINDOWS\notepad32.exe
2008-06-02 23:39:54 24576 --a------ C:\WINDOWS\mtwirl32.dll
2008-06-02 23:39:54 9216 --a------ C:\WINDOWS\mswsc20.dll
2008-06-02 23:39:54 15104 --a------ C:\WINDOWS\mswsc10.dll
2008-06-02 23:39:54 26624 --a------ C:\WINDOWS\msupdate.exe
2008-06-02 23:39:54 30976 --a------ C:\WINDOWS\mssys.exe
2008-06-02 23:39:53 14080 --a------ C:\WINDOWS\msspi.dll
2008-06-02 23:39:53 25600 --a------ C:\WINDOWS\msconfd.dll
2008-06-02 23:39:53 10496 --a------ C:\WINDOWS\loader.exe
2008-06-02 23:39:53 32256 --a------ C:\WINDOWS\internet.exe
2008-06-02 23:39:52 16896 --a------ C:\WINDOWS\inetinf.exe
2008-06-02 23:39:52 26624 --a------ C:\WINDOWS\iexplorer.exe
2008-06-02 23:39:52 9472 --a------ C:\WINDOWS\iedll.exe
2008-06-02 23:39:52 18944 --a------ C:\WINDOWS\helpcvs.exe
2008-06-02 23:39:52 23808 --a------ C:\WINDOWS\gfmnaaa.dll
2008-06-02 23:39:51 14336 --a------ C:\WINDOWS\funny.exe
2008-06-02 23:39:51 25600 --a------ C:\WINDOWS\funniest.exe
2008-06-02 23:39:51 31232 --a------ C:\WINDOWS\explorer32.exe
2008-06-02 23:39:50 28416 --a------ C:\WINDOWS\explore.exe
2008-06-02 23:39:50 27904 --a------ C:\WINDOWS\editpad.exe
2008-06-02 23:39:50 29952 --a------ C:\WINDOWS\dnsrelay.dll
2008-06-02 23:39:49 22272 --a------ C:\WINDOWS\directx32.exe
2008-06-02 23:39:49 15872 --a------ C:\WINDOWS\ctrlpan.dll
2008-06-02 23:39:49 18944 --a------ C:\WINDOWS\ctfmon32.exe
2008-06-02 23:39:49 21760 --a------ C:\WINDOWS\cpan.dll
2008-06-02 23:39:49 17664 --a------ C:\WINDOWS\clrssn.exe
2008-06-02 23:39:49 26624 --a------ C:\WINDOWS\avpcc.dll
2008-06-02 23:39:48 27904 --a------ C:\WINDOWS\accesss.exe
2008-06-02 21:16:47 0 d-------- C:\WINDOWS\ERUNT
2008-06-01 14:49:15 33408 --a------ C:\WINDOWS\system32\tuvWqRLe.dll
2008-06-01 14:47:31 94208 --a------ C:\WINDOWS\evmk.exe
2008-06-01 14:45:38 95232 -----n--- C:\WINDOWS\system32\bxrlxkyy.dll
2008-06-01 14:43:23 0 d-------- C:\Documents and Settings\Leslie\Application Data\TmpRecentIcons
2008-06-01 14:41:31 0 d-------- C:\Documents and Settings\Leslie\Application Data\Tenebril
2008-05-26 22:57:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Tenebril
2008-05-26 22:57:23 0 d-------- C:\WINDOWS\system32\tenarchlib
2008-05-26 22:57:23 176128 --a-s---- C:\WINDOWS\system32\Interceptor.dll <Not Verified; Tenebril Inc.; Interceptor DLL>
2008-05-26 22:57:23 307200 --a-s---- C:\WINDOWS\system32\InterceptHelper.dll <Not Verified; Tenebril Inc.; InterceptHelper DLL>
2008-05-26 22:57:23 180224 --a-s---- C:\WINDOWS\system32\archlib.dll <Not Verified; Tenebril Incorporated; Tenebril architecture technology>
2008-05-26 22:57:22 0 d-------- C:\Program Files\SpyCatcher 2006
2008-05-26 22:13:22 378747 --ahs---- C:\WINDOWS\system32\hikSCJlm.ini2
2008-05-26 22:13:20 318848 --a------ C:\WINDOWS\system32\mlJCSkih.dll
2008-05-26 21:45:25 0 d-------- C:\Documents and Settings\LocalService\Application Data\Macromedia
2008-05-26 21:44:48 0 d-------- C:\Documents and Settings\LocalService\Application Data\Adobe
2008-05-26 21:44:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\sp1
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\vd2
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\rev3
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\bTMP
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\acom1
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\1026c
2008-05-26 21:43:30 0 d-------- C:\Temp
2008-05-26 21:43:10 36352 --a------ C:\WINDOWS\system32\ssqNFYRk.dll
2008-05-26 21:42:13 316 --a------ C:\1487995822
2008-05-26 21:41:42 0 d-------- C:\Documents and Settings\LocalService\Application Data\VOL_TOOLBAR
2008-05-26 21:41:37 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-05-26 21:41:22 0 d-------- C:\Program Files\webHancer
2008-05-26 21:41:15 93696 --a------ C:\WINDOWS\system32\ntpl.bin
2008-05-26 21:41:11 93696 --a------ C:\sdjvxa.exe
2008-05-26 21:41:07 87513 --a------ C:\WINDOWS\system32\vbpdtvdp.exe <Not Verified; Microsoft; XML Media>
2008-05-26 21:41:07 87513 --a------ C:\WINDOWS\lfn.exe <Not Verified; Microsoft; XML Media>
2008-05-26 21:41:07 13312 --a------ C:\oxgm.exe
2008-05-26 21:41:06 160256 --a------ C:\WINDOWS\system32\blackster.scr <Not Verified; Peter's Productions; Bugs!>
2008-05-26 21:41:06 72192 --a------ C:\nayqmk.exe
2008-05-22 03:00:29 0 d-------- C:\Program Files\MSXML 6.0
2008-05-20 22:05:52 256 --a------ C:\WINDOWS\system32\pool.bin
2008-05-20 22:05:51 0 d-------- C:\Documents and Settings\Leslie\Application Data\Research In Motion
2008-05-20 20:55:09 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-05-20 20:55:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2008-05-20 20:49:11 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-05-20 20:49:09 0 d-------- C:\Program Files\Roxio
2008-05-20 20:49:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Roxio
2008-05-20 20:48:57 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-05-20 20:35:17 0 d-------- C:\Program Files\Common Files\Research In Motion
2008-05-20 20:35:11 0 d-------- C:\Program Files\Research In Motion
2008-05-20 20:23:11 0 d--hs---- C:\WINDOWS\ftpcache
2008-05-20 18:37:52 3532 --a------ C:\drmHeader.bin
2008-05-13 22:44:31 0 d-------- C:\Program Files\QuickTime
2008-05-12 21:53:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-12 21:50:16 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-12 21:50:16 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-12 21:50:08 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-12 21:50:08 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 21:50:08 831488 --a------ C:\WINDOWS\system32\divx_xx0a.dll
2008-05-12 21:50:08 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 21:50:06 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 21:49:02 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-05 08:04:40 273 --a-----t C:\Documents and Settings\Leslie\Л¨
2008-05-03 12:18:37 0 d-------- C:\Program Files\MSECache
-- Find3M Report ---------------------------------------------------------------
2008-06-02 23:58:10 0 d-------- C:\Documents and Settings\Leslie\Application Data\uTorrent
2008-06-01 14:50:08 0 d-------- C:\Documents and Settings\Leslie\Application Data\vol_toolbar
2008-05-26 22:52:21 0 d-------- C:\Documents and Settings\Leslie\Application Data\AVG7
2008-05-20 20:49:11 0 d-------- C:\Program Files\Common Files
2008-05-20 20:49:09 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-20 18:40:51 0 d-------- C:\Program Files\DivX
2008-05-13 22:46:15 0 d-------- C:\Program Files\iTunes
2008-05-13 22:46:04 0 d-------- C:\Program Files\iPod
2008-05-13 22:39:45 0 d-------- C:\Program Files\Apple Software Update
2008-04-20 17:52:03 0 d-------- C:\Documents and Settings\Leslie\Application Data\Adobe
2008-04-12 00:15:08 0 d-------- C:\Documents and Settings\Leslie\Application Data\Move Networks
2008-04-11 22:32:20 0 d-------- C:\Program Files\Java
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00110011-4b0b-44d5-9718-90c88817369b}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{086ae192-23a6-48d6-96ec-715f53797e85}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{150fa160-130d-451f-b863-b655061432ba}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{17da0c9e-4a27-4ac5-bb75-5d24b8cdb972}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CD7191C-B938-465E-8D1F-B81A0F9A178B}]
05/26/2008 22:13 318848 --a------ C:\WINDOWS\system32\mlJCSkih.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2d38a51a-23c9-48a1-a33c-48675aa2b494}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2e9caff6-30c7-4208-8807-e79d4ec6f806}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5321e378-ffad-4999-8c62-03ca8155f0b3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{587dbf2d-9145-4c9e-92c2-1f953da73773}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{79369d5c-2903-4b7a-ade2-d5e0dee14d24}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{799a370d-5993-4887-9df7-0a4756a77d00}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98dbbf16-ca43-4c33-be80-99e6694468a4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a55581dc-2cdb-4089-8878-71a080b22342}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b847676d-72ac-4393-bfff-43a1eb979352}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc97b254-b2b9-4d40-971d-78e0978f5f26}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0}]
10/11/2007 13:49 159744 --a------ C:\Program Files\webHancer\programs\whiehlpr.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765721306}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3eebbe8-9cab-4c76-b26a-747e25ebb4c6}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e7afff2a-1b57-49c7-bf6b-e5123394c970}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fd9bc004-8331-4457-b830-4759ff704c22}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}"= C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL [05/25/2007 09:15 1904128]
[-HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}]
[HKEY_CLASSES_ROOT\vol_toolbar.VOL_TOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"webHancer Agent"="C:\Program Files\webHancer\Programs\whagent.exe" [05/05/2008 08:52]
"SpyCatcher Reminder"="C:\Program Files\SpyCatcher 2006\SpyCatcher.exe" [06/18/2005 11:19]
"58b10301"="C:\WINDOWS\system32\lekuohcy.dll" [06/02/2008 23:56]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Windows Installer"="C:\Documents and Settings\Leslie\Application Data\Microsoft\dtsc\21865.exe" [05/26/2008 21:43]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56]
C:\Documents and Settings\Leslie\Start Menu\Programs\Startup\
Scheduler.lnk - C:\Program Files\SpyCatcher 2006\Scheduler daemon.exe [5/26/2008 10:57:26 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/11/2005 11:23:26 PM]
Kodak EasyShare software.lnk - C:\Program Files\Kodak EasyShare software\bin\EasyShare.exe [11/4/2005 3:04:48 PM]
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [6/29/2007 4:38:43 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
NETGEAR WG111 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe [9/8/2006 3:47:36 PM]
Smart Wizard Wireless Settings.lnk - C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe [9/8/2006 3:47:36 PM]
SpyCatcher Protector.lnk - C:\Program Files\SpyCatcher 2006\Protector.exe [5/26/2008 10:57:26 PM]
Uninstall NETGEAR WG111 Smart Wizard.lnk - C:\Program Files\InstallShield Installation Information\{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}\Setup.exe [9/8/2006 3:47:16 PM]
VPN Client.lnk - C:\WINDOWS\Installer\{D25122BC-A60E-4663-B602-B01718F12044}\Icon3E5562ED7.ico [9/11/2006 8:42:03 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"StartMenuLogoff"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\vbpdtvdp.exe,"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=interceptor.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mlJCSkih
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\jot04.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- End of Deckard's System Scanner: finished at 2008-06-03 00:01:21 ------------
Results from DSS scan main:
Deckard's System Scanner v20071014.68
Run by Leslie on 2008-06-02 23:58:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 3 Restore Point(s) --
3: 2008-06-03 03:58:10 UTC - RP611 - Deckard's System Scanner Restore Point
2: 2008-05-27 02:13:39 UTC - RP610 - Last known good configuration
1: 2008-05-27 02:13:33 UTC - RP609 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Leslie.exe) ----------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 23:59:42, on 6/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\vbpdtvdp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\webHancer\Programs\whagent.exe
C:\Documents and Settings\Leslie\Application Data\Microsoft\dtsc\21865.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SpyCatcher 2006\Fingerprint compiler.exe
E:\dss.exe
E:\HIJACK~1\Leslie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://softwarerefer...=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft....k/?LinkId=64646
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\vbpdtvdp.exe,
O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)
O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {2CD7191C-B938-465E-8D1F-B81A0F9A178B} - C:\WINDOWS\system32\mlJCSkih.dll
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)
O2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)
O2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)
O2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)
O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)
O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)
O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)
O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)
O2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)
O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [SpyCatcher Reminder] "C:\Program Files\SpyCatcher 2006\SpyCatcher.exe" reminder
O4 - HKLM\..\Run: [58b10301] rundll32.exe "C:\WINDOWS\system32\lekuohcy.dll",b
O4 - HKCU\..\Run: [Microsoft Windows Installer] C:\Documents and Settings\Leslie\Application Data\Microsoft\dtsc\21865.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Scheduler.lnk = C:\Program Files\SpyCatcher 2006\Scheduler daemon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NETGEAR WG111 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ?
O4 - Global Startup: SpyCatcher Protector.lnk = C:\Program Files\SpyCatcher 2006\Protector.exe
O4 - Global Startup: Uninstall NETGEAR WG111 Smart Wizard.lnk = C:\Program Files\InstallShield Installation Information\{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}\Setup.exe
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -
http://upload.facebo...toUploader5.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -
http://upload.facebo...otoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1155843790551
O20 - AppInit_DLLs: interceptor.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R3 catchme - c:\docume~1\leslie\locals~1\temp\catchme.sys (file missing)
R3 PCANDIS5 (PCANDIS5 Protocol Driver) - c:\windows\system32\pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R4 jot04 - c:\windows\system32\drivers\jot04.sys (file missing)
S3 MREMPR5 (MREMPR5 NDIS Protocol Driver) - c:\program files\common files\motive\mrempr5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\program files\common files\motive\mrendis5.sys <Not Verified; Motive, Inc.; Motive Rawether for Windows>
S3 wg111nd5 (NETGEAR WG111 802.11g Wireless USB Adapter Driver) - c:\windows\system32\drivers\wg111nd5.sys <Not Verified; NETGEAR, Inc.; NETGEAR 802.11g Wireless LAN>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NETGEAR WG111 802.11g Wireless USB2.0 Adapter
Device ID: USB\VID_0846&PID_4240\3887-0000
Manufacturer: NETGEAR, Inc.
Name: NETGEAR WG111 802.11g Wireless USB2.0 Adapter
PNP Device ID: USB\VID_0846&PID_4240\3887-0000
Service: wg111nd5
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA
-- Scheduled Tasks -------------------------------------------------------------
2008-05-20 07:25:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-05-02 and 2008-06-02 -----------------------------
2008-06-02 23:56:42 95232 --a------ C:\WINDOWS\system32\lekuohcy.dll
2008-06-02 23:40:00 24320 --a------ C:\WINDOWS\y.exe
2008-06-02 23:39:59 30464 --a------ C:\WINDOWS\xplugin.dll
2008-06-02 23:39:59 10752 --a------ C:\WINDOWS\x.exe
2008-06-02 23:39:59 14336 --a------ C:\WINDOWS\winmgnt.exe
2008-06-02 23:39:59 32768 --a------ C:\WINDOWS\window.exe
2008-06-02 23:39:58 10752 --a------ C:\WINDOWS\winajbm.dll
2008-06-02 23:39:58 18944 --a------ C:\WINDOWS\win64.exe
2008-06-02 23:39:58 21760 --a------ C:\WINDOWS\win32e.exe
2008-06-02 23:39:58 29952 --a------ C:\WINDOWS\waol.exe
2008-06-02 23:39:57 32000 --a------ C:\WINDOWS\users32.exe
2008-06-02 23:39:57 26624 --a------ C:\WINDOWS\time.exe
2008-06-02 23:39:57 19456 --a------ C:\WINDOWS\systemcritical.exe
2008-06-02 23:39:56 17152 --a------ C:\WINDOWS\systeem.exe
2008-06-02 23:39:56 26880 --a------ C:\WINDOWS\svcinit.exe
2008-06-02 23:39:56 16640 --a------ C:\WINDOWS\svchost32.exe
2008-06-02 23:39:56 11776 --a------ C:\WINDOWS\sistem.exe
2008-06-02 23:39:56 19456 --a------ C:\WINDOWS\searchword.dll
2008-06-02 23:39:56 8960 --a------ C:\WINDOWS\rundll16.exe
2008-06-02 23:39:56 31744 --a------ C:\WINDOWS\quicken.exe
2008-06-02 23:39:55 32512 --a------ C:\WINDOWS\qttasks.exe
2008-06-02 23:39:55 19200 --a------ C:\WINDOWS\olehelp.exe
2008-06-02 23:39:54 19712 --a------ C:\WINDOWS\notepad32.exe
2008-06-02 23:39:54 24576 --a------ C:\WINDOWS\mtwirl32.dll
2008-06-02 23:39:54 9216 --a------ C:\WINDOWS\mswsc20.dll
2008-06-02 23:39:54 15104 --a------ C:\WINDOWS\mswsc10.dll
2008-06-02 23:39:54 26624 --a------ C:\WINDOWS\msupdate.exe
2008-06-02 23:39:54 30976 --a------ C:\WINDOWS\mssys.exe
2008-06-02 23:39:53 14080 --a------ C:\WINDOWS\msspi.dll
2008-06-02 23:39:53 25600 --a------ C:\WINDOWS\msconfd.dll
2008-06-02 23:39:53 10496 --a------ C:\WINDOWS\loader.exe
2008-06-02 23:39:53 32256 --a------ C:\WINDOWS\internet.exe
2008-06-02 23:39:52 16896 --a------ C:\WINDOWS\inetinf.exe
2008-06-02 23:39:52 26624 --a------ C:\WINDOWS\iexplorer.exe
2008-06-02 23:39:52 9472 --a------ C:\WINDOWS\iedll.exe
2008-06-02 23:39:52 18944 --a------ C:\WINDOWS\helpcvs.exe
2008-06-02 23:39:52 23808 --a------ C:\WINDOWS\gfmnaaa.dll
2008-06-02 23:39:51 14336 --a------ C:\WINDOWS\funny.exe
2008-06-02 23:39:51 25600 --a------ C:\WINDOWS\funniest.exe
2008-06-02 23:39:51 31232 --a------ C:\WINDOWS\explorer32.exe
2008-06-02 23:39:50 28416 --a------ C:\WINDOWS\explore.exe
2008-06-02 23:39:50 27904 --a------ C:\WINDOWS\editpad.exe
2008-06-02 23:39:50 29952 --a------ C:\WINDOWS\dnsrelay.dll
2008-06-02 23:39:49 22272 --a------ C:\WINDOWS\directx32.exe
2008-06-02 23:39:49 15872 --a------ C:\WINDOWS\ctrlpan.dll
2008-06-02 23:39:49 18944 --a------ C:\WINDOWS\ctfmon32.exe
2008-06-02 23:39:49 21760 --a------ C:\WINDOWS\cpan.dll
2008-06-02 23:39:49 17664 --a------ C:\WINDOWS\clrssn.exe
2008-06-02 23:39:49 26624 --a------ C:\WINDOWS\avpcc.dll
2008-06-02 23:39:48 27904 --a------ C:\WINDOWS\accesss.exe
2008-06-02 21:16:47 0 d-------- C:\WINDOWS\ERUNT
2008-06-01 14:49:15 33408 --a------ C:\WINDOWS\system32\tuvWqRLe.dll
2008-06-01 14:47:31 94208 --a------ C:\WINDOWS\evmk.exe
2008-06-01 14:45:38 95232 -----n--- C:\WINDOWS\system32\bxrlxkyy.dll
2008-06-01 14:43:23 0 d-------- C:\Documents and Settings\Leslie\Application Data\TmpRecentIcons
2008-06-01 14:41:31 0 d-------- C:\Documents and Settings\Leslie\Application Data\Tenebril
2008-05-26 22:57:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Tenebril
2008-05-26 22:57:23 0 d-------- C:\WINDOWS\system32\tenarchlib
2008-05-26 22:57:23 176128 --a-s---- C:\WINDOWS\system32\Interceptor.dll <Not Verified; Tenebril Inc.; Interceptor DLL>
2008-05-26 22:57:23 307200 --a-s---- C:\WINDOWS\system32\InterceptHelper.dll <Not Verified; Tenebril Inc.; InterceptHelper DLL>
2008-05-26 22:57:23 180224 --a-s---- C:\WINDOWS\system32\archlib.dll <Not Verified; Tenebril Incorporated; Tenebril architecture technology>
2008-05-26 22:57:22 0 d-------- C:\Program Files\SpyCatcher 2006
2008-05-26 22:13:22 378747 --ahs---- C:\WINDOWS\system32\hikSCJlm.ini2
2008-05-26 22:13:20 318848 --a------ C:\WINDOWS\system32\mlJCSkih.dll
2008-05-26 21:45:25 0 d-------- C:\Documents and Settings\LocalService\Application Data\Macromedia
2008-05-26 21:44:48 0 d-------- C:\Documents and Settings\LocalService\Application Data\Adobe
2008-05-26 21:44:31 0 d-------- C:\Documents and Settings\LocalService\Application Data\sp1
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\vd2
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\rev3
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\bTMP
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\acom1
2008-05-26 21:44:29 0 d-------- C:\WINDOWS\system32\1026c
2008-05-26 21:43:30 0 d-------- C:\Temp
2008-05-26 21:43:10 36352 --a------ C:\WINDOWS\system32\ssqNFYRk.dll
2008-05-26 21:42:13 316 --a------ C:\1487995822
2008-05-26 21:41:42 0 d-------- C:\Documents and Settings\LocalService\Application Data\VOL_TOOLBAR
2008-05-26 21:41:37 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-05-26 21:41:22 0 d-------- C:\Program Files\webHancer
2008-05-26 21:41:15 93696 --a------ C:\WINDOWS\system32\ntpl.bin
2008-05-26 21:41:11 93696 --a------ C:\sdjvxa.exe
2008-05-26 21:41:07 87513 --a------ C:\WINDOWS\system32\vbpdtvdp.exe <Not Verified; Microsoft; XML Media>
2008-05-26 21:41:07 87513 --a------ C:\WINDOWS\lfn.exe <Not Verified; Microsoft; XML Media>
2008-05-26 21:41:07 13312 --a------ C:\oxgm.exe
2008-05-26 21:41:06 160256 --a------ C:\WINDOWS\system32\blackster.scr <Not Verified; Peter's Productions; Bugs!>
2008-05-26 21:41:06 72192 --a------ C:\nayqmk.exe
2008-05-22 03:00:29 0 d-------- C:\Program Files\MSXML 6.0
2008-05-20 22:05:52 256 --a------ C:\WINDOWS\system32\pool.bin
2008-05-20 22:05:51 0 d-------- C:\Documents and Settings\Leslie\Application Data\Research In Motion
2008-05-20 20:55:09 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-05-20 20:55:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2008-05-20 20:49:11 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-05-20 20:49:09 0 d-------- C:\Program Files\Roxio
2008-05-20 20:49:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Roxio
2008-05-20 20:48:57 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-05-20 20:35:17 0 d-------- C:\Program Files\Common Files\Research In Motion
2008-05-20 20:35:11 0 d-------- C:\Program Files\Research In Motion
2008-05-20 20:23:11 0 d--hs---- C:\WINDOWS\ftpcache
2008-05-20 18:37:52 3532 --a------ C:\drmHeader.bin
2008-05-13 22:44:31 0 d-------- C:\Program Files\QuickTime
2008-05-12 21:53:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-12 21:50:16 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-12 21:50:16 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-12 21:50:08 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-12 21:50:08 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 21:50:08 831488 --a------ C:\WINDOWS\system32\divx_xx0a.dll
2008-05-12 21:50:08 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 21:50:06 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 21:49:02 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-05 08:04:40 273 --a-----t C:\Documents and Settings\Leslie\Л¨
2008-05-03 12:18:37 0 d-------- C:\Program Files\MSECache
-- Find3M Report ---------------------------------------------------------------
2008-06-02 23:58:10 0 d-------- C:\Documents and Settings\Leslie\Application Data\uTorrent
2008-06-01 14:50:08 0 d-------- C:\Documents and Settings\Leslie\Application Data\vol_toolbar
2008-05-26 22:52:21 0 d-------- C:\Documents and Settings\Leslie\Application Data\AVG7
2008-05-20 20:49:11 0 d-------- C:\Program Files\Common Files
2008-05-20 20:49:09 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-20 18:40:51 0 d-------- C:\Program Files\DivX
2008-05-13 22:46:15 0 d-------- C:\Program Files\iTunes
2008-05-13 22:46:04 0 d-------- C:\Program Files\iPod
2008-05-13 22:39:45 0 d-------- C:\Program Files\Apple Software Update
2008-04-20 17:52:03 0 d-------- C:\Documents and Settings\Leslie\Application Data\Adobe
2008-04-12 00:15:08 0 d-------- C:\Documents and Settings\Leslie\Application Data\Move Networks
2008-04-11 22:32:20 0 d-------- C:\Program Files\Java
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00110011-4b0b-44d5-9718-90c88817369b}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{086ae192-23a6-48d6-96ec-715f53797e85}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{150fa160-130d-451f-b863-b655061432ba}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{17da0c9e-4a27-4ac5-bb75-5d24b8cdb972}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2CD7191C-B938-465E-8D1F-B81A0F9A178B}]
05/26/2008 22:13 318848 --a------ C:\WINDOWS\system32\mlJCSkih.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2d38a51a-23c9-48a1-a33c-48675aa2b494}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2e9caff6-30c7-4208-8807-e79d4ec6f806}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5321e378-ffad-4999-8c62-03ca8155f0b3}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{587dbf2d-9145-4c9e-92c2-1f953da73773}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{79369d5c-2903-4b7a-ade2-d5e0dee14d24}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{799a370d-5993-4887-9df7-0a4756a77d00}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98dbbf16-ca43-4c33-be80-99e6694468a4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a55581dc-2cdb-4089-8878-71a080b22342}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b847676d-72ac-4393-bfff-43a1eb979352}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc97b254-b2b9-4d40-971d-78e0978f5f26}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0}]
10/11/2007 13:49 159744 --a------ C:\Program Files\webHancer\programs\whiehlpr.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765721306}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3eebbe8-9cab-4c76-b26a-747e25ebb4c6}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e7afff2a-1b57-49c7-bf6b-e5123394c970}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fd9bc004-8331-4457-b830-4759ff704c22}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}"= C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL [05/25/2007 09:15 1904128]
[-HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22}]
[HKEY_CLASSES_ROOT\vol_toolbar.VOL_TOOLBAR]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"webHancer Agent"="C:\Program Files\webHancer\Programs\whagent.exe" [05/05/2008 08:52]
"SpyCatcher Reminder"="C:\Program Files\SpyCatcher 2006\SpyCatcher.exe" [06/18/2005 11:19]
"58b10301"="C:\WINDOWS\system32\lekuohcy.dll" [06/02/2008 23:56]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Windows Installer"="C:\Documents and Settings\Leslie\Application Data\Microsoft\dtsc\21865.exe" [05/26/2008 21:43]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56]
C:\Documents and Settings\Leslie\Start Menu\Programs\Startup\
Scheduler.lnk - C:\Program Files\SpyCatcher 2006\Scheduler daemon.exe [5/26/2008 10:57:26 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5/11/2005 11:23:26 PM]
Kodak EasyShare software.lnk - C:\Program Files\Kodak EasyShare software\bin\EasyShare.exe [11/4/2005 3:04:48 PM]
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [6/29/2007 4:38:43 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM]
NETGEAR WG111 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe [9/8/2006 3:47:36 PM]
Smart Wizard Wireless Settings.lnk - C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe [9/8/2006 3:47:36 PM]
SpyCatcher Protector.lnk - C:\Program Files\SpyCatcher 2006\Protector.exe [5/26/2008 10:57:26 PM]
Uninstall NETGEAR WG111 Smart Wizard.lnk - C:\Program Files\InstallShield Installation Information\{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}\Setup.exe [9/8/2006 3:47:16 PM]
VPN Client.lnk - C:\WINDOWS\Installer\{D25122BC-A60E-4663-B602-B01718F12044}\Icon3E5562ED7.ico [9/11/2006 8:42:03 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"StartMenuLogoff"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\vbpdtvdp.exe,"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=interceptor.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mlJCSkih
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\jot04.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- End of Deckard's System Scanner: finished at 2008-06-03 00:01:21 ------------
Results from DSS scan extra:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.40GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 1021.98 MiB / 564.18 MiB
Pagefile Memory (total/avail): 2464.72 MiB / 2087.68 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1921.21 MiB
C: is Fixed (NTFS) - 298.08 GiB total, 206.95 GiB free.
D: is CDROM (No Media)
E: is Removable (FAT)
\\.\PHYSICALDRIVE0 - ST3320620A - 298.09 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 298.08 GiB - C:
\\.\PHYSICALDRIVE1 - USB_DRIVE USB Device - 486.34 MiB - 1 partition
\PARTITION0 - MS-DOS V4 Huge - 490.75 MiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
AV: AVG 7.5.524 v7.5.524 (Grisoft)
Outdated
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\1157224890\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1157224890\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Common Files\\AOL\\1157224890\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1157224890\\ee\\AOLServiceHost.exe:*:Disabled:AOL Services"
"C:\\Program Files\\Last.fm\\LastFM.exe"="C:\\Program Files\\Last.fm\\LastFM.exe:*:Disabled:Last.fm"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Disabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Disabled:Yahoo! Messenger"
"C:\\Program Files\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Leslie\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DGGY2931
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Leslie
LOGONSERVER=\\DGGY2931
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Sonic\MyDVD;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Leslie\LOCALS~1\Temp
TMP=C:\DOCUME~1\Leslie\LOCALS~1\Temp
USERDOMAIN=DGGY2931
USERNAME=Leslie
USERPROFILE=C:\Documents and Settings\Leslie
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Leslie
(admin)
Administrator
(admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> MsiExec.exe /I{2BE0C605-9BEC-434D-9FAE-931194E72414}
--> MsiExec.exe /I{48A669A9-76FA-4CA8-BFD5-00C125AC4166}
--> MsiExec.exe /I{726A362E-EBFD-4C3F-8664-6593C2B08386}
--> MsiExec.exe /I{943CB81D-11B9-401E-8305-752528D00AA1}
--> MsiExec.exe /I{E75F019D-98A0-4B39-B1A8-3A01400D2A18}
--> MsiExec.exe /X{F664EDB9-59DF-452A-A3D7-085ED1B8D374}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}\setup.exe" -l0x9 -L0x9anything
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}\Setup.exe" -l0x9 -L0x9anything
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AIM Toolbar 5.0 --> "C:\Program Files\AOL\AIM Toolbar 5.0\uninstall.exe"
AOL Explorer --> C:\Program Files\Common Files\AOL\1157224890\ee\services\browser\ver1_1_1042\uninst.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
BlackBerry Desktop Software 4.3 --> MsiExec.exe /I{D793A12F-E362-48BB-B332-1DA5E936B52D}
BlackBerry Desktop Software 4.3 --> MsiExec.exe /i{D793A12F-E362-48BB-B332-1DA5E936B52D}
BlackBerry Device Software v4.3.0 for the BlackBerry 8130 smartphone --> MsiExec.exe /X{573D8008-5F38-4F5F-820B-1D3151332282}
Broadcom 440x 10/100 Integrated Controller --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1033
Cisco Systems VPN Client 4.8.01.0300 --> MsiExec.exe /X{D25122BC-A60E-4663-B602-B01718F12044}
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant SmartHSFi V92 56K DF PCI Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
DC++ 0.691 --> "C:\Program Files\DC++\uninstall.exe"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Duplicate Finder --> "C:\Program Files\Duplicate Finder\unins000.exe"
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
HijackThis 1.99.1 --> E:\Hijackthis\HijackThis.exe /uninstall
HLPIndex --> MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPRFO --> MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593}
HP Deskjet 3900 series --> C:\Program Files\HP\Digital Imaging\{3819891A-030B-4a4e-98ED-B28A649E48AB}\setup\hpzscr01.exe -datfile hpfscr05.dat
HP Imaging Device Functions 5.0 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Solution Center & Imaging Support Tools 5.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
Intel® Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
iPod Updater 2004-08-06 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D43E1D3F-CC1F-4E41-80F5-9C1D28187DE9}
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0007_9e2da7\Setup.exe /APR-REMOVE
Last.fm 1.3.1.1 --> "C:\Program Files\Last.fm\unins000.exe"
Microsoft Office XP Media Content --> MsiExec.exe /I{90300409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Standard for Students and Teachers --> MsiExec.exe /I{913D0409-6000-11D3-8CFE-0050048383C9}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Leslie\Application Data\Move Networks\ie_bin\Uninst.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MyDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\SETUP.EXE" -l0x9 -L0x9 /SMAINT
NETGEAR WG111 Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B9CC18-8AB7-402F-B343-CD2127FC3CFC}\SETUP.EXE" -uninst
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
PCDADDIN --> MsiExec.exe /I{65D85050-5610-4A91-A3B1-D5C744291AD4}
PCDHELP --> MsiExec.exe /I{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Roxio Media Manager --> MsiExec.exe /X{303379C9-8610-4CCF-AF37-C4BF8998C591}
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe"
SpyCatcher Express 2006 --> "C:\Program Files\SpyCatcher 2006\unins000.exe"
The Marketing Game! - student software --> C:\WINDOWS\uninst.exe -f"C:\Program Files\TMG\DeIsL1.isu" -c"C:\Program Files\TMG\_ISREG32.DLL"
Verizon Broadband Toolbar --> C:\Program Files\vol_toolbar\uninstall.exe
Verizon High Speed Internet --> "C:\WINDOWS\DSL\unins000.exe"
Verizon Online Help and Support --> C:\PROGRA~1\Verizon\UNWISE.EXE C:\PROGRA~1\Verizon\INSTALL.LOG
Verizon Servicepoint 1.5.12 --> "C:\Program Files\Verizon\VSP\unins000.exe"
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Viewpoint Toolbar --> C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\Uninstaller.exe /u /k /url "
http://www.viewpoint...completed.html"
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
webHancer Customer Companion --> C:\Program Files\webHancer\Programs\whInstaller.exe -uninstall
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\unyext.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type25938 / Error
Event Submitted/Written: 06/02/2008 11:37:13 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-06-03 03:37:13,359 DGGY2931 [000324:000340] ERROR 000 AVG7.WTS.CAvgAmWts ProcessIdToSessionId(2796) call failed with WIN32 error 87, returning session id is 0
Event Record #/Type25874 / Error
Event Submitted/Written: 05/26/2008 10:20:42 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application services.exe, version 5.1.2600.2180, faulting module services.exe, version 5.1.2600.2180, fault address 0x00008e40.
Processing media-specific event for [services.exe!ws!]
Event Record #/Type25862 / Error
Event Submitted/Written: 05/26/2008 09:45:11 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-05-27 01:45:11,296 DGGY2931 [002008:002028] ERROR 000 AVG7.WTS.CAvgAmWts ProcessIdToSessionId(2340) call failed with WIN32 error 87, returning session id is 0
Event Record #/Type25861 / Error
Event Submitted/Written: 05/26/2008 09:44:44 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-05-27 01:44:44,765 DGGY2931 [002008:002028] ERROR 000 AVG7.WTS.CAvgAmWts ProcessIdToSessionId(2624) call failed with WIN32 error 87, returning session id is 0
Event Record #/Type25859 / Error
Event Submitted/Written: 05/26/2008 09:41:39 PM / 05/26/2008 09:41:40 PM
Event ID/Source: 100 / AVG7
Event Description:
2008-05-27 01:41:39,984 DGGY2931 [002008:002028] ERROR 000 AVG7.WTS.CAvgAmWts ProcessIdToSessionId(1384) call failed with WIN32 error 87, returning session id is 0
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type48316 / Error
Event Submitted/Written: 06/02/2008 11:56:50 PM
Event ID/Source: 1003 / System Error
Event Description:
Error code 1000008e, parameter1 c000001d, parameter2 00690064, parameter3 ee0f4cec, parameter4 00000000.
Event Record #/Type48314 / Warning
Event Submitted/Written: 06/02/2008 11:56:30 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type48294 / Error
Event Submitted/Written: 06/02/2008 11:34:35 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
Beep
Event Record #/Type48290 / Error
Event Submitted/Written: 06/02/2008 09:36:42 PM
Event ID/Source: 7006 / Service Control Manager
Event Description:
The ScRegSetValueExW call failed for DeleteFlag with the following error:
%%5
Event Record #/Type48289 / Error
Event Submitted/Written: 06/02/2008 09:31:59 PM
Event ID/Source: 7006 / Service Control Manager
Event Description:
The ScRegSetValueExW call failed for Start with the following error:
%%5
-- End of Deckard's System Scanner: finished at 2008-06-03 00:01:21 ------------