Was infected with Vundo and Boaxxe.dll, Malwarebytes removed 318 Vundo and Adware trojans, I don't know if Boaxxe.dll is gone but...
When my computer starts up
.... I recieve a message box that states:
Windows can not open this file:
File: (name of file.lnk )
To open this file Windows needs to know what program created it. Windows can go online and look for it automatically, or you can manually select from a list of programs on your computer.
What do you want to do?(it asks me to choose)
Use a web service to find an appropriate program
Select from a list
This box pops up after every program I click on except IE, AOL, Recycle Bin, & My Computer
I think that my automatic updates have started again because earlier I saw the the Yellow diamond in my task bar. But its not there now. I had to fiddle around in my : My computer folder to find the appropriate file to open programs on my desk top ... The pics from the icons on my desktop are changed to that little white box with red and blue lil dialog box..
Please help me!!!!!!!!!!
Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-22 16:45:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
50: 2008-06-22 20:45:37 UTC - RP1784 - Deckard's System Scanner Restore Point
49: 2008-06-22 18:09:37 UTC - RP1783 - System Checkpoint
48: 2008-06-21 17:19:33 UTC - RP1782 - Restore Operation
47: 2008-06-20 17:31:19 UTC - RP1781 - System Checkpoint
46: 2008-06-19 16:46:18 UTC - RP1780 - System Checkpoint
-- First Restore Point --
1: 2008-05-15 01:57:49 UTC - RP1735 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 510 MiB (512 MiB recommended).
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-22 16:47:19
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\WINDOWS\SYSTEM32\PackethSvc.exe
C:\WINDOWS\SYSTEM32\dllhost.exe
C:\Program Files\mcafee.com\Agent\Mcdetect.exe
C:\Program Files\mcafee.com\VSO\McShield.exe
C:\Program Files\mcafee.com\Agent\McTskshd.exe
C:\Program Files\mcafee.com\VSO\oasclnt.exe
C:\Program Files\McAfee\SpamKiller\MSKSrvr.exe
C:\Program Files\mcafee.com\VSO\mcvsshld.exe
C:\Program Files\mcafee.com\VSO\McVSEscn.exe
C:\WINDOWS\SYSTEM32\nvsvc32.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\dmadmin.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\WINDOWS\SYSTEM32\ctfmon.exe
C:\Program Files\Common Files\AOL\1211590469\ee\aolsoftware.exe
C:\Program Files\Traysoft\PhoneTray\PhoneTray.exe
C:\WINDOWS\SYSTEM32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\America Online 9.0\aolwbspd.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = [url]http://ie.search.msn.com[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = [url]http://fastsearchweb.com/srh.php?q=%s[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.lotterypost.com/forum/3[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BB1B1C2E-F0C1-44F2-AC35-5CC8E02F7907} - C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\M44OI8Q8\3077ahntdksr[1].dll (file missing)
O2 - BHO: (no name) - {E60A96EE-9C19-4CCB-A716-2665CB3809Fe} - (no file)
O2 - BHO: {75163809-9eab-89db-1854-c9af090840ce} - {ec048090-fa9c-4581-bd98-bae990836157} - C:\WINDOWS\SYSTEM32\tcnwmkuh.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\Program Files\mcafee.com\VSO\mcvsshl.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\ycomp5_1_6_0.dll
O3 - Toolbar: (no name) - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} - (no file)
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)
O3 - Toolbar: (no name) - {12EE7A5E-0674-42f9-A76B-000000004D00} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [SDFix] C:\SDFix\RunThis.bat /second
O4 - HKCU\..\Run: [Igl] C:\WINDOWS\System32\l?ass.exe
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\msjava.dll
O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: [url]http://search-soft.net[/url] (HKCU)
O16 - DPF: {11111111-1111-1111-1111-111111113457} () - file://c:\ied_s7m.cab
O16 - DPF: {11111111-1111-1111-1111-511111113457} () - file://c:\x.cab
O16 - DPF: {11111111-1111-1111-1111-511111113458} () - file://c:\x.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - [url]http://download.av.aol.com/molbin/shared/m...77/mcinsctl.cab[/url]
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - [url]http://aol.ea.com/downloads/games/common/snoopy/iesnoopy.cab[/url]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://www.update.microsoft.com/windowsupd...b?1210893136734[/url]
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - [url]http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://www.update.microsoft.com/microsoftu...b?1210989330546[/url]
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - [url]http://download.av.aol.com/molbin/shared/m...,18/mcgdmgr.cab[/url]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://active.macromedia.com/flash2/cabs/swflash.cab[/url]
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - [url]http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?316[/url]
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - [url]http://us.dl1.yimg.com/download.yahoo.com/.../yiebio4029.cab[/url]
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{01D1C6CD-6D44-46B6-BA89-10155A459FBE}: NameServer = 69.50.166.94,69.31.80.244
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{A0F3549F-A6F5-419F-B32D-3F976AA07F8C}: NameServer = 69.50.166.94,69.31.80.244
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{E09FF6F1-A6FA-474D-8D69-B393B98DA065}: NameServer = 205.188.146.145
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\SYSTEM32\msvidctl.dll
O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - (no file)
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\acsd.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - C:\Program Files\mcafee.com\Agent\Mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - C:\Program Files\mcafee.com\VSO\McShield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - C:\Program Files\mcafee.com\Agent\McTskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\mcafee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\Program Files\McAfee\SpamKiller\MSKSrvr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\SYSTEM32\PackethSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: WebSeach Toolbar support NT service (TBPSSvc) - Unknown owner - C:\PROGRA~1\Toolbar\TBPSSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe
--
End of file - 9436 bytes
-- File Associations -----------------------------------------------------------
.bat - unable to read key
.bat - unable to read key
.bat - unable to read key
.com - unable to read key
.com - unable to read key
.exe - unable to read key
.exe - unable to read key
.lnk - unable to read key
.pif - unable to read key
.reg - unable to read key
.reg - unable to read key
.reg - unable to read key
.scr - unable to read key
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
S3 catchme - c:\docume~1\owner\locals~1\temp\catchme.sys (file missing)
S3 Freedom (FREEDOM Miniport) - c:\windows\system32\drivers\freedom.sys (file missing)
S3 PCDRDRV (Pcdr Helper Driver) - c:\windows\system32\drivers\pcdrdrv.sys (file missing)
S3 PcdrNt - c:\windows\system32\drivers\pcdrnt.sys <Not Verified; PC-Doctor Inc.; PC-Doctor NT 3.0>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 MskService (McAfee SpamKiller Server) - c:\progra~1\mcafee\spamki~1\msksrvr.exe <Not Verified; McAfee Inc.; McAfee SpamKiller>
R2 PackethSvc (Virtual NIC Service) - c:\windows\system32\packethsvc.exe <Not Verified; America Online, Inc.; America Online>
S2 WinToolsSvc (WinTools for IE service) - c:\program files\common files\wintools\wtoolss.exe (file missing)
S4 TBPSSvc (WebSeach Toolbar support NT service) - c:\progra~1\toolbar\tbpssvc.exe (file missing)
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Parallel Device
Device ID: ROOT\LEGACY_HPFECP11\0000
Manufacturer:
Name: Parallel Device
PNP Device ID: ROOT\LEGACY_HPFECP11\0000
Service: HPFECP11
-- Scheduled Tasks -------------------------------------------------------------
2008-06-16 10:25:02 300 --a------ C:\WINDOWS\Tasks\Easy Internet Sign-up.job
-- Files created between 2008-05-22 and 2008-06-22 -----------------------------
2008-06-22 15:06:08 0 d-------- C:\WINDOWS\ERUNT
2008-06-22 14:59:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-06-22 14:59:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Corel
2008-06-22 14:59:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-22 14:59:01 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-22 14:59:01 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-22 14:59:01 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-22 14:59:01 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-22 14:59:01 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-22 14:59:01 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-06-22 14:59:01 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-22 14:59:01 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-06-22 14:59:01 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-22 14:59:01 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-22 14:59:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2008-06-22 14:59:00 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-22 00:49:41 0 d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-06-22 00:48:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-22 00:48:30 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-21 19:31:19 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-06-21 18:42:41 0 d-------- C:\Program Files\CCleaner
2008-06-21 18:21:51 0 d-------- C:\VundoFix Backups
2008-06-21 15:48:41 99328 --a------ C:\WINDOWS\system32\tcnwmkuh.dll
2008-06-20 21:35:28 90112 --a------ C:\WINDOWS\system32\lhjbodol.dll
2008-06-19 21:33:44 90112 --a------ C:\WINDOWS\system32\wttepfqe.dll
2008-06-17 21:30:32 90112 --a------ C:\WINDOWS\system32\fggureyw.dll
2008-06-16 18:50:52 90112 --a------ C:\WINDOWS\system32\rvvfxlrl.dll
2008-06-15 18:42:58 90112 --a------ C:\WINDOWS\system32\bjavnnkf.dll
2008-06-14 21:45:16 99328 --a------ C:\WINDOWS\system32\jnsrlcyr.dll
2008-06-13 21:26:29 99328 --a------ C:\WINDOWS\system32\yuavewtj.dll
2008-06-13 21:17:28 89600 --a------ C:\WINDOWS\system32\wqarowmr.dll
2008-06-10 22:39:17 145 --a------ C:\WINDOWS\system32\winver.bat
2008-06-08 22:24:38 0 d-------- C:\Program Files\7-Zip
2008-06-05 17:21:35 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-05 17:20:55 0 d-------- C:\Program Files\Windows Live
2008-06-05 17:20:22 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-05 16:29:28 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-05 16:23:37 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-05 16:23:37 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-05 14:59:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-05 03:53:48 0 d-------- C:\Program Files\Shareaza
2008-06-05 03:53:48 0 d-------- C:\Documents and Settings\Owner\Application Data\Shareaza
2008-06-03 22:55:44 0 d-------- C:\Program Files\Traysoft
2008-06-03 20:28:55 0 d-------- C:\Documents and Settings\Owner\Application Data\Image Zone Express
2008-05-30 20:12:01 0 d-------- C:\WINDOWS\Downloaded Installations
2008-05-26 04:28:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-24 11:24:40 0 d-------- C:\Documents and Settings\Owner\Application Data\acccore
2008-05-23 20:54:02 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
-- Find3M Report ---------------------------------------------------------------
2008-06-15 15:19:52 0 d-------- C:\Program Files\PC-Doctor for Windows XP
2008-06-11 18:25:45 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-06-11 16:42:51 0 d-a------ C:\Program Files\Common Files
2008-06-11 16:42:13 0 d-------- C:\Program Files\HP DeskJet 810C Series
2008-06-11 16:38:11 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-11 16:34:56 0 d-------- C:\Program Files\Common Files\Motive
2008-06-04 00:11:47 0 d-------- C:\Program Files\Common Files\AOL
2008-05-31 02:17:46 0 d-------- C:\Program Files\My Movies
2008-05-31 02:07:27 0 d-------- C:\Program Files\America Online 9.0
2008-05-30 20:12:09 0 d-------- C:\Program Files\HP
2008-05-26 03:19:39 0 d-------- C:\Documents and Settings\Owner\Application Data\MSN6
2008-05-24 11:23:11 0 d-------- C:\Documents and Settings\Owner\Application Data\AOL
2008-05-23 18:36:19 0 d-------- C:\Program Files\Common Files\midaddle
2008-05-22 01:36:01 0 d-------- C:\Program Files\microsoft frontpage
2008-05-21 22:59:15 106680 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2008-05-21 22:52:37 0 d-------- C:\Program Files\Print Workshop 2004 LE
2008-05-21 22:51:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-21 22:46:15 0 d-------- C:\Program Files\Business Card Workshop
2008-05-21 22:44:30 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-20 17:15:08 0 d-------- C:\Program Files\Logitech
2008-05-20 17:13:50 0 d-------- C:\Program Files\Common Files\Logitech
2008-05-16 17:14:54 123996 --a------ C:\WINDOWS\HPHins12.dat
2008-05-16 17:14:28 0 d-------- C:\Documents and Settings\Owner\Application Data\HP
2008-05-16 17:09:16 0 d-------- C:\Program Files\Common Files\HP
2008-05-16 17:06:17 0 d-------- C:\Program Files\Hewlett-Packard
2008-05-13 20:59:52 0 d-------- C:\Program Files\AOL Companion
2008-05-13 20:59:50 0 d-------- C:\Program Files\Common Files\aolshare
2008-05-13 19:52:43 0 d-------- C:\Program Files\Common Files\Real
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BB1B1C2E-F0C1-44F2-AC35-5CC8E02F7907}]
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\M44OI8Q8\3077ahntdksr[1].dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E60A96EE-9C19-4CCB-A716-2665CB3809Fe}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ec048090-fa9c-4581-bd98-bae990836157}]
06/21/2008 03:49 PM 99328 --a------ C:\WINDOWS\system32\tcnwmkuh.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [01/11/2006 12:05 PM]
"checktime"="c:\program files\HPSelect\Frontend\ct.exe" [08/13/2001 11:23 PM]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [07/08/2005 06:18 PM]
"WildTangent CDA"="C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll" [05/10/2004 08:40 PM]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [03/23/2005 04:33 PM]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [03/23/2005 03:47 PM]
"AWMON"="C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe" [09/16/2004 05:15 PM]
"Malwarebytes Anti-Malware Reboot"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [06/19/2008 05:47 PM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [09/22/2005 06:29 PM]
"SDFix"="C:\SDFix\RunThis.bat /second" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Igl"="C:\WINDOWS\System32\l?ass.exe" [08/04/2004 01:56 AM]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [03/23/2005 04:33 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [05/20/2008 05:14 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp center UI.lnk - C:\Program Files\hp center\137903\Shadow\ShadowBar.exe [11/6/2001 10:46:15 PM]
hp center.lnk - C:\Program Files\hp center\137903\Program\BackWeb-137903.exe [11/6/2001 10:46:17 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 4:21:22 AM]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bj62Sp77U]
C:\documents and settings\owner\local settings\temp\Bj62Sp77U.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
c:\Program Files\Microsoft Works\WkDetect.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Quick Launch]
"C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
"C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ntsij]
C:\documents and settings\owner\local settings\temp\Ntsij.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinTools]
C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WT GameChannel]
C:\Program Files\WildTangent\Apps\GameChannel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yne32o]
C:\documents and settings\owner\local settings\temp\Yne32o.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TBPSSvc"=3 (0x3)
"MyWebSearchService"=2 (0x2)
-- End of Deckard's System Scanner: finished at 2008-06-22 16:51:19 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Celeron(TM) CPU 1300MHz
Percentage of Memory in Use: 69%
Physical Memory (total/avail): 509.98 MiB / 155.61 MiB
Pagefile Memory (total/avail): 1245.77 MiB / 922.26 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1917.85 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 51.27 GiB total, 36.23 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Fixed (NTFS) - 38.28 GiB total, 25.99 GiB free.
\\.\PHYSICALDRIVE1 - Maxtor 6E040L0 - 38.28 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 38.28 GiB - F:
\\.\PHYSICALDRIVE0 - SAMSUNG SV6003H - 55.93 GiB - 2 partitions
\PARTITION0 - Unknown - 4.66 GiB
\PARTITION1 (bootable) - Installable File System - 51.27 GiB - C:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
AUState says computer is ready and waiting.
Windows Internal Firewall is enabled.
AV: McAfee VirusScan v (McAfee)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\hp center\\137903\\Program\\BackWeb-137903.exe"="C:\\Program Files\\hp center\\137903\\Program\\BackWeb-137903.exe:*:Disabled:BackWeb-137903"
"C:\\Program Files\\Online Services\\AOL\\AOL60US.exe"="C:\\Program Files\\Online Services\\AOL\\AOL60US.exe:*:Enabled:AOL"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\MSN\\MSNCoreFiles\\msn6.exe"="C:\\Program Files\\MSN\\MSNCoreFiles\\msn6.exe:*:Enabled:MSN Explorer"
"C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\AcroRd32.exe"="C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\AcroRd32.exe:*:Enabled:Acrobat Reader 5.0"
"C:\\SIERRA\\PBALL6D\\Pinball.exe"="C:\\SIERRA\\PBALL6D\\Pinball.exe:*:Disabled:3D Ultra Pinball Thrillride Demo"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:backWeb-8876480"
"C:\\Program Files\\Toolbar\\TBPS.exe"="C:\\Program Files\\Toolbar\\TBPS.exe:*:Enabled:WebSearch Toolbar"
"C:\\Program Files\\Toolbar\\PIB.exe"="C:\\Program Files\\Toolbar\\PIB.exe:*:Enabled:WebSearch Toolbar"
"C:\\Program Files\\Toolbar\\TBPSSvc.exe"="C:\\Program Files\\Toolbar\\TBPSSvc.exe:*:Enabled:WebSearch Toolbar Service"
"C:\\Program Files\\Toolbar\\CT5Upd.exe"="C:\\Program Files\\Toolbar\\CT5Upd.exe:*:Enabled:WebSearch Toolbar Plugin"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\\Program Files\\Common Files\\AOL\\1211590469\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1211590469\\ee\\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1211590469\\ee\\AOLDesktop.exe"="C:\\Program Files\\Common Files\\AOL\\1211590469\\ee\\AOLDesktop.exe:*:Enabled:AOL Desktop"
"C:\\Documents and Settings\\Owner\\Local Settings\\Temp\\ImInstaller\\incredimail_installer.exe"="C:\\Documents and Settings\\Owner\\Local Settings\\Temp\\ImInstaller\\incredimail_installer.exe:*:Enabled:IncrediMail Installer"
"C:\\Program Files\\Shareaza\\Shareaza.exe"="C:\\Program Files\\Shareaza\\Shareaza.exe:*:Enabled:Shareaza Ultimate File Sharing"
"C:\\WINDOWS\\system32\\winver.exe"="C:\\WINDOWS\\system32\\winver.exe:*:Enabled:winver"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-W92P4BHLZG
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\YOUR-W92P4BHLZG
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program files\PC-Doctor for Windows XP\WINDSAPI
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 11 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0b01
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=YOUR-W92P4BHLZG
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Owner [I](admin)[/I]
Administrator [I](new local, admin)[/I]
-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\PBALL6D\Uninst.isu
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF00D1-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03D9-F17B-11D6-88EA-000476CD2443}\Setup.exe" -l0x9 UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
Ad-Aware SE Plus --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AOL Coach Version 1.0(Build:20030807.3) --> C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe
AOL Registration --> "C:\Program Files\AOL\RC\uninstall.exe"
AOL Toolbar 5.0 --> "C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Business Card Workshop --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5F074DBE-37F2-46A9-8AF6-CBCF26AF4F09}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Contraptions Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DDF7C002-D51E-4F4D-92FE-3CC3B4112F5B}\_DSETUP.EXE"
Detto IntelliMover --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DA9F6EF5-E48A-4E45-BC57-AA16193763B7}\Setup.exe"
EA.COM --> C:\PROGRA~1\EACOM\Update\UNWISE.EXE C:\PROGRA~1\EACOM\Update\INSTALL.LOG
Easy Internet Sign-up --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B5DDB2C-0807-47FD-9C11-80EA761902C0}\Setup.exe" -l0x9
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hoyle Board Games 3 Demo --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HBG3DEMO\Uninst.isu
Hoyle Card Games 3 --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\CARD3\Uninst.isu
Hoyle Card Games 3 Demo --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HCG3DEMO\Uninst.isu
Hoyle Casino 5 --> C:\WINDOWS\IsUninst.exe -f"C:\SIERRA\Hoyle Casino 5\Uninst.isu"
Hoyle Word Games --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\WORDGAME\Uninst.isu
Hoyle Word Games Demo --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\HWGDEMO\Uninst.isu
hp center --> C:\WINDOWS\BWUnin-6.1.0.153.exe -AppId 137903
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Instant Support --> C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG
HP Learning Adventure --> c:\program files\HPSelect\Frontend\uninstall.exe
HP Photosmart and Deskjet 7.0 Software --> C:\Program Files\HP\Digital Imaging\{D2A3C9D5-0B56-4656-8277-7EDC65D62B6E}\setup\hpzscr01.exe -datfile hphscr12.dat -showdisconnect -forcereboot
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Product Detection --> MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP RecordNow --> MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Inactive HP Printer Drivers (Remove only) --> RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf
InterVideo WinDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
Java 2 Runtime Environment, SE v1.4.2_06 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142060}
KazooStudio --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Kazoo3D\KazooStudio\Uninst.isu" -c"C:\Program Files\Kazoo3D\KazooStudio\UnInst.dll"
KBD --> C:\HP\KBD\KBD.EXE uninstalled
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL
Logitech iTouch Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x9 UNINSTALL
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MarketBrowser --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35845E72-E34A-11D4-817D-005004D0F1FA}\Setup.exe" -uninst
Mavis Beacon Teaches Typing 8.0.1 --> C:\PROGRA~1\MINDSC~1\MAVISB~1\UNINST.EXE
McAfee SecurityCenter --> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
McAfee SpamKiller --> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /appid=MSK /uninstall=1 /interact=1 /script_proactive=0 /start="c:\PROGRA~1\mcafee.com\agent\uninst\mskremui.dll::uninstall.htm"
McAfee VirusScan --> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=vso /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui.dll::uninstall.htm
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Money 2002 --> MsiExec.exe /I{E7298FD5-1386-11D5-8D6C-0050DAD32D95}
Microsoft Money 2002 System Pack --> MsiExec.exe /I{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Works 6.0 --> MsiExec.exe /I{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}
Microsoft Works and Money 2002 Setup Launcher --> C:\Program Files\Microsoft Works and Money 2002\Setup\Launcher.exe \hp\tmp\src\
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MUSICMATCH Jukebox --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MusicMatch\MusicMatch Jukebox\Uninst.isu" -cC:\PROGRA~1\MUSICM~1\MUSICM~1\unmatch.dll
My Photo Center --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\My Photo Center\Uninst.isu"
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
PC-Doctor for Windows --> C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\PC-DOC~1\INSTALL.LOG
PhoneTray Dialup --> C:\Program Files\Traysoft\PhoneTray\Uninstall.exe
Print Workshop 2004 LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{952682F8-F40D-11D7-AD8E-0050DA87D0EB}\Setup.exe" -l0x9
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 1.5 combined Win32 extensions --> C:\PROGRA~1\Python\UNWISE~1.EXE C:\PROGRA~1\Python\W32INST.LOG
Python 1.5.2 (final) --> C:\PROGRA~1\Python\UNWISE.EXE C:\PROGRA~1\Python\INSTALL.LOG
Quicken 2002 New User Edition --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\QUICKENW\Uninst.isu" -c"C:\Program Files\QUICKENW\uninst.dll"
Quicken Financial Center --> C:\PROGRA~1\QUICKE~1\rem\UNWISE.EXE /s C:\PROGRA~1\QUICKE~1\rem\INSTALL.LOG
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\System32\QuickTime\Uninstall.log
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
RingMaster from Hewlett-Packard Desktops (remove only) --> "C:\Program Files\WildTangent\Apps\GameChannel\Games\8c9c48d7-2d03-4a1f-a303-5bd22ccabae1\Uninstall.exe"
S3 Gamma --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3 Gamma'
S3 Savage4 Family Display Switch2 Utility --> S3Uninst.exe -reg 5 HKLM\SOFTWARE\S3\S3Uninst\S3Switch2
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Shareaza 2.3.1.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe"
Sonic Foundry Super Duper Music Looper XPress --> MsiExec.exe /I{7B4BB888-B44E-4B91-BEE9-FE14B312B58C}
Tcl 8.0.5 for Windows --> C:\PROGRA~1\Tcl\UNWISE.EXE C:\PROGRA~1\Tcl\INSTALL.LOG
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail --> MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Yahoo! Companion --> regsvr32 /s /u C:\PROGRA~1\Yahoo!\COMPAN~1\YCOMP5~1.DLL
-- Application Event Log -------------------------------------------------------
Event Record #/Type5659 / Error
Event Submitted/Written: 06/22/2008 04:45:41 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application taskmgr.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type5658 / Error
Event Submitted/Written: 06/22/2008 03:57:59 PM
Event ID/Source: 0 / MSKSrvr.exe
Event Description:
The service process could not connect to the service controller
Event Record #/Type5646 / Error
Event Submitted/Written: 06/21/2008 08:55:44 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application Shareaza.exe, version 2.3.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type5645 / Error
Event Submitted/Written: 06/21/2008 08:55:43 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application Shareaza.exe, version 2.3.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type5644 / Error
Event Submitted/Written: 06/21/2008 08:55:42 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application Shareaza.exe, version 2.3.1.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type488114 / Error
Event Submitted/Written: 06/22/2008 03:42:54 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Event Record #/Type488113 / Error
Event Submitted/Written: 06/22/2008 03:42:54 PM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Event Record #/Type488110 / Error
Event Submitted/Written: 06/22/2008 03:40:55 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Event Record #/Type488109 / Error
Event Submitted/Written: 06/22/2008 03:40:55 PM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Event Record #/Type488091 / Error
Event Submitted/Written: 06/22/2008 03:35:34 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The WinTools for IE service service failed to start due to the following error:
%%2
-- End of Deckard's System Scanner: finished at 2008-06-22 16:51:19 ------------
Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-24 22:28:54
Computer is in Normal Mode.
--------------------------------------------------------------------------------
[color=red]Percentage of Memory in Use: 76% (more than 75%).[/color]
[color=red]Total Physical Memory: 510 MiB (512 MiB recommended).[/color]
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-24 22:30:55
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\WINDOWS\SYSTEM32\PackethSvc.exe
C:\WINDOWS\SYSTEM32\dllhost.exe
C:\Program Files\mcafee.com\Agent\Mcdetect.exe
C:\Program Files\mcafee.com\VSO\McShield.exe
C:\Program Files\mcafee.com\Agent\McTskshd.exe
C:\Program Files\mcafee.com\VSO\oasclnt.exe
C:\Program Files\mcafee.com\VSO\mcvsshld.exe
C:\Program Files\mcafee.com\Agent\mcagent.exe
C:\Program Files\mcafee.com\VSO\McVSEscn.exe
C:\Program Files\McAfee\SpamKiller\MSKSrvr.exe
C:\WINDOWS\SYSTEM32\nvsvc32.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\dmadmin.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Traysoft\PhoneTray\PhoneTray.exe
C:\WINDOWS\SYSTEM32\ctfmon.exe
C:\Program Files\Common Files\AOL\1211590469\ee\aolsoftware.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\America Online 9.0\aolwbspd.exe
C:\Documents and Settings\Owner\Desktop\dss.exe
C:\Program Files\mcafee.com\Agent\mcdash.exe
C:\Program Files\mcafee.com\shared\mghtml.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = [url]http://ie.search.msn.com[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = [url]http://fastsearchweb.com/srh.php?q=%s[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.lotterypost.com/forum/3[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {BB1B1C2E-F0C1-44F2-AC35-5CC8E02F7907} - C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\M44OI8Q8\3077ahntdksr[1].dll (file missing)
O2 - BHO: (no name) - {E60A96EE-9C19-4CCB-A716-2665CB3809Fe} - (no file)
O2 - BHO: {75163809-9eab-89db-1854-c9af090840ce} - {ec048090-fa9c-4581-bd98-bae990836157} - C:\WINDOWS\SYSTEM32\tcnwmkuh.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\Program Files\mcafee.com\VSO\mcvsshl.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\ycomp5_1_6_0.dll
O3 - Toolbar: (no name) - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} - (no file)
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)
O3 - Toolbar: (no name) - {12EE7A5E-0674-42f9-A76B-000000004D00} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware Reboot] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [SDFix] C:\SDFix\RunThis.bat /second
O4 - HKCU\..\Run: [Igl] C:\WINDOWS\System32\l?ass.exe
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\msjava.dll
O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: [url]http://search-soft.net[/url] (HKCU)
O16 - DPF: {11111111-1111-1111-1111-111111113457} () - file://c:\ied_s7m.cab
O16 - DPF: {11111111-1111-1111-1111-511111113457} () - file://c:\x.cab
O16 - DPF: {11111111-1111-1111-1111-511111113458} () - file://c:\x.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - [url]http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,77/mcinsctl.cab[/url]
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} (SnoopyCtrl Class) - [url]http://aol.ea.com/downloads/games/common/snoopy/iesnoopy.cab[/url]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1210893136734[/url]
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - [url]http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1210989330546[/url]
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - [url]http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,18/mcgdmgr.cab[/url]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]http://active.macromedia.com/flash2/cabs/swflash.cab[/url]
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - [url]http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?316[/url]
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio4029.cab[/url]
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{01D1C6CD-6D44-46B6-BA89-10155A459FBE}: NameServer = 69.50.166.94,69.31.80.244
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{A0F3549F-A6F5-419F-B32D-3F976AA07F8C}: NameServer = 69.50.166.94,69.31.80.244
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{E09FF6F1-A6FA-474D-8D69-B393B98DA065}: NameServer = 205.188.146.145
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\SYSTEM32\msvidctl.dll
O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - (no file)
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\acsd.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - C:\Program Files\mcafee.com\Agent\Mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - C:\Program Files\mcafee.com\VSO\McShield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - C:\Program Files\mcafee.com\Agent\McTskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\mcafee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\Program Files\McAfee\SpamKiller\MSKSrvr.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\nvsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\SYSTEM32\PackethSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: WebSeach Toolbar support NT service (TBPSSvc) - Unknown owner - C:\PROGRA~1\Toolbar\TBPSSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe
--
End of file - 9543 bytes
-- Files created between 2008-05-24 and 2008-06-24 -----------------------------
2008-06-23 20:24:28 0 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-06-22 15:06:08 0 d-------- C:\WINDOWS\ERUNT
2008-06-22 14:59:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-06-22 14:59:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Corel
2008-06-22 14:59:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-06-22 14:59:01 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-22 14:59:01 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-22 14:59:01 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-22 14:59:01 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-22 14:59:01 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-06-22 14:59:01 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-22 14:59:01 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-06-22 14:59:01 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-22 14:59:01 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-06-22 14:59:01 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-22 14:59:01 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-22 14:59:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2008-06-22 14:59:00 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-22 00:49:41 0 d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-06-22 00:48:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-22 00:48:30 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-21 19:31:19 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-06-21 18:42:41 0 d-------- C:\Program Files\CCleaner
2008-06-21 18:21:51 0 d-------- C:\VundoFix Backups
2008-06-21 15:48:41 99328 --a------ C:\WINDOWS\system32\tcnwmkuh.dll
2008-06-20 21:35:28 90112 --a------ C:\WINDOWS\system32\lhjbodol.dll
2008-06-19 21:33:44 90112 --a------ C:\WINDOWS\system32\wttepfqe.dll
2008-06-17 21:30:32 90112 --a------ C:\WINDOWS\system32\fggureyw.dll
2008-06-16 18:50:52 90112 --a------ C:\WINDOWS\system32\rvvfxlrl.dll
2008-06-15 18:42:58 90112 --a------ C:\WINDOWS\system32\bjavnnkf.dll
2008-06-14 21:45:16 99328 --a------ C:\WINDOWS\system32\jnsrlcyr.dll
2008-06-13 21:26:29 99328 --a------ C:\WINDOWS\system32\yuavewtj.dll
2008-06-13 21:17:28 89600 --a------ C:\WINDOWS\system32\wqarowmr.dll
2008-06-10 22:39:17 145 --a------ C:\WINDOWS\system32\winver.bat
2008-06-08 22:24:38 0 d-------- C:\Program Files\7-Zip
2008-06-05 17:21:35 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-05 17:20:55 0 d-------- C:\Program Files\Windows Live
2008-06-05 17:20:22 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-05 16:29:28 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-05 16:23:37 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-05 16:23:37 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-05 14:59:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-05 03:53:48 0 d-------- C:\Program Files\Shareaza
2008-06-05 03:53:48 0 d-------- C:\Documents and Settings\Owner\Application Data\Shareaza
2008-06-03 22:55:44 0 d-------- C:\Program Files\Traysoft
2008-06-03 20:28:55 0 d-------- C:\Documents and Settings\Owner\Application Data\Image Zone Express
2008-05-30 20:12:01 0 d-------- C:\WINDOWS\Downloaded Installations
2008-05-26 04:28:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-24 11:24:40 0 d-------- C:\Documents and Settings\Owner\Application Data\acccore
-- Find3M Report ---------------------------------------------------------------
2008-06-15 15:19:52 0 d-------- C:\Program Files\PC-Doctor for Windows XP
2008-06-11 18:25:45 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-06-11 16:42:51 0 d-a------ C:\Program Files\Common Files
2008-06-11 16:42:13 0 d-------- C:\Program Files\HP DeskJet 810C Series
2008-06-11 16:38:11 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-11 16:34:56 0 d-------- C:\Program Files\Common Files\Motive
2008-06-04 00:11:47 0 d-------- C:\Program Files\Common Files\AOL
2008-05-31 02:17:46 0 d-------- C:\Program Files\My Movies
2008-05-31 02:07:27 0 d-------- C:\Program Files\America Online 9.0
2008-05-30 20:12:09 0 d-------- C:\Program Files\HP
2008-05-26 03:19:39 0 d-------- C:\Documents and Settings\Owner\Application Data\MSN6
2008-05-24 11:23:11 0 d-------- C:\Documents and Settings\Owner\Application Data\AOL
2008-05-23 18:36:19 0 d-------- C:\Program Files\Common Files\midaddle
2008-05-22 01:36:01 0 d-------- C:\Program Files\microsoft frontpage
2008-05-21 22:59:15 106680 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2008-05-21 22:52:37 0 d-------- C:\Program Files\Print Workshop 2004 LE
2008-05-21 22:51:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-21 22:46:15 0 d-------- C:\Program Files\Business Card Workshop
2008-05-21 22:44:30 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-20 17:15:08 0 d-------- C:\Program Files\Logitech
2008-05-20 17:13:50 0 d-------- C:\Program Files\Common Files\Logitech
2008-05-16 17:14:54 123996 --a------ C:\WINDOWS\HPHins12.dat
2008-05-16 17:14:28 0 d-------- C:\Documents and Settings\Owner\Application Data\HP
2008-05-16 17:09:16 0 d-------- C:\Program Files\Common Files\HP
2008-05-16 17:06:17 0 d-------- C:\Program Files\Hewlett-Packard
2008-05-13 20:59:52 0 d-------- C:\Program Files\AOL Companion
2008-05-13 20:59:50 0 d-------- C:\Program Files\Common Files\aolshare
2008-05-13 19:52:43 0 d-------- C:\Program Files\Common Files\Real
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BB1B1C2E-F0C1-44F2-AC35-5CC8E02F7907}]
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\M44OI8Q8\3077ahntdksr[1].dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E60A96EE-9C19-4CCB-A716-2665CB3809Fe}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ec048090-fa9c-4581-bd98-bae990836157}]
06/21/2008 03:49 PM 99328 --a------ C:\WINDOWS\system32\tcnwmkuh.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [01/11/2006 12:05 PM]
"checktime"="c:\program files\HPSelect\Frontend\ct.exe" [08/13/2001 11:23 PM]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [07/08/2005 06:18 PM]
"WildTangent CDA"="C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll" [05/10/2004 08:40 PM]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [03/23/2005 04:33 PM]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [03/23/2005 03:47 PM]
"AWMON"="C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe" [09/16/2004 05:15 PM]
"Malwarebytes Anti-Malware Reboot"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [06/19/2008 05:47 PM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [09/22/2005 06:29 PM]
"SDFix"="C:\SDFix\RunThis.bat /second" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Igl"="C:\WINDOWS\System32\l?ass.exe" [08/04/2004 01:56 AM]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [03/23/2005 04:33 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [05/20/2008 05:14 PM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp center UI.lnk - C:\Program Files\hp center\137903\Shadow\ShadowBar.exe [11/6/2001 10:46:15 PM]
hp center.lnk - C:\Program Files\hp center\137903\Program\BackWeb-137903.exe [11/6/2001 10:46:17 PM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 4