|
Registered User
Join Date: Feb 2007
Posts: 6
OS: Win XP
|
Well I had better luck completing all the instructions this time but the results look really nasty.
I ran CCLEANER and then the KAPERSKY Online Scanner which produced the following report:
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, February 20, 2007 1:44:00 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 20/02/2007
Kaspersky Anti-Virus database records: 271005
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 111781
Number of viruses found: 12
Number of infected objects: 65 / 0
Number of suspicious objects: 0
Duration of the scan process: 03:15:05
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Alex\Application Data\$_hpcst$.hpc Object is locked skipped
C:\Documents and Settings\Alex\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\Alex\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Outlook\outlook.pst/Personal Folders/Deleted Items/30 Jul 2006 10:57 from FlagStar:FlagStar Survey Reward.html Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Outlook\outlook.pst/Personal Folders/Deleted Items/22 Jan 2007 19:29 from habitation:For You/postcard.exe Infected: Trojan-Proxy.Win32.Lager.dp skipped
C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Outlook\outlook.pst Mail MS Mail: infected - 2 skipped
C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Alex\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Alex\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alex\Local Settings\Temp\Perflib_Perfdata_fc0.dat Object is locked skipped
C:\Documents and Settings\Alex\Local Settings\Temp\WCESLog.log Object is locked skipped
C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\Application Data\Identities\{2DA62A40-5759-11D8-9997-B08C5DB83F66}\Microsoft\Outlook Express\Saved.dbx/[From Rocky Desimone <desimone@psmc.net>][Date Wed, 15 Aug 2001 11:31:03 -0500]/UNNAMED/CHLINST.EXE Infected: Email-Worm.Win32.Magistr.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\Application Data\Identities\{2DA62A40-5759-11D8-9997-B08C5DB83F66}\Microsoft\Outlook Express\Saved.dbx/[From Rocky Desimone <desimone@psmc.net>][Date Wed, 15 Aug 2001 11:31:03 -0500]/UNNAMED Infected: Email-Worm.Win32.Magistr.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\Application Data\Identities\{2DA62A40-5759-11D8-9997-B08C5DB83F66}\Microsoft\Outlook Express\Saved.dbx Mail MS Outlook 5: infected - 2 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\backup.pst/Personal Folders/Saved/15 Aug 2001 16:39 from Rocky Desimone:marks and /CHLINST.EXE Infected: Email-Worm.Win32.Magistr.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\backup.pst Mail MS Mail: infected - 1 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\cwbmw400.pst/Personal Folders/Saved/15 Aug 2001 16:39 from Rocky Desimone:marks and /CHLINST.EXE Infected: Email-Worm.Win32.Magistr.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\cwbmw400.pst Mail MS Mail: infected - 1 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\mailbox.pst/Personal Folders/Saved/15 Aug 2001 16:39 from Rocky Desimone:marks and /CHLINST.EXE Infected: Email-Worm.Win32.Magistr.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\mailbox.pst Mail MS Mail: infected - 1 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook.pst/Personal Folders/Deleted Items/14 Mar 2001 02:36 from Hahaha:Snowhite and the Seven Dwarfs - Th/sexy virgin.scr Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook.pst/Personal Folders/Deleted Items/04 Sep 2001 00:38 from April & Eddie Parker:Trace/CDCACHE.EXE Infected: Email-Worm.Win32.Magistr.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook.pst/Personal Folders/Inbox/04 Mar 2001 00:55 from Hahaha:Snowhite and the Seven Dwarfs - Th/joke.exe Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook.pst/Personal Folders/Inbox/07 Mar 2001 17:00 from Hahaha:Snowhite and the Seven Dwarfs - Th/midgets.scr Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook.pst/Personal Folders/Inbox/12 Jul 2001 18:27 from Hahaha:Snowhite and the Seven Dwarfs - Th/dwarf4you.exe Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook.pst Mail MS Mail: infected - 5 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook1.pst/Personal Folders/Deleted Items/14 Mar 2001 02:36 from Hahaha:Snowhite and the Seven Dwarfs - Th/sexy virgin.scr Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook1.pst/Personal Folders/Lost & Found/Recovered Folder 8082/04 Mar 2001 00:55 from Hahaha:Snowhite and the Seven Dwarfs - Th/joke.exe Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook1.pst/Personal Folders/Lost & Found/Recovered Folder 8082/07 Mar 2001 17:00 from Hahaha:Snowhite and the Seven Dwarfs - Th/midgets.scr Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook1.pst Mail MS Mail: infected - 3 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook2.pst/Personal Folders/Deleted Items/14 Mar 2001 02:36 from Hahaha:Snowhite and the Seven Dwarfs - Th/sexy virgin.scr Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook2.pst/Personal Folders/Lost & Found/Recovered Folder 8082/04 Mar 2001 00:55 from Hahaha:Snowhite and the Seven Dwarfs - Th/joke.exe Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook2.pst/Personal Folders/Lost & Found/Recovered Folder 8082/07 Mar 2001 17:00 from Hahaha:Snowhite and the Seven Dwarfs - Th/midgets.scr Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook2.pst/Personal Folders/Lost & Found/Recovered Folder 8082/12 Jul 2001 18:27 from Hahaha:Snowhite and the Seven Dwarfs - Th/dwarf4you.exe Infected: Email-Worm.Win32.Hybris.b skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Back up of previous PC\pst files\outlook2.pst Mail MS Mail: infected - 4 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\My Documents_bk\Misc\Morph20.exe/WISE0014.BIN/WISE0013.BIN Infected: not-a-virus:AdWare.Win32.WurldMedia.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\My Documents_bk\Misc\Morph20.exe/WISE0014.BIN Infected: not-a-virus:AdWare.Win32.WurldMedia.a skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\My Documents_bk\Misc\Morph20.exe WiseSFX: infected - 2 skipped
C:\Documents and Settings\Alex\My Documents\Backup of W2000\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\6A844374.EXE Infected: Net-Worm.Win32.Welchia.a skipped
C:\Documents and Settings\Alex\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Alex\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Support.com\Profiles\Alex\triggers.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-02-20_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\099A3C8C Infected: Exploit.JS.ADODB.Stream.ac skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\21161F00.t Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\211948FC.t Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\213742DC.t Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\21446ACD.t Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\214714CA.t Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\30B5173E.exe Infected: Email-Worm.Win32.Luder.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3C802088.exe Infected: Email-Worm.Win32.Mixor.a skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\43530594.tmp Infected: Trojan-Downloader.Java.OpenStream.w skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C480F66.tmp Infected: Trojan-Downloader.Win32.Bagle.g skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_268.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\gobackio.bin Object is locked skipped
C:\Inetpub\catalog.wci\00000002.ps1 Object is locked skipped
C:\Inetpub\catalog.wci\00000002.ps2 Object is locked skipped
C:\Inetpub\catalog.wci\00010001.ci Object is locked skipped
C:\Inetpub\catalog.wci\cicat.fid Object is locked skipped
C:\Inetpub\catalog.wci\cicat.hsh Object is locked skipped
C:\Inetpub\catalog.wci\CiCL0001.000 Object is locked skipped
C:\Inetpub\catalog.wci\CiP10000.000 Object is locked skipped
C:\Inetpub\catalog.wci\CiP20000.000 Object is locked skipped
C:\Inetpub\catalog.wci\CiPT0000.000 Object is locked skipped
C:\Inetpub\catalog.wci\CiSL0001.000 Object is locked skipped
C:\Inetpub\catalog.wci\CiSP0000.000 Object is locked skipped
C:\Inetpub\catalog.wci\CiST0000.000 Object is locked skipped
C:\Inetpub\catalog.wci\CiVP0000.000 Object is locked skipped
C:\Inetpub\catalog.wci\INDEX.000 Object is locked skipped
C:\Inetpub\catalog.wci\propstor.bk1 Object is locked skipped
C:\Inetpub\catalog.wci\propstor.bk2 Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\master.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\mastlog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\model.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\modellog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdbdata.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdblog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\ReportServer$SQLExpress.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\ReportServer$SQLExpress_log.LDF Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\tempdb.mdf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\templog.ldf Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\ERRORLOG Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\log_283.trc Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\LogFiles\ReportServerService__02_20_2007_08_46_51.log Object is locked skipped
C:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\LogFiles\ReportServerService__main_02_20_2007_08_46_49.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Savrt\0519NAV~.TMP Object is locked skipped
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Savrt\0527NAV~.TMP Object is locked skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\112050176_5a6559afa_/outlook.pst/Personal Folders/Inbox/07 Sep 2005 12:06 from eBay Inc:eBay Inc strongly recommends [Su.html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\112050176_5a6559afa_/outlook.pst Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\112050176_5a6559afa_ CAB: infected - 2 skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\133709824_53af96f3e_/outlook.pst/Personal Folders/Inbox/07 Sep 2005 12:06 from eBay Inc:eBay Inc strongly recommends [Su.html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\133709824_53af96f3e_/outlook.pst Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\133709824_53af96f3e_ CAB: infected - 2 skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\134938624_55d561a21_/outlook.pst/Personal Folders/Deleted Items/30 Jul 2006 10:57 from FlagStar:FlagStar Survey Reward.html Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\134938624_55d561a21_/outlook.pst Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\134938624_55d561a21_ CAB: infected - 2 skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\150913024_5617061e3_/outlook.pst/Personal Folders/Deleted Items/30 Jul 2006 10:57 from FlagStar:FlagStar Survey Reward.html Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\150913024_5617061e3_/outlook.pst Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\150913024_5617061e3_ CAB: infected - 2 skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\164937728_570b8f02f_/outlook.pst/Personal Folders/Deleted Items/30 Jul 2006 10:57 from FlagStar:FlagStar Survey Reward.html Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\164937728_570b8f02f_/outlook.pst Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\164937728_570b8f02f_ CAB: infected - 2 skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\172425216_55ad3f512_/outlook.pst/Personal Folders/Deleted Items/30 Jul 2006 10:57 from FlagStar:FlagStar Survey Reward.html Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\172425216_55ad3f512_/outlook.pst Infected: Trojan-Spy.HTML.Fraud.l skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\172425216_55ad3f512_ CAB: infected - 2 skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\65028096_5e94a6c73_/outlook.pst/Personal Folders/Inbox/07 Sep 2005 12:06 from eBay Inc:eBay Inc strongly recommends [Su.html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\65028096_5e94a6c73_/outlook.pst Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\65028096_5e94a6c73_ CAB: infected - 2 skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\89833472_5aba50f42_/outlook.pst/Personal Folders/Inbox/07 Sep 2005 12:06 from eBay Inc:eBay Inc strongly recommends [Su.html Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\89833472_5aba50f42_/outlook.pst Infected: Trojan-Spy.HTML.Bayfraud.hn skipped
C:\Program Files\Support.com\backup\ou\outlook.pst\89833472_5aba50f42_ CAB: infected - 2 skipped
C:\RECYCLER\NPROTECT\00011737.dll Object is locked skipped
C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010005.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{4FFB4258-EAC4-4679-A8DC-10C86B7813B7}\RP7\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\MsDtc\MSDTC.LOG Object is locked skipped
C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log Object is locked skipped
C:\WINDOWS\system32\msmq\storage\QMLog Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_810.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
I then ran the combo scan. Here's both the ComboScan and the Suplementary reports in respective order.
ComboScan v20070212.14 run by Alex on 2007-02-20 at 13:47:32
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Successfully created restore point.
Performed disk cleanup.
-- HijackThis log (run as Alex.com) ---------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 1:47:46 PM, on 2/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\Program Files\Promise Technology, Inc\Promise Array Management\MsgSvr.exe
C:\WINDOWS\System32\snmp.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\ASUS\Ai Booster\OverClk.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Documents and Settings\Alex\Local Settings\Temporary Internet Files\Content.IE5\GY4SM3K0\comboscan[1].exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\Alex\LOCALS~1\Temp\~oqdyuky.tmp\Alex.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [Launch Ai Booster] C:\Program Files\ASUS\Ai Booster\OverClk.exe 1
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [LVComs] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX6400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1129390064437
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SQL Server FullText Search (SQLEXPRESS) (msftesql$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:SQLEXPRESS (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Promise Array Message Server (RAIDmSvr) - Unknown owner - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgSvr.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
-- HijackThis Fixed Entries (C:\Program Files\hijackthis\backups\) --------------
backup-20070219-003318-897 O4 - HKCU\..\Run: [Agent] C:\WINDOWS\system32\alsys.exe
-- File Associations ------------------------------------------------------------
.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /s
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------
3 61883 (61883 Unit Device) - system32\DRIVERS\61883.sys
3 ALCXSENS (Service for WDM 3D Audio Driver) - system32\drivers\ALCXSENS.SYS
3 ALCXWDM (Service for Realtek AC97 Audio (WDM)) - system32\drivers\ALCXWDM.SYS
3 Arp1394 (1394 ARP Client Protocol) - System32\DRIVERS\arp1394.sys
1 aslm75 - \??\C:\WINDOWS\system32\drivers\aslm75.sys
2 AsusGIO - \??\C:\Program Files\ASUS\Ai Booster\AsusGIO.sys
3 ati2mtag - System32\DRIVERS\ati2mtag.sys
3 Avc (AVC Device) - system32\DRIVERS\avc.sys
1 avgio - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
3 avgntflt - \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
3 CCDECODE (Closed Caption Decoder) - system32\DRIVERS\CCDECODE.sys
3 DCamUSBMke (USB Video Camera for Panasonic Digital Palmcorder) - System32\Drivers\Mkeusbi.sys
1 eeCtrl (Symantec Eraser Control driver) - \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
3 EraserUtilRebootDrv - \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
1 intelppm (Intel Processor Driver) - System32\DRIVERS\intelppm.sys
1 lusbaudio (Logitech USB Microphone) - system32\drivers\lvsound2.sys
3 LVBulk (LVBulk Service) - system32\DRIVERS\LVBulk.sys
3 LVVI500A (LVVI500A Service) - system32\DRIVERS\lvvi500a.sys
2 MKEMUSB (Panasonic Digital Palmcorder) - System32\Drivers\Mkemusb.sys
3 MQAC (Message Queuing access control) - \??\C:\WINDOWS\system32\drivers\mqac.sys
3 MSDV (Microsoft DV Camera and VCR) - System32\DRIVERS\msdv.sys
3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - system32\drivers\MSTEE.sys
3 NABTSFEC (NABTS/FEC VBI Codec) - system32\DRIVERS\NABTSFEC.sys
3 NAVENG - \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070220.019\NAVENG.Sys
3 NAVEX15 - \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070220.019\NavEx15.Sys
3 NdisIP (Microsoft TV/Video Connection) - system32\DRIVERS\NdisIP.sys
3 NIC1394 (1394 Net Driver) - System32\DRIVERS\nic1394.sys
3 NPDriver (Norton UnErase Protection Driver) - \??\C:\WINDOWS\system32\Drivers\NPDRIVER.SYS
3 NPF (NetGroup Packet Filter Driver) - system32\drivers\npf.sys
0 ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - System32\DRIVERS\ohci1394.sys
3 PalmUSBD - system32\drivers\PalmUSBD.sys
0 PCIIde - System32\DRIVERS\pciide.sys
3 pfc (Padus ASPI Shell) - system32\drivers\pfc.sys
0 PxHelp20 - System32\Drivers\PxHelp20.sys
3 RMCAST (Reliable Multicast Protocol driver) - \??\C:\WINDOWS\system32\drivers\RMCast.sys
3 SAVRT - \??\C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVRT.SYS
1 SAVRTPEL - \??\C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVRTPEL.SYS
3 SDdriver - \??\C:\WINDOWS\system32\Drivers\sddriver.sys
3 SLIP (BDA Slip De-Framer) - system32\DRIVERS\SLIP.sys
1 SPBBCDrv - \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
3 streamip (BDA IPSink) - system32\DRIVERS\StreamIP.sys
3 SYMDNS - \SystemRoot\System32\Drivers\SYMDNS.SYS
3 SymEvent - \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
3 SYMFW - \SystemRoot\System32\Drivers\SYMFW.SYS
3 SYMIDS - \SystemRoot\System32\Drivers\SYMIDS.SYS
3 SYMIDSCO - \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20070214.003\symidsco.sys
2 symlcbrd - \??\C:\WINDOWS\system32\drivers\symlcbrd.sys
3 SYMNDIS - \SystemRoot\System32\Drivers\SYMNDIS.SYS
3 SYMREDRV - \SystemRoot\System32\Drivers\SYMREDRV.SYS
1 SYMTDI - \SystemRoot\System32\Drivers\SYMTDI.SYS
3 usbccgp (Microsoft USB Generic Parent Driver) - system32\DRIVERS\usbccgp.sys
3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - System32\DRIVERS\usbehci.sys
3 usbprint (Microsoft USB PRINTER Class) - system32\DRIVERS\usbprint.sys
3 usbscan (USB Scanner Driver) - system32\DRIVERS\usbscan.sys
3 USBSTOR (USB Mass Storage Driver) - system32\DRIVERS\USBSTOR.SYS
3 WBHWDOCT (Winbond GPIO Driver1) - System32\drivers\WBHWDOCT.sys
3 wceusbsh (Windows CE USB Serial Host Driver) - system32\DRIVERS\wceusbsh.sys
3 WSTCODEC (World Standard Teletext Codec) - system32\DRIVERS\WSTCODEC.SYS
3 yukonwxp (NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller) - System32\DRIVERS\yk51x86.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
2 AntiVirService (AntiVir PersonalEdition Classic Guard) - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
3 aspnet_state (ASP.NET State Service) - %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2 Ati HotKey Poller - %SystemRoot%\system32\Ati2evxx.exe
2 ATI Smart - C:\WINDOWS\system32\ati2sgag.exe
2 Automatic LiveUpdate Scheduler - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
2 Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"
4 C-DillaCdaC11BA - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
2 ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
2 ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
3 clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
2 Fax - %systemroot%\system32\fxssvc.exe
2 GBPoll (GoBack Polling Service) - "C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe"
3 IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
2 IISADMIN (IIS Admin) - C:\WINDOWS\system32\inetsrv\inetinfo.exe
3 iPodService - C:\Program Files\iPod\bin\iPodService.exe
2 LightScribeService (LightScribeService Direct Disc Labeling Service) - "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
3 LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
3 LPDSVC (TCP/IP Print Server) - %SystemRoot%\System32\tcpsvcs.exe
2 msftesql$SQLEXPRESS (SQL Server FullText Search (SQLEXPRESS)) - "c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:SQLEXPRESS
2 MSMQ (Message Queuing) - C:\WINDOWS\system32\mqsvc.exe
2 MSMQTriggers (Message Queuing Triggers) - C:\WINDOWS\system32\mqtgsvc.exe
2 MSSQL$SQLEXPRESS (SQL Server (SQLEXPRESS)) - "c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
4 MSSQLServerADHelper (SQL Server Active Directory Helper) - "c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe"
4 msvsmon80 (Visual Studio 2005 Remote Debugger) - "C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80
2 navapsvc (Norton AntiVirus Auto-Protect Service) - "C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe"
2 NPFMntor (Norton AntiVirus Firewall Monitor Service) - "C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe"
2 NProtectService (Norton UnErase Protection) - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
3 NSCService (Norton Protection Center Service) - "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"
3 ose (Office Source Engine) - "c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
2 RAIDmSvr (Promise Array Message Server) - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgSvr.exe
2 ReportServer$SQLEXPRESS (SQL Server Reporting Services (SQLEXPRESS)) - "c:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\ReportServer\bin\ReportingServicesService.exe"
4 rpcapd (Remote Packet Capture Protocol v.0 (experimental)) - "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini"
3 SAVScan (Symantec AVScan) - "C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe"
2 SMTPSVC (Simple Mail Transfer Protocol (SMTP)) - C:\WINDOWS\system32\inetsrv\inetinfo.exe
2 SNDSrvc (Symantec Network Drivers Service) - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
2 SNMP (SNMP Service) - %SystemRoot%\System32\snmp.exe
3 SNMPTRAP (SNMP Trap Service) - %SystemRoot%\System32\snmptrap.exe
2 SPBBCSvc - "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
2 Speed Disk service - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
3 SQLBrowser (SQL Server Browser) - "c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
3 SQLWriter (SQL Server VSS Writer) - "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
2 Symantec Core LC - "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
2 UMWdf (Windows User Mode Driver Framework) - C:\WINDOWS\system32\wdfmgr.exe
2 W3SVC (World Wide Web Publishing) - %SystemRoot%\system32\inetsrv\inetinfo.exe
3 WmcCds (Windows Media Connect (WMC)) - c:\program files\windows media connect\mswmccds.exe
3 WmcCdsLs (Windows Media Connect (WMC) Helper) - C:\Program Files\Windows Media Connect\mswmcls.exe
-- Scheduled Tasks --------------------------------------------------------------
2007-02-19 12:00:00 290 --a------ C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job<NORTON~1.JOB>
2007-02-19 00:00:00 306 --a------ C:\WINDOWS\Tasks\Symantec Drmc.job<SYMANT~1.JOB>
2007-02-17 00:18:27 546 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Alex.job<NORTON~2.JOB>
-- Files created between 2007-01-20 and 2007-02-20 ------------------------------
2007-02-20 09:07:32 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1>
2007-02-20 09:07:31 0 d-------- C:\WINDOWS\LastGood
2007-02-19 00:51:56 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-02-19 00:44:45 0 d-------- C:\Program Files\CCleaner
2007-02-17 21:20:37 0 d-------- C:\Program Files\hijackthis<HIJACK~1>
2007-02-17 16:53:41 0 d-------- C:\WINDOWS\pss
2007-02-17 02:32:01 0 d-------- C:\Program Files\MSBuild
2007-02-10 21:39:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
-- Find3M Report ----------------------------------------------------------------
2007-02-20 08:59:54 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-19 12:35:41 0 d-------- C:\Documents and Settings\Alex\Application Data\Symantec
2007-02-17 17:33:30 0 d-------- C:\Program Files\Norton SystemWorks<NORTON~1>
2007-02-17 02:34:10 0 d-------- C:\Program Files\Common Files\Merge Modules<MERGEM~1>
2007-02-17 02:32:39 0 d-------- C:\Program Files\Microsoft Visual Studio 8<MID05A~1>
2007-02-15 01:03:44 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-02-13 22:24:50 0 d-------- C:\Program Files\AntiVir PersonalEdition Classic<ANTIVI~1>
2007-01-14 20:23:10 0 d-------- C:\Program Files\Java
2007-01-07 16:24:49 0 d-------- C:\Documents and Settings\Alex\Application Data\Lavasoft
2007-01-07 16:24:43 0 d-------- C:\Program Files\Lavasoft
2007-01-02 01:25:10 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-01-02 01:23:12 0 d-------- C:\Program Files\Common Files\MySoftware<MYSOFT~1>
2007-01-02 01:23:02 0 d-------- C:\Program Files\MySoftware<MYSOFT~1>
2006-12-31 18:23:12 0 d---s---- C:\Documents and Settings\Alex\Application Data\Microsoft<MICROS~1>
2006-12-31 16:13:59 2508 --a------ C:\Documents and Settings\Alex\Application Data\$_hpcst$.hpc
2006-12-31 16:12:06 0 d-------- C:\Program Files\Microsoft ActiveSync<MI3AA1~1>
2006-12-31 03:13:13 0 d-------- C:\Program Files\Symantec
2006-12-31 03:13:08 48776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL<Signed: Symantec Corporation>
2006-12-31 03:13:08 115000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS<Signed: Symantec Corporation>
2006-12-31 00:12:39 10344 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys<Signed: Symantec Corporation>
-- Registry Dump ----------------------------------------------------------------
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"H/PC Connection Agent"="\"C:\\PROGRA~1\\MI3AA1~1\\wcescomm.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"ASUS Probe"="C:\\Program Files\\ASUS\\Probe\\AsusProb.exe"
"Launch Ai Booster"="C:\\Program Files\\ASUS\\Ai Booster\\OverClk.exe 1"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"DVDTray"="\"C:\\Program Files\\HP DVD\\Umbrella\\DVDTray.exe\""
"DVDBitSet"="\"C:\\Program Files\\HP DVD\\Umbrella\\DVDBitSet.exe\" /NOUI"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"MsmqIntCert"="regsvr32 /s mqrt.dll"
"tgcmd"="\"C:\\Program Files\\Support.com\\bin\\tgcmd.exe\" /server /startmonitor /deaf"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"LVComs"="C:\\Program Files\\Common Files\\Logitech\\QCDriver\\LVCOMS.EXE"
"EPSON Stylus CX6400"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I2L1.EXE /P19 \"EPSON Stylus CX6400\" /O6 \"USB001\" /M \"Stylus CX6400\""
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Alex^Start Menu^Programs^Startup^Weekly Compass.lnk]
"path"="C:\\Documents and Settings\\Alex\\Start Menu\\Programs\\Startup\\Weekly Compass.lnk"
"backup"="C:\\WINDOWS\\pss\\Weekly Compass.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\FRANKL~1\\Planner\\Compass.exe "
"item"="Weekly Compass"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgnt"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="sgtray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebCamRT.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"rpcapd"=dword:00000003
"RemoteRegistry"=dword:00000002
"RDSessMgr"=dword:00000003
"mnmsrvc"=dword:00000003
"C-DillaCdaC11BA"=dword:00000002
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
-- End of ComboScan: finished at 2007-02-20 at 13:48:27 -------------------------
ComboScan v20070212.14 run by Alex on 2007-02-20 at 13:47:32
Supplementary logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information -----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) 4 CPU 3.40GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 3.40GHz
Percentage of Memory in Use: 64%
Physical Memory (total/avail): 1023.18 MiB / 361.42 MiB
Pagefile Memory (total/avail): 4925.58 MiB / 4394.3 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1997.86 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 111.78 GiB total, 41.06 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)
-- Security Center --------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: Norton Internet Worm Protection v2006 (Symantec)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Norton AntiVirus v2005 (Symantec Corporation)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
-- Environment Variables --------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Alex\Application Data
CLASSPATH=C:\Program Files\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ALEX
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Alex
LOGONSERVER=\\ALEX
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Bonjour\;C:\Program Files\QuickTime\QTSystem\;C:\PROGRA~1\FRANKL~1\Planner;c:\Program Files\Microsoft SQL Server\80\Tools\Binn\;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\Program Files\Bonjour
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Alex\LOCALS~1\Temp
TMP=C:\DOCUME~1\Alex\LOCALS~1\Temp
USERDOMAIN=ALEX
USERNAME=Alex
USERPROFILE=C:\Documents and Settings\Alex
VS80COMNTOOLS=C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\
windir=C:\WINDOWS
-- User Profiles ----------------------------------------------------------------
Alex (admin)
Visitor
Administrator (admin)
-- Add/Remove Programs ----------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Download Manager 2.0 (Remove Only) --> "C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
Adobe Flash Player 9 --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe
AI - Series --> "C:\Program Files\AI - Series\AI - Series.scr" /S /Uninstall
Ai Booster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{74BF0A46-DF67-4D86-B038-BF0E51871B66}\Setup.exe" -l0x9
ArcSoft ShowBiz DVD 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE636486-7E13-4051-9067-AFC4E1B8F54E}\Setup.exe" -l0x9
ASUS Probe V2.23.03 --> C:\WINDOWS\uninst.exe -f"C:\Program Files\ASUS\Probe\DeIsL1.isu" -c"C:\Program Files\ASUS\Probe\probunis.dll"
AsusUpdate --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ASUS\AsusUpdate\Uninst.isu"
Atari: The 80 Classic Games --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Atari\The 80 Classic Games\Uninst.isu"
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI RADEON 8500 Rachel Demo v1.1 --> MsiExec.exe /X{E3E5E33B-9391-4969-9361-F4502F116F14}
ATI RADEON 9200 Brains Screen Saver v1.1 --> MsiExec.exe /X{5E044467-30A4-40B0-B170-5EAF44547368}
ATI RADEON 9200 Bubbles Screen Saver v1.1 --> MsiExec.exe /X{31D6277B-5BFA-403D-B637-8779D9D4B5F4}
Avira AntiVir PersonalEdition Classic --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BlackWidow --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67E8AD0F-700F-49A3-9927-53C72CECA412}\setup.exe" -l0x9 -removeonly
ccCommon --> MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Check Designer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{188D99D5-7350-4BFD-AFE5-D458EC61A8E9}\setup.exe" -l0x9
Connection Keep Alive --> MsiExec.exe /I{77364F85-6219-4CB8-AAA0-6D53368D683D}
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
FranklinCovey Planning Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E65CF817-F1A5-46F9-8A65-8BD3FCB684BE}\Setup.exe" -l0x9
FranklinCovey Planning Software for PalmOS® --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C57D489F-D029-485A-BE98-571D4EC7C647}\Setup.exe" -l0x9
Guitartab.co.uk MP3 Recorder --> MsiExec.exe /I{D311CBD4-A709-4B8F-AFBA-BE9FFFB11062}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 1.99.1 --> C:\DOCUME~1\Alex\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe /uninstall
HP DVD Writer --> "C:\Program Files\HP DVD\Support\Uninstall.exe" /UNINSTALL
HydraVision --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
Indeo® Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" -c"C:\Program Files\Ligos\Indeo\Indeo System Files\indounin.dll"
Internet Worm Protection --> MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
Ipswitch WS_FTP Home 2006 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11DE2361-9F73-47B3-B638-2F267927E307}\setup.exe" -l0x9
iTunes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{5A4AFC3E-4973-46A1-92D6-3A1C5E52948A} /l1033
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech QuickCam --> MsiExec.exe /I{77E70C3C-DBB9-4C47-8663-1E1F81FEC623}
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Math Advantage Pre-Algebra --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD7B678C-489A-479E-A895-6F320DFF8D00}\Setup.exe" -uninst
MechWarrior Black Knight --> "C:\Program Files\Microsoft Games\MechWarrior Vengeance\UNINSTALX.EXE" /runtemp /addremove
MechWarrior Vengeance --> "C:\Program Files\Microsoft Games\MechWarrior Vengeance\MWUNINSTAL.EXE" /runtemp /addremove
Microsoft ActiveSync 4.0 --> MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
Microsoft Device Emulator version 1.0 - ENU --> MsiExec.exe /X{78B75C6D-E53C-424C-BF83-4B63BD4A6682}
Microsoft Document Explorer 2005 --> C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005 --> MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Office 2000 SR-1 Professional --> MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2003 Web Components --> MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft SQL Server 2005 --> "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server 2005 (SQLEXPRESS) --> MsiExec.exe /I{B0F9497C-52B4-4686-8E73-74D866BBDF59}
Microsoft SQL Server 2005 Backward compatibility --> MsiExec.exe /I{2243F21A-E132-44F7-BA13-024D0845C815}
Microsoft SQL Server 2005 Books Online (English) (April 2006) --> MsiExec.exe /I{BFD61E19-FF25-4A0E-B8D1-40C552160D07}
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools --> MsiExec.exe /X{1389C6A4-4965-4AEC-9175-08B54A10FA48}
Microsoft SQL Server 2005 Reporting Services (SQLEXPRESS) --> MsiExec.exe /I{0DAA9912-3FE2-4B84-B926-8D7F71A8A99A}
Microsoft SQL Server 2005 Tools --> MsiExec.exe /I{58D379F7-62BC-4748-8237-FE071ECE797C}
Microsoft SQL Server Management Studio Express --> MsiExec.exe /I{A4512736-8D63-4298-9271-5329931FA46B}
Microsoft SQL Server Native Client --> MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
Microsoft Visual J# 2.0 Redistributable Package --> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Microsoft Visual Studio 2005 Professional Edition - ENU --> C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Studio 2005 Professional Edition - ENU\setup.exe
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {D93F9C7C-AB57-44C8-BAD6-1494674BCAF7} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Mozilla Firefox (2.0.0.1) --> C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
MSDN Library for Visual Studio 2005 --> msiexec /i {23959E96-A80F-4172-A655-210E9BB7BFBE}
MSDN Library for Visual Studio 2005 --> MsiExec.exe /X{23959E96-A80F-4172-A655-210E9BB7BFBE}
MSRedist --> MsiExec.exe /I{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}
MSXML 6.0 Parser (KB927977) --> MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}
muvee autoProducer 3.5_LE10 - HPC --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED2922DF-10E1-4D53-A941-0B343A97F050}\setup.exe" -l0x9
MyCheckBook --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A44B1ADB-3A79-4982-A76A-9EEF7D2D61EB}\setup.exe" -l0x9
MySoftware Fonts --> RunDll32 C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}\setup.exe" -uninst
NAVShortcut --> MsiExec.exe /I{F325CF11-27CE-4872-8022-6E9EB27DF24F}
Nero 6 --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton AntiVirus 2006 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Cleanup --> MsiExec.exe /I{CA31120D-2101-484D-9FF1-195DE96FE346}
Norton GoBack 4.1 --> MsiExec.exe /I{1F76ACFA-22FE-49F6-BC05-F4EC835F48CC}
Norton Protection Center --> MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
Norton SystemWorks --> MsiExec.exe /I{9E23C48E-5483-4971-BA50-089F2FABCD66}
Norton SystemWorks 2006 --> MsiExec.exe /I{71E7B3F5-CFAF-4C1E-B494-528E28707937}
Norton SystemWorks 2006 (Symantec Corporation) --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{71E7B3F5-CFAF-4C1E-B494-528E28707937}.exe" /X
Norton Utilities --> MsiExec.exe /I{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}
Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
NSW_DRM_COLLECTION --> MsiExec.exe /I{900B1884-2D6F-4a70-A3C7-C3F4DA873FDB}
Palm Desktop --> MsiExec.exe /X{C5EC81D0-3DED-435D-A46E-E3F60F7DC8AD}
Palmcorder File Converter 3.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{560B9260-E43B-11D5-8125-00105A533D72}\setup.exe"
Palmcorder USB Device Driver 2.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F68794FD-9BBA-44FB-976C-4FCE2B447476}\setup.exe"
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PHOTOVU / MPEG4 Movie Messenger System 1.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBD461BD-A1DD-11D5-B566-005004C105CF}\setup.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerStrip 3 (remove only) --> C:\Program Files\PowerStrip\uninstal.exe
Promise Array Management (PAM) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC9D4665-8553-4EBB-9456-31FD98D8C62D}\Setup.exe" -l0x9
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} /l1033
Qwest QuickCare --> "C:\Program Files\Support.com\Qwest\Uninstall.exe" /c "Are you sure you want to remove QuickCare?"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Roxio Easy DVD Copy --> MsiExec.exe /I{C46B4678-0F42-4791-9D19-BE01BB3DD358}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SureThing CD Labeler 4 SE --> C:\WINDOWS\mvuninst\App1\mvuninst.exe "SureThing CD Labeler 4 SE"
Symantec KB-DocID:2003093015493306 --> MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
Techscheduler Standard --> C:\PROGRA~1\DEANSO~1\TECHSC~1\gduninst.exe /d:"C:\Program Files\Dean Software\Techscheduler Standard\tkshdstd.ssi" /cpl
Virtual Cable Tester --> MsiExec.exe /X{3D654496-9C3D-4565-858C-3E551ECDA4E2}
Voice Editor --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Winbond\Voice Editor\DeIsL1.isu" -c"C:\Program Files\Winbond\Voice Editor\_ISREG32.DLL"
Windows Media Connect --> msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
Windows Media Connect --> MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}
WinPcap 3.0 --> "C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
-- End of ComboScan: finished at 2007-02-20 at 13:48:27 -------------------------
Once again, Thank you for your help!
|