Thread: Help me please, IE/firefox hijacked
View Single Post
Old 04-23-2007, 12:15 AM   #1 (permalink)
lyfelyke
Registered User
 
Join Date: Apr 2007
Posts: 4
OS: XP


Help me please, IE/firefox hijacked
Hi ,

Please help ! My IE starts popping up suddenly with ads for some antivirus and tries to connect to some site. I use only firefox and sometimes even firefox opens up a new tab and tries to open to some antivirus site or throws some pop up saying my system is not protected. help !!!!!!!!!! I have done a scan using DSS and am pasting the output below, please advise. Thanks in advance.

Main.txt
---------

Deckard's System Scanner v20070411.38
Run by L Fernandez on 2007-04-21 at 23:29:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
16: 2007-04-21 18:00:21 UTC - RP16 - Deckard's System Scanner Restore Point
15: 2007-04-21 09:10:39 UTC - RP15 - System Checkpoint
14: 2007-04-20 09:05:33 UTC - RP14 - System Checkpoint
13: 2007-04-19 08:18:32 UTC - RP13 - Installed Adobe Acrobat 6.0 Professional
12: 2007-04-18 17:41:38 UTC - RP12 - Installed mRouterRunTime


-- First Restore Point --
1: 2007-04-17 07:11:16 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as L Fernandez.exe) -----------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:32:09 PM, on 21/04/2007
Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Sony Ericsson\Mobile\SyncIndicator.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Documents and Settings\L Fernandez\Desktop\dss.exe
C:\DOCUME~1\LFERNA~1\Desktop\L Fernandez.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\ufglkode.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5AABC22B-4114-4725-8D78-F4C055964BE3} - C:\WINDOWS\system32\geeca.dll
O2 - BHO: (no name) - {9FE7CAAE-652B-48AE-833D-39B3D4AC9513} - C:\WINDOWS\system32\ljjhihf.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\L Fernandez\Application Data\Mozilla\Firefox\Profiles\iks74yzc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\L Fernandez\Application Data\Mozilla\Firefox\Profiles/iks74yzc.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"
O4 - Global Startup: Phone Connection Monitor.lnk = C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAFC7C07-15CD-49B2-9005-BB83F2BDC543}: NameServer = 125.22.47.125,202.56.250.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{CAFC7C07-15CD-49B2-9005-BB83F2BDC543}: NameServer = 125.22.47.125,202.56.250.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{CAFC7C07-15CD-49B2-9005-BB83F2BDC543}: NameServer = 125.22.47.125,202.56.250.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: geeca - C:\WINDOWS\system32\geeca.dll
O20 - Winlogon Notify: ljjhihf - C:\WINDOWS\SYSTEM32\ljjhihf.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 tmcomm - c:\windows\system32\drivers\tmcomm.sys
R3 ac97intc (Intel(r) 82801 Audio Driver Install Service (WDM)) - c:\windows\system32\drivers\ac97intc.sys
R3 AN983 (ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter) - c:\windows\system32\drivers\an983.sys
R3 cwrwdm (SoundFusion(tm) WDM Driver) - c:\windows\system32\drivers\cwrwdm.sys
R3 FTDIBUS (SEMC DSS SyncStation Serial Converter Driver) - c:\windows\system32\drivers\ftdibus.sys
R3 FTLUND (Lundinova Filter Driver) - c:\windows\system32\drivers\ftlund.sys
R3 FTSER2K (SEMC DSS SyncStation Driver) - c:\windows\system32\drivers\ftser2k.sys
R3 i81x - c:\windows\system32\drivers\i81xnt5.sys

S3 iAimFP0 - c:\windows\system32\drivers\wadv01nt.sys
S3 iAimFP1 - c:\windows\system32\drivers\wadv02nt.sys
S3 iAimFP2 - c:\windows\system32\drivers\wadv05nt.sys
S3 iAimFP3 - c:\windows\system32\drivers\wsiintxx.sys
S3 iAimFP4 - c:\windows\system32\drivers\wvchntxx.sys
S3 iAimFP5 - c:\windows\system32\drivers\wadv07nt.sys
S3 iAimFP6 - c:\windows\system32\drivers\wadv08nt.sys
S3 iAimFP7 - c:\windows\system32\drivers\wadv09nt.sys
S3 iAimTV0 - c:\windows\system32\drivers\watv01nt.sys
S3 iAimTV1 - c:\windows\system32\drivers\watv02nt.sys
S3 iAimTV3 - c:\windows\system32\drivers\watv04nt.sys
S3 iAimTV4 - c:\windows\system32\drivers\wch7xxnt.sys
S3 iAimTV5 - c:\windows\system32\drivers\watv10nt.sys
S3 iAimTV6 - c:\windows\system32\drivers\watv06nt.sys
S3 NtApm (NT Apm/Legacy Interface Driver) - c:\windows\system32\drivers\ntapm.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 AresChatServer (Ares Chatroom server) - c:\program files\ares\chatserver.exe


-- Files created between 2007-03-21 and 2007-04-21 -----------------------------

2007-04-21 13:09:31 123972 --a------ C:\WINDOWS\system32\fqplbucf.dll
2007-04-20 18:24:42 76560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-04-20 18:21:01 0 d-------- C:\Documents and Settings\L Fernandez\.housecall6.6<HOUSEC~1.6>
2007-04-20 18:15:17 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-04-20 18:15:09 0 d-------- C:\WINDOWS\LastGood
2007-04-20 18:01:05 0 d-------- C:\VundoFix Backups<VUNDOF~1>
2007-04-20 12:02:37 123972 --a------ C:\WINDOWS\system32\buqsvevb.dll
2007-04-19 18:48:08 48631 -ra------ C:\WINDOWS\system32\ftserui2.dll
2007-04-19 18:48:08 50396 -ra------ C:\WINDOWS\system32\drivers\ftser2k.sys
2007-04-19 18:48:08 6828 -ra------ C:\WINDOWS\system32\drivers\ftlund.sys
2007-04-19 18:46:31 414208 -ra------ C:\WINDOWS\system32\ftdiunin.exe
2007-04-19 18:46:30 19153 -ra------ C:\WINDOWS\system32\drivers\ftdibus.sys
2007-04-19 15:43:14 0 d-------- C:\WINDOWS\Sun
2007-04-19 15:43:13 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Sun
2007-04-19 13:57:07 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\AdobeUM
2007-04-19 13:55:12 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Adobe
2007-04-19 13:50:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-04-19 13:50:12 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-19 12:02:25 123972 --a------ C:\WINDOWS\system32\ygtvwcpi.dll
2007-04-19 12:02:16 49204 --a------ C:\WINDOWS\system32\ufglkode.dll
2007-04-19 12:02:15 501077 ---hs---- C:\WINDOWS\system32\aceeg.bak2<ACEEG~3.BAK>
2007-04-18 23:16:25 0 d-------- C:\WINDOWS\system32\LogFiles
2007-04-18 22:21:47 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Help
2007-04-18 20:52:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson<SONYER~1>
2007-04-18 20:45:11 0 d-------- C:\Program Files\Intuwave Ltd<INTUWA~1>
2007-04-18 20:43:37 232448 --a------ C:\WINDOWS\system32\HDK3CT32.DLL
2007-04-18 20:43:36 215040 --a------ C:\WINDOWS\system32\HDK3CTNT.DLL
2007-04-18 20:43:23 44304 --a------ C:\WINDOWS\system32\msrpfs35.dll
2007-04-18 20:43:21 39424 --a------ C:\WINDOWS\system32\JETCOMP.exe
2007-04-18 20:42:07 1230336 --a------ C:\WINDOWS\system32\msxml4.dll
2007-04-18 20:42:02 82432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-04-18 20:42:00 44544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-04-18 20:41:59 0 d-------- C:\Program Files\Sony Ericsson<SONYER~1>
2007-04-18 20:41:48 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-04-18 20:36:39 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-04-18 19:58:02 0 d-------- C:\Documents and Settings\NetworkService\Application DataPDFcreator<APPLIC~2>
2007-04-18 19:14:06 0 d-------- C:\Program Files\Common Files\Nero
2007-04-18 18:53:45 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe<NEROCH~1.EXE>
2007-04-18 18:50:18 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Ahead
2007-04-18 18:42:05 2969600 -----n--- C:\WINDOWS\UNNeroVision.exe<UNNERO~1.EXE>
2007-04-18 18:42:05 24064 -----n--- C:\WINDOWS\system32\msxml3a.dll
2007-04-18 18:38:15 364544 -----n--- C:\WINDOWS\system32\TwnLib4.dll
2007-04-18 18:38:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2007-04-18 18:38:14 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll
2007-04-18 18:38:14 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll
2007-04-18 18:38:14 476320 -----n--- C:\WINDOWS\system32\ImagXpr7.dll
2007-04-18 18:38:13 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll
2007-04-18 18:38:12 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-04-18 18:38:11 38912 -----n--- C:\WINDOWS\system32\picn20.dll
2007-04-18 18:37:40 0 d-------- C:\Program Files\Common Files\Ahead
2007-04-18 18:37:36 0 d-------- C:\Program Files\Ahead
2007-04-18 17:27:28 0 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-04-18 17:26:41 0 d-------- C:\WINDOWS\system32\softreg
2007-04-18 16:54:08 0 d-------- C:\Program Files\Ares
2007-04-18 16:28:48 0 d-------- C:\Documents and Settings\L Fernandez\Incomplete<INCOMP~1>
2007-04-18 16:22:14 0 d-------- C:\Program Files\Java
2007-04-18 16:12:13 0 d-------- C:\Program Files\Common Files\Java
2007-04-18 15:43:39 0 d-------- C:\Program Files\LimeWire
2007-04-18 15:35:43 0 d-------- C:\Documents and Settings\L Fernandez\.limewire<LIMEWI~1>
2007-04-18 15:01:39 0 d-------- C:\Program Files\Web Publish<WEBPUB~1>
2007-04-18 14:48:22 46352 --a------ C:\WINDOWS\setdebug.exe
2007-04-18 14:48:21 170256 --a------ C:\WINDOWS\system32\jit.dll
2007-04-18 14:48:20 139536 --a------ C:\WINDOWS\system32\javaee.dll
2007-04-18 14:48:20 6550 --a------ C:\WINDOWS\jautoexp.dat
2007-04-18 14:48:19 313856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-04-18 14:47:10 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-04-18 14:47:10 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-04-18 14:47:10 152848 --a------ C:\WINDOWS\system32\wjview.exe
2007-04-18 14:47:09 256272 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-04-18 14:47:09 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-04-18 14:47:08 933136 --a------ C:\WINDOWS\system32\msjava.dll
2007-04-18 14:47:07 153872 --a------ C:\WINDOWS\system32\msawt.dll
2007-04-18 14:47:07 158992 --a------ C:\WINDOWS\system32\jview.exe
2007-04-18 14:47:07 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-04-18 14:47:06 364304 --a------ C:\WINDOWS\system32\javart.dll
2007-04-18 14:47:06 34576 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-04-18 14:47:05 188176 --a------ C:\WINDOWS\system32\javacypt.dll
2007-04-18 14:47:03 49424 --a------ C:\WINDOWS\system32\clspack.exe
2007-04-18 12:38:03 0 d--hs---- C:\Recycled
2007-04-18 12:21:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
2007-04-18 12:02:17 123972 --a------ C:\WINDOWS\system32\hyfqtxim.dll
2007-04-18 12:02:08 48708 --a------ C:\WINDOWS\system32\ufunbvkj.dll
2007-04-18 12:01:57 488357 ---hs---- C:\WINDOWS\system32\aceeg.bak1<ACEEG~2.BAK>
2007-04-18 12:01:05 281172 ---hs---- C:\WINDOWS\system32\geeca.dll
2007-04-18 11:55:53 26694 --a------ C:\WINDOWS\system32\ljjhihf.dll
2007-04-18 11:42:28 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\TextPad
2007-04-18 11:42:18 0 d-------- C:\Program Files\TextPad 4<TEXTPA~1>
2007-04-18 11:07:48 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\SmartFTP
2007-04-18 11:07:25 0 d-------- C:\Program Files\SmartFTP Client<SMARTF~1>
2007-04-17 20:08:46 17920 --a------ C:\WINDOWS\system32\mdimon.dll
2007-04-17 2020 0 d-------- C:\Program Files\Microsoft.NET<MICROS~1.NET>
2007-04-17 2005 0 d-------- C:\Program Files\Microsoft ActiveSync<MICROS~3>
2007-04-17 20:04:28 0 d-------- C:\WINDOWS\SHELLNEW
2007-04-17 20:00:58 0 dr-h----- C:\MSOCache
2007-04-17 19:55:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-04-17 19:41:05 0 d-------- C:\Program Files\Yahoo!
2007-04-17 19:25:10 1156 --a------ C:\WINDOWS\mozver.dat
2007-04-17 19:24:26 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Skype
2007-04-17 19:24:19 0 d-------- C:\Program Files\Common Files\Skype
2007-04-17 19:23:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-04-17 19:23:49 0 d-------- C:\Program Files\Skype
2007-04-17 19:12:41 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Talkback
2007-04-17 19:12:31 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-17 19:11:42 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-17 19:11:42 23352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-17 19:11:41 31560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-17 19:11:39 94424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-17 19:11:39 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-17 19:11:26 348160 --a------ C:\WINDOWS\system32\MSVCR71.dll
2007-04-17 19:11:26 499712 --a------ C:\WINDOWS\system32\MSVCP71.dll
2007-04-17 19:11:26 1060864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-04-17 19:11:26 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-04-17 19:11:26 689280 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-04-17 19:11:17 0 d-------- C:\Program Files\Alwil Software<ALWILS~1>
2007-04-17 18:28:30 0 d---s---- C:\Documents and Settings\L Fernandez\UserData
2007-04-17 12:40:43 2097152 --ah----- C:\Documents and Settings\L Fernandez\NTUSER.DAT
2007-04-17 12:39:27 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-04-17 12:39:27 0 d--hs---- C:\System Volume Information<SYSTEM~1>
2007-04-17 12:39:17 0 d-------- C:\WINDOWS\Prefetch
2007-04-17 12:39:15 786432 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-04-17 12:39:04 786432 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-04-17 12:27:13 0 d-------- C:\WINDOWS\system32\xircom
2007-04-17 12:27:13 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-04-17 12:26:12 245760 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-04-17 12:26:01 0 -rahs---- C:\MSDOS.SYS
2007-04-17 12:26:01 0 -rahs---- C:\IO.SYS
2007-04-17 12:26:01 0 --a------ C:\CONFIG.SYS
2007-04-17 12:26:01 0 --a------ C:\AUTOEXEC.BAT
2007-04-17 12:25:28 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-17 12:23:17 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-04-17 12:22:50 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-04-17 12:22:50 0 d---s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-04-17 12:21:45 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-17 12:21:12 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-17 12:21:00 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-17 12:20:58 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-17 12:20:53 0 d---s---- C:\WINDOWS\Tasks
2007-04-17 12:20:53 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-17 12:20:52 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-17 12:20:48 0 d-------- C:\WINDOWS\srchasst
2007-04-17 12:20:47 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-17 12:20:43 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-17 12:20:43 378368 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-17 12:20:43 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-17 12:20:43 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-17 12:20:38 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-04-17 12:20:32 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-17 12:20:32 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-17 12:20:32 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-17 12:20:32 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-17 12:20:28 22528 --a------ C:\WINDOWS\system32\fltMc.exe
2007-04-17 12:20:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-17 12:20:28 119680 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-04-17 12:20:27 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-17 12:20:27 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-17 12:20:27 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-17 12:20:27 0 d-------- C:\WINDOWS\system32\Restore
2007-04-17 12:20:27 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-17 12:20:25 24576 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-17 12:20:25 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-17 12:20:25 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-17 12:20:25 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-17 12:20:25 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-17 12:20:24 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-17 12:20:21 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-17 12:20:21 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-17 12:20:20 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-17 12:20:20 673792 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-17 12:20:17 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-17 12:20:17 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-17 12:20:17 297984 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-17 12:20:16 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-17 12:20:16 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-17 12:20:16 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-17 12:20:16 69632 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-17 12:18:42 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-04-17 12:18:09 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-04-17 12:17:55 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-04-17 12:17:54 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-04-17 12:17:39 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-04-17 12:17:33 5632 --a------ C:\WINDOWS\system32\write.exe
2007-04-17 12:17:33 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-04-17 12:17:17 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-17 12:17:16 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-17 12:17:16 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-17 12:17:16 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-17 12:17:16 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-17 12:17:15 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-17 12:17:05 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-17 12:17:04 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-17 12:17:04 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-17 12:17:04 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-17 12:17:03 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-17 12:17:03 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-17 12:17:02 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-17 12:17:02 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-17 12:17:02 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-17 12:17:02 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-17 12:17:02 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-17 12:17:02 20232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-17 12:17:02 11144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-17 12:17:01 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-17 12:17:01 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-17 12:17:01 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-17 12:17:01 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-17 12:17:01 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-17 12:17:01 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-17 12:17:01 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-17 12:17:00 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-17 12:17:00 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-17 12:17:00 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-17 12:17:00 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-17 12:16:59 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-17 12:16:58 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-17 12:16:58 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-17 12:16:58 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-17 12:16:58 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-17 12:16:58 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-17 12:16:58 82432 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-17 12:16:58 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-17 12:16:36 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-17 12:16:35 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-17 12:16:35 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-17 12:16:35 345088 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-17 12:16:35 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-04-17 12:16:34 101376 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-17 12:16:34 115200 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-17 12:16:34 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-17 12:16:34 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-17 12:16:34 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-17 12:16:33 29696 --a------ C:\WINDOWS\system32\wups.dll
2007-04-17 12:16:33 8192 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-17 12:16:33 192512 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-17 12:16:33 979456 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-17 12:16:32 166400 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-17 12:16:32 111616 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-17 12:16:32 457216 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-17 12:16:31 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-17 12:16:31 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-17 12:16:31 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-17 12:16:31 127496 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-17 12:16:30 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-17 12:16:30 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-17 12:16:30 59904 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-17 12:16:30 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-17 12:16:30 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-17 12:16:30 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-17 12:16:29 294400 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-17 12:16:29 86664 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-17 12:16:29 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-17 12:16:29 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-17 12:16:29 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-17 12:16:29 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-17 12:16:28 101376 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-17 12:16:28 227840 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-17 12:16:28 623616 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-17 12:16:28 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-17 12:16:28 38400 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-17 12:16:27 13312 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-17 12:16:27 1554432 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-17 12:16:27 86016 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-17 12:16:27 6656 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-17 12:16:26 0 d-------- C:\WINDOWS\system32\Com
2007-04-17 12:16:26 84992 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-17 12:16:25 154624 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-17 12:16:25 908288 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-17 12:16:25 114176 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-17 12:16:25 310784 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-17 12:16:24 746496 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-17 12:16:24 1653760 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-17 12:16:24 694272 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-17 12:16:15 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-17 12:16:15 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-17 12:16:15 67072 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-17 12:16:14 184832 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-17 12:16:11 197120 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-17 12:16:10 40712 --a------ C:\WINDOWS\system32\drivers\termdd.sys


-- Find3M Report ---------------------------------------------------------------

2007-04-17 19:25:50 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Macromedia<MACROM~1>
2007-04-17 19:12:24 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Mozilla
2007-04-17 12:41:00 0 d-------- C:\Documents and Settings\L Fernandez\Application Data\Identities<IDENTI~1>


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"FFTI"="C:\\Documents and Settings\\L Fernandez\\Application Data\\Mozilla\\Firefox\\Profiles\\iks74yzc.default\\extensions\\{B13721C7-F507-4982-B2E5-502A71474FED}\\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath=\"C:\\Documents and Settings\\L Fernandez\\Application Data\\Mozilla\\Firefox\\Profiles/iks74yzc.default\\extensions\\{B13721C7-F507-4982-B2E5-502A71474FED}\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{9FE7CAAE-652B-48AE-833D-39B3D4AC9513}"=""

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geeca
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljjhihf

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_TMCOMM


-- End of Deckard's System Scanner: finished at 2007-04-21 at 23:33:09 ---------







Extra.txt
---------

Deckard's System Scanner v20070411.38
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel Pentium III processor
Percentage of Memory in Use: 60%
Physical Memory (total/avail): 254.55 MiB / 100.63 MiB
Pagefile Memory (total/avail): 1008.12 MiB / 748.35 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1999.31 MiB

A: is Removable (No Media)
C: is Fixed (FAT32) - 9.02 GiB total, 4.23 GiB free.
D: is Fixed (FAT32) - 9.6 GiB total, 2.81 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)


-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is enabled.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\L Fernandez\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ANALYSE
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\L Fernandez
LOGONSERVER=\\ANALYSE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0803
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\LFERNA~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\LFERNA~1\LOCALS~1\Temp
USERDOMAIN=ANALYSE
USERNAME=L Fernandez
USERPROFILE=C:\Documents and Settings\L Fernandez
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

L Fernandez (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 6.0 Professional --> MsiExec.exe /I{AC76BA86-1033-0000-7760-000000000001}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Ares 2.0.8 --> "C:\Program Files\Ares\uninstall.exe"
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
HijackThis 1.99.1 --> C:\Documents and Settings\L Fernandez\Desktop\HijackThis.exe /uninstall
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
LimeWire 4.12.11 --> "C:\Program Files\LimeWire\uninstall.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Web Publishing Wizard 1.53 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
Mozilla Firefox (2.0.0.3) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero Digital --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Nero Suite --> C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
SEMC DSS SyncStation Driver --> C:\WINDOWS\system32\ftdiunin.exe C:\WINDOWS\system32\ftdiun2k.ini
Skype 3.1 --> "C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
SmartFTP Client --> MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
Sony Ericsson PC Suite 3.2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC18114B-05A0-11D6-8140-000102E745A6}\Setup.exe" -l0x9
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TextPad 4.7 --> MsiExec.exe /X{B510A987-487E-4C66-9F4F-D386AC275715}
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Messenger --> C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG


-- End of Deckard's System Scanner: finished at 2007-04-21 at 23:33:09 ---------
lyfelyke is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here