|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
05-23-2008, 08:29 AM
|
#1 (permalink) |
|
Registered User
Join Date: May 2008
Posts: 35
OS: windows xp
|
my step results and log
i have been having problems with this computer for a while
what will happen is that it will slow down and freeze at times like its trying to do too much at one time,then it will go slow alot of times it will open different windows with just the movement of the mouse without clicking anything,the more the mouse is moved the faster and more windows that will open it will then lock up and i will have to shut down and reboot to get it to work again. also it will come and go sometimes it won't happen for days then it will happen 4,5 times in a row. when i go into safe mode it will act up and it also will act up when i have tried to dump everything and reformat. it seems no matter where i am or go it sticks around. also it will corrupt downloads to avg and other antivirus progs.  here are my results of the 5 steps 1. i found and uninstalled veiwpoint media player as told 2.i completed the panda scan it took a long timehere is the log ;*********************************************************************************************************************************************************************************** ANALYSIS: 2008-05-23 09:00:49 PROTECTIONS: 1 MALWARE: 30 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== Norton Internet Security 2005 Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@fastclick[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@anm.co[1].txt 00149104 Cookie/Date TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@date[1].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@com[1].txt 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@azjmp[1].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[2].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@apmebf[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[2].txt 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[1].txt 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[1].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@overture[2].txt 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@realmedia[2].txt 00170557 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@terra.com[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@bluestreak[1].txt 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@adultfriendfinder[1].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@go[2].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@target[2].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@atwola[1].txt 00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[2].txt ;=================================================================================================================================================================================== SUSPECTS Sent Location ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description ;=================================================================================================================================================================================== 184380 MEDIUM MS08-002 184379 MEDIUM MS08-001 182048 HIGH MS07-069 182046 HIGH MS07-067 182043 HIGH MS07-064 179553 HIGH MS07-061 176382 HIGH MS07-057 176383 HIGH MS07-058 170911 HIGH MS07-050 170907 HIGH MS07-046 170906 HIGH MS07-045 170904 HIGH MS07-043 164915 HIGH MS07-035 164913 HIGH MS07-033 164911 HIGH MS07-031 160623 HIGH MS07-027 157262 HIGH MS07-022 157261 HIGH MS07-021 157260 HIGH MS07-020 157259 HIGH MS07-019 156477 HIGH MS07-017 150253 HIGH MS07-016 150249 HIGH MS07-013 150248 HIGH MS07-012 150247 HIGH MS07-011 150243 HIGH MS07-008 150242 HIGH MS07-007 150241 MEDIUM MS07-006 141034 HIGH MS06-076 141033 MEDIUM MS06-075 141030 HIGH MS06-072 137571 HIGH MS06-070 137568 HIGH MS06-067 133387 MEDIUM MS06-065 133386 MEDIUM MS06-064 133385 MEDIUM MS06-063 133379 HIGH MS06-057 131654 HIGH MS06-055 129977 MEDIUM MS06-053 129976 MEDIUM MS06-052 126093 HIGH MS06-051 126092 MEDIUM MS06-050 126087 HIGH MS06-046 126086 MEDIUM MS06-045 126083 HIGH MS06-042 126082 HIGH MS06-041 126081 HIGH MS06-040 123421 HIGH MS06-036 123420 HIGH MS06-035 120825 MEDIUM MS06-032 120823 MEDIUM MS06-030 120818 HIGH MS06-025 120815 HIGH MS06-022 120814 HIGH MS06-021 117384 MEDIUM MS06-018 114666 HIGH MS06-015 114664 HIGH MS06-013 108744 MEDIUM MS06-008 108743 MEDIUM MS06-007 108742 MEDIUM MS06-006 104567 HIGH MS06-002 104237 HIGH MS06-001 96574 HIGH MS05-053 93395 HIGH MS05-051 93394 HIGH MS05-050 93454 MEDIUM MS05-049 ;=================================================================================================================================================================================== 3.spyware balster and ie-spyad are downloaded and installed 4.sp1a is downloaded,when i try to install it says c:\Documents and setting\owner\myDocuments\xpspla_EN_x86.exe is not a valid win32 application and it won't let me run it????? 5. the dss scanner is downloaded and on my desktop but when i go to run it will go to an error and will make me shut it off??? i thank anyone who helps beforehand because this thing is driving me crazy |
|
     
|
|
05-31-2008, 12:27 PM
|
#5 (permalink) |
|
Registered User
Join Date: May 2008
Posts: 35
OS: windows xp
|
Re: my step results and log
i had problems so bad yesterday that i had lost the use of the mouse
i ended up reformatting the computer 3 times in a row before it seemed to work right. when i got back online i went thru the steps again and i have had alot better sucess in getting things to work. here is my css scan that finally worked for me i still suspect that i have something lurking ,ready to do this to me all over here is the css scan Deckard's System Scanner v20071014.68 Run by Owner on 2008-05-31 03:08:43 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 4 Restore Point(s) -- 4: 2008-05-31 07:08:50 UTC - RP4 - Deckard's System Scanner Restore Point 3: 2008-05-30 18:29:27 UTC - RP3 - Software Distribution Service 3.0 2: 2008-05-30 14:27:44 UTC - RP2 - Software Distribution Service 3.0 1: 2008-05-31 06:30:38 UTC - RP1 - System Checkpoint Backed up registry hives. Performed disk cleanup. Total Physical Memory: 383 MiB (512 MiB recommended). -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-05-31 03:10:06 Platform: Windows XP Service Pack 3 (5.01.2600) MSIE: Internet Explorer (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\alg.exe C:\Program Files\Digital Media Reader\shwiconEM.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\McAfee\McAfee AntiSpyware\Msscli.exe C:\Program Files\Common Files\AOL\1212214156\EE\AOLHostManager.exe C:\Program Files\Common Files\AOL\1212214156\EE\AOLServiceHost.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\America Online 9.0\waol.exe C:\Program Files\America Online 9.0\shellmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Owner\Desktop\dss.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [IS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1212214156\EE\AOLHostManager.exe O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1212217990828 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212217920296 O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{87963452-40F9-4277-9BF1-4883BDED03DB}: NameServer = 205.188.146.145 O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\mcupdmgr.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- End of file - 9923 bytes -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 SunkFilt (Alcor Micro Corp Reader) - c:\windows\system32\drivers\sunkfilt.sys <Not Verified; Alcor Micro Corp.; SunkFilt> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 McAfeeAntiSpyware (McAfee AntiSpyware Real-Time Scanner) - c:\program files\mcafee\mcafee antispyware\msssrv.exe <Not Verified; Network Associates, Inc.; McAfee AntiSpyware> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-05-31 04:17:00 476 --a------ C:\WINDOWS\Tasks\McAfee.com Update Check (YOUR-CA66427893-Owner).job 2008-05-31 02:30:28 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 3.job 2008-05-31 02:30:27 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 2.job 2008-05-31 02:30:27 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 1.job 2008-05-31 01:59:16 366 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job 2008-05-30 21:00:00 344 --a------ C:\WINDOWS\Tasks\McAfee AntiSpyware.job -- Files created between 2008-04-30 and 2008-05-31 ----------------------------- 2008-05-31 03:27:22 0 d-------- C:\WINDOWS\system32\SoftwareDistribution 2008-05-31 03:10:22 0 d---s---- C:\Documents and Settings\Owner\UserData 2008-05-31 03:02:20 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia 2008-05-31 02:55:47 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-05-31 02:55:39 0 d-------- C:\Program Files\MetaStream 2008-05-31 02:55:34 0 d-------- C:\Program Files\SpywareBlaster 2008-05-31 02:55:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint 2008-05-31 02:32:21 0 d-------- C:\Documents and Settings\Owner\Application Data\AOL 2008-05-31 02:31:35 0 d-------- C:\Documents and Settings\Owner\Application Data\Help 2008-05-31 02:30:22 0 d-------- C:\Documents and Settings\Default User\WINDOWS 2008-05-31 02:30:22 0 d-------- C:\Documents and Settings\Default User\Application Data\You've Got Pictures Screensaver 2008-05-31 02:30:22 0 d-------- C:\Documents and Settings\Default User\Application Data\SampleView 2008-05-31 02:30:22 0 d-------- C:\Documents and Settings\Default User\Application Data\McAfee 2008-05-31 02:30:22 0 d-------- C:\Documents and Settings\Default User\Application Data\Identities 2008-05-31 02:15:10 0 d--h----- C:\WINDOWS\$hf_mig$ 2008-05-31 02:14:24 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2008-05-31 02:14:23 0 d-------- C:\Program Files\McAfee 2008-05-31 02:14:23 0 d-------- C:\Program Files\Common Files\McAfee 2008-05-31 02:14:23 0 d-------- C:\Documents and Settings\Owner\Application Data\McAfee 2008-05-31 02:14:14 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee.com 2008-05-31 02:14:02 0 d-------- C:\Program Files\McAfee.com 2008-05-31 02:12:57 0 d-------- C:\WINDOWS\RegisteredPackages 2008-05-31 02:12:46 67072 --a------ C:\WINDOWS\POWERCFG.EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-05-31 02:12:30 0 d-------- C:\Program Files\Common Files\Adobe 2008-05-31 02:12:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2008-05-31 02:12:02 0 d-------- C:\Program Files\MSN Encarta Plus 2008-05-31 02:11:10 0 d-------- C:\Program Files\Microsoft Money 2005 2008-05-31 02:10:45 0 d-------- C:\Documents and Settings\Owner\Application Data\You've Got Pictures Screensaver 2008-05-31 02:10:43 0 d-------- C:\Program Files\Common Files\Nullsoft 2008-05-31 02:10:29 86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3> 2008-05-31 02:10:22 0 d-------- C:\WINDOWS\system32\QuickTime 2008-05-31 02:10:22 0 d-------- C:\Program Files\QuickTime 2008-05-31 02:10:22 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime 2008-05-31 02:10:18 0 d-------- C:\My Music 2008-05-31 02:10:17 8552 --a------ C:\WINDOWS\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver> 2008-05-31 02:10:14 0 d-------- C:\Program Files\Real 2008-05-31 02:10:14 0 d-------- C:\Program Files\Common Files\Real 2008-05-31 02:10:06 10752 --a------ C:\WINDOWS\system32\aamd532.dll <Not Verified; Almeida & Andrade Ltda; MD5 Maker DLL> 2008-05-31 02:10:05 102400 --a------ C:\WINDOWS\system32\SimpleRegistry.dll <Not Verified; 4Developers LLC; SimpleRegistry Control> 2008-05-31 02:09:59 0 d-------- C:\Program Files\Viewpoint 2008-05-31 02:09:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Pure Networks 2008-05-31 02:09:54 0 d-------- C:\Program Files\Pure Networks 2008-05-31 02:09:44 0 d-------- C:\Program Files\AOL Toolbar 2008-05-31 02:09:35 0 d-------- C:\Program Files\Common Files\AolCoach 2008-05-31 02:09:22 0 d-------- C:\Documents and Settings\Owner\Application Data\SampleView 2008-05-31 02:09:13 0 d-------- C:\Program Files\Common Files\aolshare 2008-05-31 02:09:13 0 d-------- C:\Program Files\America Online 9.0 2008-05-31 02:09:13 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL 2008-05-31 02:09:05 335 --a------ C:\WINDOWS\nsreg.dat 2008-05-31 02:09:05 0 d-------- C:\Program Files\Common Files\AOL 2008-05-31 02:08:12 40960 --a------ C:\WINDOWS\system32\ChCfg.exe 2008-05-31 02:08:09 294912 --a------ C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Update driver Tool> 2008-05-31 02:08:09 200704 --a------ C:\WINDOWS\alcrmv.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Removing driver Tool> 2008-05-31 02:08:06 192512 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library> 2008-05-31 02:07:53 0 d-------- C:\Program Files\Common Files\Roxio Shared 2008-05-31 02:07:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Napster 2008-05-31 02:07:37 0 d-------- C:\Program Files\Napster 2008-05-31 02:07:31 20480 --a------ C:\WINDOWS\system32\Marker32.exe <Not Verified; Gateway; Marker32> 2008-05-31 02  50 0 d-------- C:\Program Files\Java2008-05-31 02 49 0 d-------- C:\Program Files\Common Files\Java2008-05-31 02 22 0 d-------- C:\Program Files\CyberLink2008-05-31 02 13 471300 --a------ C:\WINDOWS\wallpe.exe <Not Verified; ; wallpe>2008-05-31 02:04:15 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT 2008-05-31 02:03:36 0 d-------- C:\Program Files\Microsoft ActiveSync 2008-05-31 02:03:15 0 d-------- C:\WINDOWS\SHELLNEW 2008-05-31 02:02:59 0 d-------- C:\Program Files\Microsoft.NET 2008-05-31 02:02:37 0 dr-h----- C:\MSOCache 2008-05-31 02:02:22 0 d-------- C:\WINDOWS\system32\ReinstallBackups 2008-05-31 02:01:48 0 d-------- C:\Program Files\ATI Technologies 2008-05-31 01:57:32 0 d-------- C:\Program Files\Norton Internet Security 2008-05-31 01:56:08 0 d-------- C:\Program Files\Google 2008-05-31 01:56:05 0 d-------- C:\Program Files\Common Files\Symantec Shared 2008-05-31 01:55:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec 2008-05-31 01:55:57 0 d-------- C:\Program Files\Symantec 2008-05-31 01:55:40 18000 --a------ C:\WINDOWS\BigFixClientOverride.dll <Not Verified; BigFix, Inc.; BigFix> 2008-05-31 01:55:40 0 d-------- C:\Program Files\BigFix 2008-05-31 01:55:25 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-05-31 01:54:40 0 d-------- C:\Program Files\Digital Media Reader 2008-05-31 01:54:36 0 d-------- C:\WINDOWS\Downloaded Installations 2008-05-31 01:54:35 0 d-------- C:\Program Files\Common Files\InstallShield 2008-05-31 01:54:24 76288 -ra------ C:\WINDOWS\system32\PUBOLE32.DLL <Not Verified; Microsoft Corporation; Microsoft Publisher for Windows> 2008-05-31 01:54:24 212480 -ra------ C:\WINDOWS\system32\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit> 2008-05-31 01:54:24 37888 -ra------ C:\WINDOWS\system32\ochlp30e.dll <Not Verified; Microsoft Corporation; Microsoft Multimedia Controls> 2008-05-31 01:54:24 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP1> 2008-05-31 01:54:24 1233920 --a------ C:\WINDOWS\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP 2> 2008-05-31 01:54:24 91136 -ra------ C:\WINDOWS\system32\msls2.dll <Not Verified; Microsoft Corporation; Microsoft® Line Services> 2008-05-31 01:54:23 31744 -ra------ C:\WINDOWS\system32\hlp95en.dll <Not Verified; Microsoft Corporation; Microsoft Office> 2008-05-31 01:54:01 0 d-------- C:\Program Files\Microsoft Works 2008-05-31 01:51:50 2658304 -----n--- C:\WINDOWS\UNNeroBurnRights.exe <Not Verified; Nero AG; Nero WebEngine> 2008-05-31 01:51:50 90184 --a------ C:\WINDOWS\system32\NeroCo.dll <Not Verified; Ahead Software AG im Stoeckmaedle 18 76307 Karlsbad, Germany Fax: ++49-7248-911-888 e-mail: info@nero.com; Nero Burning Rom> 2008-05-31 01:51:16 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20> 2008-05-31 01:51:13 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck> 2008-05-31 01:51:13 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2008-05-31 01:51:13 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2008-05-31 01:51:13 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7> 2008-05-31 01:51:12 0 d-------- C:\Program Files\Common Files\Ahead 2008-05-31 01:51:12 0 d-------- C:\Program Files\Ahead 2008-05-31 01:47:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Prism Deploy 2008-05-31 01:47:04 0 d-------- C:\Program Files\Common Files\New Boundary 2008-05-31 01:44:23 0 d-------- C:\WINDOWS\system32\URTTemp 2008-05-31 01:44:19 2 -r-hs---- C:\USER 2008-05-31 01:43:02 0 d-------- C:\Program Files\CONEXANT 2008-05-31 01:40:29 0 d--hs---- C:\System Volume Information 2008-05-31 01:11:20 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT 2008-05-31 01:11:17 0 d-------- C:\WINDOWS\creator 2008-05-31 01:09:41 0 d-------- C:\WINDOWS\SMINST 2008-05-31 01:09:37 0 d-------- C:\WINDOWS\I386 2008-05-30 21:35:58 0 d-------- C:\Documents and Settings\Owner\Application Data\CyberLink 2008-05-30 21:35:27 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink 2008-05-30 21:32:12 0 d-------- C:\WINDOWS\Prefetch 2008-05-30 21:24:33 0 d-------- C:\WINDOWS\system32\scripting 2008-05-30 21:24:32 0 d-------- C:\WINDOWS\l2schemas 2008-05-30 21:24:31 0 d-------- C:\WINDOWS\system32\en 2008-05-30 21:24:30 0 d-------- C:\WINDOWS\system32\bits 2008-05-30 21:21:29 0 d-------- C:\WINDOWS\ServicePackFiles 2008-05-30 21:18:58 0 d-------- C:\WINDOWS\network diagnostic 2008-05-30 21:13:26 0 d-------- C:\WINDOWS\EHome 2008-05-30 10:29:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2008-05-30 10:28:26 0 d-------- C:\WINDOWS\system32\PreInstall -- Find3M Report --------------------------------------------------------------- 2008-05-31 02:14:23 0 d-------- C:\Program Files\Common Files 2008-05-31 01:04:58 0 d-------- C:\Program Files\Online Services 2008-05-31 01:04:58 0 d-------- C:\Program Files\MSN Gaming Zone 2008-05-31 01:04:58 0 d-------- C:\Program Files\microsoft frontpage 2008-05-31 01:04:58 0 d-------- C:\Program Files\Common Files\SpeechEngines 2008-05-31 01:04:58 0 d-------- C:\Program Files\Common Files\ODBC 2008-05-31 01:04:58 0 d-------- C:\Program Files\Common Files\MSSoap 2008-05-31 01:04:51 0 d-------- C:\Documents and Settings\Owner\Application Data\Identities 2008-05-30 21:31:36 0 d-------- C:\Program Files\Messenger 2008-05-30 21:24:30 0 d-------- C:\Program Files\Movie Maker 2008-05-30 21:21:15 0 d-------- C:\Program Files\Windows NT -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 02:50 PM] "SunKistEM"="C:\Program Files\Digital Media Reader\shwiconem.exe" [11/15/2004 06:04 PM] "@"="" [] "SSC_UserPrompt"="C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" [08/05/2004 08:23 PM] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [08/27/2004 07:22 PM] "IS CfgWiz"="C:\Program Files\Norton Internet Security\cfgwiz.exe" [08/17/2004 06:36 PM] "URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [08/30/2004 10:29 PM] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [03/18/2005 12:05 AM] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/02/2004 11:24 PM] "SoundMan"="SOUNDMAN.EXE" [04/15/2005 02:01 PM C:\WINDOWS\SOUNDMAN.EXE] "Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" [] "Reminder"="%WINDIR%\Creator\Remind_XP.exe" [] "HostManager"="C:\Program Files\Common Files\AOL\1212214156\EE\AOLHostManager.exe" [11/03/2004 05:03 PM] "AOL Spyware Protection"="C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [10/18/2004 08:42 PM] "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [08/17/2004 09:26 PM] "MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [10/02/2004 07:34 PM] "_AntiSpyware"="C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe" [10/19/2004 04:00 AM] "Pure Networks Port Magic"="C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" [04/05/2004 05:33 PM] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 08:12 PM] "AOL Fast Start"="C:\Program Files\America Online 9.0\AOL.exe" [06/23/2005 12:24 PM] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 7:44:06 AM] BigFix.lnk - C:\Program Files\BigFix\BigFix.exe [5/31/2008 1:55:40 AM] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{F2A0229A-C4CA-4789-B606-973D24DCDD1C}"= C:\Program Files\McAfee\McAfee AntiSpyware\MssShell.dll [10/19/2004 04:00 AM 86016] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs napagent hkmsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{508aba02-2eda-11dd-9fb6-806d6172696f}] PlayWithPowerDVD\Command- "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" *Newly Created Service* - UDFS -- End of Deckard's System Scanner: finished at 2008-05-31 03:12:46 ------------ |
|
|
|
|
05-31-2008, 12:29 PM
|
#6 (permalink) |
|
Registered User
Join Date: May 2008
Posts: 35
OS: windows xp
|
Re: my step results and log
and here is the extra txt file.. i hope this will help someone help me........ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 3.0 Architecture: X86; Language: English CPU 0: AMD Athlon(tm) 64 Processor 3400+ Percentage of Memory in Use: 71% Physical Memory (total/avail): 382.48 MiB / 109.88 MiB Pagefile Memory (total/avail): 918.55 MiB / 575.34 MiB Virtual Memory (total/avail): 2047.88 MiB / 1935.32 MiB C: is Fixed (NTFS) - 181.85 GiB total, 174.84 GiB free. D: is Fixed (FAT32) - 4.44 GiB total, 2.23 GiB free. E: is CDROM (UDF) F: is Removable (No Media) G: is Removable (No Media) H: is Removable (No Media) I: is Removable (No Media) \\.\PHYSICALDRIVE0 - WDC WD2000BB-22GUC0 - 186.31 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - 181.85 GiB - C: \PARTITION1 - Unknown - 4.45 GiB - D: \\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device \\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device \\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device \\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Owner\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=YOUR-CA66427893 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Owner LOGONSERVER=\\YOUR-CA66427893 NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Program Files\America Online 9.0;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PortMagicSDKIsRunning=1 PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=2f00 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp USERDOMAIN=YOUR-CA66427893 USERNAME=Owner USERPROFILE=C:\Documents and Settings\Owner windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Owner (admin) -- Add/Remove Programs --------------------------------------------------------- --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000} America Online (Choose which version to remove) --> C:\Program Files\Common Files\aolshare\aolunins_us.exe AOL Coach Version 2.0(Build:20041026.5 en) --> C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP AOL Connectivity Services --> "C:\Program Files\Common Files\AOL\ACS\AcsUninstall.exe" /c AOL Spyware Protection --> C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG AOL Toolbar --> "C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG" AOL You've Got Pictures Screensaver --> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean BigFix --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll" CC_ccProxyExt --> MsiExec.exe /I{DA42FDCA-7C5A-43EF-9A05-CCE148ADF919} ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB} ccPxyCore --> MsiExec.exe /I{FC08587A-4F01-4188-819F-F55880022917} Digital Media Reader --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{81EED1A1-AE78-4B11-BE47-C6AE9F5E87F1} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020} LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSetup.exe /REMOVE LiveUpdate 2.5 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U McAfee AntiSpyware --> MsiExec.exe /I{F39A74A0-FAE2-401C-AED1-1C941AA28EA8} McAfee SecurityCenter --> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm Microsoft Money 2005 --> C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9} Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69} Napster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9 Napster Burn Engine --> MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} Nero BurnRights --> C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL Norton AntiSpam --> MsiExec.exe /I{3B29A786-5803-4e9e-9B58-3014A5B4E519} Norton AntiSpam --> MsiExec.exe /I{5677563D-0CB1-485f-9E18-C5025306BB3F} Norton AntiVirus 2005 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B} Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125} Norton Internet Security --> MsiExec.exe /I{449F3A9E-9903-4a0d-A209-08030D45A935} Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B} Norton Internet Security --> MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F} Norton Internet Security --> MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20} Norton Internet Security --> MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF} Norton Internet Security --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555} Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43} Norton Internet Security --> MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22} Norton Internet Security 2005 (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe /X Norton Security Center --> MsiExec.exe /X{503AA035-41E2-4858-B31F-1E49AC66C309} Norton WMI Update --> MsiExec.exe /X{E85FA9A1-C241-4698-893B-DD99509B8DB0} Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4} PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall Pure Networks Port Magic --> C:\Program Files\Pure Networks\Port Magic\PortAOL.exe -Uninstall -ShowUI QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0 Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE Security Update for Step By Step Interactive Training (KB898458) --> SoftV92 Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IURSLST5K.inf SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56} SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe" Symantec Script Blocking Installer --> MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138} SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2} Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type36 / Warning Event Submitted/Written: 05/30/2008 09:25:50 PM Event ID/Source: 63 / WinMgmt Event Description: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Event Record #/Type35 / Error Event Submitted/Written: 05/30/2008 06:58:45 PM Event ID/Source: 485 / ESENT Event Description: wuauclt (2628) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" failed with system error 5 (0x00000005): &q |
