Getting rid of the remnents of System Surveillance Pro

[designergirl]

Hello! First I want to say thanks for any help you can give me. I hope you can figure this out for me!

I installed SSPro in 2006 to catch a cheating BF and it worked great for it. I then completely forgot about it and never uninstalled it. Now I am having issues with running out of memory all the time and when I was trying to clean up the computer remembered it had been installed. I tried to open it through the run command but it gives me a error saying it can't find the file or one of it's components. I found a list of different files that it uses and did a search for those and came up with 5-6 off the list. I am assuming that at some point a AV caught some of the other ones and they were deleted. Now I just want to get rid of the rest of these files.

Once again thanks for any help you can give me!



DDS (Ver_09-02-01.01) - NTFSx86
Run by Administrator at 22:29:56.44 on Sun 02/01/2009
Internet Explorer: 6.0.2800.1106 BrowserJavaVersion: 1.6.0_07
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.510.185 [GMT -6:00]


============== Running Processes ===============

C:\WINNT\system32\spoolsv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATIEQA.EXE
C:\WINNT\webshots.scr
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\explorer.exe
C:\Documents and Settings\Administrator\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
uSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
mDefault_Search_URL = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
mSearch Page = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn8\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn8\yt.dll
BHO: NoExplorer - No File
BHO: {3EBBD0F6-1F1F-48A0-89DC-C7505D56E92A} - No File
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn8\yt.dll
TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File
TB: {E19E589B-749F-4641-9ED3-032DEB7A8D92} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
EB: {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} - No File
uRun: [<NO NAME>]
uRun: [ctfmon.exe] ctfmon.exe
uRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostart
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [EPSON WorkForce 500 Series] c:\winnt\system32\spool\drivers\w32x86\3\e_fatieqa.exe /fu "c:\winnt\temp\E_SED.tmp" /EF "HKCU"
mRun: [Synchronization Manager] mobsync.exe /logon
mRun: [LoadQM] loadqm.exe
mRun: [Motive SmartBridge] c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [COMODO Firewall Pro] "c:\program files\comodo\firewall\CPF.exe" /background
mRun: [stemprotdrv] c:\winnt\svcwinra.exe
dRun: [ctfmon.exe] ctfmon.exe
dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\yahoo! widget engine\YahooWidgetEngine.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sbcsel~1.lnk - c:\program files\sbc self support tool\bin\matcli.exe
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://games.bigfishgames.com/en_chocolatier/online/ChocolatierWeb.1.0.0.13.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - c:\program files\yahoo!\common\Yinsthelper20073151.dll
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/27.38/uploader2.cab
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} - hxxp://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203377550862
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203377509072
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.ourweddingday.com/Uploader/ImageUploader4.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} - hxxp://simcity.ea.com/play/classic/SimCityX.cab
DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-141-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\j8xquqdy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-amo&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?.home=ytff
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=

============= SERVICES / DRIVERS ===============

R2 CmdAgent;Comodo Application Agent;c:\program files\comodo\firewall\cmdagent.exe [2008-4-13 361040]
R3 EL90BC;3Com EtherLink XL B/C Adapter Driver;c:\winnt\system32\drivers\el90xbc5.sys [2003-2-25 61712]
RUnknown IKFileSec;IKFileSec; [x]
RUnknown IKSysFlt;IKSysFlt; [x]
RUnknown IKSysSec;IKSysSec; [x]
S0 SONYPVM1;Sony Memory Stick Driver(SONYPVM1);c:\winnt\system32\drivers\sonypvm1.sys --> c:\winnt\system32\drivers\SONYPVM1.SYS [?]
S2 mrtRate;mrtRate; [x]
S3 HPUATA;HP CD Writer Plus Controller Driver;c:\winnt\system32\drivers\HPUATA.sys [2003-4-10 92704]
S3 S6U12BScanner;MUSTEK 1200 UB Still Image Device Service;c:\winnt\system32\drivers\usbscan.sys [2009-1-7 12592]

=============== Created Last 30 ================

2009-02-01 22:30 16,384 a------t c:\winnt\system32\Perflib_Perfdata_318.dat
2009-02-01 15:34 356,352 ac------ c:\winnt\system32\dllcache\oleaccrc.dll
2009-02-01 15:34 462,848 a------- c:\winnt\system32\msaatext.dll
2009-02-01 15:34 360,448 a------- c:\winnt\system32\SET4EE.tmp
2009-02-01 15:34 356,352 a------- c:\winnt\system32\oleaccrc.dll
2009-02-01 15:34 <DIR> --d----- c:\program files\Spyware Doctor
2009-01-07 19:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ArcSoft
2009-01-07 19:23 84,574 a------- c:\winnt\system32\E_FLMEQA.DLL
2009-01-07 19:23 64,000 a------- c:\winnt\system32\E_FBCBEQA.DLL
2009-01-07 19:23 34,304 a------- c:\winnt\system32\E_FBCHEQA.DLL
2009-01-07 19:23 86,016 a------- c:\winnt\system32\essiscsi.dll
2009-01-07 19:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\EPSON
2009-01-07 19:20 <DIR> --d----- c:\program files\epson
2009-01-07 19:19 44 a------- c:\winnt\EPWF500.ini
2009-01-07 19:08 16,384 a------t c:\winnt\system32\Perflib_Perfdata_468.dat
2009-01-07 19:07 16,384 a------t c:\winnt\system32\Perflib_Perfdata_3e8.dat

==================== Find3M ====================

2008-05-14 14:39 0 a------- c:\program files\temp01
2003-02-25 07:10 271 ----h--- c:\program files\desktop.ini
1999-12-07 06:00 32,528 ac------ c:\winnt\inf\wbfirdma.sys

============= FINISH: 22:32:46.40 ===============

[designergirl]

Bump, Thanks!

[tetonbob]

Hello -

See the vendor's FAQ

http://www.gpsoftdev.com/helparticle.asp?articleid=50

Other than that, we cannot offer more assistance according to our forum rules regarding keystroke recording software.

http://www.techsupportforum.com/rules.php

Quote:

ASSISTANCE WITH ILLEGAL ACTIVITIES

We will not provide any user with information about the location of websites that assist with the following activities

† software pirating
† hacking
† password cracking
† keystroke recording software
We will also not offer advice, assistance or instruction with regard to any of the above activities, illegal or otherwise.

We do understand that the majority of requests may be legitimate, but we do not have the means to discern these from non-legitimate requests.

Thread closed.