InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : Re: Computer shuts off when scanning for virus........? |
|
Answer» Uh instead of starting a new topic, I'll just use this one I PRETTY much have the same problem as he had, but I can't finish a scan with MalwareBytes, or SuperantiSpyware. I did do the HijackThis scan though, and thus far it seems to be the only one that finishes without the blue screen appearing. I'm currently in Safe Mode with Networking, so that I can try to figure out how to get it off. I don't know if it helps, but I know the approximate location of where it is located, but every time I try to access/delete the file the blue screen pops-up.
Now close all windows except for Hijackthis and click Fix checked Exit Hijackthis and run CCleaner. ---------- Extra cleaning... Delete TEMPORARY FILES Go to:
Check the boxes for:
---------- Download FixWareout by LonnyRJonesfrom one of the two below links and save it to your desktop.
After rebooting (restart) back into normal boot mode. Make sure you have all web browsers closed.
---------- Download SDFix.exe and save it to your Desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Now then reboot your computer in Safe Mode by doing the following:
If SDFix won't run or you get errors, follow the link for instructions on running SDFix. How to use SDFix ---------- Before running HJT please install and rename the new version. Download and rename TrendMicro HijackThis.exe (HJT) ---------- Next post add fixwareout log SDFix log New HJT logIt doesn't seem to have worked. The blue screen keeps coming up. Heres the FixWareOut log. ~~~~~ Prerun check HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters "nameserver"="85.255.115.59 85.255.112.133" HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{012B82A0-78A8-4153-8FED-9AD0B15B07F9} "nameserver"="85.255.115.59,85.255.112.133" HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{5662E96D-9C96-43F6-A6DC-939C5998F76B} "nameserver"="85.255.115.59,85.255.112.133" HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{6B86BE84-DF68-4669-AF92-F283A0FA8B24} "nameserver"="85.255.115.59,85.255.112.133" HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{950BAE7D-BAD5-4015-9AEC-1E59874A9BF2} "DhcpNameServer"="85.255.115.59,85.255.112.133" Could not flush the DNS Resolver Cache: Function failed during execution. System was rebooted successfully. ~~~~~ Postrun check HKLM\SOFTWARE\~\Winlogon\ "System"="" .... .... ~~~~~ Misc files. .... ~~~~~ Checking for older varients. .... ~~~~~ Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 "VirtualDrive"="\"C:\\Program Files\\FarStone\\VirtualDrive\\VDTask.exe\" /AutoRestore" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\"" "StorageGuard"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r" "RAMDrive"="\"C:\\Program Files\\FarStone\\VirtualDrive\\VHD\\RDTask.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\"" "MyWebSearch Email Plugin"="C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe" "Motive SmartBridge"="C:\\PROGRA~1\\ALLTEL~1\\SMARTB~1\\MotiveSB.exe" "Maplom"="\"C:\\Program Files\\SlySoft\\Game Jackal\\GameJackal.exe\" /silent" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe\"" "HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\"" "Corel Photo Downloader"="\"C:\\Program Files\\Corel\\Corel Photo Album 6\\MediaDetect.exe\"" "AVG8_TRAY"="C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe\" /startintray" "BOC-426"="C:\\PROGRA~1\\Comodo\\CBOClean\\BOC426.exe" "ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "cnfgCav"="\"C:\\Program Files\\Comodo\\Comodo AntiVirus\\CMain.exe\"" "cavUPSDBMaker"="\"C:\\Program Files\\Comodo\\Comodo AntiVirus\\UPSDBMaker.exe\"" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] .... Hosts file was reset, If you use a custom hosts file please replace it... ~~~~~ End report ~~~~~ I'm not sure, but this seems to be the SDFix report. tchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-11 14:31:28 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... IPC error: 2 The system cannot find the file specified. scan completed successfully hidden files: 0Quote from: nightscout on July 11, 2008, 02:21:51 PM It doesn't seem to have worked. The blue screen keeps coming up. This is going to take multiple steps, so we are likely far from complete. The SDFix log is incomplete. Install the new version of Hjackthis but don't run it YET. Instead now run DSS and post the logs. Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges. Vista users Right click DSS and Run as Administrator.
Heres the first half of the main one. Deckard's System Scanner v20071014.68 Run by Glen on 2008-07-11 16:41:36 Computer is in Safe Mode with Networking. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Unable to create WMI object; The operation completed successfully. Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Glen.exe) ------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 4:43:14 PM, on 7/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City.exe C:\Program Files\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Glen\Desktop\dss.exe C:\PROGRA~1\HIJACK~1\Glen.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\ALLTEL~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [Maplom] "C:\Program Files\SlySoft\Game Jackal\GameJackal.exe" /silent O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [BOC-426] C:\PROGRA~1\Comodo\CBOClean\BOC426.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [cnfgCav] "C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" O4 - HKLM\..\Run: [cavUPSDBMaker] "C:\Program Files\Comodo\Comodo AntiVirus\UPSDBMaker.exe" O4 - HKLM\..\Run: [SDFix] C:\SDFix\RunThis.bat /second O4 - HKLM\..\RunOnce: [SDFix] C:\SDFix\RunThis.bat /second O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZK O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\cavemlsp.dll O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://download.mcafee.com/molbin/Shared/ComCtl32/6,0,80,22/ComCtl32.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.0.5.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - https://activation.alltel.com/wizlet/ALLTEL/static/controls/WebflowActiveXInstaller_2-0-0.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.1.2.76.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?972760012750 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1138820922273 O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install3.0/installer.exe O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4661/mcfscan.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.59 85.255.112.133 O17 - HKLM\System\CS1\Services\Tcpip\..\{012B82A0-78A8-4153-8FED-9AD0B15B07F9}: NameServer = 85.255.115.59,85.255.112.133 O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.115.59 85.255.112.133 O17 - HKLM\System\CS4\Services\Tcpip\..\{012B82A0-78A8-4153-8FED-9AD0B15B07F9}: NameServer = 85.255.115.59,85.255.112.133 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing) O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: monln - C:\WINDOWS\SYSTEM32\monln.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing) O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing) O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe O23 - Service: Comodo Anti-Virus and Anti-Spyware Service - Comodo Inc. - C:\Program Files\Comodo\common\CAVASpy\cavasm.exe O23 - Service: DomainService - - C:\WINDOWS\system32\hcekpaim.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) -------------------- backup-20080711-135433-149 O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL backup-20080711-135433-369 R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL backup-20080711-135433-452 R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com backup-20080711-135433-492 O2 - BHO: (no name) - {184746EC-9E9D-4C7D-B9E7-9039EBD801A9} - (no file) backup-20080711-135433-500 O2 - BHO: (no name) - {554A64A5-4E29-48F0-A729-BDF50CE38199} - C:\WINDOWS\system32\pmkhe.dll (file missing) backup-20080711-135433-608 O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL backup-20080711-135433-745 O2 - BHO: Colej_uk Design Toolbar Helper - {54F3259F-8CF4-496a-9ECC-857410855A50} - C:\Program Files\Colej_uk Design Toolbar\v2.0.0.5\Colej_uk_Design_Toolbar.dll (file missing) backup-20080711-135433-752 O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) backup-20080711-135433-793 O2 - BHO: Seekmo /fleok=1D8A83A5C5E3147799AB6B2A1FBB39BFE4976E26CAEDA120180A196D6093 - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file) backup-20080711-135433-822 O2 - BHO: MSVPS System - {2D42D689-4B94-4734-92C2-606FC5F4C15D} - C:\WINDOWS\oprevtdp.dll backup-20080711-135434-105 O3 - Toolbar: (no name) - {860c2f6b-ca82-4282-9187-beccbb66f0af} - (no file) backup-20080711-135434-154 O3 - Toolbar: (no name) - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - (no file) backup-20080711-135434-203 O3 - Toolbar: Colej_uk Design Toolbar - {7E895BD9-C3B7-4bc2-A7B8-758531866F00} - C:\Program Files\Colej_uk Design Toolbar\v2.0.0.5\Colej_uk_Design_Toolbar.dll (file missing) backup-20080711-135434-244 O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolpro.com/redirect.php (file missing) backup-20080711-135434-270 O2 - BHO: Video BHO - {681147C4-D615-461A-960F-655871E315C3} - C:\WINDOWS\pnop64.dll backup-20080711-135434-282 O3 - Toolbar: (no name) - {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - (no file) backup-20080711-135434-317 O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - C:\Program Files\AntiSpyCheck\IEWarning.dll (file missing) backup-20080711-135434-340 O3 - Toolbar: (no name) - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - (no file) backup-20080711-135434-382 O3 - Toolbar: (no name) - {C6139A57-16FB-4FA4-8045-A847FBFFD695} - (no file) backup-20080711-135434-574 O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file) backup-20080711-135434-593 O20 - Winlogon Notify: fccyvuu - fccyvuu.dll (file missing) backup-20080711-135434-676 O9 - Extra button: (no name) - Software - (no file) backup-20080711-135434-679 O2 - BHO: Colej_uk Design Toolbar Helper - {A62CB71D-6EC8-4065-8EEC-07B224364A2B} - C:\Program Files\Colej_uk Design Toolbar\v2.0.0.5\Colej_uk_Design_Toolbar.dll (file missing) backup-20080711-135434-720 O3 - Toolbar: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - (no file) backup-20080711-135434-743 O2 - BHO: (no name) - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6} - C:\WINDOWS\system32\fccyvuu.dll (file missing) backup-20080711-135434-810 O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolpro.com/redirect.php (file missing) backup-20080711-135434-822 O2 - BHO: (no name) - {DE965520-995B-40B9-B0BA-840F79BCCCC7} - (no file) backup-20080711-135434-840 O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - (no file) backup-20080711-135434-849 O2 - BHO: (no name) - {99BA268B-4021-4739-9945-3C774217FE75} - C:\Program Files\NetProject\sbmdl.dll backup-20080711-135434-987 O3 - Toolbar: Colej_uk Design Toolbar - {A45D8289-FFA3-4cd8-B83A-F84F7173B2CE} - C:\Program Files\Colej_uk Design Toolbar\v2.0.0.5\Colej_uk_Design_Toolbar.dll (file missing) -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- 2 atksgt - c:\windows\system32\drivers\atksgt.sys 1 AvgLdx86 (AVG Free AVI Loader Driver x86) - c:\windows\system32\drivers\avgldx86.sys (file missing) 1 AvgMfx86 (AVG Free On-access Scanner Minifilter Driver x86) - c:\windows\system32\drivers\avgmfx86.sys (file missing) 2 AvgTdiX (AVG Free8 Network Redirector) - c:\windows\system32\drivers\avgtdix.sys (file missing) 3 BW2NDIS5 - system32\drivers\bw2ndis5.sys (file missing) 3 catchme - c:\docume~1\glen\locals~1\temp\catchme.sys (file missing) 0 Cavasm - c:\windows\system32\drivers\cavasm.sys 3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing) 3 L2XPSR - c:\progra~1\effici~1\tangom~1\app\l2xpsr.sys (file missing) 2 lirsgt - c:\windows\system32\drivers\lirsgt.sys 3 nenum13E - c:\docume~1\mawmaw\locals~1\temp\nenum13e.sys (file missing) 2 npkcrypt - c:\program files\triglowpictures\pristontale\npkcrypt.sys (file missing) 1 OMCI - c:\windows\system32\drivers\omci.sys 1 oreans32 - c:\windows\system32\drivers\oreans32.sys 0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys 0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- 2 Apple Mobile Device - c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe 2 avg8emc (AVG Free8 E-mail Scanner) - c:\progra~1\avg\avg8\avgemc.exe (file missing) 2 avg8wd (AVG Free8 WatchDog) - c:\progra~1\avg\avg8\avgwdsvc.exe (file missing) 2 Comodo Anti-Virus and Anti-Spyware Service - c:\program files\comodo\common\cavaspy\cavasm.exe 2 DomainService - c:\windows\system32\hcekpaim.exe 4 gusvc (Google Updater Service) - c:\program files\google\common\google updater\googleupdaterservice.exe (file missing) 2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe 4 usprserv (User Privilege Service) - c:\windows\system32\svchost.exe And heres the second half. -- Device Manager: Disabled ---------------------------------------------------- Unable to create WMI object. -- Scheduled Tasks ------------------------------------------------------------- 2008-04-01 01:00:02 352 --a------ C:\WINDOWS\Tasks\McQcTask.job 2007-12-29 18:10:15 350 --a------ C:\WINDOWS\Tasks\McDefragTask.job -- Files created between 2008-06-11 and 2008-07-11 ----------------------------- 2008-07-11 16:18:38 0 d-------- C:\Program Files\Virtual Villagers - The Secret City 2008-07-11 16:07:39 0 dr-h----- C:\Documents and Settings\Glen\Recent 2008-07-11 14:29:08 0 d-------- C:\Program Files\Trend Micro 2008-07-11 14:24:15 0 d-------- C:\WINDOWS\ERUNT 2008-07-11 14:16:33 0 d-------- C:\Program Files\SUPERAntiSpyware 2008-07-11 14:16:32 0 d-------- C:\Documents and Settings\Glen\Application Data\SUPERAntiSpyware.com 2008-07-11 13:58:06 0 d-------- C:\Program Files\CCleaner 2008-07-11 10:26:22 186400 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-07-11 10:02:51 0 d-------- C:\Documents and Settings\Glen\Application Data\Malwarebytes 2008-07-11 10:02:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-11 10:02:40 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-07-11 09:24:28 0 d-------- C:\Documents and Settings\Glen\Application Data\MailFrontier 2008-07-11 09:06:13 73728 --a------ C:\WINDOWS\system32\CavEmLSP.dll 2008-07-11 09:06:07 102400 --a------ C:\WINDOWS\system32\drivers\cavasm.sys 2008-07-11 09:06:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo 2008-07-11 09:05:58 216576 --a------ C:\WINDOWS\system32\monln.dll 2008-07-11 09:03:52 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2008-07-11 09:03:46 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2008-07-11 09:02:56 0 d-------- C:\WINDOWS\system32\ZoneLabs 2008-07-11 09:02:04 0 d-------- C:\WINDOWS\Internet Logs 2008-07-11 08:54:01 0 d-------- C:\Documents and Settings\All Users\Application Data\BOC426 2008-07-11 08:53:54 0 d-------- C:\Program Files\Comodo 2008-07-10 10:31:43 45056 --a------ C:\WINDOWS\system32\Fsinst32.dll 2008-07-10 10:31:43 86016 --a------ C:\WINDOWS\system32\Dversion.dll 2008-07-10 10:31:43 110592 --a------ C:\WINDOWS\system32\DVC.dll 2008-07-10 10:31:41 5120 --a------ C:\WINDOWS\system32\Fsinst16.DLL 2008-07-10 09:34:22 0 d-------- C:\Program Files\AVG 2008-07-10 09:34:22 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-06-25 22:17:28 0 d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor 2008-06-25 22:16:30 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla 2008-06-15 12:31:40 0 d-------- C:\Program Files\FunWebProducts 2008-06-15 12:26:57 0 d-------- C:\Documents and Settings\MawMaw\Application Data\DNA 2008-06-15 01:13:41 8704 --a------ C:\WINDOWS\system32\tdidrv32.sys 2008-06-15 01:13:37 0 d-------- C:\WINDOWS\system32\162123 2008-06-15 01:13:13 0 d-------- C:\Program Files\NetProject 2008-06-12 11:11:21 0 d-------- C:\Program Files\Common Files\Stardock -- Find3M Report --------------------------------------------------------------- 2014-09-22 00:00:00 56320 --a----c- C:\WINDOWS\gendel32.exe 2008-07-11 16:35:26 0 d-------- C:\Documents and Settings\Glen\Application Data\BitTorrent 2008-07-11 09:57:22 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-07-10 15:47:06 0 d-------- C:\Documents and Settings\Glen\Application Data\LimeWire 2008-07-10 14:35:18 0 d-------- C:\Program Files\Steam 2008-07-10 10:37:09 0 d-------- C:\Documents and Settings\Glen\Application Data\DNA 2008-07-10 09:16:52 0 d-------- C:\Documents and Settings\Glen\Application Data\Adobe 2008-07-09 20:19:41 0 d-------- C:\Program Files\DAEMON Tools Pro 2008-06-16 14:03:29 0 d-------- C:\Documents and Settings\Glen\Application Data\SiteAdvisor 2008-06-14 21:51:46 13312 --a-s---- C:\WINDOWS\system32\kfcpnd.dll 2008-06-12 11:11:21 0 d-------- C:\Program Files\Common Files 2008-06-12 11:07:53 0 d-------- C:\Program Files\Stardock 2008-06-11 08:09:43 0 d---s---- C:\Program Files\Xfire 2008-06-11 01:06:46 0 d-------- C:\Documents and Settings\Glen\Application Data\Xfire 2008-06-10 07:48:29 0 d-------- C:\Program Files\GameSpy Arcade 2008-06-09 18:03:11 0 d-------- C:\Documents and Settings\Glen\Application Data\FarStone 2008-06-09 17:54:55 0 d-------- C:\Program Files\Alcohol Soft 2008-06-09 17:49:49 261 --a----c- C:\inVHDDrvLog.dat 2008-06-09 17:45:07 0 d-------- C:\Program Files\FarStone 2008-06-09 16:14:28 0 d-------- C:\Documents and Settings\Glen\Application Data\DAEMON Tools Pro 2008-06-09 14:37:36 0 d-------- C:\Program Files\MagicISO 2008-06-09 13:26:40 0 d-------- C:\Program Files\AdVantage 2008-06-09 12:48:55 0 d-------- C:\Documents and Settings\Glen\Application Data\DAEMON Tools 2008-06-09 11:49:06 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-09 10:52:27 0 d-------- C:\Documents and Settings\Glen\Application Data\InstallShield 2008-06-08 17:25:23 0 d-------- C:\Program Files\BitTorrent 2008-06-04 10:58:05 0 d-------- C:\Documents and Settings\Glen\Application Data\Sun 2008-06-04 10:35:22 0 d-------- C:\Program Files\LimeWire 2008-06-03 07:17:30 0 d-------- C:\Program Files\SiteAdvisor 2008-05-30 17:03:56 0 d-------- C:\Program Files\DNA 2008-05-30 13:14:33 0 d-------- C:\Documents and Settings\Glen\Application Data\teamspeak2 2008-05-29 18:05:44 0 d-------- C:\Documents and Settings\Glen\Application Data\Macromedia 2008-05-23 17:56:31 0 d-------- C:\Documents and Settings\Glen\Application Data\WinRAR 2008-05-16 20:04:49 0 d-------- C:\Program Files\Common Files\Motive 2008-05-16 19:57:19 0 d-------- C:\Program Files\Yahoo! 2008-05-16 19:57:17 0 d-------- C:\Program Files\Weather Studio 2008-05-16 19:57:14 0 d-------- C:\Program Files\QuickTime 2008-05-16 19:57:12 0 d-------- C:\Program Files\McAfee 2008-05-16 19:57:11 0 d-------- C:\Program Files\Google 2008-05-16 19:57:10 0 d-------- C:\Program Files\DivX 2008-05-16 18:34:59 0 d-------- C:\Documents and Settings\Glen\Application Data\Mozilla 2008-05-16 18:32:21 0 d-------- C:\Documents and Settings\Glen\Application Data\ATI 2008-05-16 18:31:51 0 d-------- C:\Documents and Settings\Glen\Application Data\Webroot 2008-05-16 18:31:39 0 d-------- C:\Documents and Settings\Glen\Application Data\Sonic 2008-05-16 18:31:13 0 d-------- C:\Documents and Settings\Glen\Application Data\Identities 2008-04-30 16:52:22 53858 --a------ C:\WINDOWS\system32\dcads-remove.exe 2008-04-30 07:34:20 433664 --a------ C:\WINDOWS\system32\nsh1DB.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] "VirtualDrive"="C:\Program Files\FarStone\VirtualDrive\VDTask.exe" [07/18/2007 12:55 AM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM] "StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [02/13/2003 02:01 AM] "RAMDrive"="C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" [] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [01/08/2006 01:14 PM] "PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [08/26/2003 08:47 PM] "MyWebSearch Email Plugin"="C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe" [08/31/2007 12:08 PM] "Motive SmartBridge"="C:\PROGRA~1\ALLTEL~1\SMARTB~1\MotiveSB.exe" [] "Maplom"="C:\Program Files\SlySoft\Game Jackal\GameJackal.exe" [] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/23/2006 04:45 PM] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/17/2005 12:11 AM] "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [01/12/2005 03:54 PM] "Corel Photo Downloader"="C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" [02/09/2006 05:34 PM] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [01/02/2006 04:41 PM] "SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [10/01/2007 05:40 PM] "BOC-426"="C:\PROGRA~1\Comodo\CBOClean\BOC426.exe" [04/10/2008 11:08 AM] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [07/09/2008 09:05 AM] "cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [07/11/2008 09:05 AM] "cavUPSDBMaker"="C:\Program Files\Comodo\Comodo AntiVirus\UPSDBMaker.exe" [07/11/2008 09:05 AM] "SDFix"="C:\SDFix\RunThis.bat /second" [] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "SDFix"=C:\SDFix\RunThis.bat /second [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln] monln.dll 07/11/2008 09:05 AM 216576 C:\WINDOWS\system32\monln.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkhe.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tdidrv32.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] AutoRun\command- I:\NoAutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] AutoRun\command- J:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K] AutoRun\command- K:\NoAutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L] AutoRun\command- L:\NoAutoRun.exe -- End of Deckard's System Scanner: finished at 2008-07-11 16:44:08 ------------ Heres the first half of the Extra. Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Unable to create WMI object. Architecture: X86; Language: English Percentage of Memory in Use: 35% Physical Memory (total/avail): 638 MiB / 414.02 MiB Pagefile Memory (total/avail): 1561.62 MiB / 1361.68 MiB Virtual Memory (total/avail): 2047.88 MiB / 1938.12 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 38.28 GiB total, 21.42 GiB free. D: is CDROM (CDFS) E: is CDROM (No Media) F: is CDROM (No Media) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. Unable to create WMI object. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Glen\Application Data CLIENTNAME=Console COLLECTIONID=COL8143 CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=JIMMY-ZMTCUWPG3 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Glen ITEMID=dj-22741-15 LANG=1033 LOGONSERVER=\\JIMMY-ZMTCUWPG3 NUMBER_OF_PROCESSORS=1 OS=Windows_NT OSVER=winXPH Path=C:\WINDOWS\SYSTEM32;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\;C:\PROGRAM FILES\SMART PROJECTS\ISOBUSTER;C:\PROGRA~1\FARSTONE\VIRTUA~1\;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\PROGRAM FILES\FARSTONE\VIRTUALDRIVE\VDP;C:\PROGRA~1\FARSTONE\VIRTUA~1\DVDCRE~1; PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0209 ProgramFiles=C:\Program Files PROMPT=$P$G SAFEBOOT_OPTION=NETWORK SESSIONID=1165343229926htx60566ef76f:10f53de9c73:-7196 SESSIONNAME=Console SWUTVER=1.0.22.20030804 SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Glen\LOCALS~1\Temp TIMEOUT=0 TMP=C:\DOCUME~1\Glen\LOCALS~1\Temp TOOLPATH=/C:\Program%20Files\HP\HP%20Software%20Update\install.htm tvdumpflags=8 UPDATEDIR=C:\DOCUME~1\MawMaw\LOCALS~1\Temp\rad3674A.tmp USERDOMAIN=JIMMY-ZMTCUWPG3 USERNAME=Glen USERPROFILE=C:\Documents and Settings\Glen VERSION=3.0.5.001 windir=C:\WINDOWS __COMPAT_LAYER=EnableNXShowUI -- User Profiles --------------------------------------------------------------- Owner (admin) Glenn (admin) Glenn (admin) MawMaw (admin) Glen (admin) Administrator (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\PROGRA~1\ACCELE~1\ANTI-V~1\regsvr32.exe /u /s C:\PROGRA~1\ACCELE~1\ANTI-V~1\ssupload.dll --> C:\PROGRA~1\ACCELE~1\ANTI-V~1\regsvr32.exe /u /s C:\PROGRA~1\ACCELE~1\ANTI-V~1\vclnr.dll --> C:\PROGRA~1\ACCELE~1\ANTI-V~1\WS_UNI~1.EXE -s --> C:\PROGRA~1\ALLTEL~1\bin\CustomUninstall.exe ALLTEL --> C:\PROGRA~1\COMMON~1\EACCEL~1\SysSnap\syssnap.exe -UnregServer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Total War\Medieval - Total War (Demo Version)\Uninst.isu" --> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} --> MsiExec /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D5DFD1A-5B25-48B7-B4D5-E04778BDC676}\Setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3D Groove Playback Engine --> RunDll32 C:\WINDOWS\DOWNLO~1\GrooveAX.dll,[emailprotected] Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002} Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log AdVantage (Powering DAEMON Tools) --> "C:\Program Files\AdVantage\AdVUninst.exe" /r DAEM /d "AdVantage (Powering DAEMON Tools)" /m "AdVantage is safe advertising software that supports Freeze.com.\nAdVantage is certified by TRUSTe as a Trusted Download.\n\nAre you sure you want to uninstall AdVantage support for DAEMON Tools?" AGEIA PhysX v7.07.09 --> MsiExec.exe /X{65F1CF63-31E0-450B-96F3-4A88BE7361A6} AIM 6 --> C:\Program Files\AIM6\uninst.exe Alltel DSL Installer Agent --> "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent_Remove.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden AntiSpyCheck 2.1.0 --> C:\Program Files\AntiSpyCheck\uninst.exe Apple Mobile Device Support --> MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center --> MsiExec.exe /I{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B} ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,[emailprotected] -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI Parental Control & Encoder --> MsiExec.exe /I{8D70145A-3BD3-4DBF-9CBF-223EF4A43257} Avernum 2 --> C:\WINDOWS\iun504.exe C:\Program Files\Avernum 2\irunin.ini AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL BitComet 0.63 --> "C:\WINDOWS\BitComet_Toolbar_Uninstaller_7296.exe" -hu _?=C:\Program Files\BitComet Toolbar BitComet Toolbar --> "C:\WINDOWS\BitComet_Toolbar_Uninstaller_7296.exe" _?=C:\Program Files\BitComet Toolbar BitTorrent --> C:\Program Files\BitTorrent\uninst.exe Black & White® 2 Battle of the Gods --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10631C28-62E5-477C-9B40-40C5EA8219BE}\setup.exe" -l0x9 -removeonly BOClean --> C:\WINDOWS\UNBOC.EXE Broadcom 440x 10/100 Integrated Controller --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{52504CE6-E909-4113-B232-4AFEC6543A61} /l1033 Browser Optimizer Dcads --> C:\WINDOWS\system32\dcads-remove.exe CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" CIF USB Camera (2110A) --> C:\WINDOWS\CleanDev.exe C:\WINDOWS\DC2110a.ini Comodo AntiVirus Beta 2.0 --> C:\Program Files\Comodo\Comodo AntiVirus\UninstallCAVS.exe Corel Photo Album 6 --> MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354} Cry of the Infected Demo --> C:\Program Files\Cry of the Infected Demo\Uninstal.exe Cult II - Federal Crime --> C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Cult II - Federal Crime\ST5UNST.LOG" CureROM Pro 1.3.0b --> C:\Program Files\CureROM\uninst.exe Dawn of War - Winter Assault Demo --> MsiExec.exe /X{F72C032A-A0FB-49A9-86A1-188E4724EF1D} Dcads Advanced Toolbar --> C:\Program Files\Dcads Advanced Toolbar\uninstall.exe Dcads Games Collection --> C:\Program Files\Dcads Games Collection\uninstall.exe Dealio Toolbar --> MsiExec.exe /X{3F896597-76C2-4136-97B2-03CA9B04D6AD} Dell Media Experience --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe" Desktop Weather by The Weather Channel --> C:\Program Files\The Weather Channel FW\Desktop Weather\TheWeatherChannelCustomUninstall.exe DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN DNA --> "C:\Program Files\DNA\btdna.exe" /UNINSTALL eAcceleration --> C:\PROGRA~1\COMMON~1\EACCEL~1\INSTAL~1\eaccelsetup.exe -AddRemove EAX Unified --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu" Enhancement Browser Tools Superiorads --> C:\WINDOWS\system32\superiorads-uninst.exe Fantasy Mod v 0.7.7 for 0.808 --> C:\Program Files\Mount&Blade\Modules\Fantasy_Mod\uninst.exe Feeding Frenzy(TM) --> C:\PROGRA~1\SHOCKW~1.COM\FEEDIN~1\UNWISE.EXE C:\PROGRA~1\SHOCKW~1.COM\FEEDIN~1\INSTALL.LOG Free Download Manager 2.1 --> "C:\Program Files\Free Download Manager\unins000.exe" Free Download Manager Archive Pack --> "C:\WINDOWS\unins000.exe" Galactic Civilizations II - Gold Edition --> C:\PROGRA~1\Stardock\TOTALG~1\GalCiv2\UNWISE.EXE C:\PROGRA~1\Stardock\TOTALG~1\GalCiv2\INSTALL.LOG Galactic Civilizations II - Gold Edition Demo --> C:\PROGRA~1\Stardock\TOTALG~1\GC2GOL~1\UNWISE.EXE C:\PROGRA~1\Stardock\TOTALG~1\GC2GOL~1\INSTALL.LOG Game Jackal v3.0.1.6 (32 bit) --> "C:\Program Files\SlySoft\Game Jackal\unins000.exe" GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG HijackThis 1.99.1 --> C:\Program Files\HijackThis\HijackThis.exe /uninstall Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Image Zone 3.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP PSC & OfficeJet 3.5 --> "C:\Program Files\HP\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D} HP Unload DLL Patch --> MsiExec.exe /X{595D0DE8-C38A-4432-B851-47DECC1A99BD} HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134} HP Wireless Rechargeable Optical Mouse --> Pmuninst.exe MouseSuite98 IExplorer Security Plug-in --> "C:\Program Files\Video ActiveX Access\iesunst.exe" IGN Download Manager 2.1.2 --> C:\Program Files\IGN\Download Manager\uninst.exe Intel(R) Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562 IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Leylines --> C:\WINDOWS\iun504.exe C:\Program Files\Leylines\data\irunin.ini LimeWire 4.18.1 --> "C:\Program Files\LimeWire\uninstall.exe" Magic ISO Maker v5.4 (build 0239) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe Messenger Service --> "C:\Program Files\Video ActiveX Access\imsunst.exe" Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft DirectX Media 6.0 SDK --> undxmsdk.exe Microsoft DirectX Transform optional components --> RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12 Microsoft Halo --> "C:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE" /runtemp /addremove Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7} Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Windows Media Video 9 VCM --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall MostFun Game Player --> MsiExec.exe /I{2BD2069A-A865-432A-86B8-1151BB0526CC} Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13} My Web Search (Webfetti) --> rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsbar.dll,O MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe Nethergate --> MsiExec.exe /X{05A17FEA-ED98-40F3-A9D8-6AB1E56F5FCF} Notification Utility --> OpenAL --> "C:\Program Files\OpenAL\oalinst.exe" /U overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC} PowerISO --> "C:\Program Files\PowerISO\uninstall.exe" RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Red Faction --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47E6B460-04BA-4215-9F5D-3858BF920D07}\setup.exe" anything Sam and Max - Situation Comedy 1.0 --> C:\Program Files\Telltale Games\Sam and Max - Situation Comedy\Uninstall Sam and Max - Situation Comedy.exe Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3} Sony Picture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly Heres the second half. Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" Spy Sweeper --> "C:\Program Files\Webroot\Spy Sweeper\unins000.exe" Star Wars Empire at War --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}\Setup.exe" -l0x9 -removeonly Star Wars Empire at War Forces of Corruption --> C:\Program Files\InstallShield Installation Information\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}\setup.exe -runfromtemp -l0x0009 -removeonly Stardock Central --> C:\PROGRA~1\Stardock\SDCENT~1\UNWISE.EXE C:\PROGRA~1\Stardock\SDCENT~1\INSTALL.LOG Starscape V1.6 --> "C:\Program Files\Starscape\unins000.exe" Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe" TF2 --> "C:\Program Files\Team Fortress 2\unins000.exe" v1.0.26d --> "C:\Program Files\PT\unins000.exe" VideoCap ActiveX Control --> "C:\Program Files\VideoCap ActiveX Control\unins000.exe" Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Virtual Villagers - The Lost Children (remove only) --> C:\Program Files\Virtual Villagers - The Lost Children\Uninstall.exe Virtual Villagers - The Secret City 1.0 --> C:\Program Files\Virtual Villagers - The Secret City\uninst.exe WarGames --> C:\WINDOWS\IsUninst.exe -fC:\WarGames\Uninst.isu Wazzal --> "C:\Program Files\Wazzal\Uninstall.exe" "C:\Program Files\Wazzal\install.log" Weather Services --> C:\WINDOWS\system32\control.exe C:\WINDOWS\system32\wxfw.cpl,4 Weather Studio 3.3.2.0 --> C:\Program Files\Weather Studio\WeatherStudioUninstall.exe Web Application --> "C:\Program Files\NetProject\scu.exe" Westwood Shared Internet Components --> C:\Westwood\Internet\UnstllAP.EXE WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Worm Wars III 1.0 --> "C:\WINDOWS\Colej_uk_Design_Toolbar_Uninstaller_9062.exe" -hu _?=C:\Program Files\Colej_uk Design Toolbar Worm Wars III Colej_uk Design Toolbar --> "C:\WINDOWS\Colej_uk_Design_Toolbar_Uninstaller_9062.exe" _?=C:\Program Files\Colej_uk Design Toolbar Worm Wars IV 1.0 --> C:\Program Files\Worm Wars IV\uninst.exe Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe" XML Paper Specification Shared Components Pack 1.0 --> XviD MPEG-4 Video Codec --> "C:\Program Files\XviD\unins000.exe" Yahoo! Anti-Spy --> C:\PROGRA~1\Yahoo!\Common\unypsr.exe Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\unyext.exe Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe -- Application Event Log ------------------------------------------------------- No Errors/Warnings found. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ No Errors/Warnings found. -- End of Deckard's System Scanner: finished at 2008-07-11 16:44:08 ------------ You just installed Virtual Villagers - The Secret City? Plese do as little on the PC as possible until we can get this cleared up. Ok....You have two antivirus installed. This is never advised and could be a big part of the problems. We will also uninstall Zone Alarm as there have been internet connection issues with it lately. Go to add/remove programs and uninstall: AntiSpyCheck 2.1.0 <- This is a rouge program and should not be trusted. Comodo AntiVirus Beta 2.0 Enhancement Browser Tools Superiorads HijackThis 1.99.1 <- Please install the new version - TrendMicro HijackThis.exe (HJT) My Web Search (Webfetti) Viewpoint Media Player WildTangent Web Driver ZoneAlarm ---------- Restart the computer now and see if you can get to normal boot mode and run Malwarebytes. If you can't get to normal boot mode then try to run it anyway and post the log when complete. ---------- After you are done with MBAM run a new Hijackthis scan and post the log from it along with the MBAM scan log. |
|