Scan your PC for Errors

Member Panel

Remember me ?

Forgot password?   

Join the PC Help Forum Team

Join PC Help Forum on Facebook

Join the PCHF Distributed Computing Teams

Try the NEW PC Help Forum Dark style

Link to PCHF from other parts of the Internet
PC Forum PC Help Forum » Operating Systems » Windows XP/2000 » [Fixed] Don't know what I'm doing >_>

Windows XP/2000 - Don't know what I'm doing >_> posted in the Operating Systems forums; Hi there Well, I'm new, confused and slightly panicked. Here's my problem. I have some random McAfee thing, which asks me everytime an application wants access to the internet. This ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 6 1 2 3 4 5 > Last »
  #1  
Old 07-11-2008
Bronze Member
  
Join Date: Jul 2008
Posts: 28
PC Experience: PC Illiterate
llamagirl - See this Members User comments on their Profile page
Default Don't know what I'm doing >_>
Hi there

Well, I'm new, confused and slightly panicked.

Here's my problem.

I have some random McAfee thing, which asks me everytime an application wants access to the internet. This is a nice agreement between me and my computer, I can monitor what wants access, and stop virus's getting through. Until I denied something, thinking I could just allow it access later if stuff went wrong.

Yeah, stuff has gone wrong. Google, for starters, won't, well, google. I can't access sites when I type them in the address bar. Except, I can access my bookmarks, and I can use windows live search. This is really annoying.

Also, my taskbar keeps disappearing, and so do my little clicky desktop icons. This is also quite annoying, because I then have to switch off my laptop to make it right again.

Do I have a virus? Or something? I've done three scans so far, four if you include McAfee which I don't because it's ****. AVG Anti-Spyware 7.5 uncovered a few 'high risk' virus's and loads of 'tracking cookies.' Which is quite annoying because until last week the only cookies I knew about were the ones decaying in my kitchen cupboard.

You see my predicament?

Also, what is this Combofix thing that's been on my computer for a long time? I Windows Live Seach it (see, isn't it upsetting I can't say Google?) and get something about logging...?

Also, Windows won't automatically update (I had no idea it even updated automatically but now I have a little red shield with a cross on it, proclaiming it to be so).
  #2  
Old 07-11-2008
Hengis's Avatar
PCHF Head Honcho
My PC
 
Join Date: Jan 2004
Location: Southern England
Posts: 11,591
PC Experience: Always learning
Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page Hengis - See this Members User comments on their Profile page
Send a message via Skype™ to Hengis
Default re: Don't know what I'm doing >_>
Welcome to PC Help Forum
I have some random McAfee thing, which asks me everytime an application wants access to the internet. This is a nice agreement between me and my computer, I can monitor what wants access, and stop virus's getting through. Until I denied something, thinking I could just allow it access later if stuff went wrong.
Sounds like you have a firewall that needs your permission for applications to access the Internet. Look down by your clock and right click on the MCAffee symbol and close it or dis-able it.

I would also suggest, strongly, that you click on the "Pre-Work" link below in my signature and follow the procedure within. A Security Expert can then analyze your logs and help get your PC cleaned up.


__________________

Pre-Work / System File Checker / Help promote PCHF! / What's inside your PC? / Did we help you? If we did, please consider A Donation
  #3  
Old 07-11-2008
Gandalf's Avatar
Tech Support Team
My PC
 
Join Date: Apr 2007
Location: South Korea
Posts: 2,255
PC Experience: PC Guru
Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page Gandalf - See this Members User comments on their Profile page
Default re: Don't know what I'm doing >_>
Welcome to PCHF.

Recommend you click on the Pre-work in my signature and follow the directions.

Again, two great minds with but a single thought.


__________________
Klaatu Barada Nikto

Last edited by Gandalf; 07-11-2008 at 06:46 PM.
  #4  
Old 07-13-2008
Bronze Member
  
Join Date: Jul 2008
Posts: 28
PC Experience: PC Illiterate
llamagirl - See this Members User comments on their Profile page
Default re: Don't know what I'm doing >_>
Thankyou for replying so fast

Would it be okay if you moved this thread for me to the log forum?

And, guys, are you sure you need all this? You must have the patience of a saint =/


Deckard's System Scanner v20071014.68
Run by Carys on 2008-07-13 17:46:12
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-07-13 16:46:55 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Carys.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:10, on 13/07/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Kontiki\KService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\rrwnw64l.exe
C:\WINDOWS\system32\qcntttdm.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Carys\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download \dss.exe
C:\DOCUME~1\Carys\LOCALS~1\APPLIC~1\Opera\Opera\pr ofile\cache4\TEMPOR~1\Carys.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: mysidesearch search enhancer - {2fbc1d86-906d-4e0f-f75b-0bda54661433} - C:\WINDOWS\system32\uliinyzghwh.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: (no name) - {514A5C49-0C7D-42c3-A71B-38864A269B7A} - C:\WINDOWS\system32\aiuyajur.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5DC5E2B5-DD20-465B-AB48-6F5CBF1A00F3} - C:\WINDOWS\system32\fccyxwWN.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: gooochi browser optimizer - {86a8ef03-25da-8f4e-d3f4-3fe6f9bc5d90} - C:\WINDOWS\system32\slutbueoqee.dll
O2 - BHO: {0d6151f0-e083-041a-28e4-6cc9b43597a8} - {8a79534b-9cc6-4e82-a140-380e0f1516d0} - C:\WINDOWS\system32\jweoll.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {E91C2855-AC7E-4ED9-B488-0F78FAE8AD2D} - C:\WINDOWS\system32\hgGaBRjI.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Carys\lsass.exe
O4 - HKLM\..\Run: [{88-8F-F2-2F-DW}] C:\WINDOWS\system32\rrwnw64l.exe DWram02XX
O4 - HKLM\..\Run: [{16f90961-f0e7-e057-bdc3-d2facc69dbbf}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\slutbueoqee.dll" DllStart
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\qcntttdm.exe DWram02XX
O4 - HKLM\..\Run: [48988f80] rundll32.exe "C:\WINDOWS\system32\etrvhcqp.dll",b
O4 - HKLM\..\Run: [BM4babbc1c] Rundll32.exe "C:\WINDOWS\system32\vdlxhnhm.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\qcntttdm.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\rrwnw64l.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: hgGaBRjI - C:\WINDOWS\SYSTEM32\hgGaBRjI.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 11819 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 MPFIREWL - c:\windows\system32\drivers\mpfirewall.sys <Not Verified; McAfee; McAfee Personal Firewall>

S3 catchme - c:\docume~1\carys\locals~1\temp\catchme.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
R2 MskService (McAfee SpamKiller Server) - c:\progra~1\mcafee\spamki~1\msksrvr.exe <Not Verified; McAfee Inc.; McAfee SpamKiller>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-27 16:28:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-13 and 2008-07-13 -----------------------------

2008-07-12 11:19:17 0 d-------- C:\System32
2008-07-12 10:53:19 101888 --a------ C:\WINDOWS\system32\vuemmkeq.dll
2008-07-12 10:53:19 101888 --a------ C:\WINDOWS\system32\jweoll.dll
2008-07-11 19:44:52 80896 --a------ C:\WINDOWS\system32\etrvhcqp.dll
2008-07-11 19:41:50 92672 --a------ C:\WINDOWS\system32\vdlxhnhm.dll
2008-07-11 19:38:56 92160 --a------ C:\WINDOWS\system32\aiuyajur.dll
2008-07-10 19:49:24 858 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-07-10 19:39:15 101376 --a------ C:\WINDOWS\system32\uvzxli.dll
2008-07-10 19:39:14 101376 --a------ C:\WINDOWS\system32\lbxtsusu.dll
2008-07-10 19:37:12 92160 --a------ C:\WINDOWS\system32\srrguqbw.dll
2008-07-10 19:37:02 92672 --a------ C:\WINDOWS\system32\mvqvltkr.dll
2008-07-10 08:33:06 31232 --a------ C:\WINDOWS\system32\iifdeeCV.dll
2008-07-09 21:09:13 49174 --a------ C:\WINDOWS\system32\rrwnw64l.exe <Not Verified; ; Browser Driver>
2008-07-09 21:00:25 88961 --a------ C:\WINDOWS\system32\mysidesearch_sidebar_uninstall .exe
2008-07-09 21:00:12 298316 --a------ C:\WINDOWS\system32\gside.exe
2008-07-09 19:44:09 101888 --a------ C:\WINDOWS\system32\wryjku.dll
2008-07-09 19:44:08 101888 --a------ C:\WINDOWS\system32\fjdppovl.dll
2008-07-09 19:38:09 92160 --a------ C:\WINDOWS\system32\qtddwakj.dll
2008-07-09 19:36:04 92160 --a------ C:\WINDOWS\system32\soskkert.dll
2008-07-09 19:35:08 589397 --ahs---- C:\WINDOWS\system32\NWwxyccf.ini2
2008-07-09 19:35:03 282624 --a------ C:\WINDOWS\system32\fccyxwWN.dll
2008-07-09 19:30:45 64332 --a------ C:\WINDOWS\system32\ekuirdrqlw.exe
2008-07-09 19:30:42 192576 --a------ C:\WINDOWS\system32\qcntttdm.exe
2008-07-09 19:30:41 152268 --a------ C:\WINDOWS\system32\g75.exe
2008-07-09 19:30:11 49155 --a------ C:\WINDOWS\system32\rwwnw64d.exe <Not Verified; ; Browser Driver>
2008-07-09 19:30:09 0 d-------- C:\WINDOWS\system32\Win1
2008-07-09 19:30:09 0 d-------- C:\WINDOWS\system32\s32
2008-07-09 19:29:59 0 d-------- C:\WINDOWS\system32\olixds18
2008-07-09 19:29:59 0 d-------- C:\Temp
2008-07-09 19:29:56 31232 --a------ C:\WINDOWS\system32\hgGaBRjI.dll
2008-07-05 12:23:01 0 d-------- C:\Program Files\StumbleUpon
2008-07-03 15:45:24 364544 --a------ C:\WINDOWS\system32\uliinyzghwh.dll
2008-07-02 14:48:08 158208 --a------ C:\WINDOWS\system32\slutbueoqee.dll
2008-06-30 21:10:28 0 d-------- C:\Program Files\Kontiki
2008-06-30 21:10:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Kontiki
2008-06-30 21:09:45 0 d-------- C:\Documents and Settings\All Users\Application Data\Channel4
2008-06-29 18:32:28 0 d-------- C:\Documents and Settings\Carys\Application Data\Humanbalance
2008-06-29 18:32:25 0 d-------- C:\Program Files\GraphicsGale FreeEdition
2008-06-21 18:06:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-06-20 22:18:16 0 d-------- C:\Documents and Settings\Carys\Application Data\Grisoft
2008-06-20 18:02:45 0 d-------- C:\Documents and Settings\Carys\Application Data\PlaneShift
2008-06-20 18:02:45 0 d-------- C:\Documents and Settings\Carys\Application Data\CrystalSpace
2008-06-18 22:41:08 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-17 20:47:59 0 d-------- C:\Program Files\PlaneShift Steel Blue
2008-06-16 17:00:21 0 d-------- C:\Program Files\Common Files\xing shared
2008-06-16 17:00:07 0 d-------- C:\Program Files\Real


-- Find3M Report ---------------------------------------------------------------

2008-07-13 17:27:33 0 d-------- C:\Documents and Settings\Carys\Application Data\WTablet
2008-07-13 17:01:23 0 d-------- C:\Documents and Settings\Carys\Application Data\StumbleUpon
2008-07-11 17:41:15 0 d-------- C:\Documents and Settings\Carys\Application Data\McAfee.com Personal Firewall
2008-07-10 21:14:07 0 d-------- C:\Program Files\Opera
2008-07-10 08:23:46 6076 --a------ C:\Documents and Settings\Carys\Application Data\wklnhst.dat
2008-06-22 12:29:43 0 d-------- C:\Documents and Settings\Carys\Application Data\AdobeUM
2008-06-21 18:22:17 0 d-------- C:\Documents and Settings\Carys\Application Data\Apple Computer
2008-06-21 18:06:45 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-21 17:49:14 0 d-------- C:\Documents and Settings\Carys\Application Data\Adobe
2008-06-17 19:28:53 0 d-------- C:\Program Files\Gpotato
2008-06-17 17:15:26 0 d-------- C:\Program Files\Google
2008-06-16 17:00:39 0 d-------- C:\Documents and Settings\Carys\Application Data\Real
2008-06-16 17:00:21 0 d-------- C:\Program Files\Common Files
2008-06-16 17:00:18 0 d-------- C:\Program Files\Common Files\Real
2008-06-12 18:40:51 0 d-------- C:\Program Files\EarPower30
2008-06-12 18:13:09 0 d-------- C:\Documents and Settings\Carys\Application Data\Help
2008-06-11 16:27:10 0 d-------- C:\Program Files\Messenger Plus! Live
2008-06-08 19:39:03 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-06-08 13:29:45 0 d---s---- C:\Program Files\Xfire
2008-06-08 13:29:45 0 d-------- C:\Documents and Settings\Carys\Application Data\Xfire
2008-05-31 23:46:09 0 d-------- C:\Documents and Settings\Carys\Application Data\Google
2008-05-31 03:37:51 0 d-------- C:\Program Files\LimeWire
2008-05-29 04:41:25 0 d-------- C:\Program Files\Messenger
2008-05-29 04:40:59 0 d-------- C:\Program Files\Movie Maker
2008-05-29 04:37:28 0 d-------- C:\Program Files\Windows NT
2008-05-29 03:17:57 0 d-------- C:\Program Files\BigFix
2008-05-29 01:04:48 0 d-------- C:\Program Files\Lavasoft


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2fbc1d86-906d-4e0f-f75b-0bda54661433}]
03/07/2008 15:45 364544 --a------ C:\WINDOWS\system32\uliinyzghwh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{514A5C49-0C7D-42c3-A71B-38864A269B7A}]
11/07/2008 19:38 92160 --a------ C:\WINDOWS\system32\aiuyajur.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5DC5E2B5-DD20-465B-AB48-6F5CBF1A00F3}]
09/07/2008 19:35 282624 --a------ C:\WINDOWS\system32\fccyxwWN.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86a8ef03-25da-8f4e-d3f4-3fe6f9bc5d90}]
02/07/2008 14:48 158208 --a------ C:\WINDOWS\system32\slutbueoqee.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8a79534b-9cc6-4e82-a140-380e0f1516d0}]
12/07/2008 10:53 101888 --a------ C:\WINDOWS\system32\jweoll.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E91C2855-AC7E-4ED9-B488-0F78FAE8AD2D}]
09/07/2008 19:29 31232 --a------ C:\WINDOWS\system32\hgGaBRjI.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [05/11/2004 02:47]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [05/11/2004 02:47]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" []
"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdl r.exe" [08/07/2005 18:18]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [10/08/2005 12:49]
"OASClnt"="C:\Program Files\McAfee.com\VSO\oasclnt.exe" [11/08/2005 22:02]
"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKD etct.exe" [12/08/2005 16:16]
"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgen t.exe" [26/09/2005 10:26]
"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray. exe" [11/11/2005 17:00]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupda te.exe" [11/01/2006 13:05]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent .exe" [22/09/2005 19:29]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [16/06/2008 17:00]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 10:25]
"4oD"="C:\Program Files\Kontiki\KHost.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [11/12/2007 11:56]
"LSA Shellu"="C:\Documents and Settings\Carys\lsass.exe" []
"{88-8F-F2-2F-DW}"="C:\WINDOWS\system32\rrwnw64l.exe" [09/07/2008 21:09]
"{16f90961-f0e7-e057-bdc3-d2facc69dbbf}"="C:\WINDOWS\system32\slutbueoqee.dl l" [02/07/2008 14:48]
"ExploreUpdSched"="C:\WINDOWS\system32\qcntttdm.ex e" [09/07/2008 19:30]
"48988f80"="C:\WINDOWS\system32\etrvhcqp.dll" [11/07/2008 19:44]
"BM4babbc1c"="C:\WINDOWS\system32\vdlxhnhm.dll " [11/07/2008 19:41]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 01:12]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [14/04/2008 01:12]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18/10/2007 12:34]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [30/03/2006 16:45]
"kdx"="C:\Program Files\Kontiki\KHost.exe" []

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
"Power2GoExpress"=NA

C:\Documents and Settings\Carys\Start Menu\Programs\Startup\
Deewoo.lnk - C:\WINDOWS\system32\qcntttdm.exe [7/9/2008 7:30:42 PM]
DW_Start.lnk - C:\WINDOWS\system32\rrwnw64l.exe [7/9/2008 9:09:13 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 3:38:16 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{E91C2855-AC7E-4ED9-B488-0F78FAE8AD2D}"= C:\WINDOWS\system32\hgGaBRjI.dll [09/07/2008 19:29 31232]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGaBRjI]
hgGaBRjI.dll 09/07/2008 19:29 31232 C:\WINDOWS\system32\hgGaBRjI.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~ 1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\fccyxwWN

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ExifLauncher2.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExifLauncher2.lnk
backup=C:\WINDOWS\pss\ExifLauncher2.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\D]
AutoRun\command- D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{67df571e-4ddf-11dd-9ce2-0014a5ae19b8}]
Auto\command- F:\Start.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b90bac02-4f32-11dc-b215-0014a5ae19b8}]
AutoRun\command- F:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{bf31c3a9-9610-11dc-94fb-0014a5ae19b8}]
AutoRun\command- F:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2008-07-13 17:57:25 ------------



Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English

CPU 0: Intel(R) Celeron(R) M CPU 410 @ 1.46GHz
Percentage of Memory in Use: 59%
Physical Memory (total/avail): 758.11 MiB / 307.97 MiB
Pagefile Memory (total/avail): 1267.65 MiB / 253.59 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1901.6 MiB

C: is Fixed (NTFS) - 101.48 GiB total, 80.86 GiB free.
D: is Fixed (FAT32) - 10.29 GiB total, 7.68 GiB free.
E: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - WDC WD1200BEVS-22RST0 - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 101.48 GiB - C:
\PARTITION1 - Unknown - 10.3 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
AUState says computer is ready and waiting.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Carys\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-0BAB5DE228
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Carys
LOGONSERVER=\\YOUR-0BAB5DE228
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\sys tem32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem"
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Carys\LOCALS~1\Temp
TMP=C:\DOCUME~1\Carys\LOCALS~1\Temp
USERDOMAIN=YOUR-0BAB5DE228
USERNAME=Carys
USERPROFILE=C:\Documents and Settings\Carys
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Carys (admin)
Administrator.YOUR-0BAB5DE228 (new local, admin)


-- Add/Remove Programs ---------------------------------------------------------

--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /appid=MSK /uninstall=1 /interact=1 /script_proactive=0 /start="c:\PROGRA~1\mcafee.com\agent\uninst\mskremu i.dll::uninstall.htm"
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=mpf /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\mpfrem.u i::uninstall.htm
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui ::uninstall.htm
--> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=vso /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui .dll::uninstall.htm
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
4oD --> MsiExec.exe /I {8B7443F5-E141-42A0-AB61-ED2331AAD606}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Broadcom 802.11 Network Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter"
Deewoo Network Manager removal --> C:\WINDOWS\system32\qcntttdm.exe -UPop
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Solution --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EarPower30 --> C:\WINDOWS\EarPower30 Uninstall.exe
Enhancement Browser Tools Gooochi --> C:\WINDOWS\system32\ekuirdrqlw.exe
FinePix Studio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}\SETUP.EXE" -l0x9
FinePixViewer Resource --> C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE -runfromtemp -l0x0009 -removeonly
FinePixViewer Ver.5.3 --> C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE -runfromtemp -l0x0009 -removeonly
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
GraphicsGale FreeEdition version 1.93 --> "C:\Program Files\GraphicsGale FreeEdition\unins000.exe"
gtw_logo --> C:\WINDOWS\system32\gtw_logo.scr /UNINSTALL "C:\WINDOWS\system32\gtw_logo.log"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\s puninst.exe"
HijackThis 2.0.2 --> "C:\Documents and Settings\Carys\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download \HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunins t.exe"
ImageMixer VCD2 LE for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B093990A-AAF2-44AC-9216-14BB7A2189B6}\SETUP.EXE" -l0x9
Intel Matrix Storage Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\Setup.exe" -l0409 -INTELUNINST
Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2I D PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
iTunes --> MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
McAfee Uninstall Wizard --> C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.d ll::uninstall.htm
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spu ninst.exe"
Microsoft Digital Image Starter Edition 2006 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spunin st.exe"
Microsoft Windows Media Video 9 VCM --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Motorola SM56 Data Fax Modem --> rundll32.exe sm56co.dll,SM56UnInstaller
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
MySidesearch Search Assistant Adzgalore --> C:\WINDOWS\system32\uliinyzghwh.dll-uninst.exe
Opera 9.51 --> MsiExec.exe /X{1219497F-FA96-4D8E-9571-9C27A2A66B38}
PlaneShift --> C:\Program Files\PlaneShift Steel Blue\uninstall.exe
Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Update for Step By Step Interactive Training (KB898458) -->
Sibelius Scorch --> MsiExec.exe /I{51C65CD6-A344-41B5-81E2-3CCAC8024F68}
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StumbleUpon IE Toolbar --> C:\Program Files\StumbleUpon\uninstall.exe
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUnin stall
Tablet --> C:\Program Files\Tablet\Remove.exe /u
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\ID river.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{C35BF80A-6284-485E-AE18-023AA8C43185}\setup.exe -runfromtemp -l0x0409
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spunin st.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spun inst.exe"
Xara Xtreme Pro --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6BC921-9E30-4F5A-A742-56A695887BC7}\setup.exe" -l0x9
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type1166 / Error
Event Submitted/Written: 07/12/2008 11:49:28 AM / 07/12/2008 11:49:29 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application Tablet.exe, version 5.0.3.3, faulting module Tablet.exe, version 5.0.3.3, fault address 0x0007b3a0.
Processing media-specific event for [Tablet.exe!ws!]

Event Record #/Type1152 / Error
Event Submitted/Written: 07/12/2008 11:20:00 AM / 07/12/2008 11:20:01 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application Tablet.exe, version 5.0.3.3, faulting module Tablet.exe, version 5.0.3.3, fault address 0x0007b3a0.
Processing media-specific event for [Tablet.exe!ws!]

Event Record #/Type1144 / Error
Event Submitted/Written: 07/11/2008 07:43:15 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16674, faulting module unknown, version 0.0.0.0, fault address 0x04a81557.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type1143 / Error
Event Submitted/Written: 07/11/2008 07:42:18 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application opera.exe, version 9.50.10081.0, faulting module unknown, version 0.0.0.0, fault address 0x07981557.
Processing media-specific event for [opera.exe!ws!]

Event Record #/Type1135 / Success
Event Submitted/Written: 07/11/2008 05:50:59 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type2600 / Error
Event Submitted/Written: 07/13/2008 05:36:14 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Event Record #/Type2599 / Error
Event Submitted/Written: 07/13/2008 05:34:04 PM / 07/13/2008 05:34:05 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Event Record #/Type2575 / Error
Event Submitted/Written: 07/13/2008 05:25:46 PM / 07/13/2008 05:27:16 PM
Event ID/Source: 55 / Ntfs
Event Description:
The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Event Record #/Type2566 / Error
Event Submitted/Written: 07/13/2008 05:01:33 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Event Record #/Type2562 / Error
Event Submitted/Written: 07/13/2008 04:59:49 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The McAfee SpamKiller Server service failed to start due to the following error:
%%1053



-- End of Deckard's System Scanner: finished at 2008-07-13 17:57:25 ------------