> Web Pages Not Loading Properly On Any Browser.

pk909 · July 3, 2008

DSS scan: Part 1

Deckard's System Scanner v20071014.68

Run by Administrator on 2008-07-03 10:32:53

Computer is in Normal Mode.

--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --

90: 2008-07-03 09:32:57 UTC - RP414 - Deckard's System Scanner Restore Point

89: 2008-07-03 09:22:57 UTC - RP413 - Software Distribution Service 3.0

88: 2008-07-03 09:22:31 UTC - RP412 - Installed Windows Internet Explorer 7.

87: 2008-07-03 09:22:15 UTC - RP411 - Installed Windows IDNMitigationAPIs.

86: 2008-07-03 09:21:54 UTC - RP410 - Installed Windows NLSDownlevelMapping.

-- First Restore Point --

1: 2008-04-06 12:54:44 UTC - RP325 - System Checkpoint

Performed disk cleanup.

-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:33:07, on 03/07/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\SYSTEM32\Ati2evxx.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\CTHELPER.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program Files\a-squared Free\a2service.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Administrator\desktop\dss.exe

C:\PROGRA~1\TRENDM~1\HIJACK~1\ADMINI~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! Search - Web Search

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Customize Your Settings

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [CTHELPER] C:\WINDOWS\CTHELPER.EXE

O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138541459156

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214934936750

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: Cricket 2007 Drivers Auto Removal (pr2agnqb) (pr2agnqb) - Codemasters - C:\WINDOWS\system32\pr2agnqb.exe

O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--

End of file - 8236 bytes

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*

.scr - scrfile - shell\open\command - "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 BANTExt (Belarc SMBios Access) - c:\windows\system32\drivers\bantext.sys

R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>

R3 CLEDX (Team H2O CLEDX service) - c:\windows\system32\drivers\cledx.sys <Not Verified; Team H2O; CLEDX>

R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>

R3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>

R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S0 fcdabus - c:\windows\system32\drivers\fcdabus.sys (file missing)

S3 fsRamDsk (RamDisk Drive Service) - c:\windows\system32\drivers\fsramdsk.sys (file missing)

S3 IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - c:\windows\system32\drivers\rtkhdaud.sys (file missing)

S3 Memctl - c:\program files\u-abit\flashmenu\memctl.sys

S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\progra~1\common~1\motive\mrendis5.sys (file missing)

S3 WINFLASH - c:\program files\u-abit\flashmenu\winflash.sys

pk909 · July 3, 2008

Part 2:

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ForceWare Intelligent Application Manager (IAM) - c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcappflt.exe <Not Verified; ; app_filter Module>

R2 ForcewareWebInterface (Forceware Web Interface) - "c:\program files\nvidia corporation\networkaccessmanager\apache group\apache2\bin\apache.exe" -k runservice <Not Verified; Apache Software Foundation; Apache HTTP Server>

S4 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

S4 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>

S4 KService - "c:\program files\kontiki\kservice.exe" (file missing)

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: 1394 Net Adapter

Device ID: V1394\NIC1394\9067FB508D00

Manufacturer: Microsoft

Name: 1394 Net Adapter

PNP Device ID: V1394\NIC1394\9067FB508D00

Service: NIC1394

Class GUID: {4D36E978-E325-11CE-BFC1-08002BE10318}

Description: Communications Port

Device ID: ROOT\PORTS\0000

Manufacturer: (Standard port types)

Name: Communications Port (COM6)

PNP Device ID: ROOT\PORTS\0000

Service: Serial

-- Process Modules -------------------------------------------------------------

C:\WINDOWS\system32\winlogon.exe (pid 992)

2007-04-19 13:41:36 294912 --a------ C:\Program Files\SUPERAntiSpyware\SASWINLO.dll <Not Verified; SUPERAntiSpyware.com; SUPERAntiSpyware WinLogon Processor>

C:\WINDOWS\system32\svchost.exe (pid 1444)

2006-03-30 14:58:34 131072 --a------ C:\WINDOWS\system32\nvappfilter.dll <Not Verified; NVIDIA; NVIDIA Application Filter>

C:\WINDOWS\system32\svchost.exe (pid 1496)

2006-03-30 14:58:34 131072 --a------ C:\WINDOWS\system32\nvappfilter.dll <Not Verified; NVIDIA; NVIDIA Application Filter>

C:\WINDOWS\explorer.exe (pid 1168)

2005-10-22 12:00:50 7168 --a------ C:\WINDOWS\system32\CTAGENT.DLL <Not Verified; Creative Technology Ltd; ctagent>

2007-11-18 20:56:30 159744 --a------ C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll

2007-11-18 20:55:02 23552 --a------ C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll

2006-02-10 22:31:22 311296 --a------ C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll <Not Verified; Sun Microsystems, Inc.; >

2006-02-10 22:31:34 98304 --a------ C:\Program Files\Sun\StarOffice 8\program\uwinapi.dll <Not Verified; Sun Microsystems, Inc.; >

2006-02-10 22:31:24 577536 --a------ C:\Program Files\Sun\StarOffice 8\program\stlport_vc7145.dll <Not Verified; STLport Consulting, Inc.; STLport Standard ANSI C++ Libarary>

2008-05-13 10:13:36 77824 --a------ C:\Program Files\SUPERAntiSpyware\SASSEH.DLL <Not Verified; SuperAdBlocker.com; SuperAntiSpyware>

-- Scheduled Tasks -------------------------------------------------------------

2008-06-27 19:58:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

-- Files created between 2008-06-03 and 2008-07-03 -----------------------------

2008-07-03 10:21:08 0 d-------- C:\WINDOWS\LastGood

2008-07-01 19:45:49 0 d-------- C:\Documents and Settings\Administrator\Application Data\EmuPatchMixDSP

2008-07-01 18:56:24 0 d-------- C:\WINDOWS\system32\CatRoot_bak

2008-06-29 18:37:25 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI

2008-06-29 18:33:23 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>

2008-06-29 17:41:41 0 dr-h----- C:\Documents and Settings\Administrator\Recent

2008-06-29 16:33:00 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

2008-06-23 18:02:19 0 d-------- C:\Program Files\Trend Micro

2008-06-22 15:39:45 0 d-------- C:\Program Files\EsetOnlineScanner

2008-06-22 15:33:59 0 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes

2008-06-22 15:33:57 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-06-22 15:33:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2008-06-22 14:55:43 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2008-06-22 14:55:36 0 d-------- C:\Program Files\SUPERAntiSpyware

2008-06-22 14:55:36 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com

2008-06-22 13:17:21 0 d-------- C:\Program Files\Enigma Software Group

2008-06-22 12:19:35 0 d-------- C:\VundoFix Backups

2008-06-22 09:59:18 0 d-------- C:\Temp

2008-06-20 14:04:02 43202 --a------ C:\WINDOWS\system32\FlashMenu.sys

2008-06-20 14:03:43 3548 --a------ C:\WINDOWS\system32\drivers\WinFlash.sys

2008-06-20 14:03:32 0 d-------- C:\Program Files\U-ABIT

2008-06-20 13:39:57 0 d-------- C:\biosflash

2008-06-09 10:58:02 691545 --a------ C:\WINDOWS\unins000.exe

2008-06-09 10:58:02 2558 --a------ C:\WINDOWS\unins000.dat

2008-06-05 16:38:35 0 d-------- C:\Documents and Settings\All Users\Application Data\media center programs

2008-06-05 11:47:52 0 d-------- C:\Program Files\Funcom

2008-06-05 11:47:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Funcom

-- Find3M Report ---------------------------------------------------------------

2008-07-02 18:20:19 0 d-------- C:\Documents and Settings\Administrator\Application Data\StarOffice8

2008-07-01 19:45:52 0 d-------- C:\Program Files\Creative Professional

2008-06-29 18:35:37 0 d-------- C:\Program Files\ATI Technologies

2008-06-29 18:30:00 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-06-29 17:36:05 4096 --a------ C:\WINDOWS\system32\crash

2008-06-29 16:44:46 0 d-------- C:\Program Files\d-lusion

2008-06-22 14:55:23 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2008-06-20 12:53:15 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla

2008-06-20 12:37:54 0 d-------- C:\Program Files\SopCast

2008-06-10 18:59:58 0 d-------- C:\Program Files\World of Warcraft

2008-06-09 10:33:34 0 d-------- C:\Program Files\BitLord

2008-06-09 10:25:16 0 d-------- C:\Program Files\Yahoo!

2008-06-09 10:23:58 0 d-------- C:\Program Files\NCSoft

2008-06-09 10:23:35 0 d-------- C:\Program Files\Guild Wars

2008-06-09 10:21:26 0 d-------- C:\Program Files\Soulseek

2008-06-09 10:20:23 0 d-------- C:\Program Files\Project64 1.6

2008-06-07 15:51:34 0 d-------- C:\Documents and Settings\Administrator\Application Data\teamspeak2

2008-05-28 17:56:29 0 d-------- C:\Program Files\Last.fm

2008-05-28 17:50:03 0 d-------- C:\Program Files\Apple Software Update

2008-05-27 23:10:09 0 d-------- C:\Program Files\iTunes

2008-05-27 23:10:02 0 d-------- C:\Program Files\iPod

2008-05-27 23:08:51 0 d-------- C:\Program Files\QuickTime

2008-05-20 21:47:21 0 d-------- C:\Program Files\Octoshape Streaming Services

2008-05-18 11:26:33 0 d-------- C:\Documents and Settings\Administrator\Application Data\Tunebite

2008-05-15 22:05:05 0 d-------- C:\Program Files\Haali

2008-05-15 22:05:04 0 d-------- C:\Program Files\ffdshow

2008-05-15 22:04:40 563712 --a------ C:\WINDOWS\system32\Redemption.dll <Not Verified; Dmitry Streblechenko; Outlook Redemption>

2008-05-15 21:53:28 0 d-------- C:\Program Files\Amazon

2008-05-15 21:29:40 0 d-------- C:\Documents and Settings\Administrator\Application Data\RTPlayer

2008-05-15 21:27:02 0 d-------- C:\Program Files\PixiePack Codec Pack

2008-05-15 21:25:50 0 d-------- C:\Program Files\RapidSolution

2008-05-12 17:27:23 0 d-------- C:\Program Files\Common Files

2008-05-12 17:27:23 0 d-------- C:\Program Files\Common Files\xing shared

2008-05-12 17:27:19 0 d-------- C:\Program Files\Common Files\Real

2008-05-06 09:28:03 0 d-------- C:\Program Files\Alwil Software

2008-05-05 09:31:30 0 d-------- C:\Program Files\AVG

2008-05-05 08:55:11 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [23/07/2007 12:06]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 00:19]

"SoundMan"="SOUNDMAN.EXE" []

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21/01/2008 12:17]

"CTHELPER"="C:\WINDOWS\CTHELPER.EXE" [22/10/2005 12:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]

"NoIE4StubProcessing"=C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoLowDiskSpaceChecks"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [13/05/2008 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]

AutoRun\command- F:\autorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]

C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe

-- End of Deckard's System Scanner: finished at 2008-07-03 10:34:43 ------------

pk909 · July 3, 2008

Part 3:

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0

Architecture: X86; Language: English

CPU 0: AMD Athlon 64 X2 Dual Core Processor 4600+

CPU 1: AMD Athlon 64 X2 Dual Core Processor 4600+

Percentage of Memory in Use: 22%

Physical Memory (total/avail): 2047.48 MiB / 1581.4 MiB

Pagefile Memory (total/avail): 3941.64 MiB / 3555.61 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1923.95 MiB

A: is Removable (Unformatted)

C: is Fixed (NTFS) - 232.88 GiB total, 91.86 GiB free.

D: is CDROM (No Media)

E: is CDROM (No Media)

F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG SP2504C - 232.88 GiB - 1 partition

\PARTITION0 (bootable) - Installable File System - 232.88 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.

Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: ActiveArmor Firewall v1.0 (NVIDIA Corporation)

FW: Sunbelt Personal Firewall v4.5.916 T (Sunbelt) Disabled

AV: avast! antivirus 4.8.1201 [VPS 080702-0] v4.8.1201 (ALWIL Software) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"

"C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"

"C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"

"C:\\Program Files\\Valve\\Steam\\SteamApps\\pk909\\counter-strike source\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\pk909\\counter-strike source\\hl2.exe:*:Enabled:hl2"

"C:\\Program Files\\TVAnts\\Tvants.exe"="C:\\Program Files\\TVAnts\\Tvants.exe:*:Enabled:TVAnts"

"C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"="C:\\Program Files\\PPMate\\PPMate\\ppmate.exe:*:Enabled:PPMate"

"C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe:*:Enabled:Yahoo! Messenger"

"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"

"C:\\Program Files\\Valve\\Steam\\SteamApps\\pk909\\half-life 2 deathmatch\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\pk909\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"

"C:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enGB-downloader.exe:*:Enabled:Blizzard Downloader"

"C:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"

"C:\\Program Files\\Google\\Google Earth\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\googleearth.exe:*:Enabled:Google Earth"

"C:\\Program Files\\utorrent\\utorrent.exe"="C:\\Program Files\\utorrent\\utorrent.exe:*:Enabled:µTorrent"

"C:\\Program Files\\Last.fm\\LastFM.exe"="C:\\Program Files\\Last.fm\\LastFM.exe:*:Enabled:LastFM"

"C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"

"C:\\Documents and Settings\\Administrator\\Application Data\\SopCast\\adv\\SopAdver.exe"="C:\\Documents and Settings\\Administrator\\Application Data\\SopCast\\adv\\SopAdver.exe:*:Disabled:SopCast Adver"

"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"

"C:\\Program Files\\Soulseek\\slsk.exe"="C:\\Program Files\\Soulseek\\slsk.exe:*:Enabled:SoulSeek"

"C:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enGB-downloader.exe:*:Enabled:Blizzard Downloader"

"C:\\Program Files\\World of Warcraft\\WoW-2.0.10.6448-to-2.0.12.6546-enGB-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.10.6448-to-2.0.12.6546-enGB-downloader.exe:*:Enabled:Blizzard Downloader"

"C:\\F1 2002\\f1_2002.exe"="C:\\F1 2002\\f1_2002.exe:*:Enabled:F1 2002"

"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"

"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"

"C:\\UnrealTournament\\System\\UnrealTournament.exe"="C:\\UnrealTournament\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament"

"C:\\Program Files\\Octoshape Streaming Services\\Administrator\\OctoshapeClient.exe"="C:\\Program Files\\Octoshape Streaming Services\\Administrator\\OctoshapeClient.exe:*:Enabled:OctoshapeClient"

"C:\\Program Files\\BT Broadband Talk Softphone\\BTSoftphone.exe"="C:\\Program Files\\BT Broadband Talk Softphone\\BTSoftphone.exe:*:Enabled:BTSoftphone"

"C:\\Documents and Settings\\Administrator\\Local Settings\\Temp\\Rar$EX32.172\\IdeSE.exe"="C:\\Documents and Settings\\Administrator\\Local Settings\\Temp\\Rar$EX32.172\\IdeSE.exe:*:Enabled:IdeSE"

"C:\\Doom\\skulltag.exe"="C:\\Doom\\skulltag.exe:*:Enabled:Skulltag"

"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"

"C:\\Program Files\\EA GAMES\\Battlefield 2\\Bf2_w32ded.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2\\Bf2_w32ded.exe:*:Enabled:Bf2_w32ded"

"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2VoipServer.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2VoipServer.exe:*:Enabled:BF2VoipServer"

"C:\\Program Files\\Valve\\Steam\\Steam.exe"="C:\\Program Files\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"

"C:\\Program Files\\Valve\\Steam\\SteamApps\\pk909\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\pk909\\team fortress 2\\hl2.exe:*:Enabled:hl2"

"C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"="C:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe:*:Enabled:Update Service"

"C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"

"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"="C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe:*:Enabled:Sunbelt Firewall GUI"

"C:\\Program Files\\Red Chair Software\\Anapod Explorer\\anamgr.exe"="C:\\Program Files\\Red Chair Software\\Anapod Explorer\\anamgr.exe:*:Enabled:Anapod Xtreamer"

"C:\\Program Files\\Kontiki\\KService.exe"="C:\\Program Files\\Kontiki\\KService.exe:*:Enabled:Delivery Manager Service"

"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"="C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Disabled:Football Manager 2008"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users

APPDATA=C:\Documents and Settings\Administrator\Application Data

CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

CLIENTNAME=Console

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=PK909-751113DA5

ComSpec=C:\WINDOWS\system32\cmd.exe

DBCONFIG=C:\adabas\sql

DBROOT=C:\adabas\

DBWORK=C:\adabas\sql

DEFAULT_CA_NR=CA8

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Documents and Settings\Administrator

LOGONSERVER=\\PK909-751113DA5

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

Path=C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\PROGRAM FILES\COMMON FILES\TELECA SHARED;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\WINDOWS\SYSTEM32;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\;C:\adabas\bin;C:\adabas\pgm

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=4b02

ProgramFiles=C:\Program Files

PROMPT=$P$G

QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

SESSIONNAME=Console

SystemDrive=C:

SystemRoot=C:\WINDOWS

TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp

USERDOMAIN=PK909-751113DA5

USERNAME=Administrator

USERPROFILE=C:\Documents and Settings\Administrator

windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Preyes (admin)

Administrator (admin)

pk909 · July 3, 2008

Part 4:

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0FDA7E2-BC07-442C-8DA3-6B5BCA15F832}\SETUP.EXE" -l0x9

--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5633D266-6BAE-41CE-987F-0FE5F5F92D64}\setup.exe" -l0x9

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

1st JavaScript Editor 3.8 --> "C:\WINDOWS\1st JavaScript Editor\uninstall.exe" "/U:C:\Program Files\Yaldex Software\1st JavaScript Editor\irunin.xml"

a-squared Free 3.1 --> "C:\Program Files\a-squared Free\unins000.exe"

ABBYY FineReader 5.0 Sprint --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}

Ableton Live v6.0.7 --> "C:\Program Files\Ableton\Live 6.0.7\unins000.exe"

Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

Adabas D 13.01.00 --> MsiExec.exe /X{5C52CED3-D45C-4DA9-932F-B91BD44BB461}

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}

Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}

Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete

Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}

Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}

Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}

Adobe Reader 8.1.2 Security Update 1 (KB403742) -->

Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}

Age of Conan - Hyborian Adventures --> "C:\Program Files\Funcom\Age of Conan\unins000.exe"

Ahead Nero Burning ROM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

Amazon MP3 Downloader 1.0.3 --> C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe

Antonymic v1.0 --> C:\Program Files\Antonymic v1.0\uninstall.exe

Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}

Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}

Athlon 64 Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9

ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe

ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0

ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup

BBC iPlayer Download Manager --> MsiExec.exe /I {D466F3D9-510C-4729-B7D4-2E70490E4CDF}

Beat Shop One --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1193BC3A-318C-414B-8AE8-3121B0F8B3BF}\Setup.EXE" -l0x9

Belarc Advisor 7.2 --> C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG

Brian Lara International Cricket 2007 --> C:\Program Files\InstallShield Installation Information\{D7F6841C-26E9-4969-A5F4-DAEA81C4949A}\setup.exe -runfromtemp -l0x0009 -removeonly

BT Broadband Talk Softphone 3.1 --> "C:\Program Files\BT Broadband Talk Softphone\unins000.exe"

BT Home Hub --> C:\Program Files\BT Home Hub\Uninstall.exe

CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"

ConvertXtoDVD 2.2.3.258h --> "C:\Program Files\VSO\ConvertXtoDVD\unins000.exe"

Dual-Core Optimizer --> MsiExec.exe /X{FF3D660E-E5CC-47FD-8050-1B4DE3BA81A9}

E-MU Audio Drivers --> "C:\Program Files\Creative Professional\Drivers\DrvInst\Setup.exe" /remove

E-MU PatchMix DSP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5633D266-6BAE-41CE-987F-0FE5F5F92D64}\setup.exe" -l0x9 /remove

EphPod --> C:\PROGRA~1\EphPod\UNWISE.EXE C:\PROGRA~1\EphPod\INSTALL.LOG

ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe

Eusing Free Registry Cleaner --> C:\PROGRA~1\EUSING~1\UNWISE.EXE C:\PROGRA~1\EUSING~1\INSTALL.LOG

ffdshow [rev 1685] [2007-12-06] --> "C:\Program Files\ffdshow\unins000.exe"

FirstClass® Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B35C417-2649-11D6-83D1-0050FC01225C}\setup.exe" -l0x9 -uninst

FlashMenu --> C:\Program Files\InstallShield Installation Information\{047E5F60-5357-43FB-A080-1912EB0132A4}\setup.exe -runfromtemp -l0x0009 -removeonly

Haali Media Splitter --> "C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"

Half-Life 2: Episode Two --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/420

Half-Life® 2 --> MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}

HammerHead Rhythm Station --> C:\Program Files\HammerHead\Uninstall.exe

High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}

J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}

J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}

Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}

Last.fm 1.5.1.29527 --> "C:\Program Files\Last.fm\unins000.exe"

Lexmark X1100 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series

Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly

M150 Block1 --> C:\M150\UNWISE.EXE C:\M150\INSTALL.LOG

M150 Blocks 2 & 3 --> C:\M150\UNWISE.EXE C:\M150\INSTALL.LOG

Magic ISO Maker v5.4 (build 0251) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG

MagicDisc 2.5.79 --> C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG

Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"

Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"

Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MWSnap 3 --> "C:\Program Files\MWSnap\uninstall.exe"

Notepad++ --> C:\Program Files\Notepad++\uninstall.exe

NVIDIA Drivers --> C:\WINDOWS\system32\nvuide.exe UninstallGUI

NVIDIA ForceWare Network Access Manager --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{1F6423DE-7959-4178-80E0-023C7EAA5347} /l1033

OpenAL --> "C:\Program Files\OpenAL\OpenALwEAX.exe" /U

Peggle Extreme --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/3483

PixiePack Codec Pack --> MsiExec.exe /I{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}

Portal --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/400

Proteus X --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0FDA7E2-BC07-442C-8DA3-6B5BCA15F832}\SETUP.EXE" -l0x9 /remove

QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}

RapidShare Manager --> rundll32.exe dfshim.dll,ShArpMaintain RapidShareManager.application, Culture=neutral, PublicKeyToken=c14d24c3c9280019, processorArchitecture=msil

RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

SA22xx Device Manager --> C:\Program Files\InstallShield Installation Information\{300B1C71-93BD-4A8C-8A2C-AD39072F19EB}\DM_Setup.exe -runfromtemp -l0x0009 -removeonly

SafeCast Shared Components --> C:\Program Files\Common Files\Macrovision Shared\SafeCast\Install\CDAC13BA.EXE /uninstall

Sony Ericsson PC Suite --> MsiExec.exe /I{115DC143-58A1-4314-853D-FCA35D57EE8A}

Sony Sound Forge 8.0 --> MsiExec.exe /X{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}

Spectaculator 6.30 --> MsiExec.exe /I{BE32461E-63C8-4418-BDC7-8FCA982E36D7}

Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"

Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"

StarOffice 8 --> MsiExec.exe /I{AB24FEBA-140D-4FAF-BC6F-4D34032EAADF}

Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

Steinberg Cubase SX v3.1.1.944 --> C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG

Studio Grand --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D12A370-6826-40EA-8545-0FBAAB68E36A}\Setup.EXE" -l0x9

Sunbelt Personal Firewall --> MsiExec.exe /X{BFD080F6-3BF0-40E1-9507-9CA969C35870}

SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}

Syncrosoft's License Control --> C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG

SyncroSoft Emu (Remove only) --> C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe

Team Fortress 2 --> "C:\Program Files\Valve\Steam\steam.exe" steam://uninstall/440

TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"

Update Service --> C:\Program Files\Sony Ericsson\Update Service\uninst.exe

USB-706 Vibration Joystick --> C:\PROGRA~1\USBVIB~1\UNWISE.EXE C:\PROGRA~1\USBVIB~1\INSTALL.LOG

VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe

Virtua Tennis 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -l0x9 -removeonly

Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"

Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}

Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"

WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

X Producer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03C2527C-202F-4791-B670-71E5E7DFD890}\Setup.EXE" -l0x9

Xvid 1.1.2 final uninstall --> "C:\Program Files\Xvid\unins000.exe"

Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll

-- Application Event Log -------------------------------------------------------

Event Record #/Type5875 / Error

Event Submitted/Written: 07/01/2008 07:22:42 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type5871 / Error

Event Submitted/Written: 07/01/2008 06:32:25 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type5870 / Error

Event Submitted/Written: 07/01/2008 06:29:50 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type5869 / Error

Event Submitted/Written: 07/01/2008 06:23:01 PM

Event ID/Source: 1001 / Application Hang

Event Description:

Fault bucket 126637809.

Event Record #/Type5868 / Error

Event Submitted/Written: 07/01/2008 06:22:58 PM

Event ID/Source: 1002 / Application Hang

Event Description:

Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type37091 / Error

Event Submitted/Written: 07/03/2008 09:34:33 AM

Event ID/Source: 10005 / DCOM

Event Description:

DCOM got error "%%1055" attempting to start the service winmgmt with arguments ""

in order to run the server:

{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Event Record #/Type37063 / Error

Event Submitted/Written: 07/02/2008 05:33:11 PM

Event ID/Source: 10005 / DCOM

Event Description:

DCOM got error "%%1055" attempting to start the service winmgmt with arguments ""

in order to run the server:

{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Event Record #/Type37041 / Error

Event Submitted/Written: 07/01/2008 08:07:39 PM

Event ID/Source: 10005 / DCOM

Event Description:

DCOM got error "%%1055" attempting to start the service winmgmt with arguments ""

in order to run the server:

{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Event Record #/Type37033 / Error

Event Submitted/Written: 07/01/2008 07:49:17 PM

Event ID/Source: 10016 / DCOM

Event Description:

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID

{BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.

Event Record #/Type37032 / Error

Event Submitted/Written: 07/01/2008 07:49:17 PM

Event ID/Source: 10016 / DCOM

Event Description:

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID

{BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission can be modified using the Component Services administrative tool.

-- End of Deckard's System Scanner: finished at 2008-07-03 10:34:43 ------------

AdvancedSetup · July 3, 2008

Well you actually still show some signs of an infection.

I have to run out now since the Holiday is upon us. I will get back to you when I can and continue working on a fix.

pk909 · July 19, 2008

Hi Advanced/wolfeymole,

Just to let you know i've re-installed windows and everything is fine again now.

Thanks for your help and assistance.

P.

Goku · July 19, 2008

Glad you got it resolved Philip. Feel free to ask any more questions you may have. :)

We depend on the members to help us with their valuable feedback and to help us answer posts. So check back with the forum when you can. Maybe next time you can help a member with a problem. That is what it's all about. People helping people. :)

Once again thanks for letting us know about the status of the problem.

-- Goku

Goku · August 2, 2008

This thread appears to be solved and is now closed

If you are the original poster of this thread and need it re-opened, then please PM (Private Message) an Administrator or Moderator

-- Goku

Sign In

> Web Pages Not Loading Properly On Any Browser.

Recommended Posts

pk909

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

pk909

pk909

pk909

AdvancedSetup

pk909

Goku

Goku

Join the conversation

Similar Content

File Browser Loads too slow.

Front loading hot swap HDD

Windows failed to load properly

i cannot access ma family safety web page

Welcome to Pages

Browse

Activity

Site Info