WinXP PC Windows Applications constantly not responding

Posted 9/19/2009 3:33 PM
#77511
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
[2] <br/>Problem Synopsis: PC hangs at strange times, and quite often. Basically, it looks like the PC is suffering from some hidden application that is constantly hijacking resources and not permitting PC operations to occur, that would normally see immediate response. The PC used to respond as expected, where menus and application launches would respond immediately. I have run Cclean, Malwarebytes, DDS, updated Java, and run HJT, yet 60% of the time I am seeing this behavior. I don’t see your recommendation to run ComboFix. Should I run that too? Do you need the RSIT logfile too? <br/> <br/>PC Description: MS Windows XP Home SP3 <br/> <br/>Intel Pentium 4 CPU, 3GHZ, 1.0GB RAM, Intel 82865G Graphics Controller <br/> <br/>Virus Protection: AVG Free, Ver 8.5.409 <br/> <br/>Virus Scans are coming up clean. Malware scans are coming up clear. But here are a few of the typical behaviors: <br/><U> <br/>Start Button: <br/></U> <br/>Click the ‘Start’ button, wait for up to 20 seconds for the menu to respond, another 10seconds before the menu is populated, another 10seconds before menu entries can be selected. It appears that the Start menu is not being permitted to run, or it is waiting for something else to complete before it can run. If you click the unresponsive ‘Start’ button 10 times, then in maybe 30 seconds, when it is finally responsive, the Menu bar will open and close all 10 times, so the PC is seeing most inputs. <br/><U> <br/>Internet Explorer: <br/></U> <br/>Open windows will lock and ‘Not Responding’ will appear in the banner. Window will lock for up to 60seconds at a time. Checking Windows Task Manager, CPU Usage is low, Page File Usage is often at 1.5M or 75% of usage. If IE is left running overnight, by morning all IE windows will be completely unresponsive. <br/><U> <br/>Quick Lauch: <br/></U> <br/>Quick launch will often be unresponsive for up to 20seconds at a time, then when the icons are enabled, selecting them won’t launch its application for up to 20seconds. <br/><U> <br/>File Manager: <br/></U> <br/>File Manager will lock at time. While open, if you select it, sometimes it will be non-responsive for 15seconds at a time. Question: What are the chances that AVG is scanning everything, all the time, before File Manager is permitted to display the contents of any folder? <br/> <br/>I'll post the logfiles in separate posts. Let me know what you find or what else I should do. THANKS !! <br/> <br/><br /><br />[/2]
Posted 9/19/2009 3:40 PM
#77512
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
I am unsure about removing old Java components. I'll post a screen capture of my 'add/remove programs' window. I am curious if 'JSE Runtime Environment 5.0' components are 'old' and should they be removed as part of your advice in removing old components? I already removed 2 of these, then started to question whether 'JSE' was related to your advice of removing older versions of 'Java(TM) 6'. <br/> <br/> <br/>If I was incorrect in removing some of these J2SE components, how should I go about retrieving those Updates? <br/> <br/> <br/> <br/>Thanks !! <br/> <br/> <br/> <br/>I uploaded the screen capture file, but the Attachment Manager hasn't convinced me that it is actually attached. I'll trust it anyway rather than accidentally posting twice.
Post attachments:
Java_J2SE_screenCapture.JPG
Posted 9/19/2009 3:41 PM
#77513
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
Malwarebytes' Anti-Malware 1.41 <br/>Database version: 2819 <br/>Windows 5.1.2600 Service Pack 3 <br/>9/18/2009 3:44:43 AM <br/>mbam-log-2009-09-18 (03-44-43).txt <br/> <br/>Scan type: Full Scan (C:\|) <br/>Objects scanned: 231436 <br/>Time elapsed: 1 hour(s), 22 minute(s), 18 second(s) <br/> <br/>Memory Processes Infected: 0 <br/>Memory Modules Infected: 0 <br/>Registry Keys Infected: 0 <br/>Registry Values Infected: 0 <br/>Registry Data Items Infected: 0 <br/>Folders Infected: 0 <br/>Files Infected: 0 <br/> <br/>Memory Processes Infected: <br/>(No malicious items detected) <br/> <br/>Memory Modules Infected: <br/>(No malicious items detected) <br/> <br/>Registry Keys Infected: <br/>(No malicious items detected) <br/> <br/>Registry Values Infected: <br/>(No malicious items detected) <br/> <br/>Registry Data Items Infected: <br/>(No malicious items detected) <br/> <br/>Folders Infected: <br/>(No malicious items detected) <br/> <br/>Files Infected: <br/>(No malicious items detected)
Posted 9/19/2009 3:43 PM
#77514
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
DDS (Ver_09-07-30.01) - NTFSx86 <br/>Run by Jim at 23:21:14.91 on Fri 09/18/2009 <br/>Internet Explorer: 8.0.6001.18372 BrowserJavaVersion: 1.6.0_14 <br/>Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.130 [GMT -4:00] <br/>AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} <br/> <br/>============== Running Processes =============== <br/> <br/>C:\WINDOWS\system32\svchost -k DcomLaunch <br/>svchost.exe <br/>C:\WINDOWS\System32\svchost.exe -k netsvcs <br/>svchost.exe <br/>svchost.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>svchost.exe <br/>C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>C:\WINDOWS\system32\drivers\CDAC11BA.EXE <br/>C:\Program Files\Java\jre6\bin\jqs.exe <br/>C:\WINDOWS\system32\HPZipm12.exe <br/>C:\Program Files\Dell Support Center\bin\sprtsvc.exe <br/>C:\WINDOWS\system32\svchost.exe -k imgsvc <br/>C:\PROGRA~1\AVG\AVG8\avgrsx.exe <br/>C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Program Files\Analog Devices\Core\smax4pnp.exe <br/>C:\Program Files\Java\jre6\bin\jusched.exe <br/>C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe <br/>C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe <br/>C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe <br/>C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe <br/>C:\Program Files\HP\hpcoretech\hpcmpmgr.exe <br/>C:\WINDOWS\system32\dla\tfswctrl.exe <br/>C:\WINDOWS\system32\igfxpers.exe <br/>C:\Program Files\Google\Google Talk\googletalk.exe <br/>C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>C:\Program Files\Messenger\msmsgs.exe <br/>C:\PROGRA~1\QUICKEN\bagent.exe <br/>C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>C:\Program Files\Microsoft Office\Office\OSA.EXE <br/>C:\Program Files\OpenOffice.org 3\program\soffice.exe <br/>C:\Program Files\OpenOffice.org 3\program\soffice.bin <br/>C:\Program Files\Java\jre6\bin\jucheck.exe <br/>C:\WINDOWS\system32\taskmgr.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\PROGRA~1\AVG\AVG8\avgnsx.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Common Files\Real\Update_OB\realsched.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\AVG\AVG8\avgui.exe <br/>C:\WINDOWS\system32\wscntfy.exe <br/>C:\Documents and Settings\Jim\Desktop\dds.scr <br/> <br/>============== Pseudo HJT Report =============== <br/> <br/>uStart Page = hxxp://www.yahoo.com/ <br/>uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 <br/>mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html <br/>uInternet Settings,ProxyOverride = <local> <br/>uInternet Settings,ProxyServer = 129.74.152.66:3124 <br/>uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com <br/>uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll <br/>uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - <br/>mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll <br/>mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - <br/>mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll <br/>BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll <br/>BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll <br/>BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll <br/>BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll <br/>BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll <br/>BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll <br/>BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll <br/>TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll <br/>TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - <br/>EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File <br/>uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background <br/>uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter <br/>uRun: [QuickenScheduledUpdates] c:\progra~1\quicken\bagent.exe <br/>uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_1_0 <br/>uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe <br/>uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe <br/>mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe <br/>mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" <br/>mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe <br/>mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe" <br/>mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe <br/>mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup <br/>mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start <br/>mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe" <br/>mRun: [dla] c:\windows\system32\dla\tfswctrl.exe <br/>mRun: [igfxtray] c:\windows\system32\igfxtray.exe <br/>mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe <br/>mRun: [igfxpers] c:\windows\system32\igfxpers.exe <br/>mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" <br/>mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart <br/>mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall <br/>mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe <br/>mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter <br/>mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot <br/>mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent <br/>StartupFolder: c:\docume~1\jim\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE <br/>StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe <br/>IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html <br/>IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe <br/>IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe <br/>IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe <br/>IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll <br/>IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll <br/>IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll <br/>Trusted Zone: skygolfgps.com\www <br/>Trusted Zone: turbotax.com <br/>DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab <br/>DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} - hxxps://mygmgw.gm.com/http://usabhma06.mail.gm.com/iNotes.cab <br/>DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll <br/>DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - hxxps://mygmgw.gm.com/http://usabhembma19.mail.gm.com/iNotes6W.cab <br/>DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab <br/>DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab <br/>DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232622251765 <br/>DPF: {6F750202-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab <br/>DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - hxxp://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab <br/>DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab <br/>DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab <br/>DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab <br/>DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab <br/>DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab <br/>DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab <br/>Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll <br/>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll <br/>Notify: avgrsstarter - avgrsstx.dll <br/>Notify: igfxcui - igfxdev.dll <br/>SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll <br/> <br/>================= FIREFOX =================== <br/> <br/>FF - ProfilePath - c:\docume~1\jim\applic~1\mozilla\firefox\profiles\0vu6jjhf.default\ <br/>FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p= <br/>FF - prefs.js: browser.search.selectedEngine - Yahoo! Search <br/>FF - prefs.js: browser.startup.homepage - www.yahoo.com <br/>FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p= <br/>FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll <br/>FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll <br/>FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll <br/>FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll <br/>FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll <br/>FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll <br/>FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <br/>FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <br/>FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <br/>FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} <br/>FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <br/>FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} <br/> <br/>---- FIREFOX POLICIES ---- <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); <br/>c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); <br/>c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); <br/>c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); <br/>c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); <br/> <br/>============= SERVICES / DRIVERS =============== <br/> <br/>R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-6-20 335240] <br/>R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-1-29 27784] <br/>R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-6-20 108552] <br/>R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-15 908056] <br/>R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-15 297752] <br/>S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-2 133104] <br/> <br/>=============== Created Last 30 ================ <br/> <br/>2009-09-17 16:01 <DIR> --d----- c:\windows\system32\wbem\Repository <br/>2009-09-09 23:21 153,088 -------- c:\windows\system32\dllcache\triedit.dll <br/> <br/>==================== Find3M ==================== <br/> <br/>2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys <br/>2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys <br/>2009-08-15 02:44 335,240 a------- c:\windows\system32\drivers\avgldx86.sys <br/>2009-08-15 02:44 11,952 a------- c:\windows\system32\avgrsstx.dll <br/>2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll <br/>2009-08-05 05:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll <br/>2009-07-25 19:01 8,266 a------- c:\windows\extend.dat <br/>2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll <br/>2009-07-17 15:01 58,880 -------- c:\windows\system32\dllcache\atl.dll <br/>2009-07-15 08:39 410,984 a------- c:\windows\system32\deploytk.dll <br/>2009-07-13 23:43 10,841,088 a------- c:\windows\system32\dllcache\wmp.dll <br/>2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll <br/>2009-07-13 23:43 286,208 a------- c:\windows\system32\dllcache\wmpdxm.dll <br/>2009-07-13 05:48 219,648 a------- c:\windows\PEV.exe <br/>2009-07-10 09:27 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll <br/>2008-09-15 16:19 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091520080916\index.dat <br/> <br/>============= FINISH: 23:22:29.28 ===============
Posted 9/19/2009 3:45 PM
#77515
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
(I tried to 'attach' this to the last post, but the Upload Manager said that I wasn't permitted to attach files that contained 'plain text' for some reason. This file isn't that big, so I'll post it anyway) <br/> <br/><br /><br /> <br/>DDS (Ver_09-07-30.01) <br/> <br/>Microsoft Windows XP Home Edition <br/>Boot Device: \Device\HarddiskVolume2 <br/>Install Date: 7/8/2005 1:34:09 AM <br/>System Uptime: 9/17/2009 4:02:08 PM (31 hours ago) <br/> <br/>Motherboard: Dell Computer Corp. | | 0TC666 <br/>Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz <br/> <br/>==== Disk Partitions ========================= <br/> <br/>C: is FIXED (NTFS) - 145 GiB total, 12.824 GiB free. <br/>D: is CDROM () <br/>E: is CDROM () <br/> <br/>==== Disabled Device Manager Items ============= <br/> <br/>==== System Restore Points =================== <br/> <br/>RP1087: 6/21/2009 3:09:04 PM - System Checkpoint <br/>RP1088: 6/22/2009 4:09:03 PM - System Checkpoint <br/>RP1089: 6/23/2009 5:09:07 PM - System Checkpoint <br/>RP1090: 6/24/2009 5:21:05 PM - System Checkpoint <br/>RP1091: 6/25/2009 6:33:05 PM - System Checkpoint <br/>RP1092: 6/26/2009 7:21:11 PM - System Checkpoint <br/>RP1093: 6/27/2009 3:37:41 AM - Avg8 Update <br/>RP1094: 6/27/2009 3:48:54 AM - Avg8 Update <br/>RP1095: 6/28/2009 5:10:05 AM - System Checkpoint <br/>RP1096: 6/29/2009 5:44:41 AM - System Checkpoint <br/>RP1097: 6/30/2009 8:15:26 AM - System Checkpoint <br/>RP1098: 7/1/2009 8:50:37 AM - System Checkpoint <br/>RP1099: 7/2/2009 9:26:34 AM - System Checkpoint <br/>RP1100: 7/3/2009 9:31:18 AM - System Checkpoint <br/>RP1101: 7/4/2009 11:55:16 AM - System Checkpoint <br/>RP1102: 7/5/2009 2:38:22 AM - Avg8 Update <br/>RP1103: 7/5/2009 2:39:26 AM - Avg8 Update <br/>RP1104: 7/6/2009 3:21:05 AM - System Checkpoint <br/>RP1105: 7/7/2009 3:25:00 AM - System Checkpoint <br/>RP1106: 7/8/2009 4:25:48 AM - System Checkpoint <br/>RP1107: 7/9/2009 5:24:59 AM - System Checkpoint <br/>RP1108: 7/10/2009 5:37:01 AM - System Checkpoint <br/>RP1109: 7/11/2009 4:15:05 AM - Avg8 Update <br/>RP1110: 7/12/2009 4:25:27 AM - System Checkpoint <br/>RP1111: 7/13/2009 5:24:36 AM - System Checkpoint <br/>RP1112: 7/14/2009 6:24:30 AM - System Checkpoint <br/>RP1113: 7/15/2009 3:00:52 AM - Software Distribution Service 3.0 <br/>RP1114: 7/15/2009 8:39:07 AM - Installed Java(TM) 6 Update 14 <br/>RP1115: 7/16/2009 9:33:51 AM - System Checkpoint <br/>RP1116: 7/17/2009 9:34:00 AM - System Checkpoint <br/>RP1117: 7/18/2009 10:34:02 AM - System Checkpoint <br/>RP1118: 7/19/2009 4:12:44 AM - Avg8 Update <br/>RP1119: 7/20/2009 6:24:46 AM - System Checkpoint <br/>RP1120: 7/21/2009 7:36:46 AM - System Checkpoint <br/>RP1121: 7/22/2009 8:12:45 AM - System Checkpoint <br/>RP1122: 7/23/2009 10:00:52 AM - System Checkpoint <br/>RP1123: 7/26/2009 3:59:58 PM - System Checkpoint <br/>RP1124: 7/27/2009 4:12:38 PM - System Checkpoint <br/>RP1125: 7/28/2009 5:12:43 PM - System Checkpoint <br/>RP1126: 7/29/2009 3:00:24 AM - Software Distribution Service 3.0 <br/>RP1127: 7/30/2009 3:12:38 AM - System Checkpoint <br/>RP1128: 7/31/2009 4:13:10 AM - System Checkpoint <br/>RP1129: 8/1/2009 5:12:41 AM - System Checkpoint <br/>RP1130: 8/2/2009 6:12:51 AM - System Checkpoint <br/>RP1131: 8/13/2009 4:28:52 PM - Software Distribution Service 3.0 <br/>RP1132: 8/14/2009 5:36:28 PM - System Checkpoint <br/>RP1133: 8/15/2009 2:43:27 AM - Avg8 Update <br/>RP1134: 8/15/2009 2:45:03 AM - Avg8 Update <br/>RP1135: 8/16/2009 9:25:59 AM - System Checkpoint <br/>RP1136: 8/17/2009 10:36:19 AM - System Checkpoint <br/>RP1137: 8/18/2009 11:48:18 AM - System Checkpoint <br/>RP1138: 8/19/2009 1:00:18 PM - System Checkpoint <br/>RP1139: 8/20/2009 2:01:59 PM - System Checkpoint <br/>RP1140: 8/21/2009 2:25:58 PM - System Checkpoint <br/>RP1141: 8/22/2009 2:54:12 PM - System Checkpoint <br/>RP1142: 8/25/2009 3:05:53 AM - System Checkpoint <br/>RP1143: 8/26/2009 8:27:27 AM - System Checkpoint <br/>RP1144: 8/27/2009 3:00:18 AM - Software Distribution Service 3.0 <br/>RP1145: 8/28/2009 10:20:56 AM - System Checkpoint <br/>RP1146: 8/29/2009 11:49:16 AM - System Checkpoint <br/>RP1147: 8/30/2009 1:08:42 PM - System Checkpoint <br/>RP1148: 8/31/2009 1:09:14 PM - System Checkpoint <br/>RP1149: 9/1/2009 1:33:14 PM - System Checkpoint <br/>RP1150: 9/2/2009 1:45:15 PM - System Checkpoint <br/>RP1151: 9/3/2009 2:09:15 PM - System Checkpoint <br/>RP1152: 9/4/2009 2:33:18 PM - System Checkpoint <br/>RP1153: 9/5/2009 2:45:13 PM - System Checkpoint <br/>RP1154: 9/6/2009 3:45:15 PM - System Checkpoint <br/>RP1155: 9/7/2009 4:45:11 PM - System Checkpoint <br/>RP1156: 9/8/2009 5:21:13 PM - System Checkpoint <br/>RP1157: 9/9/2009 6:33:08 PM - System Checkpoint <br/>RP1158: 9/10/2009 3:00:24 AM - Software Distribution Service 3.0 <br/>RP1159: 9/12/2009 11:57:04 AM - System Checkpoint <br/>RP1160: 9/13/2009 1:01:03 PM - System Checkpoint <br/>RP1161: 9/14/2009 1:13:05 PM - System Checkpoint <br/>RP1162: 9/15/2009 1:18:11 PM - System Checkpoint <br/>RP1163: 9/16/2009 1:42:10 PM - System Checkpoint <br/>RP1164: 9/17/2009 2:20:44 PM - Software Distribution Service 3.0 <br/>RP1165: 9/17/2009 3:59:17 PM - Restore Operation <br/>RP1166: 9/17/2009 7:27:27 PM - 9/17/2009, before running CCleaner-RegistryClean <br/>RP1167: 9/18/2009 7:51:17 PM - System Checkpoint <br/> <br/>==== Installed Programs ====================== <br/> <br/>1310 <br/>1310_Help <br/>1310Tour <br/>1310Trb <br/>2001 TurboTax Premier <br/>Adobe Flash Player 10 ActiveX <br/>Adobe Flash Player 10 Plugin <br/>Adobe Reader 7.1.0 <br/>Adobe Reader Chinese Traditional Fonts <br/>Adobe Shockwave Player <br/>AiO_Scan <br/>AIOMinimal <br/>AiOSoftware <br/>AnswerWorks 5.0 English Runtime <br/>AOLIcon <br/>AVG Free 8.5 <br/>Bitzi's Bitcollider 0.6.0 <br/>BUM <br/>CCleaner (remove only) <br/>Copy <br/>CreativeProjects <br/>Critical Update for Windows Media Player 11 (KB959772) <br/>Deer Avenger 4 <br/>Dell Driver Reset Tool <br/>Dell Media Experience <br/>Dell Picture Studio v3.0 <br/>Dell Support Center <br/>Dell System Restore <br/>DellSupport <br/>Director <br/>DMX Update <br/>DocProc <br/>Download Updater (AOL LLC) <br/>DVD X Copy Platinum 4.0.3 <br/>DVD X Rescue <br/>EarthLink setup files <br/>ESPN Java Check <br/>Expert Do-It-Yourself Lawyer <br/>Fax <br/>GdiplusUpgrade <br/>Google Earth Plugin <br/>Google Talk (remove only) <br/>Google Update Helper <br/>HijackThis 2.0.2 <br/>Hotfix for Windows Internet Explorer 7 (KB947864) <br/>Hotfix for Windows Media Format 11 SDK (KB929399) <br/>Hotfix for Windows Media Player 11 (KB939683) <br/>Hotfix for Windows XP (KB952287) <br/>Hotfix for Windows XP (KB970653-v3) <br/>HP Image Zone 3.5 <br/>HP PSC & OfficeJet 3.5 <br/>HPSystemDiagnostics <br/>InstantShare <br/>Intel(R) 537EP V9x DF PCI Modem <br/>Intel(R) Extreme Graphics 2 Driver <br/>Intel(R) PRO Network Adapters and Drivers <br/>Intel(R) PROSet for Wired Connections <br/>Internet Explorer Default Page <br/>ItsDeductible Express <br/>J2SE Runtime Environment 5.0 Update 10 <br/>J2SE Runtime Environment 5.0 Update 11 <br/>J2SE Runtime Environment 5.0 Update 4 <br/>J2SE Runtime Environment 5.0 Update 6 <br/>Jasc Paint Shop Photo Album 5 <br/>Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch <br/>Java 2 Runtime Environment, SE v1.4.2_03 <br/>Java(TM) 6 Update 14 <br/>Java(TM) 6 Update 2 <br/>Java(TM) 6 Update 3 <br/>Java(TM) 6 Update 5 <br/>Java(TM) 6 Update 7 <br/>Java(TM) SE Runtime Environment 6 Update 1 <br/>KODAK EASYSHARE Gallery Easy Upload, v2.1 <br/>KODAK EASYSHARE Gallery Upload ActiveX Control <br/>Learn2 Player (Uninstall Only) <br/>LogViewer <br/>Macromedia Flash Player <br/>Malwarebytes' Anti-Malware <br/>Microsoft .NET Framework 1.1 <br/>Microsoft .NET Framework 1.1 Hotfix (KB928366) <br/>Microsoft Compression Client Pack 1.0 for Windows XP <br/>Microsoft Internationalized Domain Names Mitigation APIs <br/>Microsoft National Language Support Downlevel APIs <br/>Microsoft Office 97, Professional Edition <br/>Microsoft Plus! Digital Media Edition Installer <br/>Microsoft Plus! Photo Story 2 LE <br/>Microsoft User-Mode Driver Framework Feature Pack 1.0 <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Modem Event Monitor <br/>Modem Helper <br/>Modem On Hold <br/>Monopoly <br/>Mozilla Firefox (3.5.2) <br/>MSXML 4.0 SP2 (KB927978) <br/>MSXML 4.0 SP2 (KB936181) <br/>MSXML 4.0 SP2 (KB954430) <br/>Musicmatch® Jukebox <br/>My Way Search Assistant <br/>OpenOffice.org 3.0 <br/>overland <br/>PhotoGallery <br/>PokerStars <br/>PowerDVD 5.5 <br/>PrintScreen <br/>QFolder <br/>QuickBooks Simple Start Special Edition <br/>Quicken 2008 <br/>Quicken WillMaker Plus 2005 <br/>Quicken WillMaker Plus 2008 <br/>QuickProjects <br/>QuickTime <br/>Readme <br/>RealPlayer <br/>SafeCast Shared Components <br/>Scan <br/>Security Update for Step By Step Interactive Training (KB898458) <br/>Security Update for Step By Step Interactive Training (KB923723) <br/>Security Update for Windows Internet Explorer 7 (KB929969) <br/>Security Update for Windows Internet Explorer 7 (KB931768) <br/>Security Update for Windows Internet Explorer 7 (KB933566) <br/>Security Update for Windows Internet Explorer 7 (KB937143) <br/>Security Update for Windows Internet Explorer 7 (KB938127) <br/>Security Update for Windows Internet Explorer 7 (KB939653) <br/>Security Update for Windows Internet Explorer 7 (KB942615) <br/>Security Update for Windows Internet Explorer 7 (KB944533) <br/>Security Update for Windows Internet Explorer 7 (KB950759) <br/>Security Update for Windows Internet Explorer 7 (KB953838) <br/>Security Update for Windows Internet Explorer 7 (KB956390) <br/>Security Update for Windows Internet Explorer 7 (KB958215) <br/>Security Update for Windows Internet Explorer 7 (KB960714) <br/>Security Update for Windows Internet Explorer 7 (KB961260) <br/>Security Update for Windows Media Player (KB911564) <br/>Security Update for Windows Media Player (KB952069) <br/>Security Update for Windows Media Player (KB968816) <br/>Security Update for Windows Media Player (KB973540) <br/>Security Update for Windows Media Player 10 (KB911565) <br/>Security Update for Windows Media Player 10 (KB917734) <br/>Security Update for Windows Media Player 11 (KB936782) <br/>Security Update for Windows Media Player 11 (KB954154) <br/>Security Update for Windows Media Player 6.4 (KB925398) <br/>Security Update for Windows XP (KB923561) <br/>Security Update for Windows XP (KB923689) <br/>Security Update for Windows XP (KB938464-v2) <br/>Security Update for Windows XP (KB938464) <br/>Security Update for Windows XP (KB941569) <br/>Security Update for Windows XP (KB946648) <br/>Security Update for Windows XP (KB950760) <br/>Security Update for Windows XP (KB950762) <br/>Security Update for Windows XP (KB950974) <br/>Security Update for Windows XP (KB951066) <br/>Security Update for Windows XP (KB951376-v2) <br/>Security Update for Windows XP (KB951376) <br/>Security Update for Windows XP (KB951698) <br/>Security Update for Windows XP (KB951748) <br/>Security Update for Windows XP (KB952004) <br/>Security Update for Windows XP (KB952954) <br/>Security Update for Windows XP (KB953839) <br/>Security Update for Windows XP (KB954211) <br/>Security Update for Windows XP (KB954459) <br/>Security Update for Windows XP (KB954600) <br/>Security Update for Windows XP (KB955069) <br/>Security Update for Windows XP (KB956391) <br/>Security Update for Windows XP (KB956572) <br/>Security Update for Windows XP (KB956744) <br/>Security Update for Windows XP (KB956802) <br/>Security Update for Windows XP (KB956803) <br/>Security Update for Windows XP (KB956841) <br/>Security Update for Windows XP (KB956844) <br/>Security Update for Windows XP (KB957095) <br/>Security Update for Windows XP (KB957097) <br/>Security Update for Windows XP (KB958644) <br/>Security Update for Windows XP (KB958687) <br/>Security Update for Windows XP (KB958690) <br/>Security Update for Windows XP (KB959426) <br/>Security Update for Windows XP (KB960225) <br/>Security Update for Windows XP (KB960715) <br/>Security Update for Windows XP (KB960803) <br/>Security Update for Windows XP (KB960859) <br/>Security Update for Windows XP (KB961371) <br/>Security Update for Windows XP (KB961373) <br/>Security Update for Windows XP (KB961501) <br/>Security Update for Windows XP (KB968537) <br/>Security Update for Windows XP (KB969898) <br/>Security Update for Windows XP (KB970238) <br/>Security Update for Windows XP (KB971557) <br/>Security Update for Windows XP (KB971633) <br/>Security Update for Windows XP (KB971657) <br/>Security Update for Windows XP (KB973346) <br/>Security Update for Windows XP (KB973354) <br/>Security Update for Windows XP (KB973507) <br/>Security Update for Windows XP (KB973869) <br/>SkinsHP1 <br/>SkinsHP2 <br/>SkyCaddie Desktop <br/>Sonic Audio module <br/>Sonic DLA <br/>Sonic MyDVD LE <br/>Sonic RecordNow Copy <br/>Sonic RecordNow Data <br/>Sonic Update Manager <br/>Spybot - Search & Destroy <br/>TrayApp <br/>TurboTax Basic 2002 <br/>TurboTax Deluxe 2005 <br/>TurboTax Deluxe Deduction Maximizer 2006 <br/>TurboTax ItsDeductible 2005 <br/>TurboTax ItsDeductible 2006 <br/>TurboTax Premier 2004 <br/>TurboTax Premier Home & Business 2002 <br/>TurboTax Premier Home & Business 2003 <br/>Unload <br/>Update for Windows Internet Explorer 8 (KB961813) <br/>Update for Windows XP (KB951072-v2) <br/>Update for Windows XP (KB951978) <br/>Update for Windows XP (KB955839) <br/>Update for Windows XP (KB967715) <br/>Update for Windows XP (KB973815) <br/>WebFldrs XP <br/>WebReg <br/>WexTech AnswerWorks <br/>Windows Genuine Advantage Notifications (KB905474) <br/>Windows Genuine Advantage Validation Tool (KB892130) <br/>Windows Internet Explorer 7 <br/>Windows Internet Explorer 8 Release Candidate 1 <br/>Windows Media Format 11 runtime <br/>Windows Media Player 10 <br/>Windows Media Player 11 <br/>Windows XP Service Pack 3 <br/>WinRAR archiver <br/>WordPerfect Office 12 <br/> <br/>==== Event Viewer Messages From Past Week ======== <br/> <br/>9/17/2009 3:50:46 PM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 8070194f, parameter3 f79c6c30, parameter4 f79c692c. <br/>9/16/2009 4:44:50 PM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 80515b55, parameter3 f79cec34, parameter4 f79ce930. <br/> <br/>==== End Of File ===========================
Posted 9/19/2009 3:47 PM
#77516
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
More info: I recently installed Yahoo IM and immediately got a Blue Screen halt. This happened twice in one day just after installing Yahoo IM. I tried uninstalling it and got the Blue Screen again. I performed a Restore Operation on 9/17, going back 1 day. I have not seen the Blue Screen since. <br/> <br/>RP1165: 9/17/2009 3:59:17 PM - Restore Operation <br/> <br/> <br/>Do you have a recommendation whether to ever ever ever use Yahoo IM ??
Posted 9/19/2009 3:48 PM
#77517
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 11:00:23 AM, on 9/19/2009 <br/>Platform: Windows XP SP3 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v8.00 (8.00.6001.18372) <br/>Boot mode: Normal <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>C:\WINDOWS\system32\drivers\CDAC11BA.EXE <br/>C:\WINDOWS\system32\HPZipm12.exe <br/>C:\Program Files\Dell Support Center\bin\sprtsvc.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\PROGRA~1\AVG\AVG8\avgrsx.exe <br/>C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Program Files\Analog Devices\Core\smax4pnp.exe <br/>C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe <br/>C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe <br/>C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe <br/>C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe <br/>C:\Program Files\HP\hpcoretech\hpcmpmgr.exe <br/>C:\WINDOWS\system32\dla\tfswctrl.exe <br/>C:\WINDOWS\system32\hkcmd.exe <br/>C:\WINDOWS\system32\igfxpers.exe <br/>C:\Program Files\Google\Google Talk\googletalk.exe <br/>C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>C:\Program Files\Dell Support Center\bin\sprtcmd.exe <br/>C:\Program Files\Messenger\msmsgs.exe <br/>C:\PROGRA~1\QUICKEN\bagent.exe <br/>C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>C:\Program Files\Microsoft Office\Office\OSA.EXE <br/>C:\Program Files\OpenOffice.org 3\program\soffice.exe <br/>C:\Program Files\OpenOffice.org 3\program\soffice.bin <br/>C:\WINDOWS\system32\taskmgr.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\PROGRA~1\AVG\AVG8\avgnsx.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Common Files\Real\Update_OB\realsched.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\Program Files\AVG\AVG8\avgui.exe <br/>C:\WINDOWS\system32\wscntfy.exe <br/>C:\WINDOWS\system32\notepad.exe <br/>C:\WINDOWS\system32\notepad.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\Program Files\Java\jre6\bin\jqs.exe <br/>C:\Program Files\Java\jre6\bin\jusched.exe <br/>C:\Program Files\Microsoft Office\Office\Winword.exe <br/>C:\Program Files\Trend Micro\HijackThis\HijackThis.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url=http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html]http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html[/url] <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url=http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com]http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com[/url] <br/>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 129.74.152.66:3124 <br/>R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) <br/>O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll <br/>O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll <br/>O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll <br/>O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll <br/>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll <br/>O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll <br/>O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll <br/>O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe <br/>O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe <br/>O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" <br/>O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe <br/>O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup <br/>O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start <br/>O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" <br/>O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe <br/>O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe <br/>O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" <br/>O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart <br/>O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall <br/>O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter <br/>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" <br/>O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent <br/>O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background <br/>O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter <br/>O4 - HKCU\..\Run: [QuickenScheduledUpdates] C:\PROGRA~1\QUICKEN\bagent.exe <br/>O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 <br/>O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe <br/>O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe <br/>O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe <br/>O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe <br/>O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE <br/>O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe <br/>O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html <br/>O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_16.dll <br/>O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_16.dll <br/>O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe <br/>O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll <br/>O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll <br/>O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll <br/>O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - [url=https://mygmgw.gm.com/http://usabhma06.mail.gm.com/iNotes.cab]https://mygmgw.gm.com/http://usabhma06.mail.gm.com/iNotes.cab[/url] <br/>O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll <br/>O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - [url=https://mygmgw.gm.com/http://usabhembma19.mail.gm.com/iNotes6W.cab]https://mygmgw.gm.com/http://usabhembma19.mail.gm.com/iNotes6W.cab[/url] <br/>O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab <br/>O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab <br/>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232622251765 <br/>O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab <br/>O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab <br/>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab <br/>O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll <br/>O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll <br/>O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE <br/>O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe <br/>O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe <br/>O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe <br/>O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe <br/> <br/>-- <br/>End of file - 11619 bytes
Posted 9/19/2009 3:59 PM
#77521
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
A few more quirks I will explain. <br/> <br/>1) Very often I am naturally myself wanting to select a hot link on a website or an activation button in an application, or selecting text in a file. What I see periodically is that it no longer takes '1 click' to do any of this. I already deleted this post because I wanted to change it, and the actual 'remove' button needed to be pushed twice. It ignored me the first time. <br/> <br/>2) I ran the 'RSIT' application that I read about in another post. It looks like I might have pieces of BearShare still laying around on the PC, which could be the cause of all of these strange behaviors. I know that you recommend removal of these sorts of programs before even starting a forum. I have removed both BearShare and Limewire, but remnants of both could still be hiding somewhere. <br/> <br/>Should I post the RSIT logs? <br/> <br/>3) I have tried removing 'Musicmatch® Jukebox' and then decided that I still wanted it. I am not sure if I succeeded in reinstalling it or not. It is behaving strangely and sometimes not at all, but it is not a critical program for me anyway. Same with RealPlayer. I suspect that both are just massive spyware anyway. Do you have advice on these two programs?
Posted 9/19/2009 4:01 PM
#77522
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
info.txt logfile of random's system information tool 1.06 2009-09-19 11:27:36 <br/>======Uninstall list====== <br/> <br/>-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 <br/>-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu <br/>-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} <br/>-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} <br/>-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} <br/>-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} <br/>-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095} <br/>-->MsiExec.exe /I{F543B12A-13F5-487E-9314-F7D25E1BBE3E} <br/>-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf <br/>2001 TurboTax Premier-->C:\Program Files\Tax01\TaxUnst.EXE "C:\Program Files\Tax01\Uninstall.log" -NoGui <br/>Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe <br/>Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe <br/>Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002} <br/>Adobe Reader Chinese Traditional Fonts-->MsiExec.exe /I{AC76BA86-7AD7-2448-0000-705000000001} <br/>Adobe Shockwave Player-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log <br/>AnswerWorks 5.0 English Runtime-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}\setup.exe" -l0x9 -uninst -removeonly <br/>AOLIcon-->MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C} <br/>AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL <br/>Bitzi's Bitcollider 0.6.0-->C:\PROGRA~1\BITCOL~1\UNWISE.EXE C:\PROGRA~1\BITCOL~1\INSTALL.LOG <br/>BUM-->MsiExec.exe /I{55937F00-A69B-4049-8D3A-1C7729742B6F} <br/>CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" <br/>Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe" <br/>Deer Avenger 4-->C:\PROGRA~1\DEERAV~1\UNWISE.EXE /U C:\PROGRA~1\DEERAV~1\INSTALL.LOG <br/>Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76} <br/>Dell Media Experience-->MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B} <br/>Dell Picture Studio v3.0-->MsiExec.exe /I{AF06CAE4-C134-44B1-B699-14FBDB63BD37} <br/>Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1} <br/>DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} <br/>DMX Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE8913B7-B2C4-48BE-8A26-84390FF4F231}\Setup.exe" -l0x9 -L0x9 /SMAINT <br/>Download Updater (AOL LLC)-->C:\Program Files\Common Files\Software Update Utility\uninstall.exe <br/>DVD X Copy Platinum 4.0.3-->"C:\Program Files\321Studios\Platinum\uninstall.exe" <br/>DVD X Rescue-->C:\PROGRA~1\321STU~1\DVDXRE~1\UNWISE.EXE C:\PROGRA~1\321STU~1\DVDXRE~1\INSTALL.LOG <br/>EarthLink setup files-->MsiExec.exe /X{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE} <br/>Expert Do-It-Yourself Lawyer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Expert Software\Do-It-Yourself Lawyer\DeIsL1.isu" <br/>GdiplusUpgrade-->MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5} <br/>Google Earth Plugin-->MsiExec.exe /I{B535B621-5559-11DE-A7A1-005056806466} <br/>Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe" <br/>Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} <br/>HijackThis 2.0.2-->"C:\Documents and Settings\Jim\Desktop\FIX\HijackThis.exe" /uninstall <br/>Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" <br/>Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" <br/>Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" <br/>Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" <br/>Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" <br/>HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat <br/>HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{18E0918E-1060-48f3-925C-56C82E88551B}\setup\hpzscr01.exe" -datfile hposcr03.dat <br/>Intel(R) 537EP V9x DF PCI Modem-->rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EP V9x DF PCI Modem" <br/>Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 <br/>Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe <br/>Intel(R) PROSet for Wired Connections-->MsiExec.exe /I{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7} <br/>Internet Explorer Default Page-->MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395} <br/>ItsDeductible Express-->MsiExec.exe /X{36495C59-089C-49D1-BD15-9E5BD86DC9A1} <br/>J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040} <br/>J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} <br/>Jasc Paint Shop Photo Album 5-->MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC} <br/>Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch-->C:\Program Files\Jasc Software Inc\Paint Shop Pro Studio\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG <br/>Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030} <br/>Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF} <br/>Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} <br/>Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} <br/>Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} <br/>Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} <br/>Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} <br/>Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe <br/>LogViewer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E5090856-6E87-4AE1-B6FE-DD4149CB097A}\Setup.exe" -l0x9 <br/>Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c} <br/>Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" <br/>Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" <br/>Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} <br/>Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} <br/>Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" <br/>Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" <br/>Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" <br/>Microsoft Office 97, Professional Edition-->C:\Program Files\Microsoft Office\Office\Setup\Acme.exe /w Off97Pro.STF <br/>Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} <br/>Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} <br/>Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} <br/>Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} <br/>Modem Event Monitor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}\setup.exe" -l0x9 <br/>Modem Helper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel <br/>Modem On Hold-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText <br/>Monopoly-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hasbro Interactive\Monopoly\Uninst.isu" <br/>Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe <br/>MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} <br/>MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} <br/>MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} <br/>Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst <br/>OpenOffice.org 3.0-->MsiExec.exe /I{F44DA61E-720D-4E79-871F-F6E628B33242} <br/>overland-->MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC} <br/>PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars <br/>PowerDVD 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall <br/>QuickBooks Simple Start Special Edition-->msiexec.exe /I {F543B12A-13F5-487E-9314-F7D25E1BBE3E} UNIQUE_NAME="atomlimited" QBFULLNAME="QuickBooks Simple Start Special Edition" ADDREMOVE=1 <br/>Quicken 2008-->MsiExec.exe /X{3B0F52AC-EF5C-4831-B221-06C782E41280} <br/>Quicken WillMaker Plus 2005-->C:\WINDOWS\unvise32.exe C:\Program Files\Quicken WillMaker Plus 2005\uninstal.log <br/>Quicken WillMaker Plus 2008-->C:\WINDOWS\unvise32.exe C:\Program Files\Quicken WillMaker Plus 2008\uninstal.log <br/>QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log <br/>RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 <br/>SafeCast Shared Components-->C:\WINDOWS\CDAC13BA.EXE /uninstall <br/>Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" <br/>Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe" <br/>Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" <br/>Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" <br/>SkyCaddie Desktop-->"C:\Program Files\SkyGolf\SkyCaddie Desktop\UninstSkyCaddie.exe" <br/>Sonic Audio module-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} <br/>Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} <br/>Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} <br/>Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} <br/>Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} <br/>Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} <br/>Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" <br/>TurboTax Basic 2002-->C:\Program Files\TurboTax\Basic 2002\TaxUnst.EXE "C:\Program Files\TurboTax\Basic 2002\Uninstall.log" -NoGui <br/>TurboTax Deluxe 2005-->C:\Program Files\TurboTax\Deluxe 2005\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2005\Uninstall.log" -NoGui <br/>TurboTax Deluxe Deduction Maximizer 2006-->C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui <br/>TurboTax ItsDeductible 2005-->MsiExec.exe /X{2E7595EC-4FB1-4E29-93D4-9083C8A9B107} <br/>TurboTax ItsDeductible 2006-->MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F} <br/>TurboTax Premier 2004-->C:\Program Files\TurboTax\Premier 2004\TaxUnst.EXE "C:\Program Files\TurboTax\Premier 2004\Uninstall.log" -NoGui <br/>TurboTax Premier Home & Business 2002-->C:\Program Files\TurboTax\Premier Home & Business 2002\TaxUnst.EXE "C:\Program Files\TurboTax\Premier Home & Business 2002\Uninstall.log" -NoGui <br/>TurboTax Premier Home & Business 2003-->C:\Program Files\TurboTax\Premier Home & Business 2003\TaxUnst.EXE "C:\Program Files\TurboTax\Premier Home & Business 2003\Uninstall.log" -NoGui <br/>Update for Windows Internet Explorer 8 (KB961813)-->"C:\WINDOWS\ie8updates\KB961813-IE8\spuninst\spuninst.exe" <br/>Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" <br/>Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" <br/>WexTech AnswerWorks-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate <br/>Windows Internet Explorer 8 Release Candidate 1-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" <br/>Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll <br/>Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" <br/>Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89} <br/>Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall <br/>Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" <br/>Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" <br/>WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe <br/>WordPerfect Office 12-->MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48} <br/> <br/>======Hosts File====== <br/> <br/>127.0.0.1 www.007guard.com <br/>127.0.0.1 007guard.com <br/>127.0.0.1 008i.com <br/>127.0.0.1 www.008k.com <br/>127.0.0.1 008k.com <br/>127.0.0.1 www.00hq.com <br/>127.0.0.1 00hq.com <br/>127.0.0.1 010402.com <br/>127.0.0.1 www.032439.com <br/>127.0.0.1 032439.com <br/> <br/>======Security center information====== <br/> <br/>AV: AVG Anti-Virus Free (disabled) <br/> <br/>======System event log====== <br/> <br/>Computer Name: MATISSE <br/>Event Code: 7901 <br/>Message: The At32.job command failed to start due to the following error: <br/>%%2147942402 <br/> <br/>Record Number: 27373 <br/>Source Name: Schedule <br/>Time Written: 20090707070000.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 7901 <br/>Message: The At7.job command failed to start due to the following error: <br/>%%2147942402 <br/> <br/>Record Number: 27372 <br/>Source Name: Schedule <br/>Time Written: 20090707060000.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 7901 <br/>Message: The At31.job command failed to start due to the following error: <br/>%%2147942402 <br/> <br/>Record Number: 27371 <br/>Source Name: Schedule <br/>Time Written: 20090707060000.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 7901 <br/>Message: The At6.job command failed to start due to the following error: <br/>%%2147942402 <br/> <br/>Record Number: 27370 <br/>Source Name: Schedule <br/>Time Written: 20090707050000.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 7901 <br/>Message: The At30.job command failed to start due to the following error: <br/>%%2147942402 <br/> <br/>Record Number: 27369 <br/>Source Name: Schedule <br/>Time Written: 20090707050000.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>=====Application event log===== <br/> <br/>Computer Name: MATISSE <br/>Event Code: 1000 <br/>Message: Faulting application bearshare.exe, version 5.2.4.7, faulting module unknown, version 0.0.0.0, fault address 0x00000103. <br/> <br/>Record Number: 509 <br/>Source Name: Application Error <br/>Time Written: 20060715090148.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 1000 <br/>Message: Faulting application bearshare.exe, version 5.2.4.7, faulting module unknown, version 0.0.0.0, fault address 0x00000103. <br/> <br/>Record Number: 507 <br/>Source Name: Application Error <br/>Time Written: 20060714141343.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 1000 <br/>Message: Faulting application bearshare.exe, version 5.2.4.7, faulting module unknown, version 0.0.0.0, fault address 0x00000103. <br/> <br/>Record Number: 506 <br/>Source Name: Application Error <br/>Time Written: 20060714074213.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 1000 <br/>Message: Faulting application bearshare.exe, version 5.2.4.7, faulting module unknown, version 0.0.0.0, fault address 0x00000103. <br/> <br/>Record Number: 503 <br/>Source Name: Application Error <br/>Time Written: 20060712150328.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>Computer Name: MATISSE <br/>Event Code: 1000 <br/>Message: Faulting application bearshare.exe, version 5.2.4.7, faulting module unknown, version 0.0.0.0, fault address 0x00000103. <br/> <br/>Record Number: 501 <br/>Source Name: Application Error <br/>Time Written: 20060712091100.000000-240 <br/>Event Type: error <br/>User: <br/> <br/>======Environment variables====== <br/> <br/>"ComSpec"=%SystemRoot%\system32\cmd.exe <br/>"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem <br/>"windir"=%SystemRoot% <br/>"FP_NO_HOST_CHECK"=NO <br/>"OS"=Windows_NT <br/>"PROCESSOR_ARCHITECTURE"=x86 <br/>"PROCESSOR_LEVEL"=15 <br/>"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel <br/>"PROCESSOR_REVISION"=0401 <br/>"NUMBER_OF_PROCESSORS"=2 <br/>"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH <br/>"TEMP"=%SystemRoot%\TEMP <br/>"TMP"=%SystemRoot%\TEMP <br/>"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\ <br/>"VERSION"=3.0.5.001 <br/>"SESSIONID"=1120691547954htx60561b5a415:104fd618317:5d18 <br/>"COLLECTIONID"=COL8143 <br/>"ITEMID"=dj-22741-15 <br/>"UPDATEDIR"=C:\DOCUME~1\Jim\LOCALS~1\Temp\radB7A11.tmp <br/>"TOOLPATH"=/C:\Program%20Files\HP\HP%20Software%20Update\install.htm <br/>"HMSERVER"=https://wwss1pro.cce.hp.com/wuss/servlet/WUSSServlet <br/>"SWUTVER"=1.0.22.20030804 <br/>"OSVER"=winXPH <br/>"LANG"=1033 <br/>"TIMEOUT"=0 <br/> <br/>-----------------EOF-----------------
Posted 9/19/2009 4:02 PM
#77524
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
Logfile of random's system information tool 1.06 (written by random/random) <br/>Run by Jim at 2009-09-19 11:27:24 <br/>Microsoft Windows XP Home Edition Service Pack 3 <br/>System drive C: has 13 GB (9%) free of 149 GB <br/>Total RAM: 1022 MB (32% free) <br/>Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 11:27:32 AM, on 9/19/2009 <br/>Platform: Windows XP SP3 (WinNT 5.01.2600) <br/>MSIE: Internet Explorer v8.00 (8.00.6001.18372) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\WINDOWS\System32\smss.exe <br/>C:\WINDOWS\system32\winlogon.exe <br/>C:\WINDOWS\system32\services.exe <br/>C:\WINDOWS\system32\lsass.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\WINDOWS\System32\svchost.exe <br/>C:\WINDOWS\system32\spoolsv.exe <br/>C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>C:\WINDOWS\system32\drivers\CDAC11BA.EXE <br/>C:\WINDOWS\system32\HPZipm12.exe <br/>C:\Program Files\Dell Support Center\bin\sprtsvc.exe <br/>C:\WINDOWS\system32\svchost.exe <br/>C:\PROGRA~1\AVG\AVG8\avgrsx.exe <br/>C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\WINDOWS\Explorer.EXE <br/>C:\WINDOWS\system32\ctfmon.exe <br/>C:\Program Files\Analog Devices\Core\smax4pnp.exe <br/>C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe <br/>C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe <br/>C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe <br/>C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe <br/>C:\Program Files\HP\hpcoretech\hpcmpmgr.exe <br/>C:\WINDOWS\system32\dla\tfswctrl.exe <br/>C:\WINDOWS\system32\hkcmd.exe <br/>C:\WINDOWS\system32\igfxpers.exe <br/>C:\Program Files\Google\Google Talk\googletalk.exe <br/>C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>C:\Program Files\Dell Support Center\bin\sprtcmd.exe <br/>C:\Program Files\Messenger\msmsgs.exe <br/>C:\PROGRA~1\QUICKEN\bagent.exe <br/>C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe <br/>C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>C:\Program Files\Microsoft Office\Office\OSA.EXE <br/>C:\Program Files\OpenOffice.org 3\program\soffice.exe <br/>C:\Program Files\OpenOffice.org 3\program\soffice.bin <br/>C:\WINDOWS\system32\taskmgr.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\PROGRA~1\AVG\AVG8\avgnsx.exe <br/>C:\Program Files\Common Files\Real\Update_OB\realsched.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\Program Files\AVG\AVG8\avgui.exe <br/>C:\WINDOWS\system32\wscntfy.exe <br/>C:\Program Files\AVG\AVG8\avgcsrvx.exe <br/>C:\Program Files\Java\jre6\bin\jqs.exe <br/>C:\Program Files\Java\jre6\bin\jusched.exe <br/>C:\Program Files\Microsoft Office\Office\Winword.exe <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\WINDOWS\system32\NOTEPAD.EXE <br/>C:\Program Files\Internet Explorer\iexplore.exe <br/>C:\Documents and Settings\Jim\Local Settings\Temporary Internet Files\Content.IE5\5TEIQK60\RSIT[1].exe <br/>C:\Program Files\Trend Micro\HijackThis\Jim.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url=http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html]http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html[/url] <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url=http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com]http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com[/url] <br/>R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 129.74.152.66:3124 <br/>R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) <br/>O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll <br/>O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll <br/>O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll <br/>O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll <br/>O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll <br/>O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll <br/>O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll <br/>O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll <br/>O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll <br/>O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe <br/>O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe <br/>O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" <br/>O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe <br/>O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup <br/>O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start <br/>O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" <br/>O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe <br/>O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe <br/>O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe <br/>O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe <br/>O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" <br/>O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart <br/>O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall <br/>O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe <br/>O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter <br/>O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" <br/>O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent <br/>O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background <br/>O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter <br/>O4 - HKCU\..\Run: [QuickenScheduledUpdates] C:\PROGRA~1\QUICKEN\bagent.exe <br/>O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 <br/>O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe <br/>O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe <br/>O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe <br/>O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe <br/>O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE <br/>O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe <br/>O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html <br/>O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_16.dll <br/>O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_16.dll <br/>O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll <br/>O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe <br/>O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll <br/>O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll <br/>O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll <br/>O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe <br/>O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe <br/>O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - [url=https://mygmgw.gm.com/http://usabhma06.mail.gm.com/iNotes.cab]https://mygmgw.gm.com/http://usabhma06.mail.gm.com/iNotes.cab[/url] <br/>O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll <br/>O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - [url=https://mygmgw.gm.com/http://usabhembma19.mail.gm.com/iNotes6W.cab]https://mygmgw.gm.com/http://usabhembma19.mail.gm.com/iNotes6W.cab[/url] <br/>O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab <br/>O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab <br/>O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232622251765 <br/>O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab <br/>O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab <br/>O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab <br/>O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll <br/>O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll <br/>O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe <br/>O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe <br/>O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE <br/>O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe <br/>O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe <br/>O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe <br/>O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe <br/>O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe <br/> <br/>-- <br/>End of file - 11732 bytes <br/> <br/>======Scheduled tasks folder====== <br/> <br/>C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job <br/>C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job <br/>C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job <br/>C:\WINDOWS\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job <br/> <br/>======Registry dump====== <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] <br/>Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] <br/>AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-08-15 1111320] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] <br/>Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] <br/>DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2005-05-31 118844] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] <br/>SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-07-31 321312] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] <br/>AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0cda128-b425-4eef-a174-61a11ac5dbf8}] <br/>AIM Toolbar Loader - C:\Program Files\AIM Toolbar\aimtb.dll [2008-10-07 1275176] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] <br/>Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-31 41760] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] <br/>JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-31 73728] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <br/>{61539ecd-cc67-4437-a03c-9aaccbd14326} - AIM Toolbar - C:\Program Files\AIM Toolbar\aimtb.dll [2008-10-07 1275176] <br/>{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-14 1004800] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <br/>"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928] <br/>"IntelMeM"=C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe [2003-09-03 221184] <br/>"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-02-23 53248] <br/>"mmtask"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe [2004-09-14 53248] <br/>"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] <br/>"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920] <br/>"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2005-01-12 241664] <br/>"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-05-31 122941] <br/>"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208] <br/>"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824] <br/>"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688] <br/>"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-10-09 16384] <br/>"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648] <br/>"MSKDetectorExe"=C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [2006-11-07 1121280] <br/>"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-08-15 2007832] <br/>"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-10-09 202544] <br/>"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2006-03-11 180269] <br/>"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-31 149280] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <br/>"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-09-10 420176] <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <br/>"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] <br/>"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-10-09 202544] <br/>"QuickenScheduledUpdates"=C:\PROGRA~1\QUICKEN\bagent.exe [2008-04-21 87328] <br/>"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472] <br/>"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] <br/>"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] <br/> <br/>C:\Documents and Settings\All Users\Start Menu\Programs\Startup <br/>Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe <br/>HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe <br/>Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE <br/>QuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe <br/> <br/>C:\Documents and Settings\Jim\Start Menu\Programs\Startup <br/>OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] <br/>C:\WINDOWS\system32\avgrsstx.dll [2009-08-15 11952] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] <br/>C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] <br/>C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <br/>UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616] <br/>WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] <br/>"dontdisplaylastusername"=0 <br/>"legalnoticecaption"= <br/>"legalnoticetext"= <br/>"shutdownwithoutlogon"=1 <br/>"undockwithoutlogon"=1 <br/> <br/>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] <br/>"NoDriveTypeAutoRun"=323 <br/>"NoDriveAutoRun"=67108863 <br/>"NoDrives"=0 <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] <br/>"NoDriveAutoRun"= <br/>"NoDriveTypeAutoRun"= <br/>"NoDrives"= <br/>"HonorAutoRunSetting"= <br/> <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] <br/>"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" <br/>"C:\WINDOWS\SYSTEM32\MSHTA.EXE"="C:\WINDOWS\SYSTEM32\MSHTA.EXE:*:Enabled:Microsoft (R) HTML Application host" <br/>"C:\Program Files\Quicken WillMaker Plus 2005\qwp.exe"="C:\Program Files\Quicken WillMaker Plus 2005\qwp.exe:*:Enabled:Quicken WillMaker Plus 2005 application" <br/>"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" <br/>"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk" <br/>"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe" <br/>"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe" <br/>"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" <br/>"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax" <br/>"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager" <br/>"C:\Program Files\SkyGolf\SkyCaddie Desktop\SkyCaddieDesktop.exe"="C:\Program Files\SkyGolf\SkyCaddie Desktop\SkyCaddieDesktop.exe:*:Enabled:SkyCaddie Desktop" <br/>"C:\WINDOWS\SYSTEM32\dpvsetup.exe"="C:\WINDOWS\SYSTEM32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" <br/>"C:\WINDOWS\SYSTEM32\rundll32.exe"="C:\WINDOWS\SYSTEM32\rundll32.exe:*:Enabled:Run a DLL as an App" <br/> <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] <br/>"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" <br/>"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL" <br/>"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL" <br/>"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL" <br/>"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger" <br/>"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" <br/> <br/>[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f975347-2285-11de-bde4-001320634e8a}] <br/>shell\AutoRun\command - F:\setupSNK.exe <br/> <br/> <br/>======List of files/folders created in the last 1 months====== <br/> <br/>2009-09-19 11:27:24 ----D---- C:\rsit <br/>2009-09-19 10:59:40 ----D---- C:\Program Files\Trend Micro <br/>2009-09-19 10:17:24 ----A---- C:\WINDOWS\system32\REN1F8.tmp <br/>2009-09-19 10:17:24 ----A---- C:\WINDOWS\system32\javaws.exe <br/>2009-09-19 10:17:24 ----A---- C:\WINDOWS\system32\javaw.exe <br/>2009-09-19 10:17:24 ----A---- C:\WINDOWS\system32\java.exe <br/>2009-09-17 14:21:58 ----DC---- C:\WINDOWS\$NtUninstallKB968389$ <br/>2009-09-10 03:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ <br/>2009-09-10 03:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ <br/>2009-08-27 03:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$ <br/> <br/>======List of files/folders modified in the last 1 months====== <br/> <br/>2009-09-19 11:27:25 ----D---- C:\WINDOWS\Prefetch <br/>2009-09-19 10:59:40 ----RD---- C:\Program Files <br/>2009-09-19 10:25:32 ----D---- C:\Program Files\Java <br/>2009-09-19 10:25:22 ----D---- C:\WINDOWS\SYSTEM32 <br/>2009-09-19 10:25:19 ----SHD---- C:\WINDOWS\Installer <br/>2009-09-19 10:17:26 ----D---- C:\WINDOWS\temp <br/>2009-09-19 10:15:09 ----D---- C:\Downloads <br/>2009-09-19 03:52:51 ----HD---- C:\$AVG8.VAULT$ <br/>2009-09-18 22:45:32 ----HD---- C:\WINDOWS\INF <br/>2009-09-18 22:45:32 ----D---- C:\WINDOWS <br/>2009-09-18 07:06:49 ----A---- C:\WINDOWS\WIN.INI <br/>2009-09-18 05:23:04 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy <br/>2009-09-18 02:21:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware <br/>2009-09-18 02:21:30 ----D---- C:\WINDOWS\system32\DRIVERS <br/>2009-09-17 19:24:13 ----D---- C:\WINDOWS\Debug <br/>2009-09-17 19:24:12 ----D---- C:\WINDOWS\Minidump <br/>2009-09-17 19:15:15 ----D---- C:\My Music <br/>2009-09-17 18:31:16 ----D---- C:\Program Files\Mozilla Firefox <br/>2009-09-17 16:09:42 ----D---- C:\WINDOWS\system32\CatRoot <br/>2009-09-17 16:09:40 ----D---- C:\WINDOWS\system32\CatRoot2 <br/>2009-09-17 16:03:12 ----A---- C:\WINDOWS\ModemLog_Intel(R) 537EP V9x DF PCI Modem.txt <br/>2009-09-17 16:01:53 ----D---- C:\WINDOWS\system32\CONFIG <br/>2009-09-17 16:01:32 ----D---- C:\WINDOWS\system32\WBEM <br/>2009-09-17 16:01:31 ----D---- C:\WINDOWS\Registration <br/>2009-09-17 16:00:12 ----RSHD---- C:\WINDOWS\system32\DLLCACHE <br/>2009-09-17 15:59:37 ----N---- C:\WINDOWS\SchedLgU.Txt <br/>2009-09-17 14:20:10 ----HD---- C:\WINDOWS\$hf_mig$ <br/>2009-09-17 11:25:08 ----D---- C:\Documents and Settings\All Users\Application Data\yahoo! <br/>2009-09-15 04:14:14 ----D---- C:\Program Files\Spybot - Search & Destroy <br/>2009-09-15 04:10:13 ----D---- C:\WINDOWS\network diagnostic <br/>2009-09-10 08:31:36 ----D---- C:\Documents and Settings\Jim\Application Data\Real <br/>2009-09-03 23:49:43 ----D---- C:\WINDOWS\system32\FxsTmp <br/>2009-08-28 17:38:20 ----A---- C:\WINDOWS\system32\MRT.exe <br/> <br/>======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== <br/> <br/>R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-15 335240] <br/>R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-15 27784] <br/>R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-06 108552] <br/>R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] <br/>R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] <br/>R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2005-05-13 5627] <br/>R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2005-05-13 23545] <br/>R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] <br/>R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS [] <br/>R2 CDRPDACC;Arrowkey Device Access; \??\C:\Program Files\321Studios\Shared\CDRPDACC.SYS [] <br/>R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2005-04-21 40544] <br/>R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376] <br/>R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-05-31 25725] <br/>R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-05-31 34845] <br/>R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-05-31 4125] <br/>R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-05-31 2241] <br/>R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-05-31 86876] <br/>R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-05-31 15069] <br/>R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-05-31 6365] <br/>R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-05-31 98716] <br/>R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-05-31 100605] <br/>R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112] <br/>R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] <br/>R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-02-26 51056] <br/>R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-02-26 16496] <br/>R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-02-26 21488] <br/>R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332] <br/>R3 IntelC51;IntelC51; C:\WINDOWS\system32\DRIVERS\IntelC51.sys [2004-03-05 1233525] <br/>R3 IntelC52;IntelC52; C:\WINDOWS\system32\DRIVERS\IntelC52.sys [2004-03-05 647929] <br/>R3 IntelC53;IntelC53; C:\WINDOWS\system32\DRIVERS\IntelC53.sys [2004-06-15 61157] <br/>R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] <br/>R3 mohfilt;mohfilt; C:\WINDOWS\system32\DRIVERS\mohfilt.sys [2004-03-05 37048] <br/>R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2006-06-04 34528] <br/>R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928] <br/>R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352] <br/>R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] <br/>R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] <br/>R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] <br/>R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] <br/>R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] <br/>R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] <br/>S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys [] <br/>S3 catchme;catchme; \??\C:\DOCUME~1\Jim\LOCALS~1\Temp\catchme.sys [] <br/>S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] <br/>S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [] <br/>S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] <br/>S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] <br/>S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] <br/>S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] <br/>S3 QCDonner;Logitech QuickCam Express; C:\WINDOWS\system32\DRIVERS\OVCD.sys [2001-08-17 28032] <br/>S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] <br/>S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] <br/>S3 usbser;SkyCaddie USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112] <br/>S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] <br/>S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [] <br/>S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] <br/>S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] <br/>S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] <br/> <br/>======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== <br/> <br/>R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-15 908056] <br/>R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-15 297752] <br/>R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2006-04-13 52736] <br/>R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-31 153376] <br/>R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728] <br/>R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-10-09 202544] <br/>S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776] <br/>S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-02 133104] <br/>S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] <br/>S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848] <br/>S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2003-12-17 143360] <br/>S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] <br/>S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] <br/> <br/>-----------------EOF-----------------
Posted 9/19/2009 4:07 PM
#77525
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
Finally, I should tell you that I had a bout with the 'SHeur2.MKJ Trojan Horse' this past January, 2009. It was a bit of a chore to remove it because AVG kept on finding it and deleting it, but it would keep on reappearing upon reboot or rerunning of the AVG scan. That time was when I first found YOU guys, and it was information from your forum that taught me hot to get rid of this Trojan Horse. It took Ccleaner, Malwarebytes, and ComboFix to get rid of it, by following your self-help instructions. So I didn't need to post anything at that time. <br/>Perhaps the behaviors I am seeing now, might be remnants of that Trojan Horse. <br/> <br/> <br/> <br/>I'll attach screen captures of the AVG scan run back in January 2009. I have not seen any trace of this Trojan Horse since removing it with your 'FIX' instructions.
Post attachments:
SHeur2.MKJ Trojan Horse info Jan 2009.JPGSHeur2.MKJ Trojan Horse info Jan 2009 (2).JPG
Posted 9/19/2009 4:13 PM
#77526
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
Oh, I guess there is one more piece of information I should give you. When I first boot, it now takes forever to finish !! I read somewhere on your forum about selecting which components should boot on start-up and how some can be selected to boot sometime later. When I boot, once the PC looks like it is ready, I would like to start working. But usually all of the start-up applications are still launching and during this time the PC is completely unusable. <br/> <br/> <br/>I wonder if much of this boot-up delay is AVG Free 8.5.409 scanning components before you are allowed to do anything. Do you know if AVG is known to add a huge amount of time to the boot-up process ?? Is this an unfortunate consequence of choosing to use AVG Free ?? Your forum suggests 'Avast' and 'Avira'. Do you recommend that I cease using AVG and begin using one of those others?? The reason I ask this is because there are about 4-5 other users that have selected AVG Free on my recommendation, and I wish to know your opinion on whether I should rethink giving this advice. <br/> <br/> <br/> <br/>Thanks !!
Posted 9/20/2009 3:13 AM
#77542
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello jk48326 :smile: <br/> <br/> <br/> <br/> <br/> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma">Please download Combofix from:<SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><SPAN lang=EN-US style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-US; mso-bidi-font-size: 11.0pt"> <SPAN style="FONT-SIZE: 8.5pt; COLOR: black; FONT-FAMILY: Verdana"><SPAN lang=EN-GB style="mso-ansi-language: EN-GB">http://download.bleepingcomputer.com/sUBs/ComboFix.exe<SPAN lang=EN-GB style="mso-ansi-language: EN-GB"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma">And save to the desktop.<SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <br/><SPAN lang=EN style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN; mso-bidi-font-size: 11.0pt">Close all other browser windows.<o:p></o:p> <br/> <br/><SPAN lang=EN style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN; mso-bidi-font-size: 11.0pt"> <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB">Double-click on the combofix icon found on your desktop. <o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB"> <o:p></o:p> <br/> <br/><B style="mso-bidi-font-weight: normal"><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt">Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.<o:p></o:p></B> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"><SPAN style="mso-spacerun: yes"> When finished, it will produce a logfile located at C:\combofix.txt.<SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"><o:p></o:p> <br/> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"> <SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma"><o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt"> <br/><SPAN class=postbody><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma">Post the contents of that log in your next reply <o:p></o:p>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 9/20/2009 6:58 AM
#77551
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
Actually I had figured you would ask me to run Combo-Fix. I already ran it, but didn't post it yet. Here is the log. <br/> <br/> <br/>ComboFix 09-09-18.02 - Jim 09/19/2009 14:46.3.2 - NTFSx86 <br/>Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.607 [GMT -4:00] <br/>Running from: c:\downloads\ComboFix\ComboFix.exe <br/>AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} <br/>. <br/> <br/>((((((((((((((((((((((((( Files Created from 2009-08-19 to 2009-09-19 ))))))))))))))))))))))))))))))) <br/>. <br/> <br/>2009-09-19 15:27 . 2009-09-19 15:29 -------- d-----w- C:\rsit <br/>2009-09-19 14:59 . 2009-09-19 14:59 -------- d-----w- c:\program files\Trend Micro <br/>2009-09-17 20:01 . 2009-09-17 20:01 -------- d-----w- c:\windows\system32\wbem\Repository <br/>2009-09-10 03:21 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll <br/> <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2009-09-19 14:25 . 2005-07-05 14:44 -------- d-----w- c:\program files\Java <br/>2009-09-18 09:23 . 2009-07-17 03:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy <br/>2009-09-18 06:21 . 2009-01-22 12:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware <br/>2009-09-17 15:25 . 2006-07-23 09:02 -------- d-----w- c:\documents and settings\All Users\Application Data\yahoo! <br/>2009-09-15 08:14 . 2009-07-17 03:43 -------- d-----w- c:\program files\Spybot - Search & Destroy <br/>2009-09-10 18:54 . 2009-01-22 12:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys <br/>2009-09-10 18:53 . 2009-01-22 12:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2009-08-15 06:44 . 2008-06-20 06:32 11952 ----a-w- c:\windows\system32\avgrsstx.dll <br/>2009-08-15 06:44 . 2008-06-20 06:32 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys <br/>2009-08-15 06:44 . 2008-01-29 06:12 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys <br/>2009-08-05 09:01 . 2004-08-04 10:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll <br/>2009-07-31 19:23 . 2009-09-19 14:17 411368 ----a-w- c:\windows\system32\REN1F8.tmp <br/>2009-07-25 23:01 . 2009-07-25 23:01 8266 ----a-w- c:\windows\extend.dat <br/>2009-07-17 19:01 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\atl.dll <br/>2009-07-15 12:39 . 2009-07-15 12:40 410984 ----a-w- c:\windows\system32\deploytk.dll <br/>2009-07-14 03:43 . 2004-08-04 10:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll <br/>. <br/> <br/>((((((((((((((((((((((((((((( [url=SnapShot@2009-08-03_07.06.09]SnapShot@2009-08-03_07.06.09[/url] ))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>+ 2004-08-04 10:00 . 2008-04-14 00:12 49152 c:\windows\SYSTEM32\wdigest(3).dll <br/>+ 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\SYSTEM32\tzchange.exe <br/>+ 2004-08-04 10:00 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\telnet.exe <br/>+ 2004-08-04 10:00 . 2009-02-03 19:59 56832 c:\windows\SYSTEM32\secur32(3).dll <br/>- 2009-01-31 23:32 . 2009-07-05 16:37 84661 c:\windows\SYSTEM32\Macromed\Flash\uninstall_plugin.exe <br/>+ 2009-01-31 23:32 . 2009-09-10 12:29 84661 c:\windows\SYSTEM32\Macromed\Flash\uninstall_plugin.exe <br/>+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe <br/>+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll <br/>+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll <br/>+ 2004-08-04 10:00 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\avifil32.dll <br/>- 2004-08-04 10:00 . 2008-04-14 00:11 84992 c:\windows\SYSTEM32\avifil32.dll <br/>+ 2009-08-13 20:33 . 2008-04-14 00:11 58880 c:\windows\$NtUninstallKB973507$\atl.dll <br/>+ 2009-08-13 20:33 . 2008-04-14 00:11 84992 c:\windows\$NtUninstallKB971557$\avifil32.dll <br/>+ 2009-08-13 20:33 . 2008-04-14 00:12 75776 c:\windows\$NtUninstallKB960859$\telnet.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973869\update\spcustom.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973869\spmsg.dll <br/>+ 2009-08-13 20:29 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973815\update\spcustom.dll <br/>+ 2009-08-13 20:29 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973815\spmsg.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973507\update\spcustom.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973507\spmsg.dll <br/>+ 2009-07-17 19:25 . 2009-07-17 19:25 58880 c:\windows\$hf_mig$\KB973507\SP3QFE\atl.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973354\update\spcustom.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973354\spmsg.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971657\update\spcustom.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971657\spmsg.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971557\update\spcustom.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971557\spmsg.dll <br/>+ 2009-06-10 14:01 . 2009-06-10 14:01 84992 c:\windows\$hf_mig$\KB971557\SP3QFE\avifil32.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB960859\update\spcustom.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB960859\spmsg.dll <br/>+ 2009-06-12 12:03 . 2009-06-12 12:03 80896 c:\windows\$hf_mig$\KB960859\SP3QFE\tlntsess.exe <br/>+ 2009-06-12 12:03 . 2009-06-12 12:03 76288 c:\windows\$hf_mig$\KB960859\SP3QFE\telnet.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956744\update\spcustom.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956744\spmsg.dll <br/>- 2004-08-04 10:00 . 2008-04-14 00:12 132096 c:\windows\SYSTEM32\wkssvc.dll <br/>+ 2004-08-04 10:00 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\wkssvc.dll <br/>+ 2009-01-22 10:43 . 2009-09-17 20:01 742716 c:\windows\SYSTEM32\Restore\rstrlog.dat <br/>+ 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\SYSTEM32\Macromed\Flash\NPSWF32_FlashUtil.exe <br/>+ 2004-08-04 10:00 . 2008-04-14 00:11 299520 c:\windows\SYSTEM32\kerberos(3).dll <br/>+ 2009-09-19 14:17 . 2009-07-31 19:23 149280 c:\windows\SYSTEM32\javaws.exe <br/>+ 2009-09-19 14:17 . 2009-07-31 19:23 145184 c:\windows\SYSTEM32\javaw.exe <br/>+ 2009-09-19 14:17 . 2009-07-31 19:23 145184 c:\windows\SYSTEM32\java.exe <br/>+ 2004-08-04 10:00 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll <br/>+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll <br/>+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\SYSTEM32\DLLCACHE\mswebdvd.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB973869$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:29 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973815$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:29 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:29 . 2008-04-14 00:12 203776 c:\windows\$NtUninstallKB973815$\mswebdvd.dll <br/>+ 2009-08-13 20:32 . 2006-10-19 02:47 314880 c:\windows\$NtUninstallKB973540_WM9$\wmpdxm.dll <br/>+ 2009-08-13 20:32 . 2007-07-27 14:41 382840 c:\windows\$NtUninstallKB973540_WM9$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:32 . 2007-07-27 14:41 231288 c:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973507$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973354$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:33 . 2008-04-14 00:12 132096 c:\windows\$NtUninstallKB971657$\wkssvc.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971657$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971557$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB960859$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956744$\spuninst\updspapi.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973869\update\updspapi.dll <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973869\update\update.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973869\spuninst.exe <br/>+ 2009-08-13 20:29 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973815\update\updspapi.dll <br/>+ 2009-08-13 20:29 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973815\update\update.exe <br/>+ 2009-08-13 20:29 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973815\spuninst.exe <br/>+ 2009-08-05 08:52 . 2009-08-05 08:52 204800 c:\windows\$hf_mig$\KB973815\SP3QFE\mswebdvd.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973507\update\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973507\update\update.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973507\spuninst.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973354\update\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973354\update\update.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973354\spuninst.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971657\spuninst.exe <br/>+ 2009-06-10 06:17 . 2009-06-10 06:17 134144 c:\windows\$hf_mig$\KB971657\SP3QFE\wkssvc.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971557\update\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971557\update\update.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971557\spuninst.exe <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB960859\spuninst.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956744\update\updspapi.dll <br/>+ 2009-08-13 20:33 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB956744\update\update.exe <br/>+ 2009-08-13 20:33 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956744\spuninst.exe <br/>- 2004-08-04 10:00 . 2008-06-18 10:03 2458112 c:\windows\SYSTEM32\WMVCore.dll <br/>+ 2004-08-04 10:00 . 2009-05-20 08:56 2458112 c:\windows\SYSTEM32\WMVCore.dll <br/>+ 2004-08-04 10:00 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\mstscax.dll <br/>+ 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\SYSTEM32\Macromed\Flash\NPSWF32.dll <br/>+ 2004-08-04 10:00 . 2009-05-20 08:56 2458112 c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll <br/>- 2004-08-04 10:00 . 2008-06-18 10:03 2458112 c:\windows\SYSTEM32\DLLCACHE\WMVCore.dll <br/>+ 2009-06-10 13:19 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\DLLCACHE\mstscax.dll <br/>+ 2009-08-13 11:02 . 2009-07-10 13:27 1315328 c:\windows\SYSTEM32\DLLCACHE\msoe.dll <br/>+ 2009-08-13 20:33 . 2008-04-14 00:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll <br/>+ 2009-08-13 20:33 . 2008-04-14 00:11 2061824 c:\windows\$NtUninstallKB956744$\mstscax.dll <br/>+ 2009-07-10 22:54 . 2009-07-10 22:54 1315328 c:\windows\$hf_mig$\KB973354\SP3QFE\msoe.dll <br/>+ 2009-08-13 11:02 . 2009-06-09 15:21 2067968 c:\windows\$hf_mig$\KB956744\SP3QFE\lhmstscx.dll <br/>+ 2004-08-04 10:00 . 2009-07-14 03:43 10841088 c:\windows\SYSTEM32\wmp.dll <br/>+ 2005-07-11 01:36 . 2009-08-28 21:38 24689600 c:\windows\SYSTEM32\MRT.exe <br/>+ 2004-08-04 10:00 . 2009-07-14 03:43 10841088 c:\windows\SYSTEM32\DLLCACHE\wmp.dll <br/>+ 2009-08-13 20:32 . 2008-11-11 22:34 10838016 c:\windows\$NtUninstallKB973540_WM9$\wmp.dll <br/>. <br/>-- Snapshot reset to current date -- <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/> <br/>[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] <br/>2009-06-14 20:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] <br/>"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800] <br/> <br/>[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] <br/> <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] <br/>"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 202544] <br/>"QuickenScheduledUpdates"="c:\progra~1\QUICKEN\bagent.exe" [2008-04-21 87328] <br/>"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472] <br/>"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] <br/>"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184] <br/>"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248] <br/>"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2004-09-14 53248] <br/>"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] <br/>"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] <br/>"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 241664] <br/>"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941] <br/>"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] <br/>"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] <br/>"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] <br/>"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 16384] <br/>"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] <br/>"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280] <br/>"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-15 2007832] <br/>"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-10-09 202544] <br/>"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-03-11 180269] <br/>"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280] <br/> <br/>c:\documents and settings\Jim\Start Menu\Programs\Startup\ <br/>OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000] <br/> <br/>c:\documents and settings\All Users\Start Menu\Programs\Startup\ <br/>Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] <br/>HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568] <br/>Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-7-11 51984] <br/>QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912] <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] <br/>2009-08-15 06:44 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] <br/>"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime <br/>"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot <br/> <br/>[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] <br/>"%windir%\\system32\\sessmgr.exe"= <br/>"c:\\WINDOWS\\SYSTEM32\\MSHTA.EXE"= <br/>"c:\\Program Files\\Quicken WillMaker Plus 2005\\qwp.exe"= <br/>"%windir%\\Network Diagnostic\\xpnetdiag.exe"= <br/>"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= <br/>"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= <br/>"c:\\Program Files\\Mozilla Firefox\\firefox.exe"= <br/>"c:\\Program Files\\SkyGolf\\SkyCaddie Desktop\\SkyCaddieDesktop.exe"= <br/>"c:\\WINDOWS\\SYSTEM32\\dpvsetup.exe"= <br/> <br/>R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [6/20/2008 2:32 AM 335240] <br/>R1 AvgTdiX;AVG8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [6/20/2008 2:32 AM 108552] <br/>R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/15/2008 8:27 AM 908056] <br/>R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/15/2008 8:27 AM 297752] <br/>S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/2/2009 11:54 AM 133104] <br/> <br/>--- Other Services/Drivers In Memory --- <br/> <br/>*NewlyCreated* - JAVAQUICKSTARTERSERVICE <br/> <br/>[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] <br/>"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/> <br/>2009-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 15:53] <br/> <br/>2009-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-02 15:53] <br/> <br/>2009-09-19 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job <br/>- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2009-07-17 19:31] <br/> <br/>2009-09-13 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job <br/>- c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2009-07-17 19:31] <br/>. <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uStart Page = hxxp://www.yahoo.com/ <br/>uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 <br/>mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html <br/>uInternet Settings,ProxyOverride = <local> <br/>uInternet Settings,ProxyServer = 129.74.152.66:3124 <br/>uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com <br/>IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html <br/>Trusted Zone: skygolfgps.com\www <br/>Trusted Zone: turbotax.com <br/>FF - ProfilePath - c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\0vu6jjhf.default\ <br/>FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p= <br/>FF - prefs.js: browser.search.selectedEngine - Yahoo! Search <br/>FF - prefs.js: browser.startup.homepage - www.yahoo.com <br/>FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p= <br/>FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll <br/>FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll <br/>FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll <br/>FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll <br/>FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll <br/>. <br/> <br/>************************************************************************** <br/> <br/>catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net <br/>Rootkit scan 2009-09-19 14:55 <br/>Windows 5.1.2600 Service Pack 3 NTFS <br/> <br/>scanning hidden processes ... <br/> <br/>scanning hidden autostart entries ... <br/> <br/>scanning hidden files ... <br/> <br/>scan completed successfully <br/>hidden files: 0 <br/> <br/>************************************************************************** <br/>. <br/>--------------------- DLLs Loaded Under Running Processes --------------------- <br/> <br/>- - - - - - - > 'explorer.exe'(5540) <br/>c:\progra~1\WINDOW~2\wmpband.dll <br/>c:\windows\system32\ieframe.dll <br/>c:\windows\system32\webcheck.dll <br/>c:\windows\system32\WPDShServiceObj.dll <br/>c:\windows\system32\PortableDeviceTypes.dll <br/>c:\windows\system32\PortableDeviceApi.dll <br/>c:\windows\system32\OneX.DLL <br/>c:\windows\system32\eappprxy.dll <br/>. <br/>Completion time: 2009-09-19 14:57 <br/>ComboFix-quarantined-files.txt 2009-09-19 18:57 <br/>ComboFix2.txt 2009-08-03 07:09 <br/>ComboFix3.txt 2009-01-26 13:10 <br/> <br/>Pre-Run: 13,763,567,616 bytes free <br/>Post-Run: 13,740,654,592 bytes free <br/> <br/>273 --- E O F --- 2009-09-10 07:05
Posted 10/6/2009 4:05 PM
#78133
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
Hello all. I was wondering if there is something else I need to do in order to assist with this PC diagnosis. I posted the ComboFix log as requested but haven't seen a response in a number of weeks. I am wondering if I have done what was requested of me satisfactorily to this point. <br/> <br/> <br/> <br/>I am still seeing the same behavioral traits on this computer, most notably when moving between different browser windows, the newly highlighted window will sometimes take 30 seconds to respond to its first mouse click on a browser tab, then subsequent mouse clicks on different tabs in that window are also ignored. If I continue this several more times, the browser window banner message eventually says '(Not responding)', and if I continue trying other windows to find something that is alive, or even the tray or the Start menu which also becomes non-responsive, the mouse eventually freezes and I get the 'PC locked' beep. A minute later everything will free up, and the PC does remember many of the mouse clicks because the Start menu will open/close many times from me attempting to select it. Then if I go select a different browser window again, the whole thing starts over again. <br/> <br/> <br/> <br/>This also affects Windows Explorer, which I still find very strange. File Manager used to be hugely fast because it was just looking at your hard drive. For some reason Windows Explorer seems to be checking a bunch of network connections and neighborhood stuff in the background every time you want to use it, which is annoyingly slow. And I can't believe that AVG's active scanner would be to blame for all of this behavior, but it really looks like something is interfering with EVERY SINGLE thing that you try to do on this computer. <br/> <br/> <br/> <br/>Let me know if you guys can help with this. This is not an old computer and it really should not be doing this. I really can't tell if I am dealing with a very well hidden keylogger or else built-in WinXP network services that are getting stuck and are hijacking resources or just interfering with everything that I try to do. I was just on someone's laptop Sunday night, and was reminded of how blazingly fast the really easy things like Start menu, Windows Explorer, and Internet Exporer should be. <br/> <br/> <br/> <br/>I am to the point of doing a huge backup and completely rebuilding this PC, which I really do dread because this is a Dell an I'm not really sure where to find the stupid master re-install CD that contains all the stuff that came with the PC anyway. So I don't have an OEM copy of WinXP, just what came with this computer, and rebuilding it suddenly doesn't seem trivial. I might just need to crack a WinXP CD and install fresh that way. It isn't the 'right' license, but the license I do have does entitle me to run one installation of WinXP so I think this would be good enough. Naturally, I'd rather not have to do this at all since I have dozens of other applications and updates that I would have to perform too. <br/> <br/> <br/> <br/>Finally, I do run AVG-free. Do you really recommend one of those other free virus services more ?? I am willing to try a different one, just in case this whole issue is due to AVG-free's active scanner just being horribly invasive and slow. Do you know of the other two being that much better ?? This I would really like to know because I have personally installed AVG on several other people's PC for them, and I would hate to find that I am giving them the same problems that I see. <br/> <br/> <br/> <br/>Also, I think I am going to run Hijack-this and install the log here. If we are truly stuck here, that's probably the next thing you would have asked me for anyway. <br/> <br/> <br/> <br/>Let me know if you want me to re-run any of the scans and repost logfiles though, since the ones currently posted are pretty old now. <br/> <br/> <br/> <br/>Thanks !!
Posted 10/7/2009 6:53 AM
#78143
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Sorry, I´ve completely missed you. <br/> <br/> <br/> <br/> <br/> <br/> <br/><SPAN class=spnmessagetext><SPAN lang=EN-GB style="FONT-SIZE: 10pt; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB">Please follow this guide:<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><SPAN class=apple-style-span><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">Before-posting-a-log<o:p></o:p> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"> <br/><SPAN class=apple-style-span><SPAN style="mso-spacerun: yes"> Follow the instructions and copy the logs here, <SPAN class=apple-style-span><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt">in this Topic.<SPAN class=apple-style-span><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: red; mso-ansi-language: EN-GB; mso-bidi-font-size: 12.0pt"><o:p></o:p>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 10/7/2009 4:00 PM
#78162
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
I already performed most of what is requested in that 'Before posting a log' Instruction Set, and posted the results above. Should I completely re-run those utilities and repost?? <br/> <br/>I had one question that I needed answered though, about the Instruction Set. I was confused during the Sun Java maintenance step. I posted this question in Post #2 above. <br/> <br/>MalwareBytes Log is Post #3. <br/>DDS Log is Post #4. <br/>The 2nd DDS Log is Post #5. <br/>Post #6 described a problem I had while loading the latest Yahoo IM, which caused a Blue Screen. Do you know anything about Yahoo IM versions causing serious problems that should prompt us to never use Yahoo IM? <br/>HijackThis Log is Post #8 <br/>POst #9 describes the computer quirks some more, but also mentions that there may be remnants of Bearshare and Limewire. I removed both, but Limewire still had a desktop icon and what I thought was a Bearshare utility ('BAgent') looks actually to be an AVG-Free component. <br/>Post #10 & #11 are the result of a System Information Tool that I read about in another post. <br/>You asked for a ComboFix Log in Post #13, and I attached the ComboFix Log in Post #14. <br/> <br/>I might have started with a slightly different instruction set though because I am noticing now that the order of logfile posting is slightly different than I remember reading. Do you suggest that I just start this over again. I can, I just don't want to if what you want is already posted. <br/> <br/>New news though.... In my posts, I asked your opinion of AVG-Free, because it really looked like AVG is the culprit that was hogging all resources all the time, and never showing up in the Task Manager window. If this is indeed a characteristic of AVG, I'd like to know that, and I would be perfectly willing to try one of the other 2 free Virus Utilities that you suggest. Here is what I found just today. I planned to install AVAST today and before doing so, I disabled most utilities in AVG rather than just uninstalling it. <br/> <br/>The moment I disabled AVG, my system is completely fast and responsive. I really think that AVG has become a very secretive resource hog, interefering with every operation I try to do, and honestly all of us computer users are multi-tasking individuals, so while trying to do 3 things at once on the computer, this seems to have caused AVG to just lock everything !! <br/> <br/>I am blaming AVG for ALL of the symptoms that are described in Post #1 and #9. I am curious whether you guys already know if AVG is a secretive resource hog or not, and do you recommend never using it ?? I will honor your recommendations here because I am responsible for deploying AVG-Free onto several other people's computers, and I really need to know if I should change all of those installations to AVAST. <br/> <br/>Thank you in advance for your help. I now suspect that you will find nothing bizarre in any of my posts because it appears that AVG was to blame for all of it. Let me know if you concur.
Posted 10/8/2009 4:45 AM
#78172
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
<B sab="319">I am blaming AVG for ALL of the symptoms </B><BR sab="320"> <br/></QUOTE sab="321">Ok, let´s remove it then. <br/> <br/> <br/>But first download Antivirus and a Firewall from here: <br/> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial; mso-bidi-font-size: 10.0pt" sab="326">[color=#222222]http://www.cybertechhelp.com/forums/showpost.php?p=80739&postcount=1[/color] <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial; mso-bidi-font-size: 10.0pt" sab="330"> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial; mso-bidi-font-size: 10.0pt" sab="332"> <br/><SPAN lang=EN-GB style="FONT-SIZE: 9pt; COLOR: black; FONT-FAMILY: Verdana; mso-ansi-language: EN-GB; mso-bidi-font-family: Arial; mso-bidi-font-size: 10.0pt" sab="333"><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p sab="334"> <br/><SPAN lang=EN-GB style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Arial; mso-ansi-language: EN-GB" sab="336">Then uninstall your AVG Antivirus <BR sab="337">[color=#0000ff]http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe[/color] <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Arial; mso-ansi-language: EN-GB" sab="341"> <br/> <br/><SPAN lang=EN-GB style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Arial; mso-ansi-language: EN-GB" sab="343">Install the programs you have chosen. Run a complete scan with the antivirus programs, and please tell how things goes ? <br/></o:p> <br/> <br/><BR sab="345">

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 10/8/2009 8:29 AM
#78173
User avatar

jk48326 Valued member

Date Joined Nov 2016
Total Posts: 16
I disabled AVG Active Scan and everything on the computer suddenly was fast with no waiting before anything ran. I really think that the Active Scanner of any virus utility is going to stall everything you do, since it has to scan what you are touching or looking at, before you touch it or look at it, right ?? <br/> <br/>I installed AVAST and set it up. Ran fine, set up logging and let it run an initial scan. Ran fine. Full scan was about 10x faster than AVG though, but I can't find anywhere that AVAST will let you set up a daily scan in the middle of the night like AVG did. I think AVAST 'non-free' lets you do that, but maybe not the free version. Do you know for sure, since AVAST is one of the Virus Packages that your post suggested? <br/> <br/>I didn't want to completely remove AVG first because I do like its daily scan feature, so I just turned off its utilities. <br/> <br/>So I ran a complete scan with AVAST and it found some Decompression Bomb and some archives that it couldn't scan. Other than that it was completely clean, but AVAST didn't appear to find all of the tracking cookies that AVG did.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, December 9, 2016, 12:44 PM (GMT +1)
There are a total of 61,163 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 3 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Crawlerz.
There are currently no users on-line.