Infected PC running XP, cannot get clean

scuzi · 2007/10/29

Hello,

I'm having considerable trouble getting my PC (XP) clean.

I have used Spybot, Adaware, NOD32 virus scan, and many online virus scans, including the Panda one I found on this message board. None of them seem to work. I also have seen SmitFraud come up incurable on Adaware and others, so I tried SmitFraudFixer, unsuccessfully. I'm not sure that ran its course, it crashed my computer though.

I scanned my computer with Deckard and posted the output below. I very much appreciate your help.

Deckard's System Scanner v20071014.68
Run by David Feldman on 2007-10-28 23:06:44
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
9: 2007-10-29 07:06:49 UTC - RP892 - Deckard's System Scanner Restore Point
8: 2007-10-28 22:46:07 UTC - RP891 - System Checkpoint
7: 2007-10-27 09:52:42 UTC - RP890 - System Checkpoint
6: 2007-10-26 07:15:50 UTC - RP889 - Installed Ad-Aware 2007
5: 2007-10-26 07:15:36 UTC - RP888 - Removed Ad-Aware 2007

-- First Restore Point --
1: 2007-10-26 07:05:17 UTC - RP884 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-10-28 23:08:23
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\Sraid.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
C:\Program Files\ESET\nod32krn.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\David Feldman\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {04CF1C0C-9D42-4592-9CFB-AAE74A42DEAC} - C:\Program Files\ComPlus Applications\mevozu83122.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: 0 - {427DE2DA-C551-4503-BFAD-6DA772DED7BA} - C:\Program Files\NetMeeting\quhasedu.dll (file missing)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll (file missing)
O2 - BHO: (no name) - {86882CA4-BE70-4BCE-AEA5-CF40EB8E0BC3} - C:\WINDOWS\system32\yayyvvu.dll (file missing)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\SYSTEM32\wpsqxvls.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {B30BEF52-6D16-4569-B89C-7D5AC0CE0762} - C:\WINDOWS\SYSTEM32\jkklk.dll
O2 - BHO: (no name) - {F7CAC995-9063-4752-B042-927979CCC872} - C:\Program Files\ComPlus Applications\mevozu4444.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [SiSRaid] C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [60a13930] rundll32.exe "C:\WINDOWS\system32\noppmnla.dll ",b
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: WMP10ctrl () - http://www.cinemanow.com/WMP10ctrl.CAB
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} () - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {46C66BBD-E667-4DAD-9682-58050E7C9FDC} (CDPass Class) - http://www.cdpass.com/cdkey/CDPass.cab
O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} () - http://www.otxresearch.com/OTXMedia/OTXMedia.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095090382093
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
O20 - Winlogon Notify: fcecwqai - C:\WINDOWS\system32\fcecwqai.dll (file missing)
O20 - Winlogon Notify: opnonli - C:\WINDOWS\system32\opnonli.dll (file missing)
O20 - Winlogon Notify: yayyvvu - C:\WINDOWS\system32\yayyvvu.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\SYSTEM32\ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\ESET\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O24 - Desktop Component 0: - C:\Program Files\NetMeeting\rteqehdawue.html

--
End of file - 8981 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 core - c:\windows\system32\drivers\core.sys
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R3 CLEDX (Team H2O CLEDX service) - c:\windows\system32\drivers\cledx.sys <Not Verified; Team H2O; CLEDX>

S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 USB11LDR (USB Midi 1x1 Loader) - c:\windows\system32\drivers\usb11ldr.sys <Not Verified; MIDIMAN; Midiman USB MidiSport 1x1 Loader>
S3 USBMN1X1 (USB Midi 1x1) - c:\windows\system32\drivers\usbmn1x1.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Files created between 2007-09-28 and 2007-10-28 -----------------------------

2007-10-28 22:59:32 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-28 22:59:31 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2007-10-28 22:59:31 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-10-28 22:59:31 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-28 22:59:30 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2007-10-28 21:33:01 1172 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-28 20:16:52 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-10-28 15:16:02 0 d-------- C:\Documents and Settings\David Feldman\Application Data\Yahoo!
2007-10-28 15:16:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-10-28 15:15:56 0 d-------- C:\Program Files\Yahoo!
2007-10-28 15:15:34 0 d-------- C:\WINDOWS\cache
2007-10-28 14:12:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-10-28 00:03:34 85056 --a------ C:\WINDOWS\system32\noppmnla.dll
2007-10-27 10:43:51 0 d-------- C:\spoolerlogs
2007-10-26 23:35:07 39936 --a------ C:\WINDOWS\wbun.exe
2007-10-26 23:26:43 78912 --a------ C:\WINDOWS\system32\wpsqxvls.dll
2007-10-26 23:19:52 298104 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2007-10-26 23:16:33 83520 --a------ C:\WINDOWS\system32\qbgkrnoh.dll
2007-10-26 11:05:35 439267 ---hs---- C:\WINDOWS\system32\klkkj.bak2
2007-10-25 23:16:28 0 d-------- C:\Program Files\WinAble
2007-10-25 23:16:28 0 d-------- C:\Program Files\Temporary
2007-10-25 23:15:51 0 d-------- C:\Program Files\Lavasoft
2007-10-25 23:15:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-10-25 23:05:28 6465 ---hs---- C:\WINDOWS\system32\klkkj.bak1
2007-10-25 23:05:02 311392 --a------ C:\WINDOWS\system32\jkklk.dll
2007-10-25 23:03:01 0 d-------- C:\WINDOWS\system32\oTt06e
2007-10-25 23:01:54 0 d-------- C:\Documents and Settings\David Feldman\Application Data\SpyGuardPro
2007-10-25 23:01:00 7713 --a------ C:\WINDOWS\system32\ldcore.dll
2007-10-25 23:00:43 169147 --a------ C:\WINDOWS\TTC-4444.exe
2007-10-25 23:00:37 0 d--hs---- C:\WINDOWS\RGF2aWQgRmVsZG1hbg
2007-10-25 23:00:36 72960 -----n--- C:\WINDOWS\system32\drivers\core.sys
2007-10-25 23:00:35 0 d-------- C:\WINDOWS\system32\v1
2007-10-25 23:00:35 0 d-------- C:\WINDOWS\system32\s2
2007-10-25 23:00:35 0 d-------- C:\WINDOWS\system32\p8
2007-10-25 23:00:35 0 d-------- C:\WINDOWS\system32\f22
2007-10-25 23:00:35 0 d-------- C:\WINDOWS\system32\d3
2007-10-25 23:00:33 0 d-------- C:\WINDOWS\system32\oTt08e
2007-10-25 22:59:47 35840 --a------ C:\WINDOWS\winshow.exe <Not Verified; ; winshow>
2007-10-25 07:24:20 53760 --a------ C:\WINDOWS\b122.exe
2007-10-23 16:36:04 0 d-------- C:\Program Files\uTorrent
2007-10-23 16:36:03 0 d-------- C:\Documents and Settings\David Feldman\Application Data\uTorrent
2007-10-12 17:22:30 0 d-------- C:\Documents and Settings\David Feldman\Application Data\WinRAR

-- Find3M Report ---------------------------------------------------------------

2007-10-28 22:00:35 0 d-------- C:\Program Files\iTunes
2007-10-28 21:41:40 0 d-------- C:\Program Files\AIM
2007-10-28 14:12:09 0 d-------- C:\Program Files\Google
2007-10-27 00:30:26 0 d-a------ C:\Program Files\Common Files
2007-10-26 23:26:52 0 d-------- C:\Program Files\M?crosoft.NET
2007-10-25 23:15:46 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-25 22:32:33 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-25 22:31:55 0 d-------- C:\Program Files\Opera
2007-10-25 22:31:25 0 d-------- C:\Program Files\Symantec
2007-10-25 22:29:40 0 d-------- C:\Program Files\Lexmark 730 Series
2007-10-23 16:38:22 0 d-------- C:\Program Files\BitTorrent
2007-10-15 09:17:36 0 d-------- C:\Documents and Settings\David Feldman\Application Data\BitTorrent
2007-09-18 08:55:09 0 d-------- C:\Program Files\Soulseek
2007-09-13 16:57:03 0 d-------- C:\Documents and Settings\David Feldman\Application Data\Aim
2007-09-09 22:27:01 0 d-------- C:\Program Files\Creative
2007-09-09 22:24:33 409600 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2007-09-09 22:24:33 86016 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2007-09-09 22:24:21 0 d-------- C:\Documents and Settings\David Feldman\Application Data\Creative
2007-09-07 23:46:35 0 d-------- C:\Documents and Settings\David Feldman\Application Data\Steinberg
2007-09-04 22:54:51 0 d-------- C:\Program Files\Syncrosoft
2007-09-04 22:25:37 0 d-------- C:\Program Files\VstPlugins
2007-09-04 22:25:32 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-09-04 22:25:01 0 d-------- C:\Program Files\Native Instruments
2007-09-04 22:19:20 0 d-------- C:\Program Files\Arturia
2007-09-04 22:18:05 0 d-------- C:\Program Files\Alien Connections
2007-09-04 22:16:52 0 d-------- C:\Documents and Settings\David Feldman\Application Data\Applied Acoustics Systems
2007-09-04 22:16:46 0 d-------- C:\Program Files\AAS
2007-09-04 22:13:42 0 d-------- C:\Program Files\MagicISO
2007-08-02 05:43:59 282624 --a------ C:\Program Files\TTC.dll

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{04CF1C0C-9D42-4592-9CFB-AAE74A42DEAC}]
08/02/2007 05:43 AM 282624 --a------ C:\Program Files\ComPlus Applications\mevozu83122.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{427DE2DA-C551-4503-BFAD-6DA772DED7BA}]
C:\Program Files\NetMeeting\quhasedu.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86882CA4-BE70-4BCE-AEA5-CF40EB8E0BC3}]
C:\WINDOWS\system32\yayyvvu.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{89AD4D75-2429-462e-BD4E-443F233F6033}]
10/26/2007 11:26 PM 78912 --a------ C:\WINDOWS\system32\wpsqxvls.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B30BEF52-6D16-4569-B89C-7D5AC0CE0762}]
10/25/2007 11:05 PM 311392 --a------ C:\WINDOWS\system32\jkklk.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F7CAC995-9063-4752-B042-927979CCC872}]
08/02/2007 05:43 AM 282624 --a------ C:\Program Files\ComPlus Applications\mevozu4444.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol "= "C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" []
"SiSRaid "= "C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe" [05/18/2005 10:44 AM]
"SoundMax "= "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [09/23/2004 09:41 AM]
"CTHelper "= "CTHELPER.EXE" [08/11/2006 02:56 PM C:\WINDOWS\CTHELPER.EXE]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [09/11/2006 09:58 PM]
"nod32kui "= "C:\Program Files\Eset\nod32kui.exe" [10/26/2007 11:18 PM]
"60a13930 "= "C:\WINDOWS\system32\noppmnla.dll" [10/28/2007 12:03 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM "= "C:\Program Files\AIM\aim.exe" [08/01/2006 11:35 AM]
"swg "= "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [10/28/2007 02:12 PM]

C:\Documents and Settings\David Feldman\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 6:00:00 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 6:00:00 AM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [10/28/2007 2:12:06 PM]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\NetMeeting\rteqehdawue.html
FriendlyName=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{86882CA4-BE70-4BCE-AEA5-CF40EB8E0BC3} "= C:\WINDOWS\system32\yayyvvu.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fcecwqai]
fcecwqai.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnonli]
opnonli.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayyvvu]
yayyvvu.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls "= c:\windows\system32\ldcore.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages "= msv1_0 C:\WINDOWS\system32\jkklk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@= "Volume shadow copy "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WebBuying "=C:\Program Files\Web Buying\v1.8.5\webbuying.exe
"BitTorrent "= "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
"Aida "= "C:\PROGRA~1\MCROSO~1.NET\userinit.exe" -vt yazb

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"AsioReg "=REGSVR32.EXE /S CTASIO.DLL
"ATIPTA "=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
"IAAnotif "=C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
"IntelMeM "=C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
"PCMService "= "C:\Program Files\Dell\Media Experience\PCMService.exe "
"SunJavaUpdateSched "=C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
"TkBellExe "= "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"UpdateManager "= "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
"UpdReg "=C:\WINDOWS\UpdReg.EXE
"SoundMAXPnP "=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe "
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" -atboottime
"SoundMAX "= "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
"Salestart "= "C:\Program Files\Common Files\SpyGuardPro\bm.exe" dm=http://spyguardpro.com; ad=http://spyguardpro.com
"uwas7cw "= "C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe" -c
"WinAntiSpyware 2007 Free "= "C:\Program Files\WinAntiSpyware 2007\was7.exe" /min
"CTXFIREG "=CTXFIREG.EXE
"dla "=C:\WINDOWS\system32\dla\tfswctrl.exe
"GPLv3 "=rundll32.exe "C:\WINDOWS\system32\rpsinxcl.dll ",realset
"LXCFCATS "=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
"poolsv "= "C:\WINDOWS\poolsv.exe "
"60a13930 "=rundll32.exe "C:\WINDOWS\system32\qbgkrnoh.dll ",b
"CTxfiHlp "=CTXFIHLP.EXE
"H2O "=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
"rtasks "=C:\Program Files\SpyGuardPro\rtasks.exe
"winshow "= "C:\WINDOWS\winshow.exe "

*Newly Created Service* - CORE

-- End of Deckard's System Scanner: finished at 2007-10-28 23:12:34 ------------

scuzi · 2007/10/29

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of Memory in Use: 38%
Physical Memory (total/avail): 1022.54 MiB / 624.94 MiB
Pagefile Memory (total/avail): 2462.68 MiB / 2197.13 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1936.98 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 145.49 GiB total, 41.85 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST316002 3AS SCSI Disk Device - 149.05 GiB - 3 partitions
\PARTITION0 - Unknown - 62.72 MiB
\PARTITION1 (bootable) - Installable File System - 145.49 GiB - C:
\PARTITION2 - Unknown - 3.5 GiB

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: ESET NOD32 antivirus system 2.70 v2.70 (ESET, spol. s r.o.)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\\Program Files\\Common Files\\AOL\\1124742137\\ee\\AOLServiceHost.exe "= "C:\\Program Files\\Common Files\\AOL\\1124742137\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services "
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "= "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader "
"C:\\Program Files\\AIM\\aim.exe "= "C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp "= "C:\\Program Files\\Kazaa Lite K++\\KazaaLite.kpp:*:Enabled:KazaaLite "
"C:\\Program Files\\Soulseek\\slsk.exe "= "C:\\Program Files\\Soulseek\\slsk.exe:*:Enabled:SoulSeek "
"C:\\Program Files\\BitTorrent\\btdownloadgui.exe "= "C:\\Program Files\\BitTorrent\\btdownloadgui.exe:*:Enabled:btdownloadgui "
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe "= "C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer "
"C:\\Program Files\\Mozilla Firefox\\firefox.exe "= "C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox "
"C:\\Program Files\\Common Files\\AOL\\1124742137\\ee\\AOLServiceHost.exe "= "C:\\Program Files\\Common Files\\AOL\\1124742137\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services "
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "= "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader "
"C:\\StubInstaller.exe "= "C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer "
"C:\\Program Files\\LimeWire\\LimeWire.exe "= "C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire "
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "= "C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\\WINDOWS\\system32\\windir32.exe "= "C:\\WINDOWS\\system32\\windir32.exe:*:Enabled:windir32 "
"C:\\Program Files\\Common Files\\AOL\\1129515995\\ee\\aolsoftware.exe "= "C:\\Program Files\\Common Files\\AOL\\1129515995\\ee\\aolsoftware.exe:*:Enabled:AOL Services "
"C:\\Program Files\\Common Files\\AOL\\1129515995\\ee\\aim6.exe "= "C:\\Program Files\\Common Files\\AOL\\1129515995\\ee\\aim6.exe:*:Enabled:AOL "
"C:\\Program Files\\Soulseek-Test\\slsk.exe "= "C:\\Program Files\\Soulseek-Test\\slsk.exe:*:Enabled:SoulSeek "
"C:\\Program Files\\AIM\\aim.exe "= "C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger "
"C:\\Program Files\\BitTorrent\\bittorrent.exe "= "C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent "
"C:\\WINDOWS\\system32\\xcajqefg.exe "= "C:\\WINDOWS\\system32\\xca "
"C:\\Program Files\\iTunes\\iTunes.exe "= "C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes "
"C:\\Program Files\\uTorrent\\uTorrent.exe "= "C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent "
"C:\\WINDOWS\\system32\\vrdgbcyq.exe "= "C:\\WINDOWS\\system32\\vrd "

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\David Feldman\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=7-11COMMISSION
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\David Feldman
LOGONSERVER=\\7-11COMMISSION
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_05\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\DAVIDF~1\LOCALS~1\Temp
USERDOMAIN=7-11COMMISSION
USERNAME=David Feldman
USERPROFILE=C:\Documents and Settings\David Feldman
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

David Feldman (admin)
Administrator (new local, admin)

-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Creative\SBAudigy2\Program\SETUP.EXE" /S /U /W
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77ACE67A-0D21-4CEF-8A97-ED20A61B978B}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77ACE67A-0D21-4CEF-8A97-ED20A61B978B}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 6.0 --> C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c "C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll "
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Adobe SVG Viewer --> C:\WINDOWS\IsUninst.exe -f "C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu "
AKAI professional VST Collection v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\Akai\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Akai\INSTALL.LOG
Anarchy Effects VST v1.4 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\ANARCH~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\ANARCH~1\INSTALL.LOG
Anarchy Rhythms VST v1.1 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\ANARCH~2\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\ANARCH~2\INSTALL.LOG
Antares Autotune DX v4.15 --> C:\PROGRA~1\Antares\AUTOTU~1\ANTARE~1\UNWISE.EXE C:\PROGRA~1\Antares\AUTOTU~1\ANTARE~1\INSTALL.LOG
Anti-Leech Plugin for Internet Explorer --> C:\Program Files\Anti-Leech\ALIE_1.0.1.6\iesetup2.exe uninstall
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Applied Accoustics String Studio VS 1 VST DX v1.0 --> C:\PROGRA~1\AAS\STRING~1.0\UNWISE.EXE C:\PROGRA~1\AAS\STRING~1.0\INSTALL.LOG
Arturia Moog Modular V v1.1 --> C:\PROGRA~1\Arturia\MOOGMO~1\UNWISE.EXE C:\PROGRA~1\Arturia\MOOGMO~1\INSTALL.LOG
ASIO4ALL --> C:\Program Files\ASIO4ALL v2\uninstall.exe
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
Audio Damage Digitalis Discord VST v1.5 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\AUDIOD~1\DISUNI~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\AUDIOD~1\DISUNI~1\INSTALL.LOG
Codec Pack - All In 1 6.0.3.0 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini "
Combined Community Codec Pack 2007-02-22 --> "C:\Program Files\Combined Community Codec Pack\unins000.exe "
Cool Edit Pro 2.0 --> C:\Program Files\coolpro2\cep2unin.exe
Creative Audio Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9 /remove
CS-80V --> C:\WINDOWS\unvise32.exe C:\PROGRAM FILES\Arturia\CS-80V\uninstal.log
Cycling 74 Pluggo VST RTAS v3.5.2 --> C:\PROGRA~2\CYCLIN~1\Pluggo\Pluggo\PLUGGO~1\UNWISE.EXE C:\PROGRA~2\CYCLIN~1\Pluggo\Pluggo\PLUGGO~1\INSTALL.LOG
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Solution Center --> MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
Dell Support 5.0.0 (766) --> rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall
Devine Machine Lucifer VST v2.1 --> "C:\Program Files\Steinberg\Vstplugins\Lucifer\Uninstall\unins000.exe "
Devine Machine V-Minion VST v1.0 --> "C:\Program Files\Steinberg\Vstplugins\V-Minion\Uninstall\unins000.exe "
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DKS 1.0c --> "C:\Program Files\Steinberg\Vstplugins\DKS\unins000.exe "
DSound Stomp'n FX Vol.2 v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\STOMPN~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\STOMPN~1\INSTALL.LOG
DSound Stomp`n FX Vol.1 v1.5 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\dsound\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\dsound\INSTALL.LOG
FruityLoops Studio Producer Edition v4.01 --> C:\PROGRA~1\FLSTUD~1\UNWISE.EXE C:\PROGRA~1\FLSTUD~1\INSTALL.LOG
FXPansion Guru VSTi DXi RTAS v1.0 --> C:\PROGRA~1\FXPANS~1\Guru\UNWISE.EXE C:\PROGRA~1\FXPANS~1\Guru\INSTALL.LOG
Garritan Personal Orchestra --> C:\PROGRA~1\GARRIT~1\UNWISE.EXE C:\PROGRA~1\GARRIT~1\INSTALL.LOG
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
GRE POWERPREP --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\ETS\PPGRE.ISU "
GreenMachine Amp II v1.01 VST --> C:\PROGRA~1\VSTPLU~1\GREENM~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\GREENM~1\INSTALL.LOG
GRM Tools Spectral Transform VST v1.6.52 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1.52\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1.52\INSTALL.LOG
HALion v1.0 VSTi --> C:\PROGRA~1\STEINB~1\VSTPLU~1\Halion\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Halion\HALion.log
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 1.98.2 --> C:\Hijack This\HijackThis.exe /uninstall
HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - All-in-One --> MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
HP Photo and Imaging 2.0 - All-in-One Drivers --> MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - hp psc 1200 series --> C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
hp psc 1200 series --> MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
IK Multimedia Amplitube v1.3 --> C:\PROGRA~1\IKMULT~1\AMPLIT~1\UNWISE.EXE C:\PROGRA~1\IKMULT~1\AMPLIT~1\INSTALL.LOG
Intel Application Accelerator --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\setup.exe" -l0409 -INTELUNINST
Intel(R) 537EP V9x DF PCI Modem --> rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EP V9x DF PCI Modem "
Intel(R) PRO Network Connections Drivers --> Prounstl.exe
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
iTunes --> MsiExec.exe /I{885894A5-BA0A-460E-AB4C-96C5C9B2C5E2}
iZotope Vinyl 1.5 --> "C:\Program Files\Steinberg\VstPlugins\Vinyl\unins000.exe "
Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java 2 Runtime Environment, SE v1.4.2_05 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Lounge Lizard EP-2 v2.0 --> C:\PROGRA~1\LOUNGE~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\LOUNGE~1\UNINST~1\INSTALL.LOG
Macromedia Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Magic ISO Maker v4.7 (build 0132) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Magic ISO Maker v5.3 (build 0229) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Magic ISO Maker v5.4 (build 0248) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft Encarta Encyclopedia Standard 2004 --> MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
Microsoft Money 2004 --> MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft Money 2004 System Pack --> MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Midisport 1x1 1.0.1.0 --> C:\WINDOWS\iun6002.exe "C:\Program Files\M-Audio Midisport 1x1\irunin.ini "
Modem Event Monitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}\setup.exe" -l0x9
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Modem On Hold --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Mozilla Firefox (2.0.0.8) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MusicLab RealGuitar v1.5 --> C:\PROGRA~1\MusicLab\REALGU~1\UNWISE.EXE C:\PROGRA~1\MusicLab\REALGU~1\INSTALL.LOG
Native Instruments - Reaktor 3.02 --> C:\Audio\NATIVE~1\REAKTO~1.0\UNINST~1\302\UNWISE.EXE C:\Audio\NATIVE~1\REAKTO~1.0\UNINST~1\302\INSTALL.LOG
Native Instruments Absynth v1.3.2 --> C:\PROGRA~1\NATIVE~1\Absynth\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Absynth\INSTALL.LOG
Native Instruments Battery 1.01 --> C:\PROGRA~1\NATIVE~1\BATTER~1.01\UNWISE.EXE C:\PROGRA~1\NATIVE~1\BATTER~1.01\INSTALL.LOG
Native Instruments FM7 --> C:\PROGRA~1\NATIVE~1\Fm7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Fm7\INSTALL.LOG
Native Instruments Reaktor 5 --> C:\PROGRA~1\NATIVE~1\REAKTO~2\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~2\INSTALL.LOG
Native Instruments Reaktor v4.1.3.005 --> C:\PROGRA~1\NATIVE~1\REAKTO~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\INSTALL.LOG
NI Service Center --> C:\PROGRA~1\NATIVE~1\NISERV~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\NISERV~1\INSTALL.LOG
NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX --> "C:\Program Files\Eset\unins000.exe "
Nomad Factory Rock Amp Legends VST v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\INSTALL.LOG
OrangeVocoder VST 2.02 --> C:\WINDOWS\iun6002.exe "C:\Program Files\VstPlugins\OrangeVocoder VST\irunin.ini "
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Reason 1.0 --> C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Propellerhead\Reason\Uninst.isu "
ReCycle 2.0 --> C:\PROGRA~1\PROPEL~1\ReCycle\UNWISE.EXE C:\PROGRA~1\PROPEL~1\ReCycle\INSTALL.LOG
ReValver --> C:\PROGRA~1\STEINB~1\VSTPLU~1\ReValver\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\ReValver\INSTALL.LOG
ReValver Mk II --> "C:\Program Files\Alien Connections\ReValver Mk II\unins000.exe "
SecureVideo Plug-in --> "C:\Program Files\SecureVideo Plug-in\unins000.exe "
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe "
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe "
Shockwave --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Sigma REALmagic MPEG-4 Video Codec --> C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection RMP4_Remove 132 C:\WINDOWS\INF\rmp4.inf
SiSRaidPackage --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{08498FF9-6C9B-4FC2-8DE1-BD98C89CC220}\Setup.exe" -l0x9
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Foundry ACID 4.0 --> MsiExec.exe /I{2A38B5AA-EA84-4F87-9937-2FB23982243A}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SoulSeek 157 test 8 --> "C:\Program Files\Soulseek-Test\uninstall.exe "
SoulSeek Client 156c --> "C:\Program Files\Soulseek\uninstall.exe "
Sound Blaster Audigy 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E82BF103-904F-49C0-B77F-6EC110B71E87}\setup.exe" -l0x9
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
Steinberg Cubase SX v2.2.0.35 --> C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
Steinberg Dcota v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\D'cota\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\D'cota\INSTALL.LOG
Steinberg GRM Tools Vol.2 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\GRMTOO~1\INSTALL.log
Steinberg PLEX VSTi v1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\Plex\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Plex\INSTALL.LOG
Steinberg The Grand 2 --> "C:\Program Files\Steinberg\Vstplugins\The Grand 2\Uninstall.exe" "C:\Program Files\Steinberg\VstPlugins\The Grand 2\Install.log "
Steinberg Voice Designer v1.03 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\VOICED~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\VOICED~1\INSTALL.LOG
Symantec KB-DocID:2003093015493306 --> MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
Syncrosoft's License Control --> C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
SyncroSoft Emu (Remove only) --> C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
Synth1 --> "C:\Program Files\Synth1\setup.exe" /u
Tassman 4.0 --> C:\PROGRA~1\AAS\TASSMA~1.0\UNWISE.EXE C:\PROGRA~1\AAS\TASSMA~1.0\INSTALL.LOG
TBS WMP Plug-in --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{DB5F474C-B584-417F-810B-DEBBC1893C2A}
USB Midisport Uno 1.0.1.0 --> C:\WINDOWS\iun6002.exe "C:\Program Files\M-Audio USB Midisport Uno\irunin.ini "
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Virsyn Cantor v1.6 --> C:\PROGRA~1\VIRSYN~1\VIRSYN~1\UNWISE.EXE C:\PROGRA~1\VIRSYN~1\VIRSYN~1\INSTALL.LOG
Virtual Guitarist EE Fx VST --> C:\PROGRA~1\STEINB~1\VSTPLU~1\VGEE_Fx\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\VGEE_Fx\INSTALL.LOG
Warp VST V1.0 --> C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\WARPVS~1.0\INSTALL.LOG
Waves 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C4D25EB-6513-4702-8355-F4194DE2E1D9}\setup.exe" -l0x9
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WordBiz version 1.7 --> "C:\Program Files\WordBiz\unins000.exe "
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\WINDOWS\cache\YINSTH~1.DLL
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type16355 / Warning
Event Submitted/Written: 10/28/2007 11:04:10 PM
Event ID/Source: 32068 / Microsoft Fax
Event Description:
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
Country/region code: '*'
Area code: '*'

Event Record #/Type16354 / Warning
Event Submitted/Written: 10/28/2007 11:04:10 PM
Event ID/Source: 32026 / Microsoft Fax
Event Description:
Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
No faxes can be sent or received until a fax device is installed.

Event Record #/Type16348 / Warning
Event Submitted/Written: 10/28/2007 07:52:18 PM
Event ID/Source: 32068 / Microsoft Fax
Event Description:
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
Country/region code: '*'
Area code: '*'

Event Record #/Type16347 / Warning
Event Submitted/Written: 10/28/2007 07:52:18 PM
Event ID/Source: 32026 / Microsoft Fax
Event Description:
Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
No faxes can be sent or received until a fax device is installed.

Event Record #/Type16341 / Warning
Event Submitted/Written: 10/28/2007 04:48:00 PM
Event ID/Source: 32068 / Microsoft Fax
Event Description:
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
Country/region code: '*'
Area code: '*'

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type23 / Warning
Event Submitted/Written: 10/28/2007 11:06:22 PM
Event ID/Source: 27 / E1000
Event Description:
Intel(R) PRO/1000 MT Network Connection
Link has been disconnected.

Event Record #/Type2 / Error
Event Submitted/Written: 10/28/2007 11:04:19 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Nsynas32 service failed to start due to the following error:
%%2

-- End of Deckard's System Scanner: finished at 2007-10-28 23:12:34 ------------

noahdfear · 2007/10/29

Welcome to WindowsBBS scuzi

Download ComboFix by sUBs from here, saving the file to your desktop.

Close all open programs and windows

Double click combofix.exe and follow the prompts.

When finished, it will open a log for you. Post that log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Please download the HijackThis Installer from here, then run a scan and save the log. Post the contents of that log here as well.

Log in or Sign up

Infected PC running XP, cannot get clean

scuzi Inactive Thread Starter

scuzi Inactive Thread Starter

noahdfear Inactive

Share This Page

Log in or Sign up

Infected PC running XP, cannot get clean

scuzi Inactive Thread Starter

scuzi Inactive Thread Starter

noahdfear Inactive

Share This Page

Useful Searches