Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.
Hi all, please see this major site announcement: https://www.boards.ie/discussion/2058427594/boards-ie-2026

Virus?

  • 25-04-2008 02:20PM
    #1
    TiGeR KiNgS
    Registered Users, Registered Users 2 Posts: 1,435 ✭✭✭


    When trying to update to service pack 3 XP in utorrent i went to install it and Avira found a virus straight away, I quarantined And deleted it, but found when opening up utorrent 30-40 outbound connections were found in comodo. This was unusual. SO i ran a system restore (from just before i ran utorrent), still the same problem, i uninstalled utorrent, but am worried otherwise. Might I of restored the virus ( even thought the restore point was before this). Mbam etc... is clear but...?
    So here is the results. Really appreciate any help

    Deckard's System Scanner v20071014.68
    Run by Compaq_Owner on 2008-04-25 14:04:09
    Computer is in Normal Mode.

    -- System Restore

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    64: 2008-04-25 13:04:14 UTC - RP64 - Deckard's System Scanner Restore Point
    63: 2008-04-25 02:22:03 UTC - RP63 - Revo Uninstaller's restore point - µTorrent
    62: 2008-04-25 02:21:18 UTC - RP62 - Made by Registry Mechanic O
    61: 2008-04-25 02:12:53 UTC - RP61 - Restore Operation
    60: 2008-04-25 01:46:01 UTC - RP60 - Install AnyDVD


    -- First Restore Point --
    1: 2008-03-18 16:38:46 UTC - RP1 - Removed Adobe Reader 6.0.1


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis (run as Compaq_Owner.exe)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:08:26, on 25/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Vista Icons\VistaIcons.exe
    C:\Program Files\COMODO\Firewall\cfp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\COMODO\Firewall\cmdagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Documents and Settings\Compaq_Owner\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\Compaq_Owner.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IE&c=Q305&bd=presario&pf=desktop
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Icons\VistaIcons.exe
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1205961789281
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F61EFCF9-0E31-42C8-B54A-99654FF42467}: NameServer = 192.168.1.254
    O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 7012 bytes

    -- File Associations

    .reg - regfile - shell\open\command - regedit.exe "%1" %*
    .scr - scrfile - shell\open\command - "%1" %*


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

    R3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>

    S1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing)
    S3 ALSysIO - c:\docume~1\compaq~1\locals~1\temp\alsysio.sys (file missing)
    S3 PcdrNdisuio (PCDRNDISUIO Usermode I/O Protocol) - c:\windows\system32\drivers\pcdrndisuio.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
    S3 RivaTuner32 - c:\documents and settings\compaq_owner\my documents\rivatuner v2.08\rivatuner32.sys
    S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled

    R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
    R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
    R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>

    S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
    S3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" (file missing)


    -- Device Manager: Disabled

    No disabled devices found.


    -- Scheduled Tasks

    2008-04-19 19:35:01 284 --a
    C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


    -- Files created between 2008-03-25 and 2008-04-25

    2008-04-25 14:07:12 0 d
    C:\Program Files\Trend Micro
    2008-04-25 03:56:29 0 dr-h
    C:\Documents and Settings\Compaq_Owner\Recent
    2008-04-25 02:18:40 8126464 --a
    C:\Documents and Settings\Compaq_Owner\ntuser.dat
    2008-04-24 03:12:20 0 d
    C:\Program Files\Registry Genius
    2008-04-22 04:47:08 0 d
    C:\Program Files\Process Explorer
    2008-04-22 04:13:17 0 d
    C:\Documents and Settings\All Users\Application Data\GRETECH
    2008-04-22 04:11:23 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\GRETECH
    2008-04-22 04:10:15 0 d
    C:\Program Files\GRETECH
    2008-04-22 04:00:01 0 d
    C:\Program Files\Vista Icons
    2008-04-22 03:35:10 0 d
    C:\Program Files\VS Revo Group
    2008-04-21 22:48:50 0 d
    C:\Program Files\VirtualDJ
    2008-04-21 21:25:10 0 d
    C:\Documents and Settings\All Users\temp
    2008-04-21 20:24:37 0 d
    C:\Program Files\Sports Interactive
    2008-04-20 02:36:29 0 d
    C:\Program Files\DivX
    2008-04-20 01:33:44 0 d
    C:\tmp
    2008-04-19 04:08:06 73216 --a
    C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
    2008-04-18 18:46:02 0 dr-h
    C:\Documents and Settings\Compaq_Owner\Application Data\SecuROM
    2008-04-18 18:41:26 0 d--h
    C:\Documents and Settings\Compaq_Owner\InstallAnywhere
    2008-04-18 18:37:16 96256 --a
    C:\WINDOWS\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
    2008-04-18 18:37:11 0 d
    C:\Program Files\MagicDisc
    2008-04-18 02:17:29 0 d
    C:\Program Files\MagicISO
    2008-04-18 00:44:32 719872 --a
    C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
    2008-04-18 00:44:31 314368 --a
    C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
    2008-04-18 00:44:09 0 d
    C:\Program Files\Magic Video Converter
    2008-04-17 23:56:11 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\WinRAR
    2008-04-17 23:50:44 0 d
    C:\Documents and Settings\All Users\Application Data\FLEXnet
    2008-04-17 23:34:19 0 d
    C:\Program Files\Common Files\Macrovision Shared
    2008-04-17 21:26:30 180224 --a
    C:\WINDOWS\system32\xvidvfw.dll
    2008-04-17 02:01:23 0 d
    C:\hosts
    2008-04-16 02:14:57 0 d
    C:\Program Files\Avira
    2008-04-16 02:14:57 0 d
    C:\Documents and Settings\All Users\Application Data\Avira
    2008-04-16 00:54:44 717296 --a
    C:\WINDOWS\system32\drivers\sptd.sys
    2008-04-14 15:54:11 0 d
    C:\WINDOWS\system32\Adobe
    2008-04-13 23:49:40 0 d
    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-04-13 23:49:23 0 d
    C:\Program Files\SUPERAntiSpyware
    2008-04-13 23:49:23 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
    2008-04-13 23:12:31 0 d
    C:\Downloads
    2008-04-13 23:12:31 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo
    2008-04-13 22:57:50 0 d
    C:\Program Files\MediaMonkey
    2008-04-12 23:51:40 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Comodo
    2008-04-12 23:51:38 0 d
    C:\Documents and Settings\All Users\Application Data\comodo
    2008-04-12 23:51:35 0 d
    C:\Program Files\COMODO
    2008-04-12 23:19:06 0 d
    C:\Program Files\SpywareGuard
    2008-04-12 20:44:37 0 d
    C:\Documents and Settings\All Users\Application Data\Avg7
    2008-04-12 20:28:52 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
    2008-04-12 20:28:48 0 d
    C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-12 20:28:48 0 d
    C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-04-12 20:12:10 0 d
    C:\Program Files\SpywareBlaster
    2008-04-12 20:04:26 0 d
    C:\ie-spyad
    2008-04-12 19:56:47 21312 --a
    C:\WINDOWS\choice.exe
    2008-04-10 15:53:15 96577 --a
    C:\WINDOWS\hpqins16.dat


    -- Find3M Report

    2008-04-24 04:08:54 0 d
    C:\Program Files\RivaTuner v2.06
    2008-04-24 04:08:54 0 d
    C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-04-24 03:00:56 0 d
    C:\Program Files\Microsoft Silverlight
    2008-04-23 18:27:01 0 d
    C:\Program Files\Doom 3
    2008-04-23 17:50:00 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express
    2008-04-22 03:40:59 0 d
    C:\Program Files\Windows Media Connect 2
    2008-04-22 03:40:59 0 d
    C:\Program Files\PC-Doctor for Windows
    2008-04-22 03:40:59 0 d
    C:\Program Files\Netopia
    2008-04-22 03:40:59 0 d
    C:\Program Files\Microsoft Works
    2008-04-22 03:40:59 0 d
    C:\Program Files\Messenger
    2008-04-22 03:40:59 0 d
    C:\Program Files\LiveUpdate
    2008-04-22 03:04:41 0 d
    C:\Program Files\Motorola Phone Tools
    2008-04-20 22:59:55 25992 --a
    C:\WINDOWS\system32\pgdfgsvc.exe <Not Verified; Sysinternals - www.sysinternals.com; Page File Defragmenter>
    2008-04-18 16:04:20 0 d
    C:\Program Files\Bonjour
    2008-04-18 13:41:30 0 d
    C:\Program Files\Apple Software Update
    2008-04-18 01:23:43 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Adobe
    2008-04-17 23:45:04 0 d
    C:\Program Files\Common Files\Adobe
    2008-04-17 23:34:19 0 d
    C:\Program Files\Common Files
    2008-04-13 23:48:43 0 d
    C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-13 01:27:09 0 d
    C:\Program Files\iTunes
    2008-04-13 01:25:19 0 d
    C:\Program Files\QuickTime
    2008-04-04 22:37:12 0 d
    C:\Program Files\Foxit Software
    2008-03-19 20:33:35 0 d
    C:\Program Files\PageDefrag
    2008-03-19 18:12:10 0 d
    C:\Program Files\RocketDock
    2008-03-19 01:51:42 0 d
    C:\Program Files\Java
    2008-03-18 23:34:39 0 d
    C:\Program Files\Windows NT
    2008-03-18 23:34:34 0 d
    C:\Program Files\Movie Maker
    2008-03-18 20:01:08 2279 --a
    C:\WINDOWS\mozver.dat
    2008-03-18 18:07:20 0 d
    C:\Program Files\Setup Files
    2008-03-18 17:48:05 109901 --a
    C:\WINDOWS\hpoins08.dat
    2008-03-18 17:21:20 0 d
    C:\Program Files\Common Files\Symantec Shared
    2008-03-18 17:07:48 0 d
    C:\Program Files\MSI
    2008-03-18 16:51:19 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
    2008-03-13 04:02:40 0 d
    C:\Program Files\Common Files\Stardock
    2008-03-12 03:08:17 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
    2008-03-10 21:29:08 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Help
    2008-03-08 22:25:14 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Printer Info Cache
    2008-03-08 05:15:09 0 d
    C:\Program Files\Cacheman
    2008-03-08 01:55:41 0 d
    C:\Program Files\NCH Swift Sound
    2008-03-08 01:54:20 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\NCH Swift Sound
    2008-03-05 01:06:43 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
    2008-03-05 00:03:52 0 d
    C:\Program Files\DVD Shrink
    2008-03-04 23:27:20 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\gtk-2.0
    2008-03-04 02:18:58 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\GlarySoft
    2008-03-04 02:17:02 0 d
    C:\Program Files\Absolute Uninstaller
    2008-03-01 17:14:58 0 d
    C:\Program Files\MSBuild
    2008-03-01 16:56:24 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Template
    2008-03-01 16:56:22 0 --a
    C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
    2008-03-01 04:21:01 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Talkback
    2008-02-29 23:09:10 0 d
    C:\Program Files\Yahoo!
    2008-02-29 22:25:12 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\HP
    2008-02-29 21:00:48 0 d
    C:\Documents and Settings\Compaq_Owner\Application Data\Sonic
    2008-02-29 20:47:56 0 d
    C:\Program Files\NCH Software
    2008-02-29 20:44:44 0 d
    C:\Program Files\Common Files\Cisco Systems
    2008-02-27 20:38:27 0 d
    C:\Program Files\Zero G Registry
    2008-02-08 22:18:26 98304 --a
    C:\WINDOWS\system32CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >


    -- Registry Dump

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07/05/1998 17:04]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [06/04/2005 05:05]
    "AGRSMMSG"="AGRSMMSG.exe" [29/06/2004 18:06 C:\WINDOWS\AGRSMMSG.exe]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14/04/2004 21:43]
    "AlcxMonitor"="ALCXMNTR.EXE" [07/09/2004 21:47 C:\WINDOWS\ALCXMNTR.EXE]
    "Reminder"="C:\Windows\Creator\Remind_XP.exe" [14/12/2004 02:23]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/12/2007 02:41]
    "nwiz"="nwiz.exe" [05/12/2007 02:41 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [05/12/2007 02:41]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [08/05/2007 16:24]
    "KBD"="C:\HP\KBD\KBD.EXE" [02/02/2005 17:44]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12/02/2008 10:06]
    "DrvIcon"="C:\Program Files\Vista Icons\VistaIcons.exe" [16/12/2007 16:34]
    "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [20/04/2008 14:22]
    "RegistryMechanic"="" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [28/03/2008 23:37]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [13/04/2008 01:32]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [13/04/2008 01:36]

    C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\
    SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [29/08/2003 19:05:35]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [15/12/2005 11:40:44]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=0 (0x0)
    "NoSecCPL"=0 (0x0)
    "NoDispCPL"=0 (0x0)
    "NoDispBackgroundPage"=0 (0x0)
    "NoDispScrSavPage"=0 (0x0)
    "NoDispAppearancePage"=0 (0x0)
    "NoDispSettingsPage"=0 (0x0)
    "NoDevMgrPage"=0 (0x0)
    "NoConfigPage"=0 (0x0)
    "NoVirtMemPage"=0 (0x0)
    "NoFileSysPage"=0 (0x0)
    "NoNetSetup"=0 (0x0)
    "NoNetSetupIDPage"=0 (0x0)
    "NoNetSetupSecurityPage"=0 (0x0)
    "NoWorkgroupContents"=0 (0x0)
    "NoEntireNetwork"=0 (0x0)
    "NoFileSharingControl"=0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoFolderOptions"=00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDesktop"=0 (0x0)
    "NoFolderOptions"=00000000
    "RestrictRun"=0 (0x0)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoRun"=0 (0x0)
    "NoLogOff"=0 (0x0)
    "NoFind"=0 (0x0)
    "NoClose"=0 (0x0)
    "NoSetFolders"=0 (0x0)
    "NoFavoritesMenu"=0 (0x0)
    "NoStartBanner"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "appinit_dlls"= C:\WINDOWS\system32\guard32.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SecureDoc.lnk]
    backup=C:\WINDOWS\pss\SecureDoc.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^MagicDisc.lnk]
    backup=C:\WINDOWS\pss\MagicDisc.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BootSkin Startup Jobs]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "HidServ"=2 (0x2)




    -- Hosts

    127.0.0.1 ad.a8.net
    127.0.0.1 asy.a8ww.net
    127.0.0.1 www.abx4.com #[Adware.ABXToolbar]
    127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
    127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
    127.0.0.1 phpadsnew.abac.com
    127.0.0.1 a.abnad.net
    127.0.0.1 b.abnad.net
    127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
    127.0.0.1 d.abnad.net

    18156 more entries in hosts file.


    -- End of Deckard's System Scanner: finished at 2008-04-25 14:09:26


    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.

    -- System Information

    Microsoft Windows XP Home Edition (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: AMD Athlon(tm) 64 Processor 3200+
    Percentage of Memory in Use: 29%
    Physical Memory (total/avail): 1534.48 MiB / 1080.39 MiB
    Pagefile Memory (total/avail): 3685.5 MiB / 3348 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1917.82 MiB

    C: is Fixed (NTFS) - 143.04 GiB total, 108.22 GiB free.
    D: is Fixed (FAT32) - 5.99 GiB total, 2.31 GiB free.
    E: is CDROM (No Media)
    F: is Removable (No Media)
    G: is Removable (No Media)
    H: is Removable (No Media)
    I: is Removable (No Media)
    J: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - ST3160021A - 149.05 GiB - 2 partitions
    \PARTITION0 - Unknown - 6 GiB - D:
    \PARTITION1 (bootable) - Installable File System - 143.04 GiB - C:

    \\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

    \\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

    \\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

    \\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



    -- Security Center

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FirstRunDisabled is set.
    AntiVirusDisableNotify is set.
    FirewallDisableNotify is set.

    FW: COMODO Firewall Pro v3.0 (COMODO)
    AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH)

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%ProgramFiles%\\iTunes\\iTunes.exe"="%ProgramFiles%\\iTunes\\iTunes.exe:*:enabled:iTunes"

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    -- Environment Variables

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Compaq_Owner\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=KEOGH
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Compaq_Owner
    LOGONSERVER=\\KEOGH
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\PC-Doctor for Windows\;C:\Program Files\QuickTime\QTSystem\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=2f02
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
    TMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
    USERDOMAIN=KEOGH
    USERNAME=Compaq_Owner
    USERPROFILE=C:\Documents and Settings\Compaq_Owner
    windir=C:\WINDOWS


    -- User Profiles

    Compaq_Owner (admin)


    -- Add/Remove Programs

    --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
    --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
    --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
    Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
    Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
    Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
    Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
    Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
    Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
    Adobe Color Common Settings --> MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
    Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
    Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
    Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
    Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
    Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
    Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
    Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
    Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
    Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
    Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
    Adobe Photoshop CS3 --> MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
    Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
    Adobe Setup --> MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
    Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
    Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
    Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
    Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
    Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
    Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
    Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
    Agere Systems PCI Soft Modem --> agrsmdel
    Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
    Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    COMODO Firewall Pro --> C:\Program Files\COMODO\Firewall\cfpconfg.exe -u
    Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
    Football Manager 2008 --> "C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe"
    Foxit PDF Editor --> C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
    GOM Player --> "C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
    HP Extended Capabilities 6.1 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Imaging Device Functions 6.1 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Essential --> MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}
    HP Product Detection --> MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
    HP PSC & OfficeJet 6.1.A --> "C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
    HP Solution Center and Imaging Support Tools 6.1 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update --> MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
    InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
    iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
    J2SE Runtime Environment 5.0 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
    Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Magic ISO Maker v5.4 (build 0239) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Magic Video Converter Trial Version (English) 8.0.2.18 --> "C:\Program Files\Magic Video Converter\unins000.exe"
    MagicDisc 2.6.93 --> C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
    Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    MediaMonkey 3.0 --> "C:\Program Files\MediaMonkey\unins000.exe"
    Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{91120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
    NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    PC-Doctor for Windows --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{19C989C4-50AE-43A4-B06E-8C70FFFF852F} /l1033
    PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
    PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
    Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
    Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
    QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
    RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Registry Genius v3.0 --> "C:\Program Files\Registry Genius\unins000.exe"
    Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
    Remove Microsoft Works 8.0 installer --> c:\\hp\\bin\\cloaker.exe commands /ww /lw:c:\\hp\\bin\\ifc\\Works_8\\lg.ini /c c:\\hp\\bin\\cloaker.exe c:\\hp\\bin\\ifc\\uninst.cmd ar
    Revo Uninstaller 1.50 --> C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
    RocketDock 1.3.5 --> "C:\Program Files\RocketDock\unins000.exe"
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
    Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
    Security Update for Outlook 2007 (KB946983) --> msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
    Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
    Shop for HP Supplies --> C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
    Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
    Sonic RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
    Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
    Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
    Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
    SpywareGuard v2.2 --> "C:\Program Files\SpywareGuard\unins000.exe"
    SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    Update for Office 2007 (KB946691) --> msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb949037) --> msiexec /package {91120000-0011-0000-0000-0000000FF1CE} /uninstall {B4F188C6-6DBF-42A5-A8A3-3086D1A384F2}
    Virtual DJ - Atomix Productions --> C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
    Vista Icons 2.6 --> C:\Program Files\Vista Icons\Uninst.exe
    Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


    -- Application Event Log

    Event Record #/Type754 / Warning
    Event Submitted/Written: 04/25/2008 02:40:49 AM
    Event ID/Source: 4113 / Avira AntiVir
    Event Description:
    HEUR/CryptedC:\Documents and Settings\Compaq_Owner\Local Settings\Temp\Rar$DR01.047\ANYDVD.Left.Over.Killer.Resetter.v1.3-Dr.Pc.Puttie\anydvd_leftover_killer13.exe

    Event Record #/Type727 / Warning
    Event Submitted/Written: 04/24/2008 04:21:50 AM
    Event ID/Source: 1001 / MsiInstaller
    Event Description:
    Detection of product '{31263605-FC84-4787-B847-BA445B147E24}', feature 'ScannerCopy' failed during request for component '{3207D1B1-80E5-11D2-B95D-006097C4DE24}'

    Event Record #/Type726 / Warning
    Event Submitted/Written: 04/24/2008 04:21:50 AM
    Event ID/Source: 1004 / MsiInstaller
    Event Description:
    Detection of product '{31263605-FC84-4787-B847-BA445B147E24}', feature 'ScannerCopy', component '{00F96358-A54A-4FB9-8144-C90F621489FB}' failed. The resource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\LeadToolsPath' does not exist.

    Event Record #/Type714 / Warning
    Event Submitted/Written: 04/23/2008 06:41:57 PM
    Event ID/Source: 1001 / MsiInstaller
    Event Description:
    Detection of product '{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}', feature 'TrayApp' failed during request for component '{5FF21F12-FDC3-4FB0-A6BE-04FE524B1C11}'

    Event Record #/Type713 / Warning
    Event Submitted/Written: 04/23/2008 06:41:57 PM
    Event ID/Source: 1004 / MsiInstaller
    Event Description:
    Detection of product '{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}', feature 'TrayApp', component '{544C7EF7-6803-40A6-980E-57758E45BE87}' failed. The resource 'HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\DigitalImaging\CtxMgr\Strings\EditorPluginsDir' does not exist.



    -- Security Event Log

    No Errors/Warnings found.


    -- System Event Log

    Event Record #/Type4056 / Error
    Event Submitted/Written: 04/25/2008 01:59:58 PM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    The MCSTRM service failed to start due to the following error:
    %%2

    Event Record #/Type4026 / Error
    Event Submitted/Written: 04/25/2008 03:15:23 AM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    The MCSTRM service failed to start due to the following error:
    %%2

    Event Record #/Type4008 / Error
    Event Submitted/Written: 04/25/2008 03:01:56 AM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    The MCSTRM service failed to start due to the following error:
    %%2

    Event Record #/Type4002 / Warning
    Event Submitted/Written: 04/25/2008 02:43:30 AM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

    Event Record #/Type4001 / Warning
    Event Submitted/Written: 04/25/2008 02:41:14 AM
    Event ID/Source: 18 / avgntflt
    Event Description:
    TIMEOUT<guardgui.exe> C:\... Classic\msvcr71.dll



    -- End of Deckard's System Scanner: finished at 2008-04-25 14:09:26


Comments

  • #2
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    It's clean, you have nothing to worry about


  • #3
    TiGeR KiNgS
    Registered Users, Registered Users 2 Posts: 1,435 ✭✭✭TiGeR KiNgS


    Cheers, how do i get rid of dss?
    How do i get rid of that encrypted file Anydvd, what the hell is that?
    edit would i be aright installing utorrent again 20-30 outbound connections seems a bit steep?


  • #4
    ActorSeeksJob
    Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Just delete DSS.exe and the folder C:\Deckards System Scanner
    How do i get rid of that encrypted file Anydvd, what the hell is that?
    It is some dvd burner I think. Try delete it in Safe Mode
    edit would i be aright installing utorrent again 20-30 outbound connections seems a bit steep?
    I imagine it would be alright


  • #5
    TiGeR KiNgS
    Registered Users, Registered Users 2 Posts: 1,435 ✭✭✭TiGeR KiNgS


    thank you very much, A real star of boards :)


Advertisement
Advertisement