Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cleaning Up My Pc


  • This topic is locked This topic is locked
10 replies to this topic

#1 Moc

Moc

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:36 PM

Posted 14 September 2007 - 09:26 AM

Hey all,

I wonder if you could help me with cleaning up my PC. Ive got some problems with my PC:

- I get errors when closing a program, something with memory,
- My computer slowed down a lot, already did virusscans and I cleaned up my files and programs.
- FPS lag (gaming)

I'm just a noob, so please be so kind to explain it clearly, what to do etc...


Thanks in advance,

Moc

BC AdBot (Login to Remove)

 


m

#2 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:07:36 AM

Posted 21 September 2007 - 07:03 AM

Hey there Moc, I'd like to try to help you out....lets get you cleaned up. Start with the following:

* Download HijackThis
  • Save HJTInstall.exe to your Desktop.
  • Double click on the HJTInstall.exe icon to start the program.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis, and after the final dialogue box it will launch HijackThis.
  • Click on the scan button. It will scan and then ask you to save the log.
  • Save the log, and post it in your next reply.

Edited by jwinathome, 21 September 2007 - 07:03 AM.


#3 Moc

Moc
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:36 PM

Posted 22 September 2007 - 03:49 PM

Thanks for your help,
There you are:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:09, on 22-9-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WinMySQLadmin.lnk = C:\xampp\mysql\bin\winmysqladmin.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tijn Kuyper\Menu Start\Programma's\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\xampp\filezillaftp\filezillaserver.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe (file missing)

--
End of file - 8655 bytes



#4 Moc

Moc
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:36 PM

Posted 23 September 2007 - 02:48 PM

I 've made some changes in installing and stuff, so I have made a new hijacklog:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:24, on 23-9-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WinMySQLadmin.lnk = C:\xampp\mysql\bin\winmysqladmin.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tijn Kuyper\Menu Start\Programma's\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\xampp\filezillaftp\filezillaserver.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe (file missing)

--
End of file - 8801 bytes



#5 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:07:36 AM

Posted 25 September 2007 - 03:43 PM

Hey Moc sorry for the delay...

Go ahead and rerun Hijackthis, place a check next to the following entry and select Fix Checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

I don't see any malicious software in your log, but lets go ahead and run the below scan to see if we can find something.

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
[/quote]

#6 Moc

Moc
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:36 PM

Posted 26 September 2007 - 01:12 AM

main.txt:

Deckard's System Scanner v20070905.67
Run by Tijn Kuyper on 2007-09-26 08:08:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
132: 2007-09-26 06:08:11 UTC - RP132 - Deckard's System Scanner Restore Point
131: 2007-09-24 15:18:43 UTC - RP131 - Removed MySQL Server 5.0
130: 2007-09-24 15:15:20 UTC - RP130 - Removed MySQL Connector/ODBC 3.51
129: 2007-09-24 15:13:25 UTC - RP129 - Verwijderd: Microsoft Visual C++ 2005 Redistributable
128: 2007-09-23 12:29:50 UTC - RP128 - Installed MySQL Server 5.0


-- First Restore Point --
1: 2007-07-05 15:02:23 UTC - RP1 - Controlepunt van systeem


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Tijn Kuyper.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:09:15, on 26-9-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Tijn Kuyper\Bureaublad\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tijn Kuyper.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WinMySQLadmin.lnk = C:\xampp\mysql\bin\winmysqladmin.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Tijn Kuyper\Menu Start\Programma's\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\xampp\filezillaftp\filezillaserver.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe (file missing)

--
End of file - 8550 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20070926-080552-237 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 asuskbnt (Enhanced Display Driver Helper Service) - c:\windows\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R2 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
R2 LBeepKE - c:\windows\system32\drivers\lbeepke.sys <Not Verified; Logitech, Inc.; Logitech SetPoint™>
R2 windrvNT - c:\windows\system32\windrvnt.sys
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>

S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ATKKeyboardService (ATK Keyboard Service) - c:\windows\atkkbservice.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 FirebirdGuardianDefaultInstance (Firebird Guardian - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbguard.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>
R3 FirebirdServerDefaultInstance (Firebird Server - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbserver.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>

S2 FileZilla Server (FileZilla Server FTP server) - c:\xampp\filezillaftp\filezillaserver.exe (file missing)
S2 XAMPP (XAMPP Service) - c:\xampp\service.exe (file missing)
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI-geheugencontroller
Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00
Manufacturer:
Name: PCI-geheugencontroller
PNP Device ID: PCI\VEN_10DE&DEV_005E&SUBSYS_815A1043&REV_A3\3&2411E6FE&0&00
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM-buscontroller
Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09
Manufacturer:
Name: SM-buscontroller
PNP Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&2411E6FE&0&09
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394-netwerkkaart
Device ID: V1394\NIC1394\2AB72911D800
Manufacturer: Microsoft
Name: 1394-netwerkkaart
PNP Device ID: V1394\NIC1394\2AB72911D800
Service: NIC1394

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ander PCI-brugapparaat
Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Manufacturer:
Name: Ander PCI-brugapparaat
PNP Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Service:


-- Scheduled Tasks -------------------------------------------------------------

2007-09-03 15:42:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-09-01 09:36:00 276 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job
2007-08-15 12:15:52 350 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job


-- Files created between 2007-08-26 and 2007-09-26 -----------------------------

2007-09-25 20:17:58 0 d-------- C:\Program Files\HTML Password Lock
2007-09-24 17:14:01 0 d-------- C:\WINDOWS\SxsCaPendDel
2007-09-23 14:29:59 0 d-------- C:\Program Files\MySQL
2007-09-23 14:27:35 1073152 --a------ C:\WINDOWS\system32\libmysql_c.dll
2007-09-23 14:27:30 0 d-------- C:\Program Files\PremiumSoft
2007-09-22 22:47:53 0 d-------- C:\Program Files\Trend Micro
2007-09-21 16:51:24 0 d-------- C:\Program Files\DAEMON Tools
2007-09-21 15:40:39 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-09-19 19:27:57 0 d-------- C:\Program Files\Arturia
2007-09-18 20:48:05 27 --a------ C:\WINDOWS\system\msvcrt16.dll
2007-09-18 20:47:52 0 d-------- C:\Program Files\Magic Translator
2007-09-18 20:42:34 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Vitolab
2007-09-17 17:00:16 0 dr-h----- C:\$VAULT$.AVG
2007-09-16 18:06:15 4 --a------ C:\WINDOWS\system32\vm.exe
2007-09-16 16:47:01 0 d-------- C:\bniSoftWare
2007-09-16 16:33:40 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Grisoft
2007-09-16 16:30:21 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\AVG7
2007-09-16 16:29:51 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-09-16 16:29:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-16 15:26:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-09-16 13:08:04 77824 --a------ C:\WINDOWS\system32\FLKill.exe <Not Verified; USPTO; Project1>
2007-09-16 13:08:03 35363 --a------ C:\WINDOWS\system32\windrvNT.sys
2007-09-16 13:08:03 110592 --a------ C:\WINDOWS\system32\suppdll.dll
2007-09-16 13:08:03 0 d-------- C:\Program Files\Folder Lock
2007-09-16 10:33:30 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-15 14:50:14 0 d-------- C:\Program Files\MegaSpoof
2007-09-14 16:49:52 0 d-------- C:\Program Files\Autokick
2007-09-14 16:49:42 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2007-09-11 18:35:30 88 -r-hs---- C:\WINDOWS\system32\8CE64BD492.sys
2007-09-11 18:30:15 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Corel
2007-09-11 18:29:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Corel
2007-09-11 18:17:11 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-09-11 18:13:09 0 d-------- C:\Program Files\Corel
2007-09-11 18:13:00 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\InstallShield
2007-09-10 17:26:50 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\GlobalSCAPE
2007-09-10 17:15:24 0 d-------- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE
2007-09-10 17:15:05 0 d-------- C:\Program Files\GlobalSCAPE
2007-09-09 16:10:28 0 d-------- C:\Program Files\Rockstar Games
2007-09-08 13:42:19 0 d-------- C:\Program Files\MOHAA CI
2007-09-07 08:18:09 0 d-------- C:\Program Files\Common Files\Bcgsoft
2007-09-07 08:12:22 0 d-------- C:\Program Files\The Game Creators
2007-09-03 10:37:41 0 d-------- C:\Program Files\Demo Builder
2007-09-02 17:20:17 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\VanDale
2007-09-02 17:10:44 0 d-------- C:\VanDale
2007-09-02 17:10:32 315904 --a------ C:\WINDOWS\IsUn0413.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2007-09-02 17:10:30 0 d-------- C:\Documents and Settings\Tijn Kuyper\WINDOWS
2007-09-01 18:12:05 0 d-------- C:\Program Files\FileZilla
2007-09-01 12:11:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Snappy Invoice System
2007-08-31 23:43:56 0 d-------- C:\NVIDIA
2007-08-31 11:12:08 0 d-------- C:\Program Files\CoffeeCup Software
2007-08-31 10:34:44 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\IMVU
2007-08-29 12:32:23 1743 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2007-08-28 12:27:40 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Systweak
2007-08-28 12:27:17 0 d-------- C:\Program Files\Advanced System Optimizer
2007-08-28 10:48:02 0 d-------- C:\Program Files\Flash Banner Creator
2007-08-27 09:48:44 0 d-------- C:\Program Files\MSXML 4.0
2007-08-26 20:06:07 0 d-------- C:\Program Files\Microsoft Games
2007-08-26 15:07:48 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\stickies
2007-08-26 13:57:54 2908 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-26 13:56:58 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-08-26 13:56:58 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2007-08-26 13:56:58 51200 --a------ C:\WINDOWS\system32\dumphive.exe


-- Find3M Report ---------------------------------------------------------------

2007-09-26 08:04:42 0 d---s---- C:\Program Files\Xfire
2007-09-25 21:27:50 0 d-------- C:\Program Files\FlashFXP
2007-09-25 17:41:47 0 d-------- C:\Program Files\Windows Live Safety Center
2007-09-24 21:26:58 0 d-------- C:\Program Files\HLSW
2007-09-24 18:48:57 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Xfire
2007-09-24 17:26:22 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\LimeWire
2007-09-24 17:15:03 0 d-------- C:\Program Files\MohaaTools
2007-09-23 17:27:03 0 d-------- C:\Program Files\FinePixViewer
2007-09-21 15:48:14 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Skype
2007-09-18 16:43:22 0 d-------- C:\Program Files\MSN Messenger
2007-09-16 12:46:54 0 d-------- C:\Program Files\Common Files
2007-09-10 17:26:28 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-03 15:46:13 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\teamspeak2
2007-09-02 14:07:12 0 d-------- C:\Program Files\DMW Client 3
2007-09-01 15:58:03 0 d-------- C:\Program Files\Teamspeak2_RC2
2007-08-26 15:13:08 0 d-------- C:\Program Files\Java
2007-08-25 15:53:31 21 --a------ C:\WINDOWS\system32\lsfdp
2007-08-25 15:41:41 0 d-------- C:\Program Files\Longtion
2007-08-22 09:42:44 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Uniblue
2007-08-21 15:23:30 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\WNR
2007-08-21 10:09:56 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>
2007-08-20 14:18:22 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Adobe
2007-08-12 17:41:53 0 d-------- C:\Program Files\Bonjour
2007-08-12 17:41:49 0 d-------- C:\Program Files\Common Files\Adobe
2007-08-11 23:44:05 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-08-10 10:44:11 0 d-------- C:\Program Files\Common Files\Logitech
2007-08-09 12:37:49 0 d-------- C:\Program Files\PHP Form Wizard
2007-08-09 11:10:17 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\CyberLink
2007-08-08 19:59:50 0 d-------- C:\Program Files\The All-Seeing Eye
2007-08-08 16:50:18 0 d-------- C:\Program Files\Mozilla Thunderbird
2007-08-08 15:19:15 0 d-------- C:\Program Files\CyberLink
2007-08-08 15:02:32 0 d-------- C:\Program Files\BitComet
2007-08-08 14:21:05 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\DivX
2007-08-08 14:14:30 0 d-------- C:\Program Files\Videora
2007-08-08 14:08:20 0 d-------- C:\Program Files\Google
2007-08-08 14:05:14 0 d-------- C:\Program Files\DivX
2007-08-08 13:46:49 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Apple Computer
2007-08-08 13:44:09 465586 --a------ C:\WINDOWS\system32\perfh013.dat
2007-08-08 13:44:09 81436 --a------ C:\WINDOWS\system32\perfc013.dat
2007-08-08 13:37:58 0 d-------- C:\Program Files\Red Kawa
2007-08-08 13:04:34 0 d-------- C:\Program Files\DMW Scanner 3
2007-08-07 19:23:46 0 d-------- C:\Program Files\Warez-BB
2007-08-07 13:17:19 0 d-------- C:\Program Files\bobyte
2007-08-06 11:00:26 0 d-------- C:\Program Files\Skype
2007-08-05 21:18:41 4608 --a------ C:\WINDOWS\system32\w95inf32.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2007-08-05 21:18:41 2272 --a------ C:\WINDOWS\system32\w95inf16.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2007-08-05 21:18:32 0 d-------- C:\Program Files\ArcSoft
2007-08-05 20:58:22 0 d-------- C:\Program Files\Common Files\Skype
2007-08-05 18:04:50 0 d-------- C:\Program Files\QuickTime
2007-08-05 18:03:50 0 d-------- C:\Program Files\Apple Software Update
2007-08-05 13:11:09 0 d-------- C:\Program Files\Game Cam
2007-08-04 20:40:50 0 d-------- C:\Program Files\SpacialAudio
2007-08-04 13:01:13 0 d-------- C:\Program Files\Winamp
2007-08-04 12:50:23 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\DeskSoft
2007-08-03 14:06:50 0 d-------- C:\Program Files\SHOUTcast
2007-08-03 13:05:55 0 d-------- C:\Program Files\Valve
2007-08-03 12:57:46 0 d-------- C:\Program Files\Microsoft Works
2007-08-02 21:43:56 0 d-------- C:\Program Files\Common Files\L&H
2007-08-02 21:43:17 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-08-02 21:36:31 0 d-------- C:\Program Files\Microsoft.NET
2007-07-27 01:06:22 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-07-27 01:03:48 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-07-27 01:03:48 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-07-27 01:03:38 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-07-27 01:03:38 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-07-27 01:03:38 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-07-27 01:03:38 740442 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-07-27 01:03:02 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-07-06 15:09:50 646 --a------ C:\WINDOWS\eReg.dat
2007-07-06 12:37:22 1767 --a------ C:\WINDOWS\mozver.dat
2007-07-05 22:13:04 0 --a------ C:\WINDOWS\nsreg.dat
2007-07-05 18:34:40 62 --ahs---- C:\Documents and Settings\Tijn Kuyper\Application Data\desktop.ini
2007-07-05 16:57:25 0 -rahs---- C:\MSDOS.SYS
2007-07-05 16:57:25 0 -rahs---- C:\IO.SYS
2007-07-05 16:57:25 0 --a------ C:\CONFIG.SYS
2007-07-05 16:57:25 0 --a------ C:\AUTOEXEC.BAT
2007-07-05 16:54:58 21748 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-06-29 00:43:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-06-29 00:43:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-06-29 00:43:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-06-29 00:43:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-06-29 00:43:00 1474560 --a------ C:\WINDOWS\system32\nview.dll
2007-06-29 00:43:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-06-29 00:43:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-06-29 00:43:00 425984 --a------ C:\WINDOWS\system32\keystone.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15-07-2005 23:48]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [21-09-2007 15:52]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11-06-2007 11:25]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [29-06-2007 00:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [05-07-2007 23:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04-08-2004 14:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"




-- End of Deckard's System Scanner: finished at 2007-09-26 08:10:53 ------------


extra.txt:

Deckard's System Scanner v20070905.67
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: Dutch

CPU 0: AMD Athlon™ 64 Processor 3000+
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 1023.48 MiB / 593.69 MiB
Pagefile Memory (total/avail): 2460.31 MiB / 2087.7 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1967.92 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 94.95 GiB total, 25.61 GiB free.
D: is Fixed (NTFS) - 94.96 GiB total, 87.21 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6L200M0 - 189.92 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 94.95 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 94.96 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG 7.5.488 v7.5.488 (GRISOFT)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3"

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\HLSW\\hlsw.exe"="C:\\Program Files\\HLSW\\hlsw.exe:*:Enabled:hlsw"
"C:\\Program Files\\SHOUTcast\\sc_serv.exe"="C:\\Program Files\\SHOUTcast\\sc_serv.exe:*:Enabled:sc_serv"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe"="C:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe:*:Enabled:SAMBC"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault™ Spearhead"
"C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead_server.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\moh_spearhead_server.exe:*:Enabled:Medal of Honor Allied Assault™ Spearhead"
"D:\\xampp\\apache\\bin\\apache.exe"="D:\\xampp\\apache\\bin\\apache.exe:*:Enabled:Apache HTTP Server"
"D:\\xampp\\mysql\\bin\\mysqld.exe"="D:\\xampp\\mysql\\bin\\mysqld.exe:*:Enabled:mysqld"
"D:\\xampplite\\apache\\bin\\apache.exe"="D:\\xampplite\\apache\\bin\\apache.exe:*:Enabled:Apache HTTP Server"
"D:\\xampplite\\mysql\\bin\\mysqld.exe"="D:\\xampplite\\mysql\\bin\\mysqld.exe:*:Enabled:mysqld"
"D:\\xampp\\MercuryMail\\mercury.exe"="D:\\xampp\\MercuryMail\\mercury.exe:*:Enabled:Mercury/32 Core Processing Module v4.01a"
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"="C:\\Program Files\\Teamspeak2_RC2\\server_windows.exe:*:Enabled:Server"
"C:\\Program Files\\The All-Seeing Eye\\eye.exe"="C:\\Program Files\\The All-Seeing Eye\\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"C:\\Program Files\\Foresight\\foresight.exe"="C:\\Program Files\\Foresight\\foresight.exe:*:Enabled:Anti-Cheat Admin Tool for Medal of Honor and Related Programs."
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Een DLL-bestand als toepassing starten"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\mocownage\\counter-strike\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\mocownage\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\Warez-BB\\mIRC\\mirc.exe"="C:\\Program Files\\Warez-BB\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault™"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"="C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\\xampp\\xampp\\apache\\bin\\apache.exe"="D:\\xampp\\xampp\\apache\\bin\\apache.exe:*:Enabled:Apache HTTP Server"
"D:\\xampp\\xampp\\MercuryMail\\mercury.exe"="D:\\xampp\\xampp\\MercuryMail\\mercury.exe:*:Enabled:Mercury/32 Core Processing Module v4.01a"
"D:\\Habbo Retro\\Debbo v3.5\\Debbo V3.5.exe"="D:\\Habbo Retro\\Debbo v3.5\\Debbo V3.5.exe:*:Enabled:Debbo V3.5"
"D:\\xampp\\xampp\\mysql\\bin\\mysqld.exe"="D:\\xampp\\xampp\\mysql\\bin\\mysqld.exe:*:Enabled:mysqld"
"C:\\xampp\\apache\\bin\\apache.exe"="C:\\xampp\\apache\\bin\\apache.exe:*:Enabled:Apache HTTP Server"
"C:\\xampp\\MercuryMail\\mercury.exe"="C:\\xampp\\MercuryMail\\mercury.exe:*:Enabled:Mercury/32 Core Processing Module v4.01a"
"D:\\Habbo Retro\\2\\Debbo v3.5\\Debbo V3.5.exe"="D:\\Habbo Retro\\2\\Debbo v3.5\\Debbo V3.5.exe:*:Enabled:Debbo V3.5"
"D:\\Habbo Retro\\server.exe"="D:\\Habbo Retro\\server.exe:*:Enabled:server"
"C:\\Program Files\\Proxy Switcher Standard\\ProxySwitcher.exe"="C:\\Program Files\\Proxy Switcher Standard\\ProxySwitcher.exe:*:Enabled:Proxy Switcher"
"C:\\xampp\\mysql\\bin\\mysqld.exe"="C:\\xampp\\mysql\\bin\\mysqld.exe:*:Enabled:mysqld"
"C:\\Program Files\\Microsoft Games\\Age of Mythology\\aom.exe"="C:\\Program Files\\Microsoft Games\\Age of Mythology\\aom.exe:*:Enabled:Age of Mythology"
"C:\\Program Files\\Valve\\Steam\\SteamApps\\mocownage\\day of defeat\\hl.exe"="C:\\Program Files\\Valve\\Steam\\SteamApps\\mocownage\\day of defeat\\hl.exe:*:Enabled:Half-Life Launcher"
"C:\\Program Files\\MOHAA CI\\MOHaaCI.exe"="C:\\Program Files\\MOHAA CI\\MOHaaCI.exe:*:Enabled:Monitors MOHAA Dedicated Servers"
"C:\\Program Files\\Autokick\\Autokick.exe"="C:\\Program Files\\Autokick\\Autokick.exe:*:Enabled:Autokick for MoHAA 1.11"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\DAP\\DAP.exe"="C:\\Program Files\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\\Documents and Settings\\Tijn Kuyper\\Mijn documenten\\mochosting\\RETRO V4\\DebboProject V4 - Public beta.exe"="C:\\Documents and Settings\\Tijn Kuyper\\Mijn documenten\\mochosting\\RETRO V4\\DebboProject V4 - Public beta.exe:*:Enabled:DebboProject V4 - Public beta"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Tijn Kuyper\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TIJN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Tijn Kuyper
LOGONSERVER=\\TIJN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\TIJNKU~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\TIJNKU~1\LOCALS~1\Temp
USERDOMAIN=TIJN
USERNAME=Tijn Kuyper
USERPROFILE=C:\Documents and Settings\Tijn Kuyper
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Tijn Kuyper (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20A4352A-237B-41DD-A6C0-3CD2F8E8D35C}\Setup.exe" -l0x13
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 8.1.0 Professional --> msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e225e\Setup.exe
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup --> MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8}
Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E142615E-5ED8-4511-9BF0-0284BFA25766}\setup.exe" -l0x13 -uninst
ArcSoft VideoImpression 1.6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED10343F-D30A-4200-9B00-665FC45F52B4}\setup.exe" -l0x13 -uninst
ASUS Enhanced Display Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Beveiligingsupdate for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Beveiligingsupdate voor Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
CoffeeCup Flash Form Builder - Registered --> C:\PROGRA~1\COFFEE~1\COFFEE~1\UNWISE.EXE C:\PROGRA~1\COFFEE~1\COFFEE~1\INSTALL.LOG
CoffeeCup Flash Menu Builder --> C:\PROGRA~1\COFFEE~1\COFFEE~2\UNWISE.EXE C:\PROGRA~1\COFFEE~1\COFFEE~2\INSTALL.LOG
Condition Zero --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/80
Condition Zero Deleted Scenes --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/100
Counter-Strike --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/10
Counter-Strike™ --> MsiExec.exe /I{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}
CuteFTP 8 Professional --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91F34319-08DE-457A-99C0-0BCDFAC145B9}\Setup.exe" -l0x9
Day of Defeat --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/30
Deathmatch Classic --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/40
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DMW Client SE --> C:\Program Files\DMW Client 3\uninst.exe
FinePixViewer Resource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE" -l0x9
FinePixViewer Ver.5.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE" -l0x9
Firebird 1.5.2.4731 --> "C:\Program Files\Firebird\Firebird_1_5\unins000.exe"
FlashFXP v3 --> "C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
Folder Lock --> C:\Program Files\Folder Lock\Uninstall.exe
FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
GreenBox 1.0 --> "C:\Program Files\Studio V5\GreenBox\unins000.exe"
GTA San Andreas --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HLSW v1.1.6 --> "C:\Program Files\HLSW\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix voor Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
HTML Password Lock 4.0 --> "C:\Program Files\HTML Password Lock\unins000.exe"
ImageMixer VCD2 LE for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B093990A-AAF2-44AC-9216-14BB7A2189B6}\SETUP.EXE" -l0x9
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
LimeWire PRO 4.13.10 --> "C:\Program Files\LimeWire\uninstall.exe"
Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x13 -removeonly
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Medal of Honor Allied Assault --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x13
Medal of Honor Allied Assault™ Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x13
Medal of Honor Allied Assault™ Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}\Setup.exe" -l0x13
Medal of Honor Allied Assault™ Spearhead Patch 2.15 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}\Setup.exe" -l0x13
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office 2003 Web Components --> MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Access MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Groove MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office Project MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-00B4-0413-0000-0000000FF1CE}
Microsoft Office Project Professional 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL
Microsoft Office Project Professional 2007 --> MsiExec.exe /X{90120000-003B-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007 --> MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office SharePoint Designer 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall SHAREPOINTDESIGNER /dll OSETUP.DLL
Microsoft Office SharePoint Designer 2007 --> MsiExec.exe /X{90120000-0017-0000-0000-0000000FF1CE}
Microsoft Office SharePoint Designer MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0017-0413-0000-0000000FF1CE}
Microsoft Office Visio MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-0054-0413-0000-0000000FF1CE}
Microsoft Office Visio Professional 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
Microsoft Office Visio Professional 2007 --> MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office XP Web Components --> MsiExec.exe /I{90260409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.7) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.6) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PC-Checkup --> C:\WINDOWS\iun6002.exe "C:\PC-Checkup\irunin.ini"
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Pixie 3.1 (remove only) --> "C:\Program Files\Nattyware\Pixie\uninstall.exe"
Power2Go 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
PowerDVD --> "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
PP Xfire Skin --> MsiExec.exe /I{3F505FE9-C790-4CDE-82FA-290CE2B6ED4A}
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Ricochet --> "C:\PROGRA~1\Valve\Steam\steam.exe" steam://uninstall/60
SAM Broadcaster (remove only) --> "C:\Program Files\SpacialAudio\SAMBC\uninstall.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB936509) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A00724F5-82C4-4924-B707-0E5A84B52471}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-003B-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB936514) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C7A78F7F-EF32-4477-BAD7-3439EA7571BF}
Security Update for Publisher 2007 (KB936646) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-003B-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
SHOUTcast DNAS (remove only) --> "C:\Program Files\SHOUTcast\uninst-dnas.exe"
Skype™ 3.2 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam™ --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SuperMegaSpoof 2.0 --> "C:\Program Files\MegaSpoof\unins000.exe"
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
TeamSpeak 2 Server RC2 --> "C:\Program Files\Teamspeak2_RC2\unins001.exe"
TRUST 320 SPACEC@M --> C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB932080) --> msiexec /package {90120000-003B-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
Update for Outlook 2007 (KB937608) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CBB2454D-193F-4523-8A31-FEB343B7C30E}
Update for Outlook 2007 Junk Email Filter (kb937833) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {ACB40B61-03E6-4F6F-AA5E-7B02A89E8AD3}
Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
Update voor Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update voor Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update voor Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update voor Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update voor Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Update voor Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update voor Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update voor Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update voor Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update voor Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update voor Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update voor Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update voor Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Update voor Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Update voor Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Van Dale Groot woordenboek hedendaags Nederlands --> C:\WINDOWS\ISUN0413.EXE -f"C:\VanDale\Grote woordenboeken\Nederlands\Uninst.isu" -c"C:\VanDale\Grote woordenboeken\Nederlands\setupnn.dll"
Van Dale Grote woordenboeken Engels --> C:\WINDOWS\ISUN0413.EXE -f"C:\VanDale\Grote woordenboeken\Engels\Uninst.isu" -c"C:\VanDale\Grote woordenboeken\Engels\setupenne.dll"
Vopt 8.18 --> C:\PROGRA~1\Vopt8\UNWISE.EXE C:\PROGRA~1\Vopt8\INSTALL.LOG
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live Messenger --> MsiExec.exe /I{9816B8B8-4B53-4D3D-9235-AD931252001D}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"
Zend Optimizer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C24C6EB-FF40-4855-9C1D-42F8AFC75112}\setup.exe" -l0x9 -removeonly


-- Application Event Log -------------------------------------------------------

Event Record #/Type2294 / Success
Event Submitted/Written: 09/26/2007 08:04:06 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type2282 / Success
Event Submitted/Written: 09/25/2007 05:28:55 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type2265 / Success
Event Submitted/Written: 09/25/2007 07:38:20 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type2254 / Error
Event Submitted/Written: 09/24/2007 06:48:00 PM
Event ID/Source: 1000 / Application Error
Event Description:
Vastgelopen toepassing: diag.exe, versie: 4.50.0.1619, vastgelopen module: ~de69a0.tmp, versie: 4.50.0.1619, vastgelopen op: 0x0002a773.
Verwerken van mediaspecifieke gebeurtenis voor [diag.exe!ws!]

Event Record #/Type2253 / Warning
Event Submitted/Written: 09/24/2007 06:44:12 PM
Event ID/Source: 63 / WinMgmt
Event Description:
De aanbieder, OffProv11, is geregistreerd in de WMI-naamruimte, Root\MSAPPS11, om de account LocalSystem te gebruiken. Deze account beschikt over machtigingen, waardoor de aanbieder inbreuken op de beveiliging kan veroorzaken wanneer aanvragen van gebruikers op onjuiste wijze worden geïmiteerd.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type7670 / Error
Event Submitted/Written: 09/26/2007 08:03:02 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De XAMPP Service-service kan vanwege de volgende fout niet worden gestart:
%%3

Event Record #/Type7669 / Error
Event Submitted/Written: 09/26/2007 08:03:02 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De FileZilla Server FTP server-service kan vanwege de volgende fout niet worden gestart:
%%3

Event Record #/Type7640 / Error
Event Submitted/Written: 09/25/2007 05:25:46 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De XAMPP Service-service kan vanwege de volgende fout niet worden gestart:
%%3

Event Record #/Type7639 / Error
Event Submitted/Written: 09/25/2007 05:25:46 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De FileZilla Server FTP server-service kan vanwege de volgende fout niet worden gestart:
%%3

Event Record #/Type7611 / Error
Event Submitted/Written: 09/25/2007 07:33:26 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De XAMPP Service-service kan vanwege de volgende fout niet worden gestart:
%%3



-- End of Deckard's System Scanner: finished at 2007-09-26 08:10:53 ------------



#7 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:07:36 AM

Posted 26 September 2007 - 12:09 PM

Thanks for the log....

moc I can't find enough information on the folder:

C:\WINDOWS\SxsCaPendDel

Do you know what that is? If not, can you please do the following:

Navigate to C:\WINDOWS\SxsCaPendDel, right-click the folder, then select Send To "Compressed (Zipped) Folder". A new, zipped folder should appear.

Now please go to Jotti
At the top select the Browse button then navigate to the following zipped folder and Submit it to be scanned.

C:\WINDOWS\SxsCaPendDel.zip

Please Copy & Paste the results of the scan in your next reply.

A couple of other things:
**You are using Limewire. This is an optional removal. However, anytime you are running any type of p2p application, you are more prone to infection by malware. The choice to remove it is entirely up to you, but I would strongly recommend that you get rid of it. If you do not want to, please at least refrain from using any peer-to-peer programs for the remainder of my fix.

**Messenger Plus has been reported to be a security risk, not only because Adware Removal programs flag Messenger Plus as Adware, but also because there can be privacy issues associated with this product. (The choice to remove this is completely up to you, but it is recommended.)

#8 Moc

Moc
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:36 PM

Posted 26 September 2007 - 01:18 PM

Hey,

I don't know what that map is for. I checked it and it was an empty map, though I just did what you said (bit useless but ok :thumbsup:).
As expected of an empty map there was no virus found with any of the online scanners provided by jotti:

Service load:
0% 100%
File: SxsCaPendDel.rar
Status:
OK
MD5: eeb5aea7407fb6bb732a3b67c0fd1ff7
Packers detected:
-
Bit9 reports: File not found

A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Rising Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing



Than about the recommendations, I dedecide not to delete limewire nor msn plus but thanks for the advice though ;)

Is there anything more to be done?

Greetings,

Edited by Moc, 26 September 2007 - 01:44 PM.


#9 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:07:36 AM

Posted 26 September 2007 - 02:07 PM

I just did what you said (bit useless but ok

Well, sometimes files are hiding.

I don't think your problem is malware related....

If you would like to take the time, try posting a description of the problem you are having in either the Software and Hardware > Games Forum or the Software and Hardware > Hardware Forum.

Hope everything gets fixed for you! Let me know if you have any questions.

#10 Moc

Moc
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:36 PM

Posted 26 September 2007 - 02:26 PM

Hey,

Thanks for you help in this process.
I don't have the memory errors anymore and the fps lag has been reduced, so we have done great :thumbsup:

This topic can be closed ;)


Moc

#11 jwinathome

jwinathome

  • Members
  • 1,360 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, Georgia
  • Local time:07:36 AM

Posted 26 September 2007 - 07:17 PM

This thread will now be closed.
If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you.
Include the address of this thread in your request.
If you should have a new issue, please start a new topic.
This applies only to the original topic starter.
Everyone else please begin a New Topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users