Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constantly Recurring Backdoor.graybird Virsus Indications


  • Please log in to reply
1 reply to this topic

#1 JJameison

JJameison

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 09 April 2008 - 07:12 PM

About two days ago Norton AV, on my son's notebook computer, began to indicate repeated, constantly recurring backdoor.graybird virsus infections in tmp files and the name of the tmp file constantly changed everytime we tried to correct the condition via NAV. We did a couple of scans with NAV and it found problems, but the files could not be quarantined or deleted.

We ran A-Squared Free and it found approx 180 problems, but none were high alert problems. We quarantined the problem files, but immediately after a reboot the same constantly recurring Norton AV backdoor.graybird virsus infection indications started to occur.

We ran XOftSpy SE and it found about 75 low level problems and a single occurance of a vundo.trojan infection in a dll file. Since it was only the demo version of the XOftSpy program, we could not quarantine or delete the problem files.

We ran DSS, which also ran HJT and the following is the extra.txt file.

Any help will be greatly appreciated.

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ 64 Processor 3000+
Percentage of Memory in Use: 79%
Physical Memory (total/avail): 510.98 MiB / 104.91 MiB
Pagefile Memory (total/avail): 1246.09 MiB / 846.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1918.3 MiB

C: is Fixed (NTFS) - 55.88 GiB total, 4.78 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - IC25N060ATMR04-0 - 55.89 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 55.88 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.

FW: Norton Internet Worm Protection v2005 (Symantec)
AV: Norton AntiVirus v2005 (Symantec Corporation) Outdated
AV: Eset NOD32 antivirus system 2.51 v2.51 (Eset) Outdated

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Electronic Arts\\Need For Speed III\\nfs3.exe"="C:\\Program Files\\Electronic Arts\\Need For Speed III\\nfs3.exe:*:Enabled:Need For Speed III for Win32"
"C:\\LieroX v0.56b Pack 1.7\\LieroX.exe"="C:\\LieroX v0.56b Pack 1.7\\LieroX.exe:*:Enabled:LieroX"
"C:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"="C:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\\Program Files\\BYOND\\bin\\dreamseeker.exe"="C:\\Program Files\\BYOND\\bin\\dreamseeker.exe:*:Enabled:Dream Seeker"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Program Files\\Black Isle\\Icewind Dale\\IDMain.exe"="C:\\Program Files\\Black Isle\\Icewind Dale\\IDMain.exe:*:Enabled:Icewind Dale"
"C:\\Westwood\\RA2\\gamemd.exe"="C:\\Westwood\\RA2\\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"="C:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat:*:Enabled:game"
"C:\\Downloads\\Mystera Legends\\Mystera Legends.exe"="C:\\Downloads\\Mystera Legends\\Mystera Legends.exe:*:Enabled:Mystera Legends"
"C:\\zMUD\\zMud_v6[1].40\\Proxy.exe"="C:\\zMUD\\zMud_v6[1].40\\Proxy.exe:*:Enabled:Proxy"
"C:\\zMUD\\Proxy.exe"="C:\\zMUD\\Proxy.exe:*:Enabled:Proxy"
"C:\\zMUD\\zMUD_v6[1].16\\Proxy.exe"="C:\\zMUD\\zMUD_v6[1].16\\Proxy.exe:*:Enabled:DAMN eLicense Proxy"
"C:\\Soldat121\\Soldat.exe"="C:\\Soldat121\\Soldat.exe:*:Enabled:Soldat"
"C:\\Program Files\\Microsoft Games\\StarLancer\\lancer.icd"="C:\\Program Files\\Microsoft Games\\StarLancer\\lancer.icd:*:Enabled:StarLancer"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\Program Files\\VUGames\\Tribes Vengeance\\Program\\Bin\\TV_CD_DVD.exe"="C:\\Program Files\\VUGames\\Tribes Vengeance\\Program\\Bin\\TV_CD_DVD.exe:*:Enabled:Tribes Vengeance"
"C:\\Program Files\\ICQLite\\ICQLite.exe"="C:\\Program Files\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\\Program Files\\Continuum\\Downloads\\asss-1.4.0p1\\asss-1.4.0\\bin\\asss.exe"="C:\\Program Files\\Continuum\\Downloads\\asss-1.4.0p1\\asss-1.4.0\\bin\\asss.exe:*:Enabled:asss"
"C:\\Program Files\\GamesforFree\\Aftermath\\bin\\my_cube.exe"="C:\\Program Files\\GamesforFree\\Aftermath\\bin\\my_cube.exe:*:Enabled:my_cube"
"C:\\Program Files\\EA Games\\Battlefield 2 Demo\\Bf2_w32ded.exe"="C:\\Program Files\\EA Games\\Battlefield 2 Demo\\Bf2_w32ded.exe:*:Enabled:Bf2_w32ded"
"C:\\JANES\\Fighters Anthology\\FA.EXE"="C:\\JANES\\Fighters Anthology\\FA.EXE:*:Enabled:Fighters Anthology Win95 Executable"
"C:\\Netrek\\netrek.exe"="C:\\Netrek\\netrek.exe:*:Enabled:Netrek XP Mod (Colorized) Client"
"C:\\Program Files\\netrekxp\\netrek.exe"="C:\\Program Files\\netrekxp\\netrek.exe:*:Enabled:Netrek XP Mod (Colorized) Client"
"C:\\Program Files\\FurBot\\furbot.exe"="C:\\Program Files\\FurBot\\furbot.exe:*:Enabled:FurBot 1.70"
"C:\\Program Files\\DogProxy2\\DogProxy2.exe"="C:\\Program Files\\DogProxy2\\DogProxy2.exe:*:Enabled:DogProxy2"
"C:\\Program Files\\Red Storm Entertainment\\RavenShield\\system\\RavenShield.exe"="C:\\Program Files\\Red Storm Entertainment\\RavenShield\\system\\RavenShield.exe:*:Enabled:RavenShield"
"C:\\Downloads\\Snd-Online\\Snd-Online.exe"="C:\\Downloads\\Snd-Online\\Snd-Online.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\Downloads\\SeekAndDread\\Snd-Online\\Snd-Online.exe"="C:\\Downloads\\SeekAndDread\\Snd-Online\\Snd-Online.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\ClonkPlanet\\clonk.c4x"="C:\\ClonkPlanet\\clonk.c4x:*:Enabled:Clonk Engine"
"C:\\Program Files\\Valve\\Steam\\Steam.exe"="C:\\Program Files\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\BZFlag\\bzflag.exe"="C:\\Program Files\\BZFlag\\bzflag.exe:*:Enabled:bzflag"
"C:\\Program Files\\BZFlag\\bzfs.exe"="C:\\Program Files\\BZFlag\\bzfs.exe:*:Enabled:bzfs"
"C:\\Program Files\\BZFlag\\bzfls.exe"="C:\\Program Files\\BZFlag\\bzfls.exe:*:Enabled:bzfls"
"C:\\Program Files\\Strategy First\\New World Order\\NWO\\NWO.exe"="C:\\Program Files\\Strategy First\\New World Order\\NWO\\NWO.exe:*:Enabled:NWO"
"C:\\Program Files\\GooGrid\\GooWatcherWindow.exe"="C:\\Program Files\\GooGrid\\GooWatcherWindow.exe:*:Enabled:GooWatcherWindow"
"C:\\Program Files\\GooGrid\\GooSpeciesEditor.exe"="C:\\Program Files\\GooGrid\\GooSpeciesEditor.exe:*:Enabled:GooSpeciesEditor"
"C:\\Program Files\\Worlds\\WorldsPlayer by Worlds.com\\sfmain.exe"="C:\\Program Files\\Worlds\\WorldsPlayer by Worlds.com\\sfmain.exe:*:Enabled:Gamma Phone"
"C:\\Program Files\\Java\\j2re1.4.2_05\\bin\\javaw.exe"="C:\\Program Files\\Java\\j2re1.4.2_05\\bin\\javaw.exe:*:Enabled:javaw"
"C:\\Downloads\\NewGames2\\cs2d_0101\\CounterStrike2D.exe"="C:\\Downloads\\NewGames2\\cs2d_0101\\CounterStrike2D.exe:*:Enabled:CounterStrike2D"
"C:\\Program Files\\Go!Zilla\\gozilla.exe"="C:\\Program Files\\Go!Zilla\\gozilla.exe:*:Enabled:Go!Zilla"
"C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\mod\\MoD.exe"="C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\mod\\MoD.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\mod\\modchat.exe"="C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\mod\\modchat.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\Outgun_1.0.2_win\\outgun.exe"="C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\Outgun_1.0.2_win\\outgun.exe:*:Enabled:outgun"
"C:\\Program Files\\kChat\\KChat.exe"="C:\\Program Files\\kChat\\KChat.exe:*:Enabled:KChat"
"C:\\Program Files\\Hey, Joe!\\HeyJoe.exe"="C:\\Program Files\\Hey, Joe!\\HeyJoe.exe:*:Enabled:Hey, Joe! - Messages sending utility"
"C:\\Program Files\\Astro Battle\\jre\\bin\\javaw.exe"="C:\\Program Files\\Astro Battle\\jre\\bin\\javaw.exe:*:Enabled:javaw"
"C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\Multivaders_Release14a\\nudge_server.exe"="C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\Multivaders_Release14a\\nudge_server.exe:*:Enabled:nudge_server"
"C:\\Program Files\\StarportGE\\GEClient.exe"="C:\\Program Files\\StarportGE\\GEClient.exe:*:Enabled:GEClient"
"C:\\Downloads\\NewGames2\\Cs2dPlus\\cs2dp_00571\\cs2dp_0057\\CounterStrike2D.exe"="C:\\Downloads\\NewGames2\\Cs2dPlus\\cs2dp_00571\\cs2dp_0057\\CounterStrike2D.exe:*:Enabled:CounterStrike2D"
"C:\\Program Files\\Xfire\\Xfire.exe"="C:\\Program Files\\Xfire\\Xfire.exe:*:Enabled:Xfire"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\Yahoo! Games\\Wheel of Fortune\\Wheel of Fortune.exe"="C:\\Program Files\\Yahoo! Games\\Wheel of Fortune\\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune"
"C:\\Program Files\\BYOND\\bin\\byond.exe"="C:\\Program Files\\BYOND\\bin\\byond.exe:*:Enabled:byond"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Voodoo\\voodoo.exe"="C:\\Program Files\\Voodoo\\voodoo.exe:*:Enabled:Voodoo Chat Client"
"C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\mykroplanets\\MykroPlanets\\MykroPlanets.exe"="C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\mykroplanets\\MykroPlanets\\MykroPlanets.exe:*:Enabled:MykroPlanets"
"C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\b37\\MultiuserServer.exe"="C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\b37\\MultiuserServer.exe:*:Enabled:Shockwave Multiuser Server"
"C:\\Games\\meteor2\\meteor2_non_fblend.exe"="C:\\Games\\meteor2\\meteor2_non_fblend.exe:*:Enabled:meteor2"
"C:\\Games\\meteor2\\meteor2.exe"="C:\\Games\\meteor2\\meteor2.exe:*:Enabled:meteor2"
"C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\Mystera Legends\\Mystera Legends.exe"="C:\\Documents and Settings\\Sedrick B\\Desktop\\Go!Zilla Downloads\\Mystera Legends\\Mystera Legends.exe:*:Enabled:Mystera Legends"
"C:\\Games\\Tank Wars Online BETA\\TankWars BETA.exe"="C:\\Games\\Tank Wars Online BETA\\TankWars BETA.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\Program Files\\EA Games\\Battlefield 1942\\BF1942.exe"="C:\\Program Files\\EA Games\\Battlefield 1942\\BF1942.exe:*:Enabled:BF1942"
"C:\\LieroX v0.56b Pack 1.7\\lierox-v062b\\LieroX-v0.62b\\LieroX.exe"="C:\\LieroX v0.56b Pack 1.7\\lierox-v062b\\LieroX-v0.62b\\LieroX.exe:*:Enabled:Liero Xtreme"
"C:\\Program Files\\Furcadia\\downloads\\newdownloads\\mreowproxy_492.exe"="C:\\Program Files\\Furcadia\\downloads\\newdownloads\\mreowproxy_492.exe:*:Enabled:mreowproxy_492"
"C:\\Program Files\\Furcadia\\downloads\\newdownloads\\mreowproxy_496.exe"="C:\\Program Files\\Furcadia\\downloads\\newdownloads\\mreowproxy_496.exe:*:Enabled:mreowproxy_496"
"C:\\Program Files\\SSI\\Silent Hunter II\\Shell\\SH2.exe"="C:\\Program Files\\SSI\\Silent Hunter II\\Shell\\SH2.exe:*:Enabled:SH2"
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD"="C:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD:*:Enabled:Age of Empires II Expansion"
"C:\\Program Files\\Furcadia\\downloads\\newdownloads\\Stickgame.exe"="C:\\Program Files\\Furcadia\\downloads\\newdownloads\\Stickgame.exe:*:Enabled:Stickgame"
"C:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe"="C:\\Program Files\\Microsoft Games\\Rise of Nations\\thrones.exe:*:Enabled:Rise of Nations"
"C:\\Program Files\\Ubisoft\\SilentHunterIII\\sh3.exe"="C:\\Program Files\\Ubisoft\\SilentHunterIII\\sh3.exe:*:Enabled:Silent Hunter III"
"C:\\NewCS2d\\cs2d_0101\\cs2d_0101\\CounterStrike2D.exe"="C:\\NewCS2d\\cs2d_0101\\cs2d_0101\\CounterStrike2D.exe:*:Enabled:CounterStrike2D"
"C:\\NewCS2d\\cs2dp_00571\\cs2dp_0057\\CounterStrike2D.exe"="C:\\NewCS2d\\cs2dp_00571\\cs2dp_0057\\CounterStrike2D.exe:*:Enabled:CounterStrike2D"
"C:\\NewCS2d\\pirates\\pol_5a\\pol_5a\\Pokemon Online.exe"="C:\\NewCS2d\\pirates\\pol_5a\\pol_5a\\Pokemon Online.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\NewCS2d\\glob2-0.8.21_win32\\glob2-0.8.21_win32\\glob2.exe"="C:\\NewCS2d\\glob2-0.8.21_win32\\glob2-0.8.21_win32\\glob2.exe:*:Enabled:glob2"
"C:\\Program Files\\BYOND\\bin\\dreamdaemon.exe"="C:\\Program Files\\BYOND\\bin\\dreamdaemon.exe:*:Enabled:dreamdaemon"
"C:\\NewCS2d\\ZP2K5\\zp2k5\\ZP2K5.exe"="C:\\NewCS2d\\ZP2K5\\zp2k5\\ZP2K5.exe:*:Enabled:ZP2K5"
"C:\\NewCS2d\\pol_5a\\Pokemon Online.exe"="C:\\NewCS2d\\pol_5a\\Pokemon Online.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\Program Files\\RndLabs\\BaboViolent 2\\BaboViolent2.exe"="C:\\Program Files\\RndLabs\\BaboViolent 2\\BaboViolent2.exe:*:Enabled:BaboViolent2"
"C:\\WinBolo\\WinBolo.exe"="C:\\WinBolo\\WinBolo.exe:*:Enabled:WinBolo"
"E:\\FireflyStudios\\Stronghold2\\Stronghold2.exe"="E:\\FireflyStudios\\Stronghold2\\Stronghold2.exe:*:Enabled:Stronghold 2"
"F:\\FireflyStudios\\Stronghold2\\Stronghold2.exe"="F:\\FireflyStudios\\Stronghold2\\Stronghold2.exe:*:Enabled:Stronghold2"
"F:\\Firefly Studios\\Stronghold 2\\Stronghold2.exe"="F:\\Firefly Studios\\Stronghold 2\\Stronghold2.exe:*:Enabled:Stronghold 2"
"C:\\Downloads\\2k7downloads\\StickOnline\\StickOnline.exe"="C:\\Downloads\\2k7downloads\\StickOnline\\StickOnline.exe:*:Enabled:StickOnline"
"C:\\Downloads\\2k7downloads\\TopdownOnline19\\TopdownOnline19\\TopdownServer.exe"="C:\\Downloads\\2k7downloads\\TopdownOnline19\\TopdownOnline19\\TopdownServer.exe:*:Enabled:TopdownServer"
"C:\\Downloads\\2k7downloads\\TopdownOnline19\\TopdownOnline19\\TopdownOnline.exe"="C:\\Downloads\\2k7downloads\\TopdownOnline19\\TopdownOnline19\\TopdownOnline.exe:*:Enabled:TopdownOnline"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Downloads\\2k7downloads\\pol_6\\pol_6.2\\Pokemon Online.exe"="C:\\Downloads\\2k7downloads\\pol_6\\pol_6.2\\Pokemon Online.exe:*:Enabled:Multimedia Fusion Stand Alone Application"
"C:\\Program Files\\Teamspeak2_RC2\\TeamSpeak.exe"="C:\\Program Files\\Teamspeak2_RC2\\TeamSpeak.exe:*:Enabled:Teamspeak RC2"
"C:\\Program Files\\Red Storm Entertainment\\RavenShield\\system\\UCC.exe"="C:\\Program Files\\Red Storm Entertainment\\RavenShield\\system\\UCC.exe:*:Enabled:UCC"
"C:\\Program Files\\BYOND4\\bin\\byond.exe"="C:\\Program Files\\BYOND4\\bin\\byond.exe:*:Enabled:byond"
"C:\\Program Files\\Giants\\Giants.exe"="C:\\Program Files\\Giants\\Giants.exe:*:Enabled:Giants"
"F:\\TribesVengeance\\Program\\Bin\\TV_CD_DVD.exe"="F:\\TribesVengeance\\Program\\Bin\\TV_CD_DVD.exe:*:Enabled:TV_CD_DVD"
"F:\\Program Files\\Scorched3D\\scorched.exe"="F:\\Program Files\\Scorched3D\\scorched.exe:*:Enabled:scorched"
"F:\\Program Files\\Dobermann\\Halo Zero\\halozero.exe"="F:\\Program Files\\Dobermann\\Halo Zero\\halozero.exe:*:Enabled:Halo Zero "
"C:\\Program Files\\Kuma Games\\KumaClientNet.exe"="C:\\Program Files\\Kuma Games\\KumaClientNet.exe:*:Enabled:KumaClient"
"F:\\Downloads\\Final Fighter\\FinalFighter\\FinalFighter.exe"="F:\\Downloads\\Final Fighter\\FinalFighter\\FinalFighter.exe:*:Enabled:FinalFighter"
"C:\\WINDOWS\\system32\\javaw.exe"="C:\\WINDOWS\\system32\\javaw.exe:*:Enabled:javaw"
"F:\\AOE2\\Age2_X1\\AGE2_X1.ICD"="F:\\AOE2\\Age2_X1\\AGE2_X1.ICD:*:Enabled:Age of Empires II Expansion"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Sedrick B\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SEDRICK
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Sedrick B
LANG=C
LOGONSERVER=\\SEDRICK
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\GTK\2.0\bin;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Common Files\Autodesk Shared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 8, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0408
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\SEDRIC~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\SEDRIC~1\LOCALS~1\Temp
USERDOMAIN=SEDRICK
USERNAME=Sedrick B
USERPROFILE=C:\Documents and Settings\Sedrick B
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Sedrick B (admin)
Mom


-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
"Glest v1.0.9" --> "C:\Program Files\Glest_v1.0.9\unins000.exe"
7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
a-squared Free 3.1 --> "C:\Program Files\a-squared Free\unins000.exe"
Abashera Revamped --> MsiExec.exe /I{A3EC00E2-71F8-11D7-B1B5-0010A70489ED}
Absolute Mastermind v1.4 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Absolute Mastermind\irunin.ini"
Action Replay Code Manager --> "C:\Program Files\Datel\Action Replay Code Manager\unins000.exe"
Active Worlds --> C:\ACTIVE~1\UNWISE.EXE C:\ACTIVE~1\INSTALL.LOG
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Help Center 2.1 --> MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop CS2 Ebay! --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Photoshop Elements 5.0 --> msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Aftermath --> C:\Program Files\GamesforFree\Aftermath\Uninstal.exe
AGEIA PhysX v2.4.4 --> "C:\Program Files\AGEIA Technologies\uninstall.exe"
Agere Systems AC'97 Modem --> agrsmdel
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
Alarm 2.0.0 --> "C:\Program Files\Alarm\unins000.exe"
Albatross18 (OGPlanet) --> C:\Program Files\OGPlanet\Albatross18\uninstall.exe
AmazingMIDI --> C:\PROGRA~1\AMAZIN~1\UNWISE.EXE C:\PROGRA~1\AMAZIN~1\INSTALL.LOG
AMCap --> C:\Program Files\NoŽl Danjou\AMCap2\uninst.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOL Toolbar --> "C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG"
AOL You've Got Pictures Screensaver --> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
ARC --> C:\PROGRA~1\ARC\UNWISE.EXE C:\PROGRA~1\ARC\Install.log
Ashen Empires --> MsiExec.exe /I{54A9D576-D28A-45DC-BD43-5940AA548251}
aspi --> MsiExec.exe /I{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}
Athlon 64 Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
AutoSketch Release 9 --> MsiExec.exe /I{DB639F99-ED74-49D4-8FFD-5B8C34C00D64}
Avatar Sizer --> MsiExec.exe /X{110DEFF6-1BC3-4C3C-8A9D-F482EA6BA70F}
BaboViolent 2.02 --> "C:\Program Files\RndLabs\BaboViolent 2\unins000.exe"
BattleCity 1.0 --> C:\Program Files\BattleCity\uninst.exe
Battlefield 1942 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\setup.exe" -l0x9
blood cells --> C:\Program Files\blood cells\Uninstall.exe
Bridge Builder --> C:\Program Files\Bridge Builder\uninstall.exe
Bridge Construction Set Demo --> "C:\Program Files\Bridge Construction Set Demo\uninstall.exe"
Buddy Icon Maker 1.0.0.1 --> C:\PROGRA~1\BUDDYI~1\UNWISE.EXE C:\PROGRA~1\BUDDYI~1\INSTALL.LOG
Build Your Own Net Dream (remove only) --> C:\Program Files\BYOND4\Uninst.exe
Build Your Own Net Dream (remove only) --> C:\Program Files\BYOND4\Uninst.exe
bzflag --> C:\Program Files\BZFlag\bzfuinst.exe C:\Program Files\BZFlag
Caliber Fifty --> "C:\Program Files\Caliber Fifty\unins000.exe"
Castlevania & Contra --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6818E2F8-132B-4A68-94EA-CDC8B8132CD4}\setup.exe" -l0x9
ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
CCHelp --> MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Celtic Kings --> C:\PROGRA~1\STRATE~1\CELTIC~1\UNWISE.EXE C:\PROGRA~1\STRATE~1\CELTIC~1\INSTALL.LOG
Chicken Fighters 2002 --> MsiExec.exe /I{01B79ABD-4B0A-4AF2-8DF0-A8EE7C69BA29}
CHUCK_Nerd_Herd Screen Saver --> C:\WINDOWS\system32\CHUCK_Nerd_Herd.scr /u
Classic PuffBOMB (remove only) --> "C:\Program Files\Classic PuffBOMB\Uninstall.exe"
Clonk Planet --> C:\WINDOWS\system32\GKSUI18.EXE C:\ClonkPlanet\Uninstall9CB8.DAT
Continuum 0.40 --> "C:\Program Files\Continuum\unins000.exe"
Cortex Command Test Build 18 --> C:\Games\Transfusion\unins000.exe
Crimsonland --> "C:\Program Files\Crimsonland\unins000.exe"
CyberLoad --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{896EDBD4-025A-4651-BE81-BC510FF902AB}\Setup.exe"
CyPet 2.02 --> "C:\Program Files\CyPet\unins000.exe"
Daimonin Client BETA3-0.966 --> "C:\Program Files\daimonin\client\unins000.exe"
DesertCombat 0.7 --> C:\WINDOWS\iun6002.exe "C:\Program Files\EA GAMES\Battlefield 1942\DesertCombat.ini"
Destruct-O-Match II Screen Saver --> sstunst2.exe Destruct-O-Match II
DogProxy II --> C:\PROGRA~1\DOGPRO~1\UNWISE.EXE C:\PROGRA~1\DOGPRO~1\INSTALL.LOG
DogProxy II Update --> C:\PROGRA~1\DOGPRO~1\UNWISE.EXE C:\PROGRA~1\DOGPRO~1\INSTALL.LOG
dotsoul --> C:\PROGRA~1\dotsoul\UNWISE.EXE C:\PROGRA~1\dotsoul\INSTALL.LOG
DX-Ball 1.09 --> C:\PROGRA~1\DX-Ball\UNWISE.EXE C:\PROGRA~1\DX-Ball\INSTALL.LOG
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
Electronic Arts Game Updater --> C:\WINDOWS\IsUninst.exe -f"c:\Program Files\EACom\Update\Uninst.isu"
Emperor's Mahjong for Windows --> C:\WINDOWS\unvise32.exe C:\Program Files\Game On\Mahjong Windows\uninstal.log
Endless Online 0.24 --> C:\Program Files\EndlessOnline\SXUNINST.EXE
Endless Online 0.27 b --> C:\Program Files\EndlessOnline\Uninstall.exe
ESSAdpt --> MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP --> MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCAM --> MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSTUTOR --> MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
Father Version 0.46 --> "C:\Program Files\Father Version 0.46\unins000.exe"
Field of Strategy 1.3.4 --> "C:\Program Files\FieldOfStrategy\unins000.exe"
Fighters Anthology --> C:\WINDOWS\system32\EAREMOVE.EXE C:\WINDOWS\system32\EA1.UIL
Food Wars --> MsiExec.exe /I{5F0E41FE-4AA4-421F-9512-8977A2F4D283}
Friendly-Strike2 --> C:\Friendly-Strike2\Uninstal.exe
FSAutoStart --> MsiExec.exe /I{666E0B91-3FD3-43B7-B6A2-EB9012758982}
FTDI USB Serial Converter Drivers --> C:\WINDOWS\system32\ftdiunin.exe C:\WINDOWS\system32\ftdiun2k.ini
FurBot --> C:\PROGRA~1\FurBot\UNWISE.EXE C:\PROGRA~1\FurBot\INSTALL.LOG
Furcadia --> "C:\Program Files\Furcadia\_uninst.exe"
Gaia Interface for Yahoo! IM Client --> "C:\Program Files\Yahoo!\Messenger\Yview\unins000.exe"
GameArena The Arena --> "C:\Program Files\GameArena\The Arena\UNINSTALL.EXE"
GameShadow --> MsiExec.exe /I{D98C9637-93DA-44DB-B73A-B11A1192AB26}
Giants --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97370293-96EC-11D4-9DEF-00104B70C5FB}\setup.exe"
Global Warfare --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Global Warfare\ST6UNST.LOG"
Goblin Garden version 2.0 --> "C:\Program Files\Goblin Garden\unins000.exe"
Google Web Accelerator --> MsiExec.exe /X{FF2D46CF-122C-47D8-9846-037C59E7144D}
GooGrid v.2.1 --> C:\Program Files\GooGrid\uninstall.exe
GTK+ 2.8.18-1 runtime environment --> "C:\Program Files\Common Files\GTK\2.0\unins000.exe"
Guinness_Bread Screen Saver --> C:\WINDOWS\Guinness_Bread.scr /u
Harem Games --> MsiExec.exe /I{312C3AF0-5CC1-459A-B16B-E38B6937140D}
Hell Fighter 32 --> C:\WINDOWS\unvise32.exe c:\oldhf\HellFighterold\uninstal.log
Hey, Joe! --> "C:\Program Files\Hey, Joe!\uninstall.exe"
HighVelocity Paintball 1.1 --> "C:\Program Files\HighVelocity Paintball\unins000.exe"
HijackThis 2.0.2 --> "C:\Hijackthis\HijackThis.exe" /uninstall
HLPCCTR --> MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}
HLPIndex --> MsiExec.exe /I{78F79C84-BFD5-4D79-A07D-F39A3CF428DC}
HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HP Help and Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.2 --> C:\Program Files\HP\Digital Imaging\{5E1494D4-3562-4FFB-B35C-600F80F6934C}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Software Update --> MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HPIZ402 --> MsiExec.exe /X{8D9768AE-DE42-4A04-A461-2361A58C384D}
I/OMagic DataBank --> C:\PROGRA~1\IOMagic\DataBank\UNWISE.EXE C:\PROGRA~1\IOMagic\DataBank\INSTALL.LOG
ICatch (VI) PC Camera --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F48C6EA5-3B43-11D6-86A6-0050BA0259A2}\setup.exe"
ICQ 5.1 --> C:\Program Files\ICQLite\ICQLiteUninstall.EXE
iDraw3.32 Chara Maker --> C:\WINDOWS\UnGins.exe "C:\Program Files\ASCII\TOOLS\iDraw\install.log"
Illutia --> "C:\Program Files\Illutia\uninstall.exe"
IMVU Avatar Chat Software --> F:\Program Files\IMVU\Uninstall.exe
Infinity-Zone --> C:\WINDOWS\iun6002ev.exe "C:\Program Files\Infinity-Zone\irunin.ini"
Insaniquarium Deluxe 1.0 --> C:\Program Files\PopCap Games\Insaniquarium Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Insaniquarium Deluxe\Install.log"
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
InterChat3 --> C:\PROGRA~1\ConWare\INTERC~1\UNWISE.EXE C:\PROGRA~1\ConWare\INTERC~1\INSTALL.LOG
Internet Worm Protection --> MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
iriver Music Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{072D2077-9E22-4F7F-B817-A92CA6CCC843}\Setup.exe" -l0x9 anything
iRiver Updater --> C:\Program Files\BattleCity\uninst.exe
iTunes --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{00FC6799-866E-44A1-A60C-DCF394CF56FD}
Jasc Paint Shop Pro 8 --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java 2 Runtime Environment, SE v1.4.2_05 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Jetz Rampage 4 Gold --> "C:\Program Files\S64Games\Jetz Rampage 4 Gold\unins000.exe"
Kar-nage --> C:\DOWNLOADS\KARNAGE\Uninstal.exe
kChat --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\kChat\ST6UNST.LOG"
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_0_a4804\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Lands of Hope - Required Files 1 --> c:\fh2\c\LohFiles.exe /remove /q0
Lands of Hope 2.5 --> c:\fh2\Setup.exe /remove /q0
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Lens --> C:\Program Files\Lens\uninstall.exe
Little Fighter 2 1.9c --> C:\Program Files\LittleFighter2\LF2_v1.9c\uninst.exe
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Magebane2 --> "C:\Program Files\Magebane2\Uninstall.exe" "C:\Program Files\Magebane2\install.log"
Majesty --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEAF3507-FCB3-11D2-850C-00C0F01410B1}\setup.exe" -uninst
Majesty - The Northern Expansion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8B743FD-0C42-441E-8C22-70435C53C60B}\setup.exe"
Maniac Mansion Deluxe --> C:\Program Files\LucasFan Games\MMD\Uninstal.exe
Mario Soccer Demo #7 --> C:\Program Files\Mario Soccer Demo #7\Uninstal.exe
Master of Orion 3 --> C:\PROGRA~1\MASTER~1\UNWISE.EXE C:\PROGRA~1\MASTER~1\INSTALL.LOG
Metal Knights 98 --> C:\Program Files\Metal Knights\UnInstall
Meteor 2 --> c:\games\meteor2\Uninstal.exe
Meteor 2 Manager v1.01 --> C:\GAMES\METEOR2\manager\Uninstal.exe
Meteor 2 v1.21 Patch --> c:\games\meteor2\Uninstall_1.21_Patch.exe
Microsoft Age of Empires II --> C:\Downloads\2k7downloads\new\2829-lostcastle\Castle\Uninstal.exe /runtemp /uninstall
Microsoft AntiSpyware --> MsiExec.exe /I{536F7C74-844B-4683-B0C5-EA39E19A6FE3}
Microsoft Encarta 97 Encyclopedia --> C:\WINDOWS\unenc97.exe
Microsoft Links LS 2000 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Microsoft Games\Links LS 2000\Uninst.isu"
Microsoft Money 2005 --> C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{40280409-6000-11D3-8CFE-0050048383C9}
Microsoft Rise Of Nations --> "C:\Program Files\Microsoft Games\Rise of Nations\UNINSTAL.EXE" /runtemp /addremove
Microsoft Streets and Trips 2005 --> MsiExec.exe /I{67E4EE98-59F4-4210-89A6-A20AF5BEC689}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSa22.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mini Golf Gold --> "C:\Program Files\Mini Golf Gold\unins000.exe"
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSRedist --> MsiExec.exe /I{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}
MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
muvee autoProducer 3.5 - SE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37E31FCE-A048-4D8C-B167-31891BCF6585}\setup.exe" -l0x9
Neko - The Virtual Pet --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Neko - The Virtual Pet\ST6UNST.LOG"
Netrek 4.4.0.3 --> C:\Netrek\Uninstal.exe
Netrek XP Mod --> C:\Program Files\netrekxp\UnInstall_17828.exe
Network Play System (Patching) --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
NiM-2 --> c:\Program Files\ZP\NiM2\Uninstal.exe
NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
Norton AntiVirus 2005 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton SystemWorks --> MsiExec.exe /I{9E23C48E-5483-4971-BA50-089F2FABCD66}
Norton SystemWorks 2005 (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\SymSetup\{71E7B3F5-CFAF-4C1E-B494-528E28707937}.exe /X
Norton Utilities --> MsiExec.exe /I{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}
Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
Note-It --> MsiExec.exe /I{AD6F339C-A773-4BE6-A3FE-C8E17CCF7A9D}
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
NSW_DRM_COLLECTION --> MsiExec.exe /I{900B1884-2D6F-4a70-A3C7-C3F4DA873FDB}
OfficePoetry --> c:\Program Files\Office.com\OfficePoetry\uninstall.exe
OpenAL --> "C:\Program Files\OpenAL\oalinst.exe" /U
Opera --> C:\PROGRA~1\Opera\uninst\unwise.exe C:\PROGRA~1\Opera\uninst\install.log
OTOY --> RunDll32 C:\WINDOWS\DOWNLO~1\OTOYAX.dll,_RemoveGroove@16
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
PC SlotCarz --> C:\PROGRA~1\PCSLOT~1\UNWISE.EXE C:\PROGRA~1\PCSLOT~1\INSTALL.LOG
PCDLNCH --> MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
PCI 1620 Cardbus Controller and Software --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{97355297-21C8-40CD-96D3-48E58037A9B8} /l1033
PhotoFiltre --> "C:\Program Files\PhotoFiltre\Uninst.exe"
Pirates Of The Caribbean --> "C:\Program Files\Pirates Of The Caribbean\Pirates Of The Caribbean.exe" -u
Pivot Stickfigure Animator --> MsiExec.exe /I{BEAD39CD-901D-4267-8B8B-EAA83CB4B70D}
Plane of Goofiness --> "C:\Program Files\Plane of Goofiness\Uninstall.exe" "C:\Program Files\Plane of Goofiness\install.log"
Pogo Sticker --> C:\Program Files\PogoSticker\uninstall.exe
Pokemon: Den of Ages --> C:\Program Files\Pokemon - Den of Ages\Uninstal.exe
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PrintMaster Platinum 17 --> MsiExec.exe /I{01DAB7E2-DEC5-4FBD-893E-612FA6758A4D}
Puzzle Pirates --> C:\Program Files\Three Rings Design\Puzzle Pirates\Uninstall-yohoho.exe
Quick Launch Buttons 5.00 C1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninst
Quick Trax Music Station Pro Deluxe v 1.2.24 --> "C:\Program Files\Quick Trax MSPro Deluxe\unins000.exe"
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Raplid Aerial Deployment v1.1a --> "C:\Program Files\Rapid Aerial Deployment\unins000.exe"
ReadPlease 2003/ReadPlease PLUS 2003 --> "C:\Program Files\ReadPlease 2003\unins000.exe"
Realms of Magic --> MsiExec.exe /X{6EA41A86-7C9C-4DDC-BAD6-6C276C7D8661}
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
RecordPad Sound Recorder Uninstall --> C:\Program Files\NCH Swift Sound\RecordPad\uninst.exe
Ricochet Lost Worlds: Recharged --> "C:\Program Files\Ricochet Lost Worlds Recharged\unins000.exe"
Rise of Nations Thrones and Patriots --> "C:\Program Files\Microsoft Games\Rise of Nations\UNINSTLX.EXE" /runtemp /uninstall
RPGToolkit, Version 3.0.6 --> C:\Program Files\Toolkit3\uninstall.exe
SanoLogic gr44 Animator --> C:\PROGRA~1\gr44\UNWISE.EXE C:\PROGRA~1\gr44\INSTALL.LOG
sCARface "Raging Racing" --> C:\RagingRacing\unins000.exe
Scorched3D --> MsiExec.exe /I{F5B111B3-E3B3-4898-AA81-A2582932151C}
ScummVM 0.10.0 --> C:\Games\Transfusion\unins000.exe
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
SereneScreen Marine Aquarium 2 --> "C:\Program Files\SereneScreen\Marine Aquarium 2\unins000.exe"
SFR --> MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2 --> MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
Shizmoo Web Games (Uproar) --> C:\Program Files\shizmoo\uproar_webgames\uninstall.exe
Sid Meier's Pirates! --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{1632FD86-1BA4-4FC4-8B25-A8C655D63F68} /l1033
Silent Hunter III --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}
Simple Sudoku 4.1 --> "C:\Program Files\Simple Sudoku\unins000.exe"
SimSheep2 --> C:\insane arts'\SimSheep2\Uninstal.exe
SkeeBall --> "C:\Program Files\SkeeBall\Uninstall SkeeBall.exe"
SnagIt 7 --> C:\Program Files\TechSmith\SnagIt 7\SIUNINST.EXE
Soldat 1.2.1 --> C:\Soldat121\unins000.exe
Soldat 1.3 --> C:\Soldat121\unins002.exe
Soldat 1.3.1 --> C:\Soldat121\unins003.exe
Soldat Map Maker 1.2 --> C:\Soldat121\unins001.exe
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
SouthPark Mario Bros 2 - Last Edition --> C:\WINDOWS\iun6002.exe "c:\spm2\irunin.ini"
SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spybot - Search & Destroy 1.2 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Starcraft --> C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
Starport GE v1.0 --> "C:\Program Files\StarportGE\unins000.exe"
Stellar Frontier --> "C:\Program Files\Drengin.net\Stellar Frontier\uninstall.exe" "C:\Program Files\Drengin.net\Stellar Frontier"
Stitch --> "C:\Program Files\Stitch\Stitch.exe" -u
Stronghold --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}\setup.exe" -l0x9
Stronghold 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe" -l0x9 -removeonly
Stronghold Crusader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe" -l0x9
Switch Uninstall --> C:\Program Files\NCH Swift Sound\Switch\uninst.exe
Symantec Script Blocking Installer --> MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
SymNet --> MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
TammyGotcha --> C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\TammyGotcha\ST5UNST.LOG"
Tank Wars Online BETA --> C:\Games\Tank Wars Online BETA\Tank Wars BETA Uninstal.exe
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
The Cow Cult Screen Saver --> C:\WINDOWS\The Cow Cult.scr /u
The Demon's Mantra II --> MsiExec.exe /I{6BDBDF9C-2B5D-4B34-B44A-11F6A02A1D91}
The GIMP 2.2.12 --> "C:\Program Files\GIMP-2.0\unins000.exe"
The lost Castle --> C:\Downloads\2k7downloads\new\2829-lostcastle\Castle\Uninstal.exe
The Sims --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Maxis\The Sims\Uninst.isu"
The Universal 0.47.9 --> "C:\Program Files\TheUniversal\unins000.exe"
The Ur-Quan Masters 0.5.0 --> C:\Program Files\The Ur-Quan Masters\uninst.exe
Tibia 7.92 --> "C:\Program Files\Tibia\unins000.exe"
Tibia Map Viewer --> "C:\Program Files\Tibia Map Viewer\uninstall.exe"
Tom Clancy's Rainbow Six 3: Raven Shield --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AF131494-F5D8-45C5-938C-D5F020CF1B0D}\setup.exe" -l0x9
Transfusion --> C:\Games\Transfusion\unins000.exe
Tribes Vengeance --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{BBF51613-ACF3-4B1C-86E8-AD15BB431037}
TRIUMPH! WAR2099 v 2.3 --> C:\DarksunGames\WAR2099v23\Uninstal_2099.exe
Ulead PhotoImpact 5 --> C:\WINDOWS\ISUninst.exe -f"C:\Program Files\Ulead Systems\Ulead PhotoImpact 5\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead PhotoImpact 5\IS32Inst.dll"
Uniball 2.2.1 --> "C:\Program Files\Uniball\unins000.exe"
VCAMCEN --> MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VM WEBCAM GAMES --> C:\Program Files\VMWEBCAMGAMES\Uninstal.exe
Voodoo Chat --> C:\PROGRA~1\Voodoo\UNWISE.EXE C:\PROGRA~1\Voodoo\INSTALL.LOG
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
WavePad Uninstall --> C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Wazzal --> "C:\Program Files\Wazzal\Uninstall.exe" "C:\Program Files\Wazzal\install.log"
Wheel of Fortune (remove only) --> "C:\Program Files\Yahoo! Games\Wheel of Fortune\Uninstall.exe"
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
WinBolo --> c:\WinBolo\uninstall.exe
Wings Of Fury --> "C:\Program Files\Wings Of Fury\uninstall.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Word Mojo Deluxe --> C:\PROGRA~1\ZONE~1.COM\WORDMO~1\UNWISE.EXE C:\PROGRA~1\ZONE~1.COM\WORDMO~1\INSTALL.LOG
Worms Armageddon --> C:\WINDOWS\IsUninst.exe -f"c:\MicroProse\Worms Armageddon\Uninst.isu"
Xconq --> C:\Program Files\Xconq\uninst-xconq.exe
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"
XoftSpySE --> C:\Program Files\XoftSpySE\uninstall.exe
Yahoo! Anti-Spy --> C:\PROGRA~1\Yahoo!\Common\unypsr.exe
Yahoo! extras --> C:\Program Files\Yahoo!\Common\unycust.exe /S
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\WINDOWS\cache\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Messenger Explorer Bar --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\MESSEN~1\YHEXBM~1.DLL
Yahoo! Toolbar --> rundll32.exe C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YCOMP5~1.DLL,DllCommand ui
zMUD v7.05a --> C:\zMUD\UNWISE.EXE C:\zMUD\INSTALL.LOG
Zone Deluxe Games --> MsiExec.exe /I{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}
Zzzbla's Flasher 2.0 DX --> C:\Program Files\Zzzblaware\Zzzbla's Flasher\uninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type256 / Error
Event Submitted/Written: 04/09/2008 03:52:18 PM
Event ID/Source: 0 / LicCtrlService
Event Description:
LicCtrlService error: 6SetServiceStatus Failed

Event Record #/Type255 / Error
Event Submitted/Written: 04/09/2008 03:52:18 PM
Event ID/Source: 0 / LicCtrlService
Event Description:
LicCtrlService error: 6SetServiceStatus Failed

Event Record #/Type234 / Error
Event Submitted/Written: 04/08/2008 09:04:15 PM
Event ID/Source: 0 / LicCtrlService
Event Description:
LicCtrlService error: 6SetServiceStatus Failed

Event Record #/Type233 / Error
Event Submitted/Written: 04/08/2008 09:04:15 PM
Event ID/Source: 0 / LicCtrlService
Event Description:
LicCtrlService error: 6SetServiceStatus Failed

Event Record #/Type211 / Error
Event Submitted/Written: 04/08/2008 06:41:18 PM
Event ID/Source: 0 / LicCtrlService
Event Description:
LicCtrlService error: 6SetServiceStatus Failed



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type68388 / Warning
Event Submitted/Written: 04/09/2008 07:06:32 PM
Event ID/Source: 20 / Print
Event Description:
Printer Driver Canon i860 for Windows NT x86 Version-3 was added or updated. Files:- CNMDR56.DLL, CNMUI56.DLL, CNMCP56.DLL, CNMMH56.HLP, CNMD556.DLL, CNMUR56.DLL, CNMSR56.DLL, CNMIN56.INI, CNMPI56.DLL, CNMSM56.EXE, CNMSS56.SMR, CNMSD56.EXE, CNMSQ56.EXE, CNMSH56.HLP, CNMSH56.CNT, CNMUB56.DLL, CNMOP56.DLL, CNMSB56.DLL, CNMMH56.CNT, CNB_1860.TBL, CNMP056.DAT, CNMP156.DAT, CNMP256.DAT, CNMFU56.DLL, CNMPV56.EXE, CNMPH56.HLP, CNMPH56.CNT.

Event Record #/Type68371 / Warning
Event Submitted/Written: 04/09/2008 05:01:02 PM
Event ID/Source: 20 / Print
Event Description:
Printer Driver Canon i860 for Windows NT x86 Version-3 was added or updated. Files:- CNMDR56.DLL, CNMUI56.DLL, CNMCP56.DLL, CNMMH56.HLP, CNMD556.DLL, CNMUR56.DLL, CNMSR56.DLL, CNMIN56.INI, CNMPI56.DLL, CNMSM56.EXE, CNMSS56.SMR, CNMSD56.EXE, CNMSQ56.EXE, CNMSH56.HLP, CNMSH56.CNT, CNMUB56.DLL, CNMOP56.DLL, CNMSB56.DLL, CNMMH56.CNT, CNB_1860.TBL, CNMP056.DAT, CNMP156.DAT, CNMP256.DAT, CNMFU56.DLL, CNMPV56.EXE, CNMPH56.HLP, CNMPH56.CNT.

Event Record #/Type68344 / Error
Event Submitted/Written: 04/09/2008 03:52:53 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The LicCtrl Service service terminated with the following error:
%%1064

Event Record #/Type68343 / Error
Event Submitted/Written: 04/09/2008 03:52:53 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Adobe Active File Monitor V5 service failed to start due to the following error:
%%3

Event Record #/Type68310 / Error
Event Submitted/Written: 04/08/2008 09:05:02 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The LicCtrl Service service terminated with the following error:
%%1064



-- End of Deckard's System Scanner: finished at 2008-04-09 19:14:30 ------------

BC AdBot (Login to Remove)

 


#2 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:10 AM

Posted 18 April 2008 - 02:27 AM

Hello JJameison and welcome to BleepingComputer,

1. * Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Under Browsing History, click Delete.
  • Click Delete Files, Delete cookies and Delete history
  • Click Close below.
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu..
  • Click the Clear now button below.. A new window will popup what to clear.
  • Select all and click the Clear button again.
  • Click OK to close the Options window
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
2. Please download Malwarebytes' Anti-Malware from Here or Here

Doubleclick mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

3. Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you .

In the event you already have Combofix, delete your current version and download the latest version as described in the tutorial.
It must be saved directly to your desktop.


Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :thumbsup:

If you have any questions along the way, STOP and ask them before proceeding !!

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users