Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wireless Not Happy Comp Slowing Down


  • This topic is locked This topic is locked
2 replies to this topic

#1 Barky

Barky

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:44 AM

Posted 23 April 2008 - 04:29 PM

Deckard's System Scanner v20071014.68
Run by Just Me on 2008-04-23 17:16:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-04-23 21:16:37 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Just Me.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:17:53 PM, on 4/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
d:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
d:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Just Me\Desktop\dss.exe
C:\DOCUME~1\JUSTME~1\Desktop\Just Me.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] d:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBetcom\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBetcom\UltimateBet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207787182390
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207790229718
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A182093-32B2-4E24-ADB3-0A115D86FAFA}: NameServer = 68.237.161.12,71.243.0.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{89E0DB13-CAF8-48F0-ADC2-0C08DA7998D0}: NameServer = 68.237.161.12,71.243.0.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4309F62-BD15-435F-8ED0-36A5F7637259}: NameServer = 68.237.161.12,71.243.0.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A182093-32B2-4E24-ADB3-0A115D86FAFA}: NameServer = 68.237.161.12,71.243.0.12
O17 - HKLM\System\CS2\Services\Tcpip\..\{6A182093-32B2-4E24-ADB3-0A115D86FAFA}: NameServer = 68.237.161.12,71.243.0.12
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - d:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8036 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 BDSelfPr - c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys <Not Verified; BitDefender S.R.L.; BitDefender>
R3 RT73 (Belkin USB Network Adapter) - c:\windows\system32\drivers\rt73.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>

S3 btaudio (Bluetooth Audio Device) - c:\windows\system32\drivers\btaudio.sys (file missing)
S3 BTDriver (Bluetooth Virtual Communications Driver) - c:\windows\system32\drivers\btport.sys (file missing)
S3 BTWDNDIS (Bluetooth LAN Access Server) - c:\windows\system32\drivers\btwdndis.sys (file missing)
S3 btwhid - c:\windows\system32\drivers\btwhid.sys (file missing)
S3 btwmodem (Bluetooth Modem) - c:\windows\system32\drivers\btwmodem.sys (file missing)
S3 BTWUSB (WIDCOMM USB Bluetooth Driver) - c:\windows\system32\drivers\btwusb.sys (file missing)
S3 NSNDIS5 (NSNDIS5 NDIS Protocol Driver) - c:\windows\system32\nsndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); NetStumbler>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Belkin Wireless USB Network Adapter Service (Belkin Wireless USB Network Adapter) - d:\program files\belkin\belkin wireless network utility\wlservice.exe
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce MCP Networking Controller
Device ID: PCI\VEN_10DE&DEV_0066&SUBSYS_570C1462&REV_A1\3&13C0B0C5&0&20
Manufacturer: Nvidia
Name: NVIDIA nForce MCP Networking Controller
PNP Device ID: PCI\VEN_10DE&DEV_0066&SUBSYS_570C1462&REV_A1\3&13C0B0C5&0&20
Service: NVENET


-- Scheduled Tasks -------------------------------------------------------------

2008-04-23 16:09:17 300 --a------ C:\WINDOWS\Tasks\April1208Quick.job
2008-04-22 16:01:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-03-23 and 2008-04-23 -----------------------------

2008-04-21 22:33:49 0 d-------- C:\Program Files\Lavasoft
2008-04-21 22:33:35 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-20 02:07:41 40960 --a------ C:\WINDOWS\system32\B11gUSB.dll
2008-04-20 02:07:40 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2008-04-20 02:07:40 15872 --a------ C:\WINDOWS\system32\GTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-04-20 00:22:28 0 d-------- C:\Program Files\Apple Software Update
2008-04-20 00:04:21 0 d-------- C:\Documents and Settings\Just Me\Application Data\Apple Computer
2008-04-20 00:03:33 0 d-------- C:\Program Files\iPod
2008-04-20 00:03:10 0 d-------- C:\Program Files\Bonjour
2008-04-20 00:01:55 0 d-------- C:\Program Files\QuickTime
2008-04-20 00:01:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-20 00:01:23 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-04-20 00:00:32 0 d-------- C:\Program Files\Common Files\Apple
2008-04-20 00:00:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-04-19 21:21:07 232192 --a------ C:\WINDOWS\system32\drivers\rt73.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11 Wireless Adapters>
2008-04-12 01:33:58 0 d-------- C:\Documents and Settings\Just Me\Application Data\BitDefender
2008-04-12 01:29:51 0 d-------- C:\Program Files\BitDefender
2008-04-12 01:29:51 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-12 01:27:14 0 d-------- C:\Program Files\Common Files\BitDefender
2008-04-12 01:16:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-04-11 23:49:27 0 d-------- C:\Documents and Settings\Just Me\.housecall6.6
2008-04-11 23:49:07 0 d-------- C:\WINDOWS\Sun
2008-04-11 23:49:07 0 d-------- C:\Documents and Settings\Just Me\Application Data\Sun
2008-04-11 23:43:37 0 d-------- C:\Program Files\Java
2008-04-11 23:42:24 0 d-------- C:\Program Files\Common Files\Java
2008-04-11 16:27:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-11 15:39:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-11 02:01:12 45056 --a------ C:\WINDOWS\system32\wnaspi32.dll <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 02:01:12 25244 --a------ C:\WINDOWS\system32\drivers\aspi32.sys <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 02:01:12 4672 --a------ C:\WINDOWS\system\wowpost.exe <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 02:01:12 5600 --a------ C:\WINDOWS\system\winaspi.dll <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 02:01:06 203776 --a------ C:\WINDOWS\system32\clrviddc.dll <Not Verified; Iterated Systems, Inc.; ClearVideo Decoder DLL>
2008-04-11 01:48:33 0 d-------- C:\Program Files\Common Files\xing shared
2008-04-11 01:46:24 0 d-------- C:\Program Files\Real
2008-04-11 01:46:09 0 d-------- C:\Program Files\Common Files\Real
2008-04-11 01:45:51 0 d-------- C:\Documents and Settings\Just Me\Application Data\Real
2008-04-10 02:42:11 0 d-------- C:\Documents and Settings\Just Me\Application Data\SiteAdvisor
2008-04-10 02:42:11 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-04-10 02:42:11 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-04-09 23:28:29 0 d-------- C:\Program Files\UltimateBetcom
2008-04-09 23:19:00 1160 --a------ C:\WINDOWS\mozver.dat
2008-04-09 23:13:39 0 d-------- C:\WINDOWS\system32\appmgmt
2008-04-09 23:08:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-04-09 23:08:48 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-09 23:02:55 0 d-------- C:\Documents and Settings\Just Me\Application Data\Macromedia
2008-04-09 23:02:54 0 d-------- C:\Documents and Settings\Just Me\Application Data\Adobe
2008-04-09 23:00:20 0 d-------- C:\Program Files\UBNet
2008-04-09 22:57:50 0 d-------- C:\Documents and Settings\Just Me\Application Data\Talkback
2008-04-09 22:50:44 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-04-09 22:50:36 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-04-09 22:50:28 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT™ Operating System>
2008-04-09 22:49:36 0 d-------- C:\WINDOWS\Internet Logs
2008-04-09 21:28:36 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-09 20:51:49 0 d-------- C:\Program Files\MSXML 6.0
2008-04-09 20:42:01 0 d-------- C:\Program Files\MSBuild
2008-04-09 20:38:48 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-04-09 20:38:22 0 d-------- C:\Program Files\Reference Assemblies
2008-04-09 20:36:57 0 d-------- C:\Program Files\Windows Media Connect 2
2008-04-09 20:36:08 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-04-09 20:35:50 0 d-------- C:\WINDOWS\system32\PreInstall
2008-04-09 20:35:48 0 d--h----- C:\WINDOWS\$hf_mig$
2008-04-09 20:35:22 0 d-------- C:\WINDOWS\network diagnostic
2008-04-09 20:31:54 0 d-------- C:\WINDOWS\RegisteredPackages
2008-04-09 20:27:00 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-09 20:26:58 0 d-------- C:\Documents and Settings\Just Me\Application Data\OfficeUpdate12
2008-04-09 20:26:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-04-09 20:25:36 0 d--hs---- C:\Documents and Settings\Just Me\UserData
2008-04-09 20:08:31 0 d-------- C:\WINDOWS\system32\NtmsData
2008-04-09 20:03:36 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-09 19:37:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-04-07 17:04:14 0 d-------- C:\Documents and Settings\NetworkService\Desktop
2008-04-07 16:51:38 77824 -----n--- C:\WINDOWS\system32\nvuide.exe <Not Verified; NVIDIA; NVIDIA>
2008-04-07 16:51:11 77824 -----n--- C:\WINDOWS\system32\nvumctl.exe <Not Verified; NVIDIA; NVIDIA>
2008-04-07 16:51:00 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-04-06 04:10:36 0 d-------- C:\Documents and Settings\Just Me\Application Data\Ahead
2008-04-06 02:50:05 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-06 02:03:30 3932160 --a------ C:\Documents and Settings\Just Me\ntuser.dat
2008-04-06 02:01:49 38912 -ra------ C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2008-04-06 02:01:48 544768 -ra------ C:\WINDOWS\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress>
2008-04-06 02:01:47 569344 -ra------ C:\WINDOWS\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress>
2008-04-06 02:01:44 155648 -ra------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2008-04-06 02:01:44 0 d-------- C:\Program Files\Common Files\Ahead
2008-04-06 02:01:40 0 d-------- C:\Program Files\Ahead
2008-04-06 01:57:46 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-04-06 01:55:23 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-06 01:55:19 0 d-------- C:\Documents and Settings\Just Me\Application Data\Mozilla
2008-04-06 01:45:50 0 d-------- C:\WINDOWS\IIS Temporary Compressed Files
2008-04-06 01:45:34 0 d-------- C:\WINDOWS\system32\Cache
2008-04-06 01:44:37 0 d-------- C:\WINDOWS\system32\msmq
2008-04-06 01:44:37 0 d-------- C:\WINDOWS\system32\Logfiles
2008-04-06 01:44:37 0 d-------- C:\Inetpub
2008-04-06 01:41:15 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-04-06 01:41:03 0 d-------- C:\Program Files\Microsoft SQL Server
2008-04-06 01:38:06 0 d-------- C:\Program Files\Microsoft Visual Studio .NET 2003
2008-04-06 01:38:00 0 d-------- C:\Program Files\Common Files\Crystal Decisions
2008-04-06 01:37:56 0 d-------- C:\Program Files\Microsoft Small Business
2008-04-06 01:36:35 0 d-------- C:\WINDOWS\system32\URTTemp
2008-04-06 01:20:35 0 d-------- C:\Program Files\Common Files\L&H
2008-04-06 01:20:31 0 d-------- C:\Program Files\Microsoft.NET
2008-04-06 01:20:27 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-04-06 01:20:11 0 d-------- C:\Program Files\Microsoft Works
2008-04-06 01:19:54 0 d-------- C:\WINDOWS\SHELLNEW
2008-04-06 01:01:27 0 d-------- C:\Program Files\Microsoft Plus!
2008-04-06 01:00:52 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-06 00:48:51 0 d-------- C:\Program Files\Microsoft Plus! Digital Media Edition
2008-04-06 00:47:03 0 d-------- C:\Documents and Settings\Just Me\Application Data\Identities
2008-04-06 00:46:55 0 d--h----- C:\Documents and Settings\Just Me\Templates
2008-04-06 00:46:55 0 dr------- C:\Documents and Settings\Just Me\Start Menu
2008-04-06 00:46:55 0 dr-h----- C:\Documents and Settings\Just Me\SendTo
2008-04-06 00:46:55 0 dr-h----- C:\Documents and Settings\Just Me\Recent
2008-04-06 00:46:55 0 d--h----- C:\Documents and Settings\Just Me\PrintHood
2008-04-06 00:46:55 0 d--h----- C:\Documents and Settings\Just Me\NetHood
2008-04-06 00:46:55 0 dr------- C:\Documents and Settings\Just Me\My Documents
2008-04-06 00:46:55 0 d--h----- C:\Documents and Settings\Just Me\Local Settings
2008-04-06 00:46:55 0 dr------- C:\Documents and Settings\Just Me\Favorites
2008-04-06 00:46:55 0 d-------- C:\Documents and Settings\Just Me\Desktop
2008-04-06 00:46:55 0 d--hs---- C:\Documents and Settings\Just Me\Cookies
2008-04-06 00:46:55 0 dr-h----- C:\Documents and Settings\Just Me\Application Data
2008-04-06 00:46:08 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-04-06 00:46:07 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-04-06 00:46:07 0 d-------- C:\WINDOWS\Prefetch
2008-04-06 00:46:06 229376 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2008-04-06 00:46:06 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-04-06 00:46:06 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-04-06 00:46:06 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-04-06 00:46:06 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-04-06 00:45:59 262144 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-04-06 00:45:59 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-04-06 00:45:59 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-04-06 00:45:59 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-04-06 00:45:59 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-04-06 00:43:10 0 d-------- C:\WINDOWS\system32\xircom
2008-04-06 00:43:10 0 d-------- C:\Program Files\microsoft frontpage
2008-04-06 00:43:01 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-04-06 00:42:52 0 -rahs---- C:\MSDOS.SYS
2008-04-06 00:42:52 0 -rahs---- C:\IO.SYS
2008-04-06 00:42:52 0 --a------ C:\CONFIG.SYS
2008-04-06 00:42:52 0 --a------ C:\AUTOEXEC.BAT
2008-04-06 00:41:53 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-04-06 00:41:43 0 dr------- C:\WINDOWS\Offline Web Pages
2008-04-06 00:41:43 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-04-06 00:41:33 0 d--h----- C:\Program Files\WindowsUpdate
2008-04-06 00:41:15 0 d-------- C:\WINDOWS\system32\DirectX
2008-04-06 00:40:45 0 d---s---- C:\WINDOWS\Tasks
2008-04-06 00:40:44 0 d-------- C:\Program Files\Common Files\MSSoap
2008-04-06 00:40:41 0 d-------- C:\WINDOWS\system32\Macromed
2008-04-06 00:40:41 0 d-------- C:\WINDOWS\srchasst
2008-04-06 00:40:34 0 d-------- C:\Program Files\Movie Maker
2008-04-06 00:40:26 0 d-------- C:\WINDOWS\system32\Restore
2008-04-06 00:39:51 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-04-06 00:39:31 0 d-------- C:\WINDOWS\Registration
2008-04-06 00:39:23 0 d-------- C:\Program Files\Online Services
2008-04-06 00:39:16 0 d-------- C:\Program Files\Messenger
2008-04-06 00:39:13 0 d-------- C:\Program Files\MSN Gaming Zone
2008-04-06 00:38:39 0 d-------- C:\Program Files\Windows NT
2008-04-06 00:38:36 0 d-------- C:\WINDOWS\system32\MsDtc
2008-04-06 00:38:34 0 d-------- C:\WINDOWS\system32\Com
2008-04-05 19:34:06 1505792 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Miniport Driver>
2008-04-05 19:34:06 860480 --a------ C:\WINDOWS\system32\ativvaxx.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon Video Acceleration Universal Driver>
2008-04-05 19:34:06 2636672 --a------ C:\WINDOWS\system32\ati3duag.dll <Not Verified; ATI Technologies Inc.; ATI Technologies Inc. Radeon DirectX Universal Driver>
2008-04-05 19:34:05 256512 --a------ C:\WINDOWS\system32\ati2dvag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon WindowsNT Display Driver>
2008-04-05 19:34:05 258048 --a------ C:\WINDOWS\system32\ati2cqag.dll <Not Verified; ATI Technologies Inc.; ATI Radeon Family>
2008-04-05 19:32:15 0 d--hs---- C:\WINDOWS\Installer
2008-04-05 19:32:14 0 d-------- C:\Program Files\Common Files\ODBC
2008-04-05 19:32:11 0 dr------- C:\Program Files
2008-04-05 19:32:11 0 d-------- C:\Program Files\Common Files
2008-04-05 19:32:11 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-04-05 19:31:45 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-04-05 19:31:45 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-04-05 19:31:45 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-04-05 19:31:45 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-04-05 19:31:45 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-04-05 19:31:45 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-04-05 19:31:45 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-04-05 19:31:45 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-04-05 19:31:45 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-04-05 19:31:45 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-04-05 19:31:45 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-04-05 19:31:45 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-04-05 19:31:45 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-04-05 19:31:45 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-04-05 19:31:45 0 dr------- C:\Documents and Settings\All Users\Documents
2008-04-05 19:31:45 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-04-05 19:31:33 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-04-05 19:31:33 0 d-------- C:\WINDOWS\system32\CatRoot
2008-04-05 19:31:27 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-04-05 19:31:27 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-04-05 19:31:27 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-04-05 19:31:27 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-04-05 19:30:34 0 d--hs---- C:\System Volume Information
2008-04-05 19:30:34 0 d-------- C:\Documents and Settings
2008-04-05 19:24:29 0 d-------- C:\WINDOWS
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\WinSxS
2008-04-05 19:24:29 0 dr------- C:\WINDOWS\Web
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\twain_32
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\wins
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\wbem
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\usmt
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\spool
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\ShellExt
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\Setup
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\ras
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\oobe
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\npp
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\mui
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\inetsrv
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\IME
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\icsxml
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\ias
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\export
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\drivers
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-04-05 19:24:29 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\dhcp
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\config
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\3076
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\2052
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1054
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1042
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1041
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1037
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1033
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1031
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1028
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system32\1025
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\system
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\security
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Resources
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\repair
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Provisioning
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\PeerNet
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\pchealth
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\mui
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\msapps
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\msagent
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Media
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\java
2008-04-05 19:24:29 0 d--h----- C:\WINDOWS\inf
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\ime
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Help
2008-04-05 19:24:29 0 dr--s---- C:\WINDOWS\Fonts
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\ehome
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Driver Cache
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Debug
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Cursors
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Connection Wizard
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\Config
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\AppPatch
2008-04-05 19:24:29 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-04-10 03:04:32 119 --a------ C:\Documents and Settings\Just Me\Application Data\default.pwcfg
2008-04-05 19:31:45 62 --ahs---- C:\Documents and Settings\Just Me\Application Data\desktop.ini
2008-03-17 14:49:26 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 06:50 AM]
"nForce Tray Options"="sstray.exe" [12/17/2003 06:53 PM C:\WINDOWS\system32\sstray.exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04/11/2008 01:46 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [10/09/2007 03:46 PM]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [02/16/2008 05:45 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"SpybotSD TeaTimer"="d:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [5/3/2005 11:07:32 PM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx scan


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52887942-068e-11dd-8d18-932db4b27394}]
AutoRun\command- G:\setupSNK.exe




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com

8307 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-04-23 17:19:31 ------------






Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ XP 3000+
Percentage of Memory in Use: 42%
Physical Memory (total/avail): 1023.48 MiB / 589.26 MiB
Pagefile Memory (total/avail): 2462.29 MiB / 1978.29 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1923.49 MiB

C: is Fixed (NTFS) - 97.65 GiB total, 89.57 GiB free.
D: is Fixed (NTFS) - 111.79 GiB total, 95.81 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6B200R0 - 189.92 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 97.65 GiB - C:

\\.\PHYSICALDRIVE1 - ST3120026A - 111.79 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 111.79 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: Bitdefender Firewall v8.0 (BitDefender)
AV: Bitdefender Antivirus v8.0 (BitDefender)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\\Program Files\\iTunes\\iTunes.exe"="D:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Just Me\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JUST-D4B637F856
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Just Me
LOGONSERVER=\\JUST-D4B637F856
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\JUSTME~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\JUSTME~1\LOCALS~1\Temp
USERDOMAIN=JUST-D4B637F856
USERNAME=Just Me
USERPROFILE=C:\Documents and Settings\Just Me
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Just Me (admin)
ASPNET


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Belkin 54g USB Network Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "d:\Program Files\Belkin\Belkin Wireless Network Utility\setup.exe" -l0x9
BitDefender Total Security 2008 --> MsiExec.exe /I{92098E58-00AD-4F78-AD6E-807BDB323478}
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
HijackThis 2.0.2 --> "D:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office FrontPage 2003 --> MsiExec.exe /I{91170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Outlook 2003 with Business Contact Manager Update --> MsiExec.exe /I{BA68600E-96D9-4E92-80F2-26B9681B5A63}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft Plus! Digital Media Edition --> MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}
Microsoft Plus! for Windows XP --> MsiExec.exe /I{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Network Stumbler 0.4.0 (remove only) --> "d:\Program Files\Network Stumbler\uninst.exe"
NVIDIA Drivers --> C:\WINDOWS\system32\NVUninst.exe UninstallGUI
PokerStars --> "d:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Spybot - Search & Destroy --> "d:\Program Files\Spybot - Search & Destroy\unins000.exe"
UltimateBet --> C:\PROGRA~1\ULTIMA~1\UNWISE.EXE C:\PROGRA~1\ULTIMA~1\INSTALL.LOG
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
XML Paper Specification Shared Components Pack 1.0 -->


-- Application Event Log -------------------------------------------------------

Event Record #/Type1093 / Warning
Event Submitted/Written: 04/23/2008 04:09:18 PM
Event ID/Source: 19011 / MSSQL$MICROSOFTSMLBIZ
Event Description:
(SpnRegister) : Error 1355

Event Record #/Type1092 / Warning
Event Submitted/Written: 04/23/2008 04:09:18 PM
Event ID/Source: 1015 / EvntAgnt
Event Description:
TraceLevel parameter not located in registry;
Default trace level used is 32.

Event Record #/Type1091 / Warning
Event Submitted/Written: 04/23/2008 04:09:18 PM
Event ID/Source: 1003 / EvntAgnt
Event Description:
TraceFileName parameter not located in registry;
Default trace file used is .

Event Record #/Type1075 / Warning
Event Submitted/Written: 04/23/2008 01:29:05 PM
Event ID/Source: 1015 / EvntAgnt
Event Description:
TraceLevel parameter not located in registry;
Default trace level used is 32.

Event Record #/Type1074 / Warning
Event Submitted/Written: 04/23/2008 01:29:05 PM
Event ID/Source: 1003 / EvntAgnt
Event Description:
TraceFileName parameter not located in registry;
Default trace file used is .



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type3242 / Error
Event Submitted/Written: 04/23/2008 11:06:55 AM / 04/23/2008 11:06:56 AM
Event ID/Source: 4307 / NetBT
Event Description:
Initialization failed because the transport refused to open initial Addresses.

Event Record #/Type3235 / Error
Event Submitted/Written: 04/23/2008 05:10:50 AM
Event ID/Source: 7031 / Service Control Manager
Event Description:
The Apple Mobile Device service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Event Record #/Type3233 / Error
Event Submitted/Written: 04/23/2008 04:58:57 AM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The iPod Service service terminated unexpectedly. It has done this 2 time(s).

Event Record #/Type3232 / Error
Event Submitted/Written: 04/23/2008 04:58:49 AM
Event ID/Source: 7031 / Service Control Manager
Event Description:
The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Event Record #/Type3220 / Error
Event Submitted/Written: 04/22/2008 10:02:05 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The iPod Service service terminated unexpectedly. It has done this 1 time(s).



-- End of Deckard's System Scanner: finished at 2008-04-23 17:19:31 ------------

BC AdBot (Login to Remove)

 


m

#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:44 AM

Posted 09 May 2008 - 10:44 AM

Hello Barky,

Welcome to Bleeping Computer :blink:

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:44 AM

Posted 19 May 2008 - 11:47 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users