Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zenotecnico/ads Served By Gooochi


  • This topic is locked This topic is locked
2 replies to this topic

#1 Rumple

Rumple

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:18 PM

Posted 08 June 2008 - 09:23 PM

Don't know what caused this but I have began to receive pop-ups (from "Ads served by Gooochi") also different audio files will play at random times, so far commercials and rock, they will start-stop-continue for a few seconds, stop-start, etc for about two minutes. Ran Yahoo Anti-Spy a few times and it always identifies "zxdnt3d.cfg in Windows/System32 (Zenotecnico Adware), along with 20-22 tracking cookies. The file is persistant: I have ran a scan and deleted it, immediately ran another scan and it's back. I have IOLO Antivirue and IOLO Personal Firewall and they don't identify or stop it. I also use Limewire but I have downloaded hundreds of audio files without this happening.

I downloaded and ran DSS as per the instructions at your website and am including the results. Thanks.

Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-08 19:56:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
83: 2008-06-09 00:56:20 UTC - RP83 - Deckard's System Scanner Restore Point
82: 2008-06-08 20:06:54 UTC - RP82 - System Checkpoint
81: 2008-06-07 16:58:01 UTC - RP81 - Removed Yahoo! Music Jukebox.
80: 2008-06-07 16:38:57 UTC - RP80 - Installed Roxio PhotoSuite 8
79: 2008-06-07 06:02:06 UTC - RP79 - Removed Yahoo! Music Jukebox.


-- First Restore Point --
1: 2008-06-05 22:35:35 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-08 19:57:42
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\WINDOWS\system32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe
C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\Imgicon.exe
C:\WINDOWS\system32\jnwnw64q.exe
C:\WINDOWS\system32\qcntokdn.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\WINDOWS\system32\alg.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\EINMAZ26\dss[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: gooochi browser optimizer - {40e6414d-9176-1b20-ea24-2bba6a2f0caf} - C:\WINDOWS\system32\{8dbf9585-c9be-ae0f-c847-85a1257102d8}.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe"
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [{17-7C-C8-86-DW}] C:\WINDOWS\system32\jnwnw64q.exe DWram
O4 - HKLM\..\Run: [{b5059acc-690e-8755-0a79-e191762be60a}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{8dbf9585-c9be-ae0f-c847-85a1257102d8}.dll" DllStart
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [iolo Personal Firewall] "C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DW6] "C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe"
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\qcntokdn.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jnwnw64q.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\Program Files\iolo\Common\Firewall\iFW_Xfilter.dll
O10 - Unknown file in Winsock LSP: C:\Program Files\iolo\Common\Firewall\iFW_Xfilter.dll
O10 - Unknown file in Winsock LSP: C:\Program Files\iolo\Common\Firewall\iFW_Xfilter.dll
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\iavlsp.dll
O15 - Trusted Zone: https://iolo.com (HKCU)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst20040510.cab
O16 - DPF: {819F8533-D935-4183-B692-587F8D56AC3C} (iolo.AV.OnlineVirusScanner) - http://www.iolo.com/threatcenter/App/ocx/AVCheckUp.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
O23 - Service: dvpapi - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: Iomega Activity Disk2 - Unknown owner - C:\Program Files\Internet Explorer
O23 - Service: Iomega App Services - Iomega Corporation - C:\Program Files\Iomega\System32\AppServices.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
O24 - Desktop Component 0: - C:\Program Files\Messenger\promydyx.html

--
End of file - 9815 bytes

-- File Associations -----------------------------------------------------------

.js - JSFile - shell\open\command - NOTEPAD.EXE %1
.reg - regfile - shell\open\command - NOTEPAD.EXE %1
.scr - scrfile - shell\open\command - NOTEPAD.EXE %1
.vbs - VBSFile - shell\open\command - NOTEPAD.EXE %1


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 iomdisk (Iomega Devices Disk Filter Services) - c:\windows\system32\drivers\iomdisk.sys <Not Verified; Iomega Corporation; Microsoft® Windows NT® Operating System>
R0 XPacket (iolo Personal Firewall Driver) - c:\windows\system32\xpacket.sys <Not Verified; iolo technologies, LLC; iolo Firewall>
R1 FileDisk - c:\windows\system32\drivers\filedisk.sys <Not Verified; iolo technologies, LLC (based on original work by Bo Brantén); filedisk (based on original work by Bo Brantén)>
R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>

S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys <Not Verified; Adaptec, Inc.; Dell RAID Controller>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 _IOMEGA_ACTIVE_DISK_SERVICE_ (Iomega Active Disk) - "c:\program files\iomega\autodisk\adservice.exe" <Not Verified; Iomega Corporation; Iomega Active Disk>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Iomega App Services - "c:\progra~1\iomega\system32\appservices.exe" <Not Verified; Iomega Corporation; Iomega App Services>

S2 Iomega Activity Disk2 - ""


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-05-27 11:53:37 436 --a------ C:\WINDOWS\Tasks\EasyShare Registration Task.job


-- Files created between 2008-05-08 and 2008-06-08 -----------------------------

2008-06-08 20:00:05 0 d-------- C:\WINDOWS\LastGood
2008-06-07 23:07:36 0 d-------- C:\Program Files\Common Files\Scanner
2008-06-07 10:24:33 200774 --a------ C:\WINDOWS\system32\qcntokdn.exe
2008-06-07 00:53:58 0 d-------- C:\Program Files\Common Files\SureThing Shared
2008-06-07 00:00:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-06-06 09:27:33 401972 --a------ C:\WINDOWS\system32\g53.exe
2008-06-05 21:55:59 0 d-------- C:\WINDOWS\system32\vntiho18
2008-06-05 21:55:45 65536 --a------ C:\WINDOWS\system32\ddccCVMC.dll
2008-06-05 21:54:48 49178 --a------ C:\WINDOWS\system32\jnwnw64q.exe <Not Verified; ; Browser Driver>
2008-06-05 21:54:46 100352 --a------ C:\WINDOWS\system32\xnjtsvfj.dll
2008-06-05 21:48:36 0 d-------- C:\Documents and Settings\Administrator.GARY\Cookies
2008-06-05 21:48:36 0 d-------- C:\Documents and Settings\Administrator.GARY\Application Data
2008-06-05 21:48:36 0 d-------- C:\Documents and Settings\Administrator.GARY\Application Data\Microsoft
2008-06-05 21:48:35 0 d-------- C:\Documents and Settings\Administrator.GARY\Templates
2008-06-05 21:48:35 524288 --ah----- C:\Documents and Settings\Administrator.GARY\NTUSER.DAT
2008-06-05 21:48:35 0 d-------- C:\Documents and Settings\Administrator.GARY\Local Settings
2008-06-05 17:36:25 2105344 --a------ C:\Documents and Settings\Owner\ntuser.dat
2008-06-05 17:36:24 229376 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2008-06-05 17:35:23 2538 --ahs---- C:\WINDOWS\system32\kknVDJjl.ini2
2008-06-05 17:35:04 281600 --a------ C:\WINDOWS\system32\ljJDVnkk.dll
2008-06-05 17:31:14 860 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-06-05 17:30:59 200768 --a------ C:\WINDOWS\system32\qcntokdm.exe
2008-06-05 17:30:51 298311 --a------ C:\WINDOWS\system32\gside.exe
2008-06-05 17:30:51 41984 --a------ C:\WINDOWS\mrofinu1000106.exe
2008-06-05 17:30:44 49169 --a------ C:\WINDOWS\system32\rwwnw64d.exe <Not Verified; ; Browser Driver>
2008-06-05 17:30:36 86144 --a------ C:\WINDOWS\system32\drivers\atapii.sys
2008-06-05 17:30:30 0 d-------- C:\WINDOWS\system32\expo
2008-06-05 17:30:29 0 d-------- C:\WINDOWS\system32\xrem
2008-06-05 17:30:29 0 d-------- C:\WINDOWS\system32\NMP
2008-06-05 17:30:29 0 d-------- C:\WINDOWS\system32\inet2
2008-06-05 17:30:29 0 d-------- C:\WINDOWS\system32\105772
2008-06-05 17:30:28 0 d-------- C:\WINDOWS\system32\btz
2008-06-05 17:30:23 84480 ---hs---- C:\Documents and Settings\Owner\lsass.exe
2008-06-05 17:30:22 41984 --a------ C:\WINDOWS\mrofinu1188.exe
2008-06-05 17:30:07 0 d-------- C:\WINDOWS\system32\vntiho05
2008-06-05 17:30:07 0 d-------- C:\Temp
2008-06-05 17:29:54 65536 --a------ C:\WINDOWS\system32\vtUmKdBu.dll
2008-06-04 01:20:43 0 d-------- C:\Program Files\WorksBkup
2008-06-03 20:54:21 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-02 23:28:13 3840 --a------ C:\WINDOWS\system32\drivers\BANTExt.sys
2008-06-02 23:23:28 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-06-02 11:26:32 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-06-01 22:53:14 0 d-------- C:\WINDOWS\system32\NtmsData
2008-06-01 20:31:25 262144 --a------ C:\Documents and Settings\Owner.GARY-LITTLE\ntuser.dat
2008-06-01 20:31:23 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2008-06-01 20:31:23 262144 --a------ C:\Documents and Settings\Administrator\ntuser.dat
2008-06-01 20:30:57 0 d-------- C:\Documents and Settings\All Users\Application Data\YAHOO
2008-06-01 20:22:51 0 d-------- C:\Program Files\Yahoo!
2008-06-01 20:00:52 0 d-------- C:\WINDOWS\RegisteredPackages
2008-06-01 19:02:28 0 d-------- C:\Program Files\Common Files\Download Manager
2008-06-01 12:35:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2008-06-01 12:33:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Roxio
2008-06-01 12:32:18 0 d-------- C:\Program Files\Roxio
2008-06-01 12:32:18 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-05-31 23:01:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-05-31 22:49:40 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-31 19:34:34 0 d-------- C:\Program Files\MP3Gain
2008-05-31 19:29:25 200 --a------ C:\WINDOWS\AUDC70UI.dat
2008-05-31 19:29:24 0 d-------- C:\Program Files\Audio Converter
2008-05-31 19:26:15 0 d-------- C:\Program Files\Belarc
2008-05-31 19:20:39 0 d-------- C:\Program Files\DirPrn
2008-05-31 19:11:22 0 d-------- C:\Program Files\TagClinic43
2008-05-31 16:35:44 0 d-------- C:\Program Files\Gadwin Systems
2008-05-31 11:09:54 0 d-------- C:\My Shared Folder 2
2008-05-31 10:01:27 0 d-------- C:\Documents and Settings\Owner\Application Data\PurgeIE
2008-05-31 09:53:07 0 d-------- C:\Program Files\PurgeIE
2008-05-31 08:42:36 0 d-------- C:\Setup Programs
2008-05-29 17:34:35 0 d-------- C:\Program Files\The Weather Channel FW
2008-05-29 00:35:27 23600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
2008-05-29 00:32:29 0 d-------- C:\Program Files\CONEXANT
2008-05-28 22:24:02 0 d-------- C:\Hold
2008-05-28 21:06:34 0 d-------- C:\Program Files\LimeWire
2008-05-28 12:04:02 0 d-------- C:\WINDOWS\Sun
2008-05-28 09:48:14 0 d-------- C:\Documents and Settings\Owner\Application Data\AdobeUM
2008-05-28 09:47:47 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-28 09:47:04 17092 --a------ C:\WINDOWS\system32\rtfmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT® Operating System>
2008-05-28 09:47:00 137728 --a------ C:\WINDOWS\system32\ijl10.dll <Not Verified; Intel Corporation; Intel® JPEG Library>
2008-05-28 09:47:00 16620 --a------ C:\WINDOWS\system32\htmlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT™ Operating System>
2008-05-28 09:47:00 28672 --a------ C:\WINDOWS\system32\htmlintf.dll
2008-05-28 09:46:54 18704 --a------ C:\WINDOWS\system32\pdfmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT™ Operating System>
2008-05-28 09:26:23 0 d-------- C:\ZipCode
2008-05-28 09:24:37 0 d-------- C:\Program Files\A5V5
2008-05-28 08:37:35 0 d-------- C:\Handy
2008-05-28 03:01:40 0 d-------- C:\Program Files\MSXML 4.0
2008-05-28 01:07:20 0 d-------- C:\WINDOWS\system32\PreInstall
2008-05-28 00:52:54 0 d-------- C:\WINDOWS\network diagnostic
2008-05-27 19:35:57 0 d-------- C:\My Shared Folder
2008-05-27 19:34:13 0 d-------- C:\My Games
2008-05-27 19:33:08 0 d-------- C:\My Download Files
2008-05-27 19:19:12 0 d-------- C:\Incomplete
2008-05-27 19:18:15 0 d-------- C:\e255301f0907c4e0b61fd3
2008-05-27 19:18:14 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Templates
2008-05-27 19:17:11 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Local Settings
2008-05-27 19:17:05 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Favorites
2008-05-27 19:15:41 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Desktop
2008-05-27 19:15:40 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\Sun
2008-05-27 19:15:34 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\Roxio
2008-05-27 19:15:30 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\Microsoft
2008-05-27 19:15:29 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\Macromedia
2008-05-27 19:15:27 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\LimeWire
2008-05-27 19:15:27 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\Leadertech
2008-05-27 19:15:25 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\iolo
2008-05-27 19:15:23 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data
2008-05-27 19:15:23 0 d-------- C:\Documents and Settings\Owner.GARY-LITTLE\Application Data\HP
2008-05-27 19:15:20 0 d-------- C:\Documents and Settings\Owner\UserData
2008-05-27 18:50:53 0 d-------- C:\Documents and Settings\Owner\Application Data\Active Disk
2008-05-27 16:16:15 0 d-------- C:\Documents and Settings\LocalService\Desktop
2008-05-27 15:49:02 0 d-------- C:\Documents and Settings\Owner\Application Data\Yahoo!
2008-05-27 15:44:42 0 d-------- C:\Documents and Settings\Owner\Application Data\Uniblue
2008-05-27 15:25:58 0 d-------- C:\Documents and Settings\Owner\Application Data\Roxio
2008-05-27 15:25:57 0 d-------- C:\Documents and Settings\Owner\Application Data\Real
2008-05-27 15:25:57 0 d-------- C:\Documents and Settings\Owner\Application Data\Printer Info Cache
2008-05-27 15:24:36 0 d-------- C:\Documents and Settings\Owner\Application Data\Logitech
2008-05-27 15:23:29 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-05-27 15:18:37 0 d-------- C:\Documents and Settings\Owner\Application Data\Image Zone Express
2008-05-27 15:17:19 0 d-------- C:\Documents and Settings\Owner\Application Data\Corel
2008-05-27 15:17:18 0 d-------- C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-05-27 15:14:38 0 d-------- C:\Documents and Settings\Owner\.limewire
2008-05-27 12:30:50 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-05-27 12:29:54 0 d-------- C:\Program Files\Iomega
2008-05-27 12:28:03 0 d-------- C:\Documents and Settings\Owner\Application Data\Leadertech
2008-05-27 12:23:37 39680 --a------ C:\WINDOWS\system32\drivers\ousbehci.sys <Not Verified; OrangeWare Corporation; USB 2.0 Enhanced Host Controller Driver>
2008-05-27 12:23:37 54784 --a------ C:\WINDOWS\system32\drivers\ousb2hub.sys <Not Verified; OrangeWare Corporation; USB 2.0 Hub Driver>
2008-05-27 12:23:37 0 d-------- C:\WINDOWS\Drivers
2008-05-27 12:16:52 0 d-------- C:\Documents and Settings\LocalService\Application Data\iolo
2008-05-27 12:16:50 126976 --a------ C:\WINDOWS\system32\iavlsp.dll
2008-05-27 12:16:42 0 d-------- C:\Program Files\Common Files\Authentium
2008-05-27 12:16:35 39424 --a------ C:\WINDOWS\system32\xpacket.sys <Not Verified; iolo technologies, LLC; iolo Firewall>
2008-05-27 12:16:34 9341 --a------ C:\WINDOWS\system32\drivers\filedisk.sys <Not Verified; iolo technologies, LLC (based on original work by Bo Brantén); filedisk (based on original work by Bo Brantén)>
2008-05-27 12:16:30 22528 --a------ C:\WINDOWS\system32\smrgdf.exe
2008-05-27 12:16:30 34304 --a------ C:\WINDOWS\system32\iolobtdfg.exe
2008-05-27 12:16:28 0 d-------- C:\Program Files\iolo
2008-05-27 12:11:15 74703 --a------ C:\WINDOWS\system32\mfc45.dll
2008-05-27 12:06:35 0 d-------- C:\Documents and Settings\Owner\Application Data\iolo
2008-05-27 12:06:35 0 d-------- C:\Documents and Settings\All Users\Application Data\iolo
2008-05-27 12:02:46 32747 --a------ C:\logfile
2008-05-27 11:58:48 0 d-------- C:\Program Files\Bonjour
2008-05-27 11:58:38 0 d-------- C:\WINDOWS\Downloaded Installations
2008-05-27 11:57:59 0 d-------- C:\Program Files\QuickTime
2008-05-27 11:57:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-27 11:57:36 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-05-27 11:56:58 0 d-------- C:\Program Files\Common Files\Kodak
2008-05-27 11:53:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Kodak
2008-05-27 11:48:25 0 d-------- C:\Program Files\Kodak
2008-05-27 11:41:08 0 d-------- C:\Documents and Settings\Owner\Application Data\HP
2008-05-27 11:40:54 0 d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-05-27 11:39:58 0 d-------- C:\Program Files\Common Files\HP
2008-05-27 11:38:15 0 d-------- C:\Program Files\Hewlett-Packard
2008-05-27 11:37:54 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-05-27 11:31:31 57344 --a------ C:\WINDOWS\system32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows>
2008-05-27 11:31:31 94208 --a------ C:\WINDOWS\system32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows>
2008-05-27 11:31:31 204800 --a------ C:\WINDOWS\system32\HPZipr12.dll <Not Verified; HP; HP PmlRtl>
2008-05-27 11:31:31 69632 --a------ C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
2008-05-27 11:31:31 65536 --a------ C:\WINDOWS\system32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows>
2008-05-27 11:31:31 278584 --a------ C:\WINDOWS\system32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl>
2008-05-27 11:31:30 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-05-27 11:30:43 0 d-------- C:\Program Files\HP
2008-05-27 11:29:54 118642 --a------ C:\WINDOWS\hpoins09.dat
2008-05-27 11:25:08 0 d-------- C:\WINDOWS\ShellNew
2008-05-27 11:24:40 0 d-------- C:\Documents and Settings\Owner\Application Data\Microsoft Web Folders
2008-05-27 11:14:29 0 d-------- C:\WINDOWS\pss
2008-05-27 11:04:55 0 d-------- C:\Documents and Settings\Administrator\Templates
2008-05-27 11:04:13 0 d-------- C:\Documents and Settings\Administrator\Local Settings
2008-05-27 11:04:11 0 d-------- C:\Documents and Settings\Administrator\Application Data
2008-05-27 11:04:11 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-05-27 11:01:57 0 d-------- C:\Archive
2008-05-27 11:01:39 0 d-------- C:\a92240c9b92f177f913b
2008-05-27 11:01:37 0 d-------- C:\a15770031d324a9eadc5
2008-05-27 11:01:17 0 d-------- C:\2bdcc702e5a33d74f0f90c0b
2008-05-27 11:01:12 0 d-------- C:\174674f16cb8ee27cd421c238ca175a5
2008-05-27 11:01:12 0 d-------- C:\15c817ae5914bd5f92dd422996dd
2008-05-27 10:58:36 0 d-------- C:\Program Files\Carbonite
2008-05-27 10:58:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Carbonite
2008-05-27 10:52:05 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2008-05-27 10:52:05 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2008-05-27 10:38:00 0 d--h----- C:\WINDOWS\$hf_mig$
2008-05-27 10:09:21 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-05-27 10:08:29 0 d-------- C:\drvrtmp
2008-05-27 09:55:35 0 d-------- C:\Documents and Settings\Owner\Application Data\Sun
2008-05-27 09:55:25 0 d-------- C:\Program Files\Java
2008-05-27 09:55:25 0 d-------- C:\Program Files\Common Files\Java
2008-05-27 09:45:01 0 d-------- C:\WINDOWS\VirtualEar
2008-05-27 09:45:01 49152 --a------ C:\WINDOWS\system32\DSndUp.exe <Not Verified; Analog Devices Inc.; adi DSndUp>
2008-05-27 09:45:01 45056 --a------ C:\WINDOWS\system32\CleanUp.exe <Not Verified; adi; adi CleanUp>
2008-05-27 09:45:01 65536 --a------ C:\WINDOWS\system32\Audio3d.dll <Not Verified; Sensaura Ltd; Sensaura>
2008-05-27 09:45:01 0 d-------- C:\Program Files\Analog Devices
2008-05-27 09:42:02 0 d-------- C:\WINDOWS\system32\vmm32
2008-05-27 09:19:46 0 d-------- C:\Program Files\Jasc Software Inc
2008-05-27 09:19:46 0 d-------- C:\Program Files\Dell Computer
2008-05-27 09:12:53 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-05-27 09:12:39 0 d-------- C:\Program Files\Dell
2008-05-27 09:10:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-05-27 09:08:24 176128 --a------ C:\WINDOWS\system32\RcdScan.dll <Not Verified; Dell Computer Corporation; RcdScan Module>
2008-05-27 09:08:24 446464 -ra------ C:\WINDOWS\system32\hhactivex.dll <Not Verified; Blue Sky Software Corporation.; RoboHELP HTML 2000>
2008-05-27 09:08:22 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-27 09:08:21 13632 -----n--- C:\WINDOWS\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
2008-05-27 09:08:14 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-27 09:03:30 0 d-------- C:\Documents and Settings\Owner\Application Data\Identities
2008-05-27 09:03:21 0 d--h----- C:\Documents and Settings\Owner\Templates
2008-05-27 09:03:21 0 dr------- C:\Documents and Settings\Owner\Start Menu
2008-05-27 09:03:21 0 dr-h----- C:\Documents and Settings\Owner\SendTo
2008-05-27 09:03:21 0 dr-h----- C:\Documents and Settings\Owner\Recent
2008-05-27 09:03:21 0 d--h----- C:\Documents and Settings\Owner\PrintHood
2008-05-27 09:03:21 0 d--h----- C:\Documents and Settings\Owner\NetHood
2008-05-27 09:03:21 0 dr------- C:\Documents and Settings\Owner\My Documents
2008-05-27 09:03:21 0 d--h----- C:\Documents and Settings\Owner\Local Settings
2008-05-27 09:03:21 0 dr------- C:\Documents and Settings\Owner\Favorites
2008-05-27 09:03:21 0 d-------- C:\Documents and Settings\Owner\Desktop
2008-05-27 09:03:21 0 d--hs---- C:\Documents and Settings\Owner\Cookies
2008-05-27 09:03:21 0 d--h----- C:\Documents and Settings\Owner\Application Data
2008-05-27 09:03:14 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-05-27 09:03:13 0 d-------- C:\WINDOWS\Prefetch
2008-05-27 09:03:12 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-05-27 09:03:11 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-05-27 09:03:11 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-05-27 09:03:11 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-05-27 09:03:11 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-27 09:03:02 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-27 09:03:01 229376 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-27 09:03:01 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-05-27 09:03:01 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-05-27 09:03:01 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-05-27 09:00:24 0 d-------- C:\WINDOWS\system32\xircom
2008-05-27 09:00:24 0 d-------- C:\Program Files\microsoft frontpage
2008-05-27 09:00:21 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-05-27 09:00:21 0 d-------- C:\DELL
2008-05-27 09:00:14 0 -rahs---- C:\MSDOS.SYS
2008-05-27 09:00:14 0 -rahs---- C:\IO.SYS
2008-05-27 09:00:14 0 --a------ C:\CONFIG.SYS
2008-05-27 09:00:14 0 --a------ C:\AUTOEXEC.BAT
2008-05-27 08:59:14 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-05-27 08:59:04 0 dr------- C:\WINDOWS\Offline Web Pages
2008-05-27 08:59:04 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-05-27 08:58:54 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-27 08:58:37 0 d-------- C:\WINDOWS\system32\DirectX
2008-05-27 08:58:10 0 d---s---- C:\WINDOWS\Tasks
2008-05-27 08:58:09 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-27 08:58:06 0 d-------- C:\WINDOWS\srchasst
2008-05-27 08:58:05 0 d-------- C:\WINDOWS\system32\Macromed
2008-05-27 08:57:58 0 d-------- C:\Program Files\Movie Maker
2008-05-27 08:57:52 0 d-------- C:\WINDOWS\system32\Restore
2008-05-27 08:57:37 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-27 08:57:21 0 d-------- C:\WINDOWS\Registration
2008-05-27 08:56:52 0 d-------- C:\Program Files\Online Services
2008-05-27 08:56:47 0 d-------- C:\Program Files\Messenger
2008-05-27 08:56:44 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-27 08:56:13 0 d-------- C:\Program Files\Windows NT
2008-05-27 08:56:11 0 d-------- C:\WINDOWS\system32\MsDtc
2008-05-27 08:56:09 0 d-------- C:\WINDOWS\system32\Com
2008-05-27 08:34:40 371200 --a------ C:\WINDOWS\system32\{8dbf9585-c9be-ae0f-c847-85a1257102d8}.dll
2008-05-27 03:51:22 0 d--hs---- C:\WINDOWS\Installer
2008-05-27 03:51:21 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-27 03:51:19 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-27 03:51:18 0 dr------- C:\Program Files
2008-05-27 03:51:18 0 d-------- C:\Program Files\Common Files
2008-05-27 03:50:56 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-05-27 03:50:56 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-05-27 03:50:56 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-05-27 03:50:56 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-05-27 03:50:56 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-05-27 03:50:56 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-05-27 03:50:56 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-05-27 03:50:56 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-05-27 03:50:56 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-05-27 03:50:56 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-05-27 03:50:56 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-05-27 03:50:56 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-05-27 03:50:56 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-05-27 03:50:56 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-05-27 03:50:56 0 dr------- C:\Documents and Settings\All Users\Documents
2008-05-27 03:50:56 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-05-27 03:50:44 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-27 03:50:44 0 d-------- C:\WINDOWS\system32\CatRoot
2008-05-27 03:50:39 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-05-27 03:50:39 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-05-27 03:50:38 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-05-27 03:50:38 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-05-27 03:50:17 0 d--hs---- C:\System Volume Information
2008-05-27 03:50:17 0 d-------- C:\Documents and Settings
2008-05-27 03:43:42 0 d-------- C:\WINDOWS
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\WinSxS
2008-05-27 03:43:42 0 dr------- C:\WINDOWS\Web
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\twain_32
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\wins
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\wbem
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\usmt
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\spool
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\ShellExt
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\Setup
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\ras
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\oobe
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\npp
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\mui
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\inetsrv
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\IME
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\icsxml
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\ias
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\export
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\drivers
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-05-27 03:43:42 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\dhcp
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\config
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\3076
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\2052
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1054
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1042
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1041
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1037
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1033
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1031
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1028
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system32\1025
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\system
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\security
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Resources
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\repair
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Provisioning
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\PeerNet
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\pchealth
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\mui
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\msapps
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\msagent
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Media
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\java
2008-05-27 03:43:42 0 d--h----- C:\WINDOWS\inf
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\ime
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Help
2008-05-27 03:43:42 0 dr--s---- C:\WINDOWS\Fonts
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Driver Cache
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\dell
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Debug
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Cursors
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Connection Wizard
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\Config
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\AppPatch
2008-05-27 03:43:42 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-05-27 03:50:56 62 --ahs---- C:\Documents and Settings\Owner\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40e6414d-9176-1b20-ea24-2bba6a2f0caf}]
05/27/2008 08:34 AM 371200 --a------ C:\WINDOWS\system32\{8dbf9585-c9be-ae0f-c847-85a1257102d8}.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [04/11/2004 08:15 PM]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 02:42 PM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [04/05/2005 02:22 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [04/05/2005 02:19 PM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [04/05/2005 02:23 PM]
"Carbonite Backup"="C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe" [02/09/2008 07:04 AM]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 7\SMSystemAnalyzer.exe" [05/06/2008 04:48 PM]
"iolo AntiVirus"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe" [03/05/2008 11:48 AM]
"ADUserMon"="C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [09/24/2002 04:39 PM]
"Iomega Drive Icons"="C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" [08/13/2002 02:30 PM]
"Deskup"="C:\Program Files\Iomega\DriveIcons\deskup.exe" [07/16/2002 10:55 AM]
"{17-7C-C8-86-DW}"="C:\WINDOWS\system32\jnwnw64q.exe" [06/05/2008 09:54 PM]
"{b5059acc-690e-8755-0a79-e191762be60a}"="C:\WINDOWS\system32\{8dbf9585-c9be-ae0f-c847-85a1257102d8}.dll" [05/27/2008 08:34 AM]
"@"="" []
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [02/14/2006 05:46 PM]
"iolo Personal Firewall"="C:\Program Files\iolo\System Mechanic Professional 7\Personal Firewall\ioloFW.exe" [03/05/2008 12:06 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 07:00 AM]
"DW6"="C:\PROGRA~1\THEWEA~1\Desktop\DesktopWeather.exe" [05/14/2008 01:41 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"SMRequiresRestart"=

C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Deewoo.lnk - C:\WINDOWS\system32\qcntokdn.exe [6/7/2008 10:24:33 AM]
DW_Start.lnk - C:\WINDOWS\system32\jnwnw64q.exe [6/5/2008 9:54:48 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 4:21:22 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 3:05:56 PM]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2/5/2008 2:29:20 PM]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\Messenger\promydyx.html
FriendlyName=

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SCardSvr"=3 (0x3)
"RSVP"=3 (0x3)
"COMSysApp"=3 (0x3)




-- End of Deckard's System Scanner: finished at 2008-06-08 20:01:55 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Celeron® CPU 2.53GHz
Percentage of Memory in Use: 61%
Physical Memory (total/avail): 1021.98 MiB / 392.15 MiB
Pagefile Memory (total/avail): 4000.66 MiB / 3180.41 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1910.26 MiB

C: is Fixed (NTFS) - 74.48 GiB total, 51.15 GiB free.
D: is Removable (No Media)
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG SP0802N/P - 74.5 GiB - 2 partitions
\PARTITION0 - Unknown - 15.66 MiB
\PARTITION1 (bootable) - Installable File System - 74.48 GiB - C:

\\.\PHYSICALDRIVE1 - IOMEGA ZIP 750 USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntivirusOverride is set.

FW: iolo Personal Firewall® v1.5 (iolo technologies, LLC)
AV: iolo AntiVirus® v1.5 (iolo technologies, LLC)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe"="C:\\Program Files\\iolo\\System Mechanic Professional 7\\Personal Firewall\\ioloFW.exe:*:Enabled:iolo Firewall®"
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe"="C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\ioloAV.exe:*:Enabled:iolo AntiVirus®"
"C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe"="C:\\Program Files\\iolo\\System Mechanic Professional 7\\AntiVirus\\iAVEmailScanner.exe:*:Enabled:iolo AntiVirus® Email Protection"
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"="C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox"
"C:\\Program Files\\LimeWire\\LimeWire 4.0.8 Pro\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire 4.0.8 Pro\\LimeWire.exe:*:Enabled:LimeWire"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=GARY
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\GARY
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Roxio Shared\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0409
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=GARY
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Yahoo!\Yahoo! Music Jukebox\oggcodecs\uninst.exe
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Active Disk --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\AutoDisk\uninstal.log
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}
Authentium AntiVirus SDK - 2 --> MsiExec.exe /I{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}
Bonjour --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E0A96F36-D546-4A2A-BDAA-2A2A578B2C0D} /l1033
Carbonite --> C:\Program Files\Carbonite\Carbonite Backup\CarboniteSetup.exe /remove
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Deewoo Network Manager removal --> C:\WINDOWS\system32\qcntokdm.exe -UPop
Dell Media Experience --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Dell Resource CD --> MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0}
Enhancement Browser Tools Gooochi --> C:\WINDOWS\system32\{8dbf9585-c9be-ae0f-c847-85a1257102d8}.dll-uninst.exe
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{A9F5421F-DA70-4C77-BB97-8D77EC33ED5E}\setup\hpzscr01.exe -datfile hposcr09.dat
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Intel® Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel® PRO Network Adapters and Drivers --> Prounstl.exe
iolo technologies' System Mechanic Professional 7 --> "C:\Program Files\iolo\System Mechanic Professional 7\unins000.exe"
IomegaWare 4.0.3 --> C:\WINDOWS\unvise32.exe C:\Program Files\Iomega\uninstal.log
Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java™ 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
kgcbaby --> MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday --> MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn --> MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt --> MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids --> MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove --> MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday --> MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_2e034\Setup.exe /APR-REMOVE
Microsoft Word 2000 --> MsiExec.exe /I{00170409-78E1-11D2-B60F-006097C998E7}
OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
Roxio PhotoSuite 8 --> MsiExec.exe /I{56F62349-521A-44FD-A9E6-F8DF2B34F560}
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001 --> MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Yahoo! Anti-Spy --> C:\PROGRA~1\Yahoo!\Common\unypsr.exe
Yahoo! Music Jukebox --> MsiExec.exe /X{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type259 / Error
Event Submitted/Written: 06/07/2008 11:59:56 PM
Event ID/Source: 5 / crypt32
Event Description:
Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/2796BAE63F1801E277261BA0D77770028F20EEE4.crt> with error: The specified server cannot perform the requested operation.

Event Record #/Type258 / Error
Event Submitted/Written: 06/07/2008 11:59:56 PM
Event ID/Source: 5 / crypt32
Event Description:
Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/2796BAE63F1801E277261BA0D77770028F20EEE4.crt> with error: This operation returned because the timeout period expired.

Event Record #/Type257 / Error
Event Submitted/Written: 06/07/2008 10:45:58 PM
Event ID/Source: 12292 / VSS
Event Description:
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80080005].

Event Record #/Type255 / Error
Event Submitted/Written: 06/07/2008 10:45:58 PM
Event ID/Source: 4689 / COM+
Event Description:
The run-time environment has detected an inconsistency in its internal state. This indicates a potential instability in the process that could be caused by the custom components running in the COM+ application, the components they make use of, or other factors. Error in d:\qxp_slp\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 80070422: InitEventCollector failed

Event Record #/Type254 / Error
Event Submitted/Written: 06/07/2008 10:15:54 PM
Event ID/Source: 12292 / VSS
Event Description:
Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80080005].



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

No Errors/Warnings found.


-- End of Deckard's System Scanner: finished at 2008-06-08 20:01:55 ------------

BC AdBot (Login to Remove)

 


#2 rookie147

rookie147

  • Members
  • 5,321 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 09 June 2008 - 03:46 AM

Hello there and welcome to BleepingComputer. My name is Charles and I will be dealing with your log today.
Download Combofix to your Desktop.
Double click combofix.exe
Follow the prompts that are displayed.
Don't click on the window while the fix is running, because that will cause your system to hang.
When finished, it should produce a log, combofix.txt.

Post that in your next reply with a fresh HijackThis log.

If you are pleased with the service I have offered, you may like to consider making a donation. Posted Image
Posted Image


#3 rookie147

rookie147

  • Members
  • 5,321 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 18 June 2008 - 03:56 PM

Due to lack of feedback, this topic is now closed.
If you need this topic reopened, please request this by sending me a Personal Message including a link to your thread.
This applies only to the original topic starter. Everyone else please begin a New Topic.

If you are pleased with the service I have offered, you may like to consider making a donation. Posted Image
Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users