Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System 99% And Svchost.exe O.o Freakly


  • This topic is locked This topic is locked
2 replies to this topic

#1 litoid

litoid

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 16 June 2008 - 12:32 PM

ok all started when i was installing games, like Crysis n call of duty. a black screen then it auto closes and in task manager i see SYSTEM at 99% and i cant do anything bout it nor close.

ive searched bout it and everyone says "do a hijack and paste the log file" so here it goes:


Deckard's System Scanner v20071014.68
Run by lito maldo on 2008-06-16 12:13:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
17: 2008-06-16 17:14:00 UTC - RP176 - Deckard's System Scanner Restore Point
16: 2008-06-16 16:48:04 UTC - RP175 - Installed Realtek AC'97 Audio
15: 2008-06-16 16:44:58 UTC - RP174 - Installed SiSRaidPackage
14: 2008-06-16 16:38:43 UTC - RP173 - Software Distribution Service 3.0
13: 2008-06-16 06:09:26 UTC - RP172 - Removed Call of Duty® 4 - Modern Warfare™


-- First Restore Point --
1: 2008-06-09 05:11:12 UTC - RP160 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

System Drive D: has 2.63 GiB (less than 15%) free.


-- HijackThis (run as lito maldo.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:16 PM, on 6/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
E:\Sygate Firewall\smc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\ExplorerL.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\lito maldo\Desktop\dss.exe
D:\WINDOWS\system32\notepad.exe
E:\HijackThis\lito maldo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: Shell=ExplorerL.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Java\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SmcService] E:\Sygate Firewall\smc.exe -startgui
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "E:\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe



Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ 64 Processor 2800+
Percentage of Memory in Use: 29%
Physical Memory (total/avail): 2047.48 MiB / 1447.13 MiB
Pagefile Memory (total/avail): 4005.52 MiB / 3497.25 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1916.9 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.55 GiB total, 17.71 GiB free.
D: is Fixed (NTFS) - 18.55 GiB total, 2.61 GiB free.
E: is Fixed (NTFS) - 18.74 GiB total, 2 GiB free.
F: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is CDROM (No Media)
L: is Removable (No Media)
M: is CDROM (No Media)
Z: is CDROM (No Media)

\\.\PHYSICALDRIVE1 - SAMSUNG SP0802N - 74.56 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.55 GiB - C:

\\.\PHYSICALDRIVE0 - SAMSUNG SV0412H - 37.31 GiB - 2 partitions
\PARTITION0 - Installable File System - 18.55 GiB - D:
\PARTITION1 - Extended w/Extended Int 13 - 18.74 GiB - E:

\\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntivirusOverride is set.
FirewallOverride is set.

FW: Bitdefender Firewall v8.0 (Softwin) Disabled
FW: Sygate Personal Firewall v4.6 (Sygate Technologies, Inc.)
AV: Bitdefender Antivirus v8.0 (Softwin) Disabled Outdated
AV: ESET NOD32 antivirus system 2.70 v2.70 (ESET, spol. s r.o.)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\\Exteel\\System\\Exteel.exe"="E:\\Exteel\\System\\Exteel.exe:*:Enabled:Exteel"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\BitTorrent\\bittorrent.exe"="D:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"E:\\BitTorrent\\bittorrent.exe"="E:\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\\LimeWire\\LimeWire.exe"="E:\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"D:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="D:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"D:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="D:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"D:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="D:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"D:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="D:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Soldat\\Soldat.exe"="C:\\Soldat\\Soldat.exe:*:Enabled:Soldat"
"E:\\Call of Duty 2\\CoD2MP_s.exe"="E:\\Call of Duty 2\\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"E:\\Team Fortress 2\\hl2.exe"="E:\\Team Fortress 2\\hl2.exe:*:Enabled:hl2"
"E:\\Hellgate London\\Launcher.exe"="E:\\Hellgate London\\Launcher.exe:*:Enabled:Hellgate: London"
"D:\\WINDOWS\\system32\\PnkBstrA.exe"="D:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\\WINDOWS\\system32\\PnkBstrB.exe"="D:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"E:\\Exteel\\System\\Exteel.exe"="E:\\Exteel\\System\\Exteel.exe:*:Enabled:Exteel"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"="D:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe:*:Enabled:Nintendo Wi-Fi USB Connector"
"D:\\Program Files\\iTunes\\iTunes.exe"="D:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Assassin's Creed\\AssassinsCreed_Dx9.exe"="C:\\Assassin's Creed\\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\\Assassin's Creed\\AssassinsCreed_Dx10.exe"="C:\\Assassin's Creed\\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\\Assassin's Creed\\AssassinsCreed_Launcher.exe"="C:\\Assassin's Creed\\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\\Crysis\\Bin32\\Crysis.exe"="C:\\Crysis\\Bin32\\Crysis.exe:*:Enabled:Crysis_32"
"C:\\Crysis\\Bin32\\CrysisDedicatedServer.exe"="C:\\Crysis\\Bin32\\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=D:\Documents and Settings\All Users
APPDATA=D:\Documents and Settings\lito maldo\Application Data
CLASSPATH=.;E:\Java\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=D:\Program Files\Common Files
COMPUTERNAME=LITO
ComSpec=D:\WINDOWS\system32\cmd.exe
DEVMGR_SHOW_DETAILS=1
DEVMGR_SHOW_NONPRESENT_DEVICES=1
FP_NO_HOST_CHECK=NO
HellgateEnv=E:\Hellgate London\
HOMEDRIVE=D:
HOMEPATH=\Documents and Settings\lito maldo
LOGONSERVER=\\LITO
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=D:\WINDOWS\system32;D:\WINDOWS;D:\WINDOWS\System32\Wbem;D:\Program Files\Common Files\Adobe\AGL;D:\Program Files\Samsung\Samsung PC Studio 3\;E:\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 10, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=040a
ProgramFiles=D:\Program Files
PROMPT=$P$G
QTJAVA=E:\Java\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=D:
SystemRoot=D:\WINDOWS
TEMP=C:\USERTE~1
TMP=C:\USERTE~1
USERDOMAIN=LITO
USERNAME=lito maldo
USERPROFILE=D:\Documents and Settings\lito maldo
windir=D:\WINDOWS


-- User Profiles ---------------------------------------------------------------

lito maldo (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> D:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> MsiExec.exe /I{0CDCA5CD-C404-41FD-9216-9B4B3D24A7AA}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe After Effects 7.0 --> msiexec /I {DD362256-A7A2-4524-9457-213DDC2AFC2A}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Flash Player 9 ActiveX --> D:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX --> D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Illustrator CS2 --> msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Premiere Pro 2.0 --> msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}
Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe SVG Viewer 3.0 --> D:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fD:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Ahead InCD --> D:\WINDOWS\NuNInst.exe /UNINSTALL
Ahead InCD EasyWrite Reader --> D:\WINDOWS\unmrw.exe /UNINSTALL
Ahead Nero Burning ROM --> E:\Nero\nero\uninstall\UNNERO.exe /UNINSTALL
Ahead NeroVision Express --> D:\WINDOWS\UNNeroVision.exe /UNINSTALL
AMD Processor Driver --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x9
AoA DVD Ripper --> "E:\AoA DVD Ripper\unins000.exe"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Azureus Vuze --> E:\Azureus\uninstall.exe
BlazeDTV 3.5 --> "E:\BlazeDTV 3.5\unins000.exe"
Call of Duty® 4 - Modern Warfare™ --> D:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare™ 1.3 Patch --> D:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare™ 1.4 Patch --> D:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch --> D:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty® 4 - Modern Warfare™ 1.6 Patch --> D:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Chop v1.512 --> D:\Program Files\Common Files\InstallerA\Setup.exe /CHOP
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CrossFont version 4.2 --> "E:\CrossFont\unins000.exe"
Crysis® --> MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
DivX Codec --> D:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> D:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> D:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> D:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Download Accelerator Plus (DAP) --> E:\DAP\DAPREMOVE.EXE
Driver Magician 3.28 --> "D:\Program Files\Driver Magician\unins000.exe"
EPSON Printer Software --> D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Tool Light 1.0 --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{2ACA65CD-11E1-4502-B3BC-A3CAA8EEADB1}\Setup.exe" -l0x9
EPSON Web-To-Page --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\Setup.exe" -l0x9 -anything
Final Draft 7 --> MsiExec.exe /I{78D62D17-D970-42DA-B8CF-5E5576293B33}
GoldWave v5.05 --> "E:\GoldWave\unstall.exe" "GoldWave v5.05" "E:\GoldWave\unstall.log"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "d:\program files\google\googletoolbar2.dll"
Hellgate: London --> MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC}
HijackThis 2.0.2 --> "E:\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "D:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iLike Sidebar --> MsiExec.exe /X{72D037A4-D311-4250-B987-7D854760452C}
ImgBurn --> "E:\ImgBurn\uninstall.exe"
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
K-Lite Codec Pack 2.81 Full --> "E:\Codecs\K-Lite Codec Pack\unins000.exe"
LimeWire Download Accelerator 4.12.11 --> E:\LimeWire\Download Accelerator\Uninstall.exe
LimeWire PRO 4.18.2 --> "E:\LimeWire\uninstall.exe"
LimeWire Turbo 5.4.1.0 --> "E:\LimeWire Turbo\unins000.exe"
Logitech MouseWare 9.79.1 --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x9 -l0009 UNINSTALL
Macromedia Director MX 2004 --> E:\DIRECT~1\UNWISE.EXE E:\DIRECT~1\install.log
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 --> MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Messenger Plus! Live --> "E:\Messenger Plus! Live\Uninstall.exe"
Microsoft Base Smart Card Cryptographic Service Provider Package --> "D:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "D:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE Redistributable --> MsiExec.exe /X{20DEB77C-21D6-4D22-BB47-233E47613D57}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "D:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110C0A-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "D:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MKV TO AVI CONVERTER version 3.2 --> "D:\Program Files\MKVTOAVI\unins000.exe"
MP3 To Ringtone Gold 3.16 --> "E:\Mp3 to Ringtone\unins000.exe"
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML 6.0 SDK --> MsiExec.exe /I{DF67E8C2-1D4C-44E1-93DC-7E26E2D74D00}
Nintendo Wi-Fi USB Connector Registration Tool --> D:\Program Files\WiFiConnector\SoftAPUninst.exe
NOD32 antivirus system --> D:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX --> "E:\NOD32\unins000.exe"
NVIDIA Drivers --> D:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA WDM Drivers --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{B023185F-F1EF-4F97-B0BD-AE6D802226D1}\SETUP.EXE"
PowerDirector Express --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerProducer --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
PunkBuster Services --> D:\WINDOWS\system32\pbsvc.exe -u
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Realtek AC'97 Audio --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE
Recover My Files --> "E:\Recover My Files\unins000.exe"
Safari --> MsiExec.exe /I{40589552-3892-409E-B92C-9F5032A4B2F0}
SiSRaidPackage --> RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{08498FF9-6C9B-4FC2-8DE1-BD98C89CC220}\setup.exe" -l0x9
SP2 Connection Patcher --> D:\Program Files\SP2 Connection Patcher\uninstall.exe
StuffPlug 3 --> E:\StuffPlug3\Uninstall.exe
Sygate Personal Firewall --> MsiExec.exe /I{F34D9A5F-484A-4E31-A9D3-908CB265B289}
System Requirements Lab --> D:\Program Files\SystemRequirementsLab\Uninstall.exe
TransType Pro --> "E:\TransType\Uninstall.exe" "E:\TransType\install.log"
Tweak-XP Pro --> MsiExec.exe /I{BA3BC81F-0035-4D62-8AB4-6F83D7C1F480}
Uniblue RegistryBooster 2 --> "E:\Uniblue\RegistryBooster 2\unins000.exe"
Uniblue SpeedUpMyPC 3 --> "E:\Uniblue\SpeedUpMyPC 3\unins000.exe"
VideoEgg Publisher --> D:\Documents and Settings\lito maldo\Application Data\VideoEgg\Uninstall.exe
VobSub v2.23 (Remove Only) --> "C:\WebStuff\Programs\Virtual Dub\plugins\uninstall.exe"
Vtune 4.6 --> "D:\Program Files\Vtune\unins000.exe"
WhenU Save --> "D:\Program Files\Save\SaveUninst.exe" /w /d"WhenU Save"
Winamp (remove only) --> "E:\Winamp\UninstWA.exe"
Windows Imaging Component --> "D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder Studio Edition --> "D:\WINDOWS\$NtUninstallWMESE$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "D:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinFtp Client 1.5 --> "E:\WinFtp Client\unins000.exe"
WinISO 5.3 --> E:\WinISO\unins000.exe
WinRAR archiver --> E:\WinRAR\uninstall.exe
WinSWF Extractor 1.0 --> "E:\WinSWF Extractor\unins000.exe"
WinZip --> "E:\WinZip\WINZIP32.EXE" /uninstall
WinZip Self-Extractor --> "E:\WinZip Self-Extractor\wzipse32.exe" -uninstall
World of Warcraft --> D:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
XML Paper Specification Shared Components Pack 1.0 -->
XviD 1.1 final uninstall --> "E:\Codecs\XviD\unins000.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type45 / Error
Event Submitted/Written: 06/15/2008 04:26:41 PM
Event ID/Source: 11706 / MsiInstaller
Event Description:
Product: Crysis® -- Error 1706.No valid source could be found for product Crysis®. The Windows Installer cannot continue.

Event Record #/Type43 / Error
Event Submitted/Written: 06/15/2008 04:15:52 PM
Event ID/Source: 1023 / MsiInstaller
Event Description:
Product: Crysis® - Update 'Crysis® Patch 1.2' could not be installed. Error code 1603. Additional information is available in the log file C:\USERTE~1\MSIe9113.LOG.

Event Record #/Type42 / Error
Event Submitted/Written: 06/15/2008 04:15:49 PM
Event ID/Source: 11706 / MsiInstaller
Event Description:
Product: Crysis® -- Error 1706.No valid source could be found for product Crysis®. The Windows Installer cannot continue.

Event Record #/Type18 / Error
Event Submitted/Written: 06/10/2008 10:50:27 PM
Event ID/Source: 1024 / MsiInstaller
Event Description:
Product: Compatibility Pack for the 2007 Office system - Update 'Security Update for the 2007 Microsoft Office System (KB936960)' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Event Record #/Type17 / Error
Event Submitted/Written: 06/10/2008 10:49:31 PM
Event ID/Source: 11101 / MsiInstaller
Event Description:
Product: Compatibility Pack for the 2007 Office system -- Error 1101. Error reading from file: D:\WINDOWS\Installer\MSI627D.tmp. System error 32. Verify that the file exists and that you can access it.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

No Errors/Warnings found.


-- End of Deckard's System Scanner: finished at 2008-06-16 12:21:09 ------------

BC AdBot (Login to Remove)

 


m

#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:57 PM

Posted 08 July 2008 - 11:08 AM

Welcome-It's been a few days - No Attachments Statement
Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new Deckard's System Scanner which includes the HijackThis log. Please see Preparation Guide for use before posting about your potential Malware problem. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:57 PM

Posted 17 July 2008 - 02:41 PM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users