Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection! Virtumonde And Win32.agent.gvu


  • This topic is locked This topic is locked
3 replies to this topic

#1 Thirtiesbrat

Thirtiesbrat

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 19 June 2008 - 07:58 PM

I downloaded Deckard's System scanner as suggested in the guide.

Deckard's System Scanner v20071014.68
Run by Kimberly on 2008-06-19 19:47:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
89: 2008-06-20 00:47:29 UTC - RP356 - Deckard's System Scanner Restore Point
88: 2008-06-18 23:07:34 UTC - RP355 - System Checkpoint
87: 2008-06-17 20:17:47 UTC - RP354 - System Checkpoint
86: 2008-06-16 18:54:44 UTC - RP353 - System Checkpoint
85: 2008-06-15 15:55:23 UTC - RP352 - System Checkpoint


-- First Restore Point --
1: 2008-03-21 14:23:56 UTC - RP268 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 503 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-19 19:51:14
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\IT Works\Ez Internet Timer\EzEITService.exe
C:\Program Files\IMSafer\bin\imsc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\IT Works\Ez Internet Timer\EzInternetTimer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\IT Works\Ez Internet Timer\ph.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TypingMaster\QuickPhrase\quickphrase.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Kimberly.KIM\Desktop\dss.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/hws/sb/dell-usuk/en/...html?channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/...html?channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&cl...&channel=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.spectorsoft.com/products/Specto...lp/v60/webhelp/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\IT Works\Ez Internet Timer\EzInternetTimer.exe,
O1 - Hosts: 1.1.1.1 usa.kaspersky.com
O1 - Hosts: 1.1.1.1 www.bitdefender.com
O1 - Hosts: 1.1.1.1 download.bitdefender.com
O1 - Hosts: 1.1.1.1 www.paretologic.com
O1 - Hosts: 1.1.1.1 paretologic.com
O1 - Hosts: 1.1.1.1 services.google.com
O1 - Hosts: 1.1.1.1 www.webroot.com
O1 - Hosts: 1.1.1.1 webroot.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar4.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OpenDNS Update] "C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [QuickPhrase] "C:\Program Files\TypingMaster\quickphrase\quickphrase.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM (file missing)
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM (file missing)
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM (file missing)
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...GCGJIAGEIGIGCEC (file missing)
O9 - Extra 'Tools' menuitem: Trend Micro Security Services - {D5E1CDC8-64B9-4f8c-8155-FC3B6D6749F7} - http://tmss.trendmicro.com/dashboard/dashb...GCGJIAGEIGIGCEC (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://online.musicmatch.com (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {410A8B3C-7CCB-40E8-8B11-28B099E5C488} (Trend Micro Security Services Control) - http://tmss.trendmicro.com/Dashboard/contr...TMSSReportW.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} () - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/d...lscbase8460.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://scrapbookpictures.com/ImageUploader4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} () - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/aio.../qdiagh.cab?326
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{1BC525F3-2DED-4BD8-B01C-9B4584BC8FBD}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: Madobwiz - {64199830-A258-4E92-B6A2-79D3BBD2AA0C} - C:\WINDOWS\system32\polaldrv.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EzEITService - IT Works Corporation - C:\Program Files\IT Works\Ez Internet Timer\EzEITService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMSafer (ImSaferService) - IMSafer, Inc. - C:\Program Files\IMSafer\bin\imsc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


--
End of file - 16505 bytes

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi>
R3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
R3 WPRO_40_755 (WinPcap Packet Driver (WPRO_40_755)) - c:\windows\system32\drivers\wpro_40_755.sys (file missing)

S3 dbustrcm - c:\docume~1\kimske~1\locals~1\temp\dbustrcm.sys (file missing)
S3 SDDMI2 - c:\windows\system32\ddmi2.sys <Not Verified; Gteko Ltd.; DDMI>
S3 SndTDriverV32 - c:\windows\system32\drivers\sndtdriverv32.sys <Not Verified; Windows ® 2000/XP; Windows ® 2000/XP Driver>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AdobeActiveFileMonitor (Adobe Active File Monitor) - c:\program files\adobe\photoshop elements 3.0\photoshopelementsfileagent.exe
R2 AdobeActiveFileMonitor5.0 (Adobe Active File Monitor V5) - c:\program files\adobe\photoshop elements 5.0\photoshopelementsfileagent.exe
R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - c:\program files\antivir personaledition classic\sched.exe <Not Verified; Avira GmbH; AntiVir Workstation>
R2 EzEITService - "c:\program files\it works\ez internet timer\ezeitservice.exe" <Not Verified; IT Works Corporation; Ez Internet Timer Service>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-19 17:24:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-05-20 07:48:07 356 --a------ C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#hp psc 1300 series#1171979223.job


-- Files created between 2008-05-19 and 2008-06-19 -----------------------------

2008-06-19 14:49:17 0 d-------- C:\Documents and Settings\Kimberly.KIM\Application Data\ieSpell
2008-06-19 08:31:09 0 d-------- C:\Documents and Settings\Kimberly.KIM\Application Data\Malwarebytes
2008-06-19 08:31:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-19 08:31:04 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-18 09:48:45 0 d-------- C:\Program Files\OpenDNS Updater
2008-06-14 14:07:57 0 d-------- C:\Documents and Settings\Kim Skelton\Application Data\EzInternetTimer
2008-06-14 14:01:53 0 d-------- C:\Documents and Settings\Kimberly\Application Data\EzInternetTimer
2008-06-14 14:01:40 0 d-------- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
2008-06-14 14:01:19 0 d-------- C:\Program Files\IT Works
2008-06-07 10:28:52 0 d-------- C:\Documents and Settings\Kim Skelton\Application Data\RapidTyping
2008-06-07 10:11:15 0 d-------- C:\Documents and Settings\Kimberly.KIM\Application Data\RapidTyping
2008-06-07 10:11:10 0 d-------- C:\Program Files\RapidTyping
2008-05-31 20:00:49 0 d-------- C:\Documents and Settings\Kim Skelton\Application Data\TypingMaster7
2008-05-31 19:46:58 0 d-------- C:\Documents and Settings\Kimberly.KIM\Application Data\TypingMaster7
2008-05-31 19:46:47 0 dr------- C:\Program Files\TypingMaster


-- Find3M Report ---------------------------------------------------------------

2008-06-19 13:36:50 0 d-------- C:\Documents and Settings\Kimberly.KIM\Application Data\Adobe
2008-06-19 13:36:18 0 d-------- C:\Documents and Settings\Kimberly.KIM\Application Data\Real
2008-04-19 22:58:26 0 d-------- C:\Program Files\Graffiti Studio 2.0
2008-03-20 00:12:21 4184 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-03-20 00:12:21 56 -r-hs---- C:\WINDOWS\system32\6F81B24747.sys


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [10/14/2005 12:49 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [10/14/2005 12:46 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [10/14/2005 12:50 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [11/01/2005 02:12 AM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [08/11/2005 04:30 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [08/11/2005 04:30 PM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [09/08/2005 04:20 AM]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe" [08/11/2003 03:07 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/12/2004 01:38 PM]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [07/12/2005 06:05 PM]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [04/16/2008 05:15 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [12/25/2006 07:55 PM]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [03/10/2004 04:21 PM]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [06/26/2003 07:50 PM]
"DXDllRegExe"="dxdllreg.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [02/16/2007 10:54 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/14/2007 07:05 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [09/27/2006 04:13 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"OpenDNS Update"="C:\Program Files\OpenDNS Updater\OpenDNS Updater.exe" [06/18/2008 10:15 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 11:09 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/20/2007 07:57 PM]
"DellTransferAgent"="C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [11/13/2007 04:46 PM]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/19/2007 01:54 PM]
"QuickPhrase"="C:\Program Files\TypingMaster\quickphrase\quickphrase.exe" [08/03/2007 04:27 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [10/20/2004 1:12:24 AM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [7/23/2006 10:39:55 AM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [7/7/2003 2:20:40 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/17/1999 3:05:56 PM]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"Madobwiz"= {64199830-A258-4E92-B6A2-79D3BBD2AA0C} - C:\WINDOWS\system32\polaldrv.dll [04/16/2007 10:52 AM 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\Program Files\IT Works\Ez Internet Timer\EzInternetTimer.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EzEITService]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kim Skelton^Start Menu^Programs^Startup^services.lnk]
path=C:\Documents and Settings\Kim Skelton\Start Menu\Programs\Startup\services.lnk
backup=C:\WINDOWS\pss\services.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
C:\WINDOWS\system32\nkzalz\services.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
C:\WINDOWS\system32\nkzalz\services.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Valve\Steam\Steam.exe -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe




-- Hosts -----------------------------------------------------------------------

1.1.1.1 usa.kaspersky.com
1.1.1.1 www.bitdefender.com
1.1.1.1 download.bitdefender.com
1.1.1.1 www.paretologic.com
1.1.1.1 paretologic.com
1.1.1.1 services.google.com
1.1.1.1 www.webroot.com
1.1.1.1 webroot.com


-- End of Deckard's System Scanner: finished at 2008-06-19 19:52:26 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.80GHz
CPU 1: Intel® Pentium® 4 CPU 2.80GHz
Percentage of Memory in Use: 73%
Physical Memory (total/avail): 502.07 MiB / 134.51 MiB
Pagefile Memory (total/avail): 1227.39 MiB / 768.29 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1917.66 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 52.7 GiB total, 20.93 GiB free.
D: is Fixed (NTFS) - 18.61 GiB total, 18.54 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD800JD-75MSA3 - 74.5 GiB - 4 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 52.7 GiB - C:
\PARTITION2 - Installable File System - 18.61 GiB - D:
\PARTITION3 - Unknown - 3.15 GiB



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: Avira AntiVir PersonalEdition Classic v 6.39.0.216
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.58
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.116
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.214
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.232
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.0
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.96
(Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.13
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.103
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.195
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.217
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.4
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.73
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.90
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.134
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.68
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.62
(Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.200
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.83
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.164
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.195
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.155
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.134
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.176
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.200
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.189
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.116
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.216
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.55
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.164
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.130
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.158
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.148
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.132
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.62
(Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.60
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.130
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.162
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.55
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.195
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.109
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.216
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.150
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.240
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.141
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.109
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.164
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.200
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.109
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.122
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.4
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.232
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.232
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.77
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.78
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.214
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.173
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.230
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.55
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.47
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.116
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.72
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.31
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.4
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.164
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.200
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.18
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.112
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.66
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.130
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.55
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.216
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.98
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.85
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.60
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.31
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.232
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.249
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.6
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.194
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.206
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.160
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.120
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.116
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.25
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.122
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.56
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.177
(Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.122
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.19
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.195
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.219
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.52
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.56
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.82
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.158
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Disabled
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.193
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.109
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.189
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.208
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.230
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.49
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.55
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.75
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.225
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH) Outdated
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.162
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.232
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.77
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.134
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.135
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.34
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.134
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.249
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.2.10
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.122
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.214
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.78
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.206
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.6
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.193
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.240
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.98
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.43
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.51
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.15
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.112
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.116
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.78
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.109
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.44
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.63
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.150
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.230
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.79
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.61
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.93
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.114
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.104
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.66
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.225
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.31
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.6
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.85
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.214
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.101
(Avira GmbH)
AV: Avira AntiVir PersonalEdition v8.0.1.18 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.225
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.173
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.155
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.4
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.82
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.195
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.150
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.132
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.120
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.6
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.144
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.18
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.60
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.214
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.56
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.150
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.107
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.150
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.155
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.135
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.148
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.75
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.219
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.18
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.141
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.52
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.87
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.121
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.101
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.87
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.195
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.177
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.188
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.0
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.68
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.18
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.10
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.2.68
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.200
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.92
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.6
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.226
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.109
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.92
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.60
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.6
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.135
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.150
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.49
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.115
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.249
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.135
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.83
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.25
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.122
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.135
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.214
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.14
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.159
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.77
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.0.249
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.50
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.34
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.164
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.19
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.155
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.72
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.122
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.132
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.38.1.133
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.3.135
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v0.0.0.0 (Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.56
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.18
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 7.0.1.200
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.1.0
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.103
(Avira GmbH)
AV: Avira AntiVir PersonalEdition Classic v 6.39.0.72
(Avira GmbH)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Valve\\Condition Zero\\czero.exe"="C:\\Valve\\Condition Zero\\czero.exe:*:Enabled:Condition Zero Launcher"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\WildTangent\\Apps\\Dell Game Console\\GameConsole.exe"="C:\\Program Files\\WildTangent\\Apps\\Dell Game Console\\GameConsole.exe:*:Enabled:- Play Games -"
"C:\\Program Files\\MSN\\MSNCoreFiles\\msn.exe"="C:\\Program Files\\MSN\\MSNCoreFiles\\msn.exe:*:Enabled:msn"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"="C:\\Program Files\\Microsoft Games\\Halo\\halo.exe:*:Enabled:Halo"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\World of Warcraft\\WoW-2.0.3-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.3-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.3.6299-to-2.0.5.6320-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.5.6320-to-2.0.6.6337-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-2.0.8.6403-to-2.0.10.6448-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe"="C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe"="C:\\Program Files\\TurboTax\\Deluxe 2006\\32bit\\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Pando Networks\\Pando\\pando.exe"="C:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Enabled:pando"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Documents and Settings\\Kim Skelton\\Application Data\\MySpace\\IM\\bin\\MySpaceIM.exe"="C:\\Documents and Settings\\Kim Skelton\\Application Data\\MySpace\\IM\\bin\\MySpaceIM.exe:*:Disabled:MySpace Instant Messenger"
"C:\\Program Files\\IMSafer\\bin\\imsc.exe"="C:\\Program Files\\IMSafer\\bin\\imsc.exe:*:Enabled:IMSafer"
"C:\\Documents and Settings\\Kimberly.KIM\\Desktop\\dss.exe"="C:\\Documents and Settings\\Kimberly.KIM\\Desktop\\dss.exe:*:Enabled:dss"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Kimberly.KIM\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=KIM
ComSpec=C:\WINDOWS\system32\cmd.exe
CWALTAHOME=C:\Program Files\ContentWatch
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Kimberly.KIM
LOGONSERVER=\\KIM
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0409
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Kimberly.KIM\LOCALS~1\Temp
TMP=C:\DOCUME~1\Kimberly.KIM\LOCALS~1\Temp
USERDOMAIN=KIM
USERNAME=Kimberly
USERPROFILE=C:\Documents and Settings\Kimberly.KIM
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Kim Skelton
Tyler
Kimberly (admin)
Kimberly.KIM (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
--> MsiExec.exe /I{5B782FFA-6A95-480D-8E0A-0954A14693D6}
--> MsiExec.exe /I{C4CBAD7E-DF4A-4FEC-AC17-8BC709AFB844}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee 10 Photo Manager --> MsiExec.exe /I{F8B98EB6-FC06-45BF-87D4-9784E0408611}
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 2.1 --> MsiExec.exe /I{25569723-DC5A-4467-A639-79535BF01B71}
Adobe Photoshop Elements 3.0 --> MsiExec.exe /I{851C67EF-068A-4060-9EF5-2E3DDCD68382}
Adobe Photoshop Elements 5.0 --> msiexec /I {A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AOLIcon --> MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
ArtMoney SE v7.21 --> "C:\Program Files\ArtMoney\Uninstall\unins000.exe"
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Blaine's Custom Photo Album Title --> MsiExec.exe /I{2C162186-0531-4CAF-A609-88489CD64F0E}
CinepPlayer 30 Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C41F4616-44B6-4E8D-BFC7-4267862A2CE1}\setup.exe" -l0x9 -L0x9 /SMAINT
Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Corel Photo Album 6 --> MsiExec.exe /X{8A9B8148-DDD7-448F-BD6C-358386D32354}
Counter-Strike: Condition Zero --> C:\Valve\CONDIT~1\UNWISE.EXE C:\Valve\CONDIT~1\INSTALL.LOG
Dell CinePlayer --> MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Game Console --> "C:\Program Files\WildTangent\Apps\Dell Game Console\Uninstall.exe"
Dell Media Experience --> MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
DESI Labeling System --> C:\PROGRA~1\DESI\UNWISE.EXE C:\PROGRA~1\DESI\INSTALL.LOG
Digital Content Portal --> MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Documentation & Support Launcher --> MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
EarthLink setup files --> MsiExec.exe /X{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}
EducateU --> MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ELIcon --> MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
Ez Internet Timer --> "C:\Program Files\IT Works\Ez Internet Timer\unins000.exe"
Games, Music, & Photos Launcher --> MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Get High Speed Internet! --> MsiExec.exe /I{7A3F0566-5E05-4919-9C98-456F6B5CF831}
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
Graffiti Studio 2.0 --> "C:\Program Files\Graffiti Studio 2.0\unins000.exe"
Hanes® T-ShirtMaker® Lite 3.0.0 --> MsiExec.exe /I{458314C6-40EB-4459-9B52-E4189766B461}
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HP Photo & Imaging 3.1 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP PSC & OfficeJet 3.0 --> "C:\Program Files\HP\Digital Imaging\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}\setup\hpzscr01.exe" -datfile hposcr03.dat
HP Software Update --> MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HP Unload DLL Patch --> MsiExec.exe /X{595D0DE8-C38A-4432-B851-47DECC1A99BD}
HyperCam 2 --> "C:\Program Files\HyCam2\UnHyCam2.exe"
ieSpell --> "C:\Program Files\ieSpell\uninst.exe"
Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet for Wired Connections --> MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
Internet Service Offers Launcher --> MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
iTunes --> MsiExec.exe /I{AB90749C-7422-4580-8A7A-66CC5E9E5F98}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
LiveUpdate 2.6 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MCU --> MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Memorex exPressit Label Design Studio --> C:\WINDOWS\mvuninst\App1\mvuninst.exe "Memorex exPressit Label Design Studio"
Memories Disc Creator 2.0 --> MsiExec.exe /X{2E132061-C78A-48D4-A899-1D13B9D189FA}
Microsoft Halo --> "C:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Move Networks Player for Internet Explorer --> "C:\Documents and Settings\Kim Skelton\Application Data\Move Networks\ie_bin\unins000.exe"
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
NASCAR Racing 1999 Edition --> C:\WINDOWS\IsUninst.exe -fC:\SIERRA\NR1999\Uninst.isu
Netflix Movie Viewer --> MsiExec.exe /X{35AD3FC5-D09D-4D9F-8E9C-E40794194EC5}
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
NetZeroInstallers --> MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
OpenDNS Updater 1.1 --> "C:\Program Files\OpenDNS Updater\uninstall.exe"
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
Personal Inspector --> "C:\WINDOWS\system32\svcmon\uninstall.exe"
Photo Explosion Special Edition --> MsiExec.exe /X{DD040AAA-F295-492B-AD91-C8DC24488273}
Photo Story 3 for Windows --> MsiExec.exe /I{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
Pinnacle Instant PhotoAlbum --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A835519A-4EFC-4554-9D61-0BB4FC54D81B}\Setup.exe" -l0x9 UNINSTALL
Pro Media Director Version 1.1.1.2 --> "C:\Program Files\Pelican Performance\Pro Media Director\unins000.exe"
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
RapidTyping --> "C:\Program Files\RapidTyping\Uninstall.exe"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Rhapsody Player Engine --> MsiExec.exe /I{30C2FCD0-FF7B-4FFA-8DDE-43A22E01A1E7}
Roxio DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Search Assist --> MsiExec.exe /X{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sierra Utilities --> C:\Program Files\Sierra On-Line\sutil32.exe uninstall
Sonic Activation Module --> MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SwiftSwitch --> C:\Program Files\SwiftSwitch\Uninstal.exe
TurboTax Deluxe Deduction Maximizer 2006 --> C:\Program Files\TurboTax\Deluxe 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2006\Uninstall.log" -NoGui
TurboTax ItsDeductible 2006 --> MsiExec.exe /X{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}
TweakPS --> MsiExec.exe /I{410C6CCD-AF5E-4B1D-AD83-800D21892814}
TypingMaster Pro --> "C:\Program Files\TypingMaster\unins000.exe"
Uninstall Startup Inspector --> "C:\Program Files\Startup Inspector for Windows\unins000.exe"
URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
WebCyberCoach 3.2 Dell --> "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
WexTech AnswerWorks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Sign-in Assistant --> MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type15690 / Error
Event Submitted/Written: 06/19/2008 07:38:14 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x01800000.
Processing media-specific event for [explorer.exe!ws!]

Event Record #/Type15689 / Error
Event Submitted/Written: 06/19/2008 06:20:05 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application MySpaceIM.exe, version 1.0.745.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type15688 / Error
Event Submitted/Written: 06/19/2008 06:19:02 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application rundll32.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00db1b38.
Processing media-specific event for [rundll32.exe!ws!]

Event Record #/Type15686 / Error
Event Submitted/Written: 06/19/2008 05:37:20 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The specified server cannot perform the requested operation.

Event Record #/Type15685 / Error
Event Submitted/Written: 06/19/2008 05:37:19 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type34549 / Error
Event Submitted/Written: 06/19/2008 03:46:38 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Event Record #/Type34548 / Error
Event Submitted/Written: 06/19/2008 03:02:57 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
avgio
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
Tcpip

Event Record #/Type34547 / Error
Event Submitted/Written: 06/19/2008 03:02:57 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Event Record #/Type34546 / Error
Event Submitted/Written: 06/19/2008 03:02:57 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

Event Record #/Type34545 / Error
Event Submitted/Written: 06/19/2008 03:02:57 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
%%31



-- End of Deckard's System Scanner: finished at 2008-06-19 19:52:26 ------------

BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:34 PM

Posted 20 June 2008 - 01:52 PM

Hello Thirtiesbrat,


We will restore the default hosts file back onto your machine.

Go to: http://www.funkytoad.com/content/view/13/
Download the program HostsXpert to your computer.
Unzip HostsXpert to your desktop and execute it.
Select
"Restore MS Hosts File".
Close the program.


Please perform this online scan: Kaspersky Webscan

Note that you need to run this scan with Internet Explorer for it to work correctly.

If you have any problem running the scan to completion, disable your Antivirus and/or firewall temporarily, just refrain from surfing around while the scan is running and be sure to re-enable when done.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.

1. Read the Requirements and Privacy statement, then select "Accept"
2. A dialogue box will appear asking "Do you want to install this software?" Name: kavwebscan_unicode.cab
NOTE: If you are running XP SP2, you may need to click on the Information Bar to allow the ActiveX to install and may need to repeat step 1.
3. Select "Install" to download the ActiveX controls that allows Kaspersky to run.
4. If running MSAS beta you may receive an alert that an IE ActiveX program requires your approval. Click "Allow"
5. Wait for the scanner to initialize and update its databases. When the download is complete it will say ready, click "Next"
6. Click "Scan Settings" and check the option to use the EXTENDED DATABASE,
Scan Options:
Scan Archives
Scan Mail Bases


then click "OK"
7. Select a target to scan: Click on "My Computer" and the scan will begin.
8. Once the scan is complete it will display if your system has been infected.
Now click on the Save Report As... button:

Posted Image

Under Save as type select Text file write name for the file and save it to your Desktop.
Locate the file at the Desktop, open it, then copy and paste that information in your next post.
9. Post the Kaspersky scan results in your next reply.

Edited by SifuMike, 20 June 2008 - 01:55 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 Thirtiesbrat

Thirtiesbrat
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 21 June 2008 - 12:33 PM

Thanks to the response to my thread. I resolved the problem by performing a PC restore. My computer is running good now.

Kim

#4 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:34 PM

Posted 21 June 2008 - 01:29 PM

Hi Kim,

Thanks for letting me know. :thumbsup:

Since your problem appears to be resolved, this thread will now be closed. If you need this topic reopened, please contact me or a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users