Thanks for re-opening this thread, here are the details you requested.
Malwarebytes============================================
Malwarebytes' Anti-Malware 1.23
Database version: 990
Windows 6.0.6000
13:23:14 25/07/2008
mbam-log-7-25-2008 (13-23-14).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 134879
Time elapsed: 1 hour(s), 32 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 12
Registry Values Infected: 3
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 56
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\Windows\System32\cbxXqnoN.dll (Trojan.Vundo) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{423e17b0-946c-46e7-ad64-cc21d1f8df33} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{423e17b0-946c-46e7-ad64-cc21d1f8df33} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{471c56ea-2927-401b-9610-cc863f7a56ff} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b5b93a9a-49d1-467b-8774-bc7ea5c4d003} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sqvgnrpx.bbst (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sqvgnrpx.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Adsl Software Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\fdxbameg (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\fsrpknov (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\cbxxqnon -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\cbxxqnon -> Delete on reboot.
Folders Infected:
C:\ProgramData\ADSL Software Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\ProgramData\ADSL Software Ltd\WinSpywareProtect (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
C:\Windows\System32\cbxXqnoN.dll (Trojan.Vundo) -> Delete on reboot.
C:\Windows\System32\NonqXxbc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\NonqXxbc.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\awtRHXNF.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\FNXHRtwa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\FNXHRtwa.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\fgrqclkv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\vklcqrgf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\hgggGxWN.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\NWxGgggh.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\NWxGgggh.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\jbafbuld.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\dlubfabj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\jbmpmjtu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\utjmpmbj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\jkkIaaYS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\SYaaIkkj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\SYaaIkkj.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\nNeCvvvw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\wvvvCeNn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\wvvvCeNn.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\nnnkKBTK.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\KTBKknnn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\KTBKknnn.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\nnnmLdDV.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\VDdLmnnn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\VDdLmnnn.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\opNDUMcy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\ycMUDNpo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\ycMUDNpo.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\opnklKCs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\sCKlknpo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\sCKlknpo.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\opnNgfCt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\tCfgNnpo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\tCfgNnpo.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\runrrnlt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\tlnrrnur.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\tuvsTLCS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\SCLTsvut.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\SCLTsvut.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\vihsivyc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\cyvishiv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\wvUkHBSL.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\LSBHkUvw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\LSBHkUvw.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\yayxvSMD.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\DMSvxyay.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\DMSvxyay.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\ProgramData\ADSL Software Ltd\WinSpywareProtect\winspywareprotect.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Oli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BQ8BNH1\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Oli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BQ8BNH1\kb456456[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Oli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKXU4I1F\kb456456[3] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Oli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKXU4I1F\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\mwojiyvs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Windows\System32\yjtpgo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
DSS Main.txt====================================
Deckard's System Scanner v20071014.68
Run by Oli on 2008-07-25 13:30:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Oli.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:30:44, on 25/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\ApVxdWin.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\LogMeIn Rescue Calling Card\CallingCard.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\LogMeIn Rescue Calling Card\CallingCard.exe
C:\updates\Deckards_System_Scanner\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Oli.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3071018
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: (no name) - {695AD9B9-B97E-4F91-8B6F-B1BD73937505} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [dcf1ccac] rundll32.exe "C:\Windows\system32\hgnsvvgl.dll",b
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\awTmkiiF.dll,#1
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [*LogMeInRescue] "C:\Program Files\LogMeIn Rescue Calling Card\CallingCard.exe" -runonce reboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2239558598-3642311789-3441580044-1004\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Justin')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = ?
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) -
http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: fsrpknov - {03E3A7AA-400A-4BDA-BEC1-732EA49436AA} - C:\Windows\fsrpknov.dll (file missing)
O21 - SSODL: fdxbameg - {56190E1A-BD32-490A-B66B-D81AF978159E} - C:\Windows\fdxbameg.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrvx86.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PskSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10977 bytes
-- Files created between 2008-06-25 and 2008-07-25 -----------------------------
2008-07-25 10:19:33 0 d-------- C:\Users\All Users\Malwarebytes
2008-07-25 10:19:33 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-24 09:38:21 116352 --a------ C:\Windows\system32\xqfpewjt.dll
2008-07-24 09:38:21 116352 --a------ C:\Windows\system32\bnqgwz.dll
2008-07-18 18:24:54 0 d-------- C:\Program Files\Trend Micro
2008-07-18 15:44:52 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-07-12 14:08:16 248 --a------ C:\Windows\system32\PavCPL.dat
2008-07-12 14:08:10 0 d-------- C:\Windows\system32\PAV
2008-07-12 00:35:54 0 d-------- C:\Users\All Users\sentinel
2008-07-12 00:04:46 0 d-------- C:\Program Files\Common Files\Panda Software
2008-07-11 12:03:22 0 d-------- C:\Program Files\LogMeIn Rescue Calling Card
2008-07-11 11:29:47 0 d-------- C:\Program Files\Panda Security
2008-07-11 11:28:07 0 d-------- C:\updates
2008-07-11 11:27:25 0 d-------- C:\Windows\LMI8C4A.tmp
2008-07-10 15:49:50 0 d-------- C:\Users\All Users\SITEguard
2008-07-10 15:49:04 0 d-------- C:\Program Files\Common Files\iS3
2008-07-10 15:49:01 0 d-------- C:\Users\All Users\STOPzilla!
2008-07-10 14:46:25 32 --a------ C:\Windows\system32\MSVolume.dll
-- Find3M Report ---------------------------------------------------------------
2008-07-25 13:28:06 0 d-------- C:\Users\Oli\AppData\Roaming\Skype
2008-07-25 13:27:02 0 d-------- C:\Users\Oli\AppData\Roaming\skypePM
2008-07-25 13:26:55 0 d-------- C:\Users\Oli\AppData\Roaming\LogMeIn Rescue Calling Card
2008-07-25 13:25:18 1660 --a------ C:\Windows\bthservsdp.dat
2008-07-25 10:19:36 0 d-------- C:\Users\Oli\AppData\Roaming\Malwarebytes
2008-07-18 11:02:50 229677 --a------ C:\Users\Oli\AppData\Roaming\nvModes.001
2008-07-12 14:08:06 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-12 00:04:46 0 d-------- C:\Program Files\Common Files
2008-07-10 08:46:18 174 --ahs---- C:\Program Files\desktop.ini
2008-07-10 08:15:45 0 d-------- C:\Program Files\Safari
2008-07-10 08:10:22 0 d-------- C:\Program Files\Windows Mail
2008-06-06 08:06:27 229677 --a------ C:\Users\Oli\AppData\Roaming\nvModes.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [04/06/2007 06:21]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [29/08/2007 06:54]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [27/06/2007 11:17]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [18/10/2007 09:01]
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" [27/07/2007 16:43]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [03/10/2006 11:37]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [05/11/2006 11:22]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [16/04/2007 16:10]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [15/11/2007 10:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [28/03/2008 23:37]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30/03/2008 10:36]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [15/11/2007 10:23]
"APVXDWIN"="C:\Program Files\Panda Security\Panda Antivirus 2008\APVXDWIN.exe" [04/10/2007 15:15]
"dcf1ccac"="C:\Windows\system32\hgnsvvgl.dll" []
"MSServer"="C:\Windows\system32\awTmkiiF.dll" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [15/03/2007 12:09]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [18/10/2007 16:42]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [15/11/2007 10:23]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [03/04/2008 16:48]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 13:36]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [07/07/2008 09:42]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"*LogMeInRescue"="C:\Program Files\LogMeIn Rescue Calling Card\CallingCard.exe" -runonce reboot
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [26/11/2007 19:00:23]
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [05/03/2005 15:18:22]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [03/11/2006 17:55:50]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [18/10/2007 09:05:20]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [18/10/2007 09:06:58]
WD Backup Monitor.lnk - C:\Program Files\My Book\WD Backup\uBBMonitor.exe [24/11/2007 13:58:24]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81025CD5-C017-4579-A18D-8D94C01D3B5F}"= C:\Windows\system32\awTmkiiF.dll [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"fsrpknov"= {03E3A7AA-400A-4BDA-BEC1-732EA49436AA} - C:\Windows\fsrpknov.dll [ ]
"fdxbameg"= {56190E1A-BD32-490A-B66B-D81AF978159E} - C:\Windows\fdxbameg.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 15/02/2007 19:02 50736 C:\Windows\System32\avldr.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc CscService TabletInputService UmRdpService wlansvc WPDBusEnum EMDMgmt
LocalServiceNoNetwork PLA DPS BFE mpssvc
LocalServiceNetworkRestricted DHCP eventlog AudioSrv LmHosts wscsvc p2pimsvc PNRPSvc p2psvc PnrpAutoReg
bthsvcs BthServ
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-07-25 13:31:24 ------------
DSS Extra.txt====================================
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Business (build 6000)
Architecture: X86; Language: English
CPU 0: Intel(R) Core(TM)2 Duo CPU T5470 @ 1.60GHz
Percentage of Memory in Use: 51%
Physical Memory (total/avail): 2045.57 MiB / 998.86 MiB
Pagefile Memory (total/avail): 4307.93 MiB / 3026.52 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1907.13 MiB
C: is Fixed (NTFS) - 136.44 GiB total, 81.18 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 5.69 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST9160821AS - 149.05 GiB - 4 partitions
\PARTITION0 - Unknown - 109.79 MiB
\PARTITION1 - Installable File System - 10 GiB - D:
\PARTITION2 (bootable) - Installable File System - 136.44 GiB - C:
\PARTITION3 - Extended w/Extended Int 13 - 2.5 GiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: Panda Antivirus 2008 v3.01.00 (Panda Security)
AS: Panda Antivirus 2008 v3.01.00 (Panda Security)
AS: Spybot - Search and Destroy v1.0.0.6 (Safer Networking Ltd.)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Oli\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=OLI-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HKCU_S=\REGISTRY\CUSER\Software
HKLM_S=\REGISTRY\MACHINE\Software
HOMEDRIVE=C:
HOMEPATH=\Users\Oli
LOCALAPPDATA=C:\Users\Oli\AppData\Local
LOGONSERVER=\\OLI-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\Windows\SYSTEM32;C:\Windows;C:\Windows\SYSTEM32\WBEM;C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\DLLSHARED\;C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\DLLSHARED\;C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\9.0\DLLSHARED\;C:\PROGRAM FILES\COMMON FILES\AUTODESK SHARED\;C:\PROGRAM FILES\QUICKTIME\QTSYSTEM\;C:\Program Files\Panda Security\Panda Antivirus 2008\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Oli\AppData\Local\Temp
TMP=C:\Users\Oli\AppData\Local\Temp
USERDOMAIN=Oli-PC
USERNAME=Oli
USERPROFILE=C:\Users\Oli
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Oli
(admin)
Justin
(new local, net ready)
-- Add/Remove Programs ---------------------------------------------------------
--> .
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office system --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
Advanced Audio FX Engine --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
Advanced Video FX Engine --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9 /remove
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
AutoCAD 2006 - English --> MsiExec.exe /I{5783F2D7-4001-0409-0002-0060B0CE6BBA}
Autodesk DWF Viewer --> C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
Avanquest update --> C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
Broadcom Management Programs --> MsiExec.exe /I{C99C0593-3B48-41D9-B42F-6E035B320449}
Browser Address Error Redirector --> MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Conexant HDA D330 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000fz.inf
Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Dell System Customization Wizard --> MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}
Dell Touchpad --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Dell Webcam Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9 /remove
Dell Webcam Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9 /remove
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Laptop Integrated Webcam Driver (1.04.01.1011) --> C:\Windows\CtDrvIns.exe -uninstall -script OEM002.uns -plugin OEM02Pin.dll -pluginres OEM02Pin.crl -nodisconprompt -langid 0x0409
Live! Cam Avatar Creator --> C:\Program Files\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Live! Cam Avatar v1.0 --> C:\Program Files\InstallShield Installation Information\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media eLinker --> C:\Program Files\Humax Digital\Media eLinker\uninstall.exe
MediaDirect --> C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\setup.exe -runfromtemp -l0x0009 -cluninstall
Microsoft Office 2003 Web Components --> MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies --> MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007 --> MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components --> MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft SQL Server Native Client --> MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
Millenium 3 v2.2.0.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FC6221F-F919-407F-B6C4-A85C832EF70A}\setup.exe" Q104414
Modem Diagnostic Tool --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Orange Preload --> MsiExec.exe /I{38496EC2-78B7-412A-9398-FC6B7DB8E182}
OutlookAddinSetup --> MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
Panda Antivirus 2008 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1DA2BA7-2592-4036-9BB2-DCCABDE8DC1A}\SETUP.exe" -l0x9 -removeonly
PrimoPDF --> "C:\Windows\PrimoPDF\uninstall.exe" "/U:C:\Program Files\activePDF\PrimoPDF\Uninstall\uninstall.xml"
PrimoPDF Redistribution Package --> MsiExec.exe /I{885744A4-1A01-44B0-858A-0AE6738CBCF7}
QuickSet --> MsiExec.exe /I{7F0C4457-8E64-491B-8D7B-991504365D1E}
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RLS PC Support Now! --> MsiExec.exe /I{7A12267D-153B-417B-ACE9-A3EBDECABFC8}
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Safari --> MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Sony Ericsson PC Suite --> MsiExec.exe /I{C037D08B-4883-491D-9329-DC5ACA90F797}
Sony Ericsson PC Suite 3.102.00 --> C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\setup.exe -runfromtemp -l0x0009 -removeonly
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft Office Outlook 2007 (KB952142) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb953463) --> msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1B78D541-9FF1-4330-ADD8-CED14F0C1E8E}
User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
WD Backup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A351224F-533A-4EED-89F4-0BF3417FD31D}\setup.exe" -l0x9
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WD Firewire HID Driver --> MsiExec.exe /X{FD6C6B7F-5696-48C5-A601-2EE9E50C3D46}
WIDCOMM Bluetooth Software 6.0.1.3100 --> MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type19830 / Warning
Event Submitted/Written: 07/25/2008 10:17:07 AM
Event ID/Source: 1 / Microsoft-Windows-ApplicationExperienceInfrastructure
Event Description:
1513AutoCAD 200615Autodesk, Inc.105AutoCAD 2006 is incompatible with this version of Windows. For more information, contact Autodesk, Inc..1
Event Record #/Type19822 / Error
Event Submitted/Written: 07/25/2008 08:31:54 AM
Event ID/Source: 5007 / WerSvc
Event Description:
The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.
Event Record #/Type19811 / Success
Event Submitted/Written: 07/25/2008 08:25:37 AM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type19810 / Success
Event Submitted/Written: 07/25/2008 08:25:36 AM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type19807 / Success
Event Submitted/Written: 07/25/2008 08:25:31 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type100045 / Warning
Event Submitted/Written: 07/25/2008 10:20:11 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%Oli-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Oli-PC27 can't undo changes that you allow.
For more information please see the following:
%Oli-PC275
Scan ID: {F311EE92-57C5-4A81-A033-E6A03F9E9817}
User: Oli-PC\Oli
Name: %Oli-PC271
ID: %Oli-PC272
Severity ID: %Oli-PC273
Category ID: %Oli-PC274
Path Found: %Oli-PC276
Alert Type: %Oli-PC278
Detection Type: 1.1.1505.02
Event Record #/Type100041 / Warning
Event Submitted/Written: 07/25/2008 10:13:32 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%Oli-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Oli-PC27 can't undo changes that you allow.
For more information please see the following:
%Oli-PC275
Scan ID: {AB1122F6-80C3-4DFD-AD46-6F30E0038AED}
User: Oli-PC\Oli
Name: %Oli-PC271
ID: %Oli-PC272
Severity ID: %Oli-PC273
Category ID: %Oli-PC274
Path Found: %Oli-PC276
Alert Type: %Oli-PC278
Detection Type: 1.1.1505.02
Event Record #/Type100026 / Error
Event Submitted/Written: 07/25/2008 09:48:02 AM
Event ID/Source: 10016 / DCOM
Event Description:
machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Oli-PCOliS-1-5-21-2239558598-3642311789-3441580044-1003LocalHost (Using LRPC)
Event Record #/Type100025 / Error
Event Submitted/Written: 07/25/2008 09:48:00 AM
Event ID/Source: 10016 / DCOM
Event Description:
machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Oli-PCOliS-1-5-21-2239558598-3642311789-3441580044-1003LocalHost (Using LRPC)
Event Record #/Type100024 / Warning
Event Submitted/Written: 07/25/2008 09:47:59 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%Oli-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Oli-PC27 can't undo changes that you allow.
For more information please see the following:
%Oli-PC275
Scan ID: {01E45A48-9966-4302-8CFC-7B603D093DFF}
User: Oli-PC\Oli
Name: %Oli-PC271
ID: %Oli-PC272
Severity ID: %Oli-PC273
Category ID: %Oli-PC274
Path Found: %Oli-PC276
Alert Type: %Oli-PC278
Detection Type: 1.1.1505.02
-- End of Deckard's System Scanner: finished at 2008-07-25 10:24:34 ------------
Hope that is everything and you can point me in the correct direction to fix
Thanks again.
