pesky undeletable desktop icon or file!

This section is for XP operating system problems and requests for help.
Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

pesky undeletable desktop icon or file!

Post by Clif » Wed Jul 18, 2007 6:34 pm

I have a file on my desktop that is impossible to delete. If I click on it and then hit the delete button, nothing happens. If I right click on it, the only options that come up are: Play, Add to now playing list, Add to playlist..., Add to sync list, Add to burn list, Open with..., Copy to folder, Move to folder, Send to>, Play on my>.  I have no delete option. I cannot drag it into the recycle bin. I cannot open it, nor move it into any folder. No program I have can remove it, I don't know what kind of virus or spyware it probably is. It cannot be renamed either. The file name is really weird and really long. A bunch of sick perverted porn type stuff written in it. It "looks" like a movie clip file, like the kind windows media player would play.  I have tried rebooting in safe mode and that won't let me delete it either.
Last edited by Squeezebox on Wed Jul 18, 2007 7:19 pm, edited 1 time in total.

Squeezebox
Administrator
Administrator
Posts: 1647
Joined: Sat Sep 24, 2005 9:51 pm
Location: UK

Re: pesky undeletable desktop icon or file!

Post by Squeezebox » Wed Jul 18, 2007 7:27 pm

Hi Clif,

First of all, it's a bad idea to post your email address on any forum, it can easily be harvested for spam. (I removed that bit from your post)

I was going to suggest trying in Safe Mode, but I see you've already done that. You could try booting into the command prompt option. Then type the following:

cd\Documents and Settings\\Desktop

(Don't type the space, press space bar, susbtitute the user name you have on your PC (Clif?)

You should get to the Desktop directory. Then type:

delfull name of the file plus it's extension

What is the file extension on the offending item?
Image

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Wed Jul 18, 2007 8:11 pm

Well, i'm not really sure, the name's really long, and likely made that way on purpose. i tried to insert a print screen image of it selected on my desktop....

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Wed Jul 18, 2007 8:18 pm

The name shown on it says:

Pregnant Blow Job - www.sickperversions.com - (pissing bizzare bondage torture spanking uniforms pregnant domination milf fisting granny mom hot moms older ladies old woman ass mature sex xxx porn erotic girl

When I tried deleting it with a bunch of different file removal programs, upon selecting this file, I got a message saying something about the file name too long, or about the format of the file name... which then wouldn't allow me to select the file for deletion. I can attempt the command prompt method, but I don't know what type of file extension it really is..... .mpg, .avi,  etc.

Essexboy
Administrator
Administrator
Posts: 903
Joined: Wed Sep 14, 2005 11:20 am
Location: Helston - Cornwall
Contact:

Re: pesky undeletable desktop icon or file!

Post by Essexboy » Wed Jul 18, 2007 9:18 pm

Lets see if I can get rid of it

Download WinPFind3u.exe  to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
  • Under Additional Scans click the checkboxes in front of the following items to select them:
    • Reg - Desktop Components
      File - Additional Folder Scans
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If, after posting, the last line is not then the log is too big to fit into a single post and you will need to split it into multiple posts.
VISTA
XPsp2
Avast (of course)
Image


http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss  why aren't more people happy?

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Thu Jul 19, 2007 5:01 pm

WinPFind3 logfile created on: 7/19/2007 11:42:59 AM
WinPFind3U by OldTimer - Version 1.0.39 Folder = C:\Documents and Settings\Clif & Jenny\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

510.00 Mb Total Physical Memory | 193.38 Mb Available Physical Memory | 37.92% Memory free
1.44 Gb Paging File | 0.37 Gb Available in Paging File | 25.83% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.85 Gb Total Space | 7.78 Gb Free Space | 22.97% Space Free
D: Drive not present or media not loaded
Drive E: | 113.07 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free
F: Drive not present or media not loaded

Computer Name: DELL
Current User Name: Clif & Jenny
Logged in as Administrator.
Current Boot Mode: Normal


[Processes - Non-Microsoft Only]
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.5: 2007071317 | Size = 7644008 bytes | Modified Date = 7/18/2007 8:36:46 AM | Attr =    ]
guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr =    ]
hpztbu03.exe -> %System32%\spool\drivers\w32x86\3\hpztbu03.exe -> HP [Ver = 2,38,0,0 | Size = 200704 bytes | Modified Date = 6/12/2001 4:13:06 AM | Attr =    ]
incd.exe -> %ProgramFiles%\Ahead\InCD\InCD.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 1398272 bytes | Modified Date = 3/23/2006 6:06:50 PM | Attr =    ]
incdsrv.exe -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 880128 bytes | Modified Date = 3/23/2006 6:06:38 PM | Attr =    ]
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.67.1 | Size = 73728 bytes | Modified Date = 1/20/2006 12:20:00 PM | Attr =    ]
nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 1:22:00 PM | Attr =    ]
sdhelp.exe -> %ProgramFiles%\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.18 | Size = 870624 bytes | Modified Date = 12/20/2005 9:44:24 AM | Attr =    ]
smax4pnp.exe -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 5 | Size = 1404928 bytes | Modified Date = 10/14/2004 7:42:54 PM | Attr =    ]
swdoctor.exe -> %ProgramFiles%\Spyware Doctor\swdoctor.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.478 | Size = 960000 bytes | Modified Date = 1/11/2006 3:56:36 AM | Attr =    ]
volumouse.exe -> %UserDocuments%\volumouse\volumouse.exe -> NirSoft [Ver = 1.31 | Size = 26112 bytes | Modified Date = 5/27/2006 12:49:10 PM | Attr =    ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.38.0 | Size = 322048 bytes | Modified Date = 6/23/2007 3:15:54 PM | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 9/28/2006 9:13:20 AM | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr =    ]
(FreezeScreenSaver) FreezeScreenSaver [Win32_Own | Auto | Stopped] -> %System32%\FreezeScreenSaver.exe ->  [Ver = 1, 0, 0, 1 | Size = 69632 bytes | Modified Date = 9/29/2005 3:55:38 PM | Attr =    ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/4/2005 1:41:10 AM | Attr =    ]
(InCDsrv) InCD Helper [Win32_Own | Auto | Running] -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 880128 bytes | Modified Date = 3/23/2006 6:06:38 PM | Attr =    ]
(InCDsrvR) InCD Helper (read only) [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Ahead\InCD\InCDsrv.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 880128 bytes | Modified Date = 3/23/2006 6:06:38 PM | Attr =    ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> File not found
(KodakCCS) Kodak Camera Connection Software [Win32_Own | On_Demand | Stopped] -> %System32%\drivers\KodakCCS.exe -> Eastman Kodak Company [Ver = 1.1.5100.4 | Size = 411920 bytes | Modified Date = 3/30/2005 4:46:56 PM | Attr =    ]
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.67.1 | Size = 73728 bytes | Modified Date = 1/20/2006 12:20:00 PM | Attr =    ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 1:22:00 PM | Attr =    ]
(SDhelper) PC Tools Spyware Doctor [Win32_Own | Auto | Running] -> %ProgramFiles%\Spyware Doctor\sdhelp.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.18 | Size = 870624 bytes | Modified Date = 12/20/2005 9:44:24 AM | Attr =    ]

[Registry - Non-Microsoft Only]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
dvd43 -> %ProgramFiles%\dvd43\dvd43_tray.exe ->  [Ver = 3.9.0.0 | Size = 694272 bytes | Modified Date = 5/22/2006 2:26:00 PM | Attr =    ]
HotKeysCmds -> %System32%\hkcmd.exe -> Intel Corporation [Ver = 3.0.0.3889 | Size = 118784 bytes | Modified Date = 8/20/2004 8:51:14 PM | Attr =    ]
IgfxTray -> %System32%\igfxtray.exe -> Intel Corporation [Ver = 3.0.0.3889 | Size = 155648 bytes | Modified Date = 8/20/2004 8:55:14 PM | Attr =    ]
InCD -> %ProgramFiles%\Ahead\InCD\InCD.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 1398272 bytes | Modified Date = 3/23/2006 6:06:50 PM | Attr =    ]
NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 1:22:00 PM | Attr =    ]
NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 10/22/2006 1:22:00 PM | Attr =    ]
nwiz -> %System32%\nwiz.exe ->  [Ver =  | Size = 1622016 bytes | Modified Date = 10/22/2006 1:22:00 PM | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Inc. [Ver = 7.1.6 | Size = 282624 bytes | Modified Date = 4/27/2007 9:41:54 AM | Attr =    ]
SecureWeb -> %System32%\UffHMd8h.exe ->  [Ver =  | Size = 20544 bytes | Modified Date = 6/22/2007 9:11:00 AM | Attr =    ]
SoundMAXPnP -> %ProgramFiles%\Analog Devices\Core\smax4pnp.exe -> Analog Devices, Inc. [Ver = 5, 2, 0, 5 | Size = 1404928 bytes | Modified Date = 10/14/2004 7:42:54 PM | Attr =    ]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
MRUBlaster -> %UserDocuments%\MRU-Blaster\indexcleaner.exe ->  [Ver = 1.00.0002 | Size = 32768 bytes | Modified Date = 1/5/2003 2:20:20 PM | Attr =    ]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
-> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
$Volumouse$ -> %UserDocuments%\volumouse\volumouse.exe -> NirSoft [Ver = 1.31 | Size = 26112 bytes | Modified Date = 5/27/2006 12:49:10 PM | Attr =    ]
ccleaner -> %ProgramFiles%\CCleaner\ccleaner.exe -> Piriform Ltd [Ver = 1.40.0520 | Size = 598920 bytes | Modified Date = 5/10/2007 6:01:50 AM | Attr =    ]
Spyware Doctor -> %ProgramFiles%\Spyware Doctor\swdoctor.exe -> PC Tools Research Pty Ltd [Ver = 3.5.0.478 | Size = 960000 bytes | Modified Date = 1/11/2006 3:56:36 AM | Attr =    ]
-> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\taskbar icon.lnk -> %System32%\spool\drivers\w32x86\3\hpztbu03.exe -> HP [Ver = 2,38,0,0 | Size = 200704 bytes | Modified Date = 6/12/2001 4:13:06 AM | Attr =    ]
-> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
-> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3.0.0.3889 | Size = 344064 bytes | Modified Date = 8/20/2004 8:50:54 PM | Attr =    ]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoSecurityTab -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\\NoCDBurning -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\isamonitor.exe -> C:\Program Files\Gold Codec\isamonitor.exe ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\pmsngr.exe -> C:\Program Files\Gold Codec\pmsngr.exe ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
-> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\ClearRecentDocsOnExit -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\RegWinBackUp -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSecurityTab -> 1 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools -> 0 ->
(734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
127.0.0.1      localhost ->  ->
->  ->
HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dl ... ar=msnhome ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dl ... r=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dl ... R}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm ->
HKCU: Default_Page_URL -> http://www.dell4me.com/myway ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.yahoo.com/ ->
HKCU: ProxyEnable -> 0 ->
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
msn.com [ - ] ->  ->
-> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
turbotax.com [https] ->  ->
-> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 9:38:22 PM | Attr =    ]
{0edc6c20-a31c-11db-8ab9-0800200c9a66} [HKLM] -> %System32%\adsnta.dll [ChangerBHO Class] ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/18/2007 11:26:38 PM | Attr =    ]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> %ProgramFiles%\BitComet\tools\BitCometBHO_1.1.6.14.dll [BitComet Helper] -> BitComet [Ver = 20070614 | Size = 443968 bytes | Modified Date = 6/14/2007 8:07:56 AM | Attr =    ]
{3AAC4C68-AFC8-11DB-80EF-8AF955D89593} [HKLM] -> %ProgramFiles%\TrustIn Contextual\trustincontext.dll [ContextualAds Class] ->  [Ver = 1, 0, 0, 1 | Size = 23040 bytes | Modified Date = 6/9/2007 7:19:50 PM | Attr =    ]
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} [HKLM] -> %ProgramFiles%\Spyware Doctor\tools\iesdsg.dll [PCTools Site Guard] -> PC Tools [Ver = 3.5.0.65 | Size = 786656 bytes | Modified Date = 12/9/2005 5:22:26 PM | Attr =    ]
{631f7200-642e-11db-bd13-0800200c9a66} [HKLM] -> %System32%\mscoriezb.dll [Clicker Class] ->  [Ver = 1, 0, 0, 1 | Size = 22016 bytes | Modified Date = 6/9/2007 7:19:52 PM | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 11/10/2005 2:22:10 PM | Attr =    ]
{85589B5D-D53D-4237-A677-46B82EA275F3} [HKLM] -> %SystemRoot%\xhelper.dll [XML Helper] ->  [Ver = 2.0 | Size = 126976 bytes | Modified Date = 7/3/2007 4:41:54 PM | Attr =    ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{ae18da4e-be15-4925-81bb-890c04af0200} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{B56A7D7D-6927-48C8-A975-17DF180C71AC} [HKLM] -> %ProgramFiles%\Spyware Doctor\tools\iesdpb.dll [PCTools Browser Monitor] -> PC Tools [Ver = 3.5.0.276 | Size = 847608 bytes | Modified Date = 11/24/2006 10:02:36 PM | Attr =    ]
{f015f320-ab08-11db-abbd-0800200c9a66} [HKLM] -> %SystemRoot%\inetloader.dll [WeeklyExecuter Class] ->  [Ver = 1, 0, 0, 1 | Size = 16896 bytes | Modified Date = 6/8/2007 6:54:30 PM | Attr =    ]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{96ebbe6a-2864-4345-b32b-26ee9be524b5} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Thu Jul 19, 2007 5:02 pm

-> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{96EBBE6A-2864-4345-B32B-26EE9BE524B5} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar] -> File not found
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_06\bin\npjpi150_06.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 11/10/2005 2:22:10 PM | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 11/10/2005 2:22:10 PM | Attr =    ]
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> Reg Data - Value does not exist [ButtonText: Spyware Doctor] -> File not found
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
-> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&D&ownload &with BitComet -> %ProgramFiles%\BitComet\BitComet.exe\AddLink.htm -> File not found
&D&ownload all video with BitComet -> %ProgramFiles%\BitComet\BitComet.exe\AddVideo.htm -> File not found
&D&ownload all with BitComet -> %ProgramFiles%\BitComet\BitComet.exe\AddAllLink.htm -> File not found
&Google Search -> %ProgramFiles%\Google\GoogleToolbar1.dll\cmsearch.htm -> File not found
&Translate English Word -> %ProgramFiles%\Google\GoogleToolbar1.dll\cmwordtrans.htm -> File not found
Backward Links -> %ProgramFiles%\Google\GoogleToolbar1.dll\cmbacklinks.htm -> File not found
Cached Snapshot of Page -> %ProgramFiles%\Google\GoogleToolbar1.dll\cmcache.htm -> File not found
E&xport to Microsoft Excel ->  -> File not found
Similar Pages -> %ProgramFiles%\Google\GoogleToolbar1.dll\cmsimilar.htm -> File not found
Translate Page into English -> %ProgramFiles%\Google\GoogleToolbar1.dll\cmtrans.htm -> File not found
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ->
SV1 ->  ->
TISA ->  ->
-> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{385D0FDA-7B7D-4C14-8DBE-4769C2EBB492} -> 192.168.1.254,192.168.1.255  (Broadcom 440x 10/100 Integrated Controller) ->
-> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?LinkID=39204 ->
{31E68DE2-5548-4B23-88F0-C51E6A0F695E} -> Microsoft PID Sniffer - CodeBase = https://support.microsoft.com/OAS/ActiveX/odc.cab ->
{33564D57-0000-0010-8000-00AA00389B71} ->  - CodeBase = http://download.microsoft.com/download/ ... mv9VCM.CAB ->
{406B5949-7190-4245-91A9-30A17DE16AD0} -> Snapfish Activia - CodeBase = http://photos.walmart.com/WalmartActivia.cab ->
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} ->  - CodeBase = http://download.mcafee.com/molbin/share ... insctl.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftup ... 7514859640 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{A662DA7E-CCB7-4743-B71A-D817F6D575DF} ->  - CodeBase = http://www.autodesk.com/global/dwfviewe ... rSetup.cab ->
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} ->  - CodeBase = http://download.mcafee.com/molbin/share ... cgdmgr.cab ->
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_03 - CodeBase = http://java.sun.com/products/plugin/aut ... s-i586.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} ->  - CodeBase = http://download.macromedia.com/pub/shoc ... wflash.cab ->
{EB387D2F-E27B-4D36-979E-847D1036C65D} -> QDiagHUpdateObj Class - CodeBase = http://h30155.www3.hp.com/ediags/hpfix/ ... gh.cab?326 ->


[Registry - Additional Scans - Non-Microsoft Only]
-> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\ ->
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->


[Files/Folders - Created Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 534843392 bytes | Created Date = 1/1/1601 6:00:00 AM | Attr =  HS]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ ->  [Folder | Created Date = 6/25/2007 8:11:05 PM | Attr =  H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ ->  [Folder | Created Date = 6/25/2007 8:15:01 PM | Attr =  H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ ->  [Folder | Created Date = 6/25/2007 8:14:49 PM | Attr =  H ]
$NtUninstallKB885884$ -> %SystemRoot%\$NtUninstallKB885884$ ->  [Folder | Created Date = 6/25/2007 8:01:45 PM | Attr =  H ]
$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ ->  [Folder | Created Date = 6/25/2007 8:02:13 PM | Attr =  H ]
$NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ ->  [Folder | Created Date = 6/25/2007 8:10:33 PM | Attr =  H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ ->  [Folder | Created Date = 6/25/2007 8:04:47 PM | Attr =  H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ ->  [Folder | Created Date = 6/25/2007 8:07:06 PM | Attr =  H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ ->  [Folder | Created Date = 6/25/2007 7:58:09 PM | Attr =  H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ ->  [Folder | Created Date = 6/25/2007 8:07:43 PM | Attr =  H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ ->  [Folder | Created Date = 6/25/2007 8:12:24 PM | Attr =  H ]
$NtUninstallKB894391$ -> %SystemRoot%\$NtUninstallKB894391$ ->  [Folder | Created Date = 6/25/2007 7:58:56 PM | Attr =  H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ ->  [Folder | Created Date = 6/25/2007 8:10:23 PM | Attr =  H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ ->  [Folder | Created Date = 6/25/2007 8:11:42 PM | Attr =  H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ ->  [Folder | Created Date = 6/25/2007 8:00:27 PM | Attr =  H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ ->  [Folder | Created Date = 6/25/2007 8:15:52 PM | Attr =  H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ ->  [Folder | Created Date = 6/25/2007 8:12:49 PM | Attr =  H ]
$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ ->  [Folder | Created Date = 6/25/2007 8:11:34 PM | Attr =  H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ ->  [Folder | Created Date = 6/25/2007 8:04:38 PM | Attr =  H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ ->  [Folder | Created Date = 6/25/2007 8:12:58 PM | Attr =  H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ ->  [Folder | Created Date = 6/25/2007 8:05:38 PM | Attr =  H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ ->  [Folder | Created Date = 6/25/2007 8:07:22 PM | Attr =  H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ ->  [Folder | Created Date = 6/25/2007 8:01:31 PM | Attr =  H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ ->  [Folder | Created Date = 6/25/2007 8:06:02 PM | Attr =  H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ ->  [Folder | Created Date = 6/25/2007 8:00:58 PM | Attr =  H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ ->  [Folder | Created Date = 6/25/2007 7:58:45 PM | Attr =  H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ ->  [Folder | Created Date = 6/25/2007 8:01:12 PM | Attr =  H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ ->  [Folder | Created Date = 6/25/2007 8:09:35 PM | Attr =  H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ ->  [Folder | Created Date = 6/25/2007 8:12:07 PM | Attr =  H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ ->  [Folder | Created Date = 6/25/2007 8:11:59 PM | Attr =  H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ ->  [Folder | Created Date = 6/25/2007 8:13:49 PM | Attr =  H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ ->  [Folder | Created Date = 6/25/2007 8:00:37 PM | Attr =  H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ ->  [Folder | Created Date = 6/25/2007 8:06:19 PM | Attr =  H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ ->  [Folder | Created Date = 6/25/2007 7:58:24 PM | Attr =  H ]
$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ ->  [Folder | Created Date = 6/25/2007 8:02:05 PM | Attr =  H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ ->  [Folder | Created Date = 6/25/2007 8:06:11 PM | Attr =  H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ ->  [Folder | Created Date = 6/25/2007 8:05:54 PM | Attr =  H ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ ->  [Folder | Created Date = 6/25/2007 8:05:10 PM | Attr =  H ]
$NtUninstallKB918439$ -> %SystemRoot%\$NtUninstallKB918439$ ->  [Folder | Created Date = 6/25/2007 8:07:35 PM | Attr =  H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ ->  [Folder | Created Date = 6/25/2007 8:06:27 PM | Attr =  H ]
$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ ->  [Folder | Created Date = 6/25/2007 8:04:18 PM | Attr =  H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ ->  [Folder | Created Date = 6/25/2007 8:07:57 PM | Attr =  H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ ->  [Folder | Created Date = 6/25/2007 7:58:34 PM | Attr =  H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ ->  [Folder | Created Date = 6/25/2007 8:12:33 PM | Attr =  H ]
$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ ->  [Folder | Created Date = 6/25/2007 8:06:51 PM | Attr =  H ]
$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ ->  [Folder | Created Date = 6/25/2007 8:05:20 PM | Attr =  H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ ->  [Folder | Created Date = 6/25/2007 8:15:13 PM | Attr =  H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ ->  [Folder | Created Date = 6/25/2007 8:05:29 PM | Attr =  H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ ->  [Folder | Created Date = 6/25/2007 8:14:35 PM | Attr =  H ]
$NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ ->  [Folder | Created Date = 6/25/2007 8:09:21 PM | Attr =  H ]
$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ ->  [Folder | Created Date = 6/25/2007 8:12:41 PM | Attr =  H ]
$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ ->  [Folder | Created Date = 6/25/2007 8:12:16 PM | Attr =  H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ ->  [Folder | Created Date = 6/25/2007 8:15:22 PM | Attr =  H ]
$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ ->  [Folder | Created Date = 6/25/2007 8:11:20 PM | Attr =  H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ ->  [Folder | Created Date = 6/25/2007 8:10:55 PM | Attr =  H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ ->  [Folder | Created Date = 6/25/2007 8:11:51 PM | Attr =  H ]

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Thu Jul 19, 2007 5:02 pm

$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ ->  [Folder | Created Date = 6/25/2007 8:13:33 PM | Attr =  H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ ->  [Folder | Created Date = 6/25/2007 8:08:17 PM | Attr =  H ]
$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ ->  [Folder | Created Date = 6/25/2007 8:04:58 PM | Attr =  H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ ->  [Folder | Created Date = 6/25/2007 8:06:58 PM | Attr =  H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ ->  [Folder | Created Date = 6/25/2007 8:15:43 PM | Attr =  H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ ->  [Folder | Created Date = 6/25/2007 8:15:34 PM | Attr =  H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ ->  [Folder | Created Date = 6/26/2007 5:15:01 PM | Attr =  H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ ->  [Folder | Created Date = 6/25/2007 8:14:20 PM | Attr =  H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ ->  [Folder | Created Date = 6/25/2007 7:57:25 PM | Attr =  H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ ->  [Folder | Created Date = 6/25/2007 8:08:07 PM | Attr =  H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ ->  [Folder | Created Date = 6/25/2007 8:13:58 PM | Attr =  H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ ->  [Folder | Created Date = 6/25/2007 8:06:35 PM | Attr =  H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ ->  [Folder | Created Date = 6/25/2007 8:01:57 PM | Attr =  H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ ->  [Folder | Created Date = 6/25/2007 8:11:12 PM | Attr =  H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ ->  [Folder | Created Date = 6/25/2007 8:14:07 PM | Attr =  H ]
$NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ ->  [Folder | Created Date = 6/25/2007 8:10:47 PM | Attr =  H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ ->  [Folder | Created Date = 6/25/2007 8:05:46 PM | Attr =  H ]
$NtUninstallKB933566$ -> %SystemRoot%\$NtUninstallKB933566$ ->  [Folder | Created Date = 6/25/2007 8:09:46 PM | Attr =  H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ ->  [Folder | Created Date = 6/25/2007 8:00:18 PM | Attr =  H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ ->  [Folder | Created Date = 6/25/2007 8:04:05 PM | Attr =  H ]
$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ ->  [Folder | Created Date = 7/11/2007 2:08:32 AM | Attr =  H ]
xhelper.dll -> %SystemRoot%\xhelper.dll ->  [Ver = 2.0 | Size = 126976 bytes | Created Date = 7/3/2007 3:41:23 PM | Attr =    ]
xmlhelper2.dll -> %SystemRoot%\xmlhelper2.dll ->  [Ver = 2.0 | Size = 122880 bytes | Created Date = 6/22/2007 8:37:45 AM | Attr =    ]
xmlhelper4.dll -> %SystemRoot%\xmlhelper4.dll ->  [Ver = 2.0 | Size = 122880 bytes | Created Date = 6/29/2007 5:45:24 PM | Attr =    ]
At1.job -> %SystemRoot%\tasks\At1.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At10.job -> %SystemRoot%\tasks\At10.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At11.job -> %SystemRoot%\tasks\At11.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At12.job -> %SystemRoot%\tasks\At12.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At13.job -> %SystemRoot%\tasks\At13.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At14.job -> %SystemRoot%\tasks\At14.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At15.job -> %SystemRoot%\tasks\At15.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At16.job -> %SystemRoot%\tasks\At16.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At17.job -> %SystemRoot%\tasks\At17.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At18.job -> %SystemRoot%\tasks\At18.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At19.job -> %SystemRoot%\tasks\At19.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At2.job -> %SystemRoot%\tasks\At2.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At20.job -> %SystemRoot%\tasks\At20.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At21.job -> %SystemRoot%\tasks\At21.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At22.job -> %SystemRoot%\tasks\At22.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At23.job -> %SystemRoot%\tasks\At23.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At24.job -> %SystemRoot%\tasks\At24.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At3.job -> %SystemRoot%\tasks\At3.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At4.job -> %SystemRoot%\tasks\At4.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At5.job -> %SystemRoot%\tasks\At5.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At6.job -> %SystemRoot%\tasks\At6.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At7.job -> %SystemRoot%\tasks\At7.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At8.job -> %SystemRoot%\tasks\At8.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
At9.job -> %SystemRoot%\tasks\At9.job ->  [Ver =  | Size = 350 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
47B7E4AA04s.dll -> %System32%\47B7E4AA04s.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/23/2007 10:09:59 AM | Attr =    ]
acctresv.dll -> %System32%\acctresv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/25/2007 5:54:17 PM | Attr =    ]
acluib.dll -> %System32%\acluib.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/2/2007 9:43:05 AM | Attr =    ]
acluis.dll -> %System32%\acluis.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/5/2007 3:16:11 PM | Attr =    ]
ActiveUtilsb.dll -> %System32%\ActiveUtilsb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/7/2007 9:44:36 AM | Attr =    ]
actxprxyv.dll -> %System32%\actxprxyv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/24/2007 10:28:14 AM | Attr =    ]
admparsea.dll -> %System32%\admparsea.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/13/2007 12:24:31 PM | Attr =    ]
adsnta.dll -> %System32%\adsnta.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/18/2007 10:26:37 PM | Attr =    ]
advapi32v.dll -> %System32%\advapi32v.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/3/2007 11:20:18 AM | Attr =    ]
atlv.dll -> %System32%\atlv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/21/2007 7:44:31 AM | Attr =    ]
atmfdba.dll -> %System32%\atmfdba.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/1/2007 8:15:07 AM | Attr =    ]
au3305adca.dll -> %System32%\au3305adca.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/12/2007 12:12:05 PM | Attr =    ]
audiosrvs.dll -> %System32%\audiosrvs.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/8/2007 9:59:25 AM | Attr =    ]
autodisca.dll -> %System32%\autodisca.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/9/2007 2:45:25 PM | Attr =    ]
autodiscv.dll -> %System32%\autodiscv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/16/2007 2:42:00 PM | Attr =    ]
avmeterv.dll -> %System32%\avmeterv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/14/2007 1:22:45 PM | Attr =    ]
basesrvv.dll -> %System32%\basesrvv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/11/2007 11:26:25 AM | Attr =    ]
basesrvvv.dll -> %System32%\basesrvvv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/15/2007 1:26:42 PM | Attr =    ]
BASSMODb.dll -> %System32%\BASSMODb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/26/2007 8:34:29 PM | Attr =    ]
BASSMODvb.dll -> %System32%\BASSMODvb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/4/2007 12:39:58 PM | Attr =    ]
BitCometResb.dll -> %System32%\BitCometResb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 7/17/2007 5:03:20 PM | Attr =    ]
BJAXSecurityManagerb.dll -> %System32%\BJAXSecurityManagerb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/20/2007 6:50:16 AM | Attr =    ]
BJInstallers.dll -> %System32%\BJInstallers.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/27/2007 9:06:42 PM | Attr =    ]
BMAPIa.dll -> %System32%\BMAPIa.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/22/2007 7:53:14 AM | Attr =    ]
ccfgntb.dll -> %System32%\ccfgntb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Created Date = 6/29/2007 8:02:20 AM | Attr =    ]
UffHMd8h.exe -> %System32%\UffHMd8h.exe ->  [Ver =  | Size = 20544 bytes | Created Date = 6/22/2007 8:11:29 AM | Attr =    ]
xvid.ax -> %System32%\xvid.ax ->  [Ver =  | Size = 77824 bytes | Created Date = 6/29/2007 10:23:57 AM | Attr =    ]
xvidcore.dll -> %System32%\xvidcore.dll ->  [Ver =  | Size = 765952 bytes | Created Date = 6/29/2007 10:23:57 AM | Attr =    ]
xvidvfw.dll -> %System32%\xvidvfw.dll ->  [Ver =  | Size = 180224 bytes | Created Date = 6/29/2007 10:23:57 AM | Attr =    ]
Tsknf700.sys -> %System32%\drivers\Tsknf700.sys -> Igor Arsenin [Ver = 7.27 | Size = 17928 bytes | Created Date = 7/18/2007 11:58:15 AM | Attr =    ]
GRETECH -> %AllUsersAppData%\GRETECH ->  [Folder | Created Date = 7/18/2007 12:40:08 PM | Attr =    ]
GRETECH -> %UserAppData%\GRETECH ->  [Folder | Created Date = 7/18/2007 12:39:22 PM | Attr =    ]
ClearMem -> %UserDocuments%\ClearMem ->  [Folder | Created Date = 7/18/2007 11:47:10 AM | Attr =    ]
Clif's storm envelope.doc -> %UserDocuments%\Clif's storm envelope.doc ->  [Ver =  | Size = 19456 bytes | Created Date = 7/9/2007 9:53:30 AM | Attr =    ]
GomPlayer -> %UserDocuments%\GomPlayer ->  [Folder | Created Date = 7/18/2007 12:39:23 PM | Attr =    ]
GOMPLAYERENSETUP.EXE -> %UserDocuments%\GOMPLAYERENSETUP.EXE -> Gretech Corp. [Ver = 2.1 | Size = 4334408 bytes | Created Date = 7/18/2007 12:07:59 PM | Attr =    ]
How to Boost Your Torrent Download Speeds (Video Tutorial) -> %UserDocuments%\How to Boost Your Torrent Download Speeds (Video Tutorial) ->  [Folder | Created Date = 6/27/2007 3:26:01 AM | Attr =    ]
PowerISO37.exe -> %UserDocuments%\PowerISO37.exe ->  [Ver =  | Size = 1014730 bytes | Created Date = 7/16/2007 3:13:11 AM | Attr =    ]
SageTV_v5.0.4.92-DIGERATI -> %UserDocuments%\SageTV_v5.0.4.92-DIGERATI ->  [Folder | Created Date = 6/22/2007 7:53:36 AM | Attr =    ]
Thank You card for Clif's storm.doc -> %UserDocuments%\Thank You card for Clif's storm.doc ->  [Ver =  | Size = 19456 bytes | Created Date = 7/5/2007 12:32:12 PM | Attr =    ]
Thank you card text Clif's storm.doc -> %UserDocuments%\Thank you card text Clif's storm.doc ->  [Ver =  | Size = 19456 bytes | Created Date = 7/5/2007 1:36:49 PM | Attr =    ]
tskinf70.exe -> %UserDocuments%\tskinf70.exe -> Igor Arsenin (Iarsn)                                        [Ver = 7.0.8.216            | Size = 1642560 bytes | Created Date = 7/18/2007 11:57:28 AM | Attr =    ]
unlocker1.8.5.exe -> %UserDocuments%\unlocker1.8.5.exe ->  [Ver =  | Size = 195645 bytes | Created Date = 7/18/2007 11:55:20 AM | Attr =    ]
39679 Morris Street.doc -> %UserDesktop%\39679 Morris Street.doc ->  [Ver =  | Size = 19456 bytes | Created Date = 6/27/2007 4:28:27 PM | Attr =    ]
Fergie - Big Girls Dont Cry.mp3 -> %UserDesktop%\Fergie - Big Girls Dont Cry.mp3 ->  [Ver =  | Size = 6840872 bytes | Created Date = 7/8/2007 10:53:54 AM | Attr =    ]
windows xp -> %UserDesktop%\windows xp ->  [Folder | Created Date = 7/15/2007 12:14:39 PM | Attr =    ]
WinPFind3u -> %UserDesktop%\WinPFind3u ->  [Folder | Created Date = 7/19/2007 10:40:21 AM | Attr =    ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe ->  [Ver =  | Size = 355277 bytes | Created Date = 7/19/2007 10:40:01 AM | Attr =    ]
taskbar icon.lnk -> %AllUsersStartup%\taskbar icon.lnk ->  [Ver =  | Size = 1073 bytes | Created Date = 7/14/2007 9:25:24 AM | Attr =    ]

[Files/Folders - Modified Within 30 days]
3DHAD3 -> %SystemDrive%\3DHAD3 ->  [Folder | Modified Date = 6/26/2007 6:13:50 PM | Attr =    ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 534843392 bytes | Modified Date = 7/18/2007 12:22:14 PM | Attr =  HS]
log.html -> %SystemDrive%\log.html ->  [Ver =  | Size = 74601 bytes | Modified Date = 7/18/2007 12:22:36 PM | Attr =    ]
Program Files -> %ProgramFiles% ->  [Folder | Modified Date = 7/18/2007 1:38:08 PM | Attr = R  ]
WINDOWS -> %SystemRoot% ->  [Folder | Modified Date = 7/19/2007 11:40:28 AM | Attr =    ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ ->  [Folder | Modified Date = 7/10/2007 8:22:18 PM | Attr =  H ]
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ ->  [Folder | Modified Date = 6/25/2007 6:55:10 PM | Attr =  H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ ->  [Folder | Modified Date = 6/25/2007 9:11:06 PM | Attr =  H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ ->  [Folder | Modified Date = 6/25/2007 9:15:04 PM | Attr =  H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ ->  [Folder | Modified Date = 6/25/2007 9:14:52 PM | Attr =  H ]
$NtUninstallKB885884$ -> %SystemRoot%\$NtUninstallKB885884$ ->  [Folder | Modified Date = 6/25/2007 9:01:46 PM | Attr =  H ]
$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ ->  [Folder | Modified Date = 6/25/2007 9:02:14 PM | Attr =  H ]
$NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ ->  [Folder | Modified Date = 6/25/2007 9:10:34 PM | Attr =  H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ ->  [Folder | Modified Date = 6/25/2007 9:04:50 PM | Attr =  H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ ->  [Folder | Modified Date = 6/25/2007 9:07:08 PM | Attr =  H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ ->  [Folder | Modified Date = 6/25/2007 8:58:12 PM | Attr =  H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ ->  [Folder | Modified Date = 6/25/2007 9:07:46 PM | Attr =  H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ ->  [Folder | Modified Date = 6/25/2007 9:12:26 PM | Attr =  H ]
$NtUninstallKB894391$ -> %SystemRoot%\$NtUninstallKB894391$ ->  [Folder | Modified Date = 6/25/2007 8:58:58 PM | Attr =  H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ ->  [Folder | Modified Date = 6/25/2007 9:10:28 PM | Attr =  H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ ->  [Folder | Modified Date = 6/25/2007 9:11:46 PM | Attr =  H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ ->  [Folder | Modified Date = 6/25/2007 9:00:30 PM | Attr =  H ]

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Thu Jul 19, 2007 5:03 pm

$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ ->  [Folder | Modified Date = 6/25/2007 9:15:54 PM | Attr =  H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ ->  [Folder | Modified Date = 6/25/2007 9:12:52 PM | Attr =  H ]
$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ ->  [Folder | Modified Date = 6/25/2007 9:11:38 PM | Attr =  H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ ->  [Folder | Modified Date = 6/25/2007 9:04:42 PM | Attr =  H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ ->  [Folder | Modified Date = 6/25/2007 9:13:02 PM | Attr =  H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ ->  [Folder | Modified Date = 6/25/2007 9:05:40 PM | Attr =  H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ ->  [Folder | Modified Date = 6/25/2007 9:07:26 PM | Attr =  H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ ->  [Folder | Modified Date = 6/25/2007 9:01:34 PM | Attr =  H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ ->  [Folder | Modified Date = 6/25/2007 9:06:06 PM | Attr =  H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ ->  [Folder | Modified Date = 6/25/2007 9:01:00 PM | Attr =  H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ ->  [Folder | Modified Date = 6/25/2007 8:58:48 PM | Attr =  H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ ->  [Folder | Modified Date = 6/25/2007 9:01:16 PM | Attr =  H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ ->  [Folder | Modified Date = 6/25/2007 9:09:38 PM | Attr =  H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ ->  [Folder | Modified Date = 6/25/2007 9:12:10 PM | Attr =  H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ ->  [Folder | Modified Date = 6/25/2007 9:12:02 PM | Attr =  H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ ->  [Folder | Modified Date = 6/25/2007 9:13:52 PM | Attr =  H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ ->  [Folder | Modified Date = 6/25/2007 9:00:42 PM | Attr =  H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ ->  [Folder | Modified Date = 6/25/2007 9:06:22 PM | Attr =  H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ ->  [Folder | Modified Date = 6/25/2007 8:58:26 PM | Attr =  H ]
$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ ->  [Folder | Modified Date = 6/25/2007 9:02:08 PM | Attr =  H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ ->  [Folder | Modified Date = 6/25/2007 9:06:14 PM | Attr =  H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ ->  [Folder | Modified Date = 6/25/2007 9:05:58 PM | Attr =  H ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ ->  [Folder | Modified Date = 6/25/2007 9:05:12 PM | Attr =  H ]
$NtUninstallKB918439$ -> %SystemRoot%\$NtUninstallKB918439$ ->  [Folder | Modified Date = 6/25/2007 9:07:38 PM | Attr =  H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ ->  [Folder | Modified Date = 6/25/2007 9:06:30 PM | Attr =  H ]
$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ ->  [Folder | Modified Date = 6/25/2007 9:04:20 PM | Attr =  H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ ->  [Folder | Modified Date = 6/25/2007 9:08:00 PM | Attr =  H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ ->  [Folder | Modified Date = 6/25/2007 8:58:36 PM | Attr =  H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ ->  [Folder | Modified Date = 6/25/2007 9:12:36 PM | Attr =  H ]
$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ ->  [Folder | Modified Date = 6/25/2007 9:06:54 PM | Attr =  H ]
$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ ->  [Folder | Modified Date = 6/25/2007 9:05:24 PM | Attr =  H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ ->  [Folder | Modified Date = 6/25/2007 9:15:16 PM | Attr =  H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ ->  [Folder | Modified Date = 6/25/2007 9:05:32 PM | Attr =  H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ ->  [Folder | Modified Date = 6/25/2007 9:14:38 PM | Attr =  H ]
$NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ ->  [Folder | Modified Date = 6/25/2007 9:09:24 PM | Attr =  H ]
$NtUninstallKB923723$ -> %SystemRoot%\$NtUninstallKB923723$ ->  [Folder | Modified Date = 6/25/2007 9:12:44 PM | Attr =  H ]
$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ ->  [Folder | Modified Date = 6/25/2007 9:12:18 PM | Attr =  H ]
$NtUninstallKB924191$ -> %SystemRoot%\$NtUninstallKB924191$ ->  [Folder | Modified Date = 6/25/2007 9:15:28 PM | Attr =  H ]
$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ ->  [Folder | Modified Date = 6/25/2007 9:11:22 PM | Attr =  H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ ->  [Folder | Modified Date = 6/25/2007 9:11:00 PM | Attr =  H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ ->  [Folder | Modified Date = 6/25/2007 9:11:52 PM | Attr =  H ]
$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ ->  [Folder | Modified Date = 6/25/2007 9:13:36 PM | Attr =  H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ ->  [Folder | Modified Date = 6/25/2007 9:08:22 PM | Attr =  H ]
$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ ->  [Folder | Modified Date = 6/25/2007 9:05:02 PM | Attr =  H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ ->  [Folder | Modified Date = 6/25/2007 9:07:00 PM | Attr =  H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ ->  [Folder | Modified Date = 6/25/2007 9:15:46 PM | Attr =  H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ ->  [Folder | Modified Date = 6/25/2007 9:15:36 PM | Attr =  H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ ->  [Folder | Modified Date = 6/26/2007 6:15:04 PM | Attr =  H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ ->  [Folder | Modified Date = 6/25/2007 9:14:24 PM | Attr =  H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ ->  [Folder | Modified Date = 6/25/2007 8:57:28 PM | Attr =  H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ ->  [Folder | Modified Date = 6/25/2007 9:08:10 PM | Attr =  H ]
$NtUninstallKB929969$ -> %SystemRoot%\$NtUninstallKB929969$ ->  [Folder | Modified Date = 6/25/2007 9:14:00 PM | Attr =  H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ ->  [Folder | Modified Date = 6/25/2007 9:06:38 PM | Attr =  H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ ->  [Folder | Modified Date = 6/25/2007 9:02:00 PM | Attr =  H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ ->  [Folder | Modified Date = 6/25/2007 9:11:16 PM | Attr =  H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ ->  [Folder | Modified Date = 6/25/2007 9:14:10 PM | Attr =  H ]
$NtUninstallKB931836$ -> %SystemRoot%\$NtUninstallKB931836$ ->  [Folder | Modified Date = 6/25/2007 9:10:48 PM | Attr =  H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ ->  [Folder | Modified Date = 6/25/2007 9:05:48 PM | Attr =  H ]
$NtUninstallKB933566$ -> %SystemRoot%\$NtUninstallKB933566$ ->  [Folder | Modified Date = 6/25/2007 9:09:52 PM | Attr =  H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ ->  [Folder | Modified Date = 6/25/2007 9:00:20 PM | Attr =  H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ ->  [Folder | Modified Date = 6/25/2007 9:04:08 PM | Attr =  H ]
$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ ->  [Folder | Modified Date = 7/11/2007 3:08:34 AM | Attr =  H ]
3DHOME.INI -> %SystemRoot%\3DHOME.INI ->  [Ver =  | Size = 462 bytes | Modified Date = 6/26/2007 7:06:06 PM | Attr =    ]
assembly -> %SystemRoot%\assembly ->  [Folder | Modified Date = 7/11/2007 3:16:40 AM | Attr = R S]
AUTOLNCH.REG -> %SystemRoot%\AUTOLNCH.REG ->  [Ver =  | Size = 1080 bytes | Modified Date = 7/14/2007 10:45:52 AM | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 7/18/2007 12:22:16 PM | Attr =  S]
Debug -> %SystemRoot%\Debug ->  [Folder | Modified Date = 7/11/2007 3:19:54 AM | Attr =    ]
Help -> %SystemRoot%\Help ->  [Folder | Modified Date = 7/12/2007 2:00:42 PM | Attr =    ]
inf -> %SystemRoot%\inf ->  [Folder | Modified Date = 7/14/2007 10:35:36 AM | Attr =  H ]
Installer -> %SystemRoot%\Installer ->  [Folder | Modified Date = 7/11/2007 3:06:52 AM | Attr =  HS]
Microsoft.NET -> %SystemRoot%\Microsoft.NET ->  [Folder | Modified Date = 7/11/2007 3:14:42 AM | Attr =    ]
msagent -> %SystemRoot%\msagent ->  [Folder | Modified Date = 6/25/2007 10:10:22 PM | Attr =    ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 229 bytes | Modified Date = 7/18/2007 9:23:12 AM | Attr =    ]
Prefetch -> %SystemRoot%\Prefetch ->  [Folder | Modified Date = 7/19/2007 11:40:24 AM | Attr =    ]
Registration -> %SystemRoot%\Registration ->  [Folder | Modified Date = 7/17/2007 12:06:06 PM | Attr =    ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution ->  [Folder | Modified Date = 6/25/2007 3:12:00 PM | Attr =    ]
system32 -> %System32% ->  [Folder | Modified Date = 7/18/2007 11:26:38 PM | Attr =    ]
Tasks -> %SystemRoot%\Tasks ->  [Folder | Modified Date = 6/22/2007 9:11:30 AM | Attr =  S]
Temp -> %SystemRoot%\Temp ->  [Folder | Modified Date = 7/18/2007 11:31:02 PM | Attr =    ]
twain_32 -> %SystemRoot%\twain_32 ->  [Folder | Modified Date = 7/14/2007 10:29:24 AM | Attr =    ]
WinSxS -> %SystemRoot%\WinSxS ->  [Folder | Modified Date = 7/11/2007 3:03:24 AM | Attr =    ]
xhelper.dll -> %SystemRoot%\xhelper.dll ->  [Ver = 2.0 | Size = 126976 bytes | Modified Date = 7/3/2007 4:41:54 PM | Attr =    ]
xmlhelper2.dll -> %SystemRoot%\xmlhelper2.dll ->  [Ver = 2.0 | Size = 122880 bytes | Modified Date = 6/28/2007 10:52:40 PM | Attr =    ]
xmlhelper4.dll -> %SystemRoot%\xmlhelper4.dll ->  [Ver = 2.0 | Size = 122880 bytes | Modified Date = 6/29/2007 6:46:06 PM | Attr =    ]
1-Click Maintenance.job -> %SystemRoot%\tasks\1-Click Maintenance.job ->  [Ver =  | Size = 404 bytes | Modified Date = 7/18/2007 1:30:00 AM | Attr =    ]
At1.job -> %SystemRoot%\tasks\At1.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 12:00:02 AM | Attr =    ]
At10.job -> %SystemRoot%\tasks\At10.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 9:00:02 AM | Attr =    ]
At11.job -> %SystemRoot%\tasks\At11.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 10:00:00 AM | Attr =    ]
At12.job -> %SystemRoot%\tasks\At12.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 11:00:02 AM | Attr =    ]
At13.job -> %SystemRoot%\tasks\At13.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 12:00:02 PM | Attr =    ]
At14.job -> %SystemRoot%\tasks\At14.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 1:00:02 PM | Attr =    ]
At15.job -> %SystemRoot%\tasks\At15.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 2:00:02 PM | Attr =    ]
At16.job -> %SystemRoot%\tasks\At16.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 3:00:02 PM | Attr =    ]
At17.job -> %SystemRoot%\tasks\At17.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 4:00:02 PM | Attr =    ]
At18.job -> %SystemRoot%\tasks\At18.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 5:00:00 PM | Attr =    ]
At19.job -> %SystemRoot%\tasks\At19.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 6:00:00 PM | Attr =    ]
At2.job -> %SystemRoot%\tasks\At2.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 1:00:00 AM | Attr =    ]
At20.job -> %SystemRoot%\tasks\At20.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 7:00:02 PM | Attr =    ]
At21.job -> %SystemRoot%\tasks\At21.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 8:00:00 PM | Attr =    ]
At22.job -> %SystemRoot%\tasks\At22.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 9:00:02 PM | Attr =    ]
At23.job -> %SystemRoot%\tasks\At23.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 10:00:02 PM | Attr =    ]
At24.job -> %SystemRoot%\tasks\At24.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/18/2007 11:00:02 PM | Attr =    ]
At3.job -> %SystemRoot%\tasks\At3.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 2:00:02 AM | Attr =    ]
At4.job -> %SystemRoot%\tasks\At4.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 3:00:00 AM | Attr =    ]
At5.job -> %SystemRoot%\tasks\At5.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 4:00:00 AM | Attr =    ]
At6.job -> %SystemRoot%\tasks\At6.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 5:00:02 AM | Attr =    ]
At7.job -> %SystemRoot%\tasks\At7.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 6:00:02 AM | Attr =    ]
At8.job -> %SystemRoot%\tasks\At8.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 7:00:00 AM | Attr =    ]
At9.job -> %SystemRoot%\tasks\At9.job ->  [Ver =  | Size = 350 bytes | Modified Date = 7/19/2007 8:00:00 AM | Attr =    ]
Disk Cleanup.job -> %SystemRoot%\tasks\Disk Cleanup.job ->  [Ver =  | Size = 274 bytes | Modified Date = 7/16/2007 3:00:02 AM | Attr =    ]
McAfee QuickClean.job -> %SystemRoot%\tasks\McAfee QuickClean.job ->  [Ver =  | Size = 338 bytes | Modified Date = 7/19/2007 4:00:02 AM | Attr =    ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT ->  [Ver =  | Size = 6 bytes | Modified Date = 7/18/2007 12:22:24 PM | Attr =  H ]
Spyware Doctor.job -> %SystemRoot%\tasks\Spyware Doctor.job ->  [Ver =  | Size = 300 bytes | Modified Date = 7/19/2007 1:00:00 AM | Attr =    ]
TuneUp RegistryDefrag.job -> %SystemRoot%\tasks\TuneUp RegistryDefrag.job ->  [Ver =  | Size = 278 bytes | Modified Date = 7/16/2007 1:30:02 AM | Attr =    ]
47B7E4AA04s.dll -> %System32%\47B7E4AA04s.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/23/2007 11:10:00 AM | Attr =    ]
acctresv.dll -> %System32%\acctresv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/25/2007 6:54:18 PM | Attr =    ]
acluib.dll -> %System32%\acluib.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/2/2007 10:43:06 AM | Attr =    ]
acluis.dll -> %System32%\acluis.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/5/2007 4:16:12 PM | Attr =    ]
ActiveUtilsb.dll -> %System32%\ActiveUtilsb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/7/2007

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Thu Jul 19, 2007 5:04 pm

10:44:38 AM | Attr =    ]
actxprxyv.dll -> %System32%\actxprxyv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/24/2007 11:28:16 AM | Attr =    ]
admparsea.dll -> %System32%\admparsea.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/13/2007 1:24:32 PM | Attr =    ]
adsnta.dll -> %System32%\adsnta.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/18/2007 11:26:38 PM | Attr =    ]
advapi32v.dll -> %System32%\advapi32v.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/3/2007 12:20:20 PM | Attr =    ]
atlv.dll -> %System32%\atlv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/21/2007 8:44:34 AM | Attr =    ]
atmfdba.dll -> %System32%\atmfdba.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/1/2007 9:15:08 AM | Attr =    ]
au3305adca.dll -> %System32%\au3305adca.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/12/2007 1:12:06 PM | Attr =    ]
audiosrvs.dll -> %System32%\audiosrvs.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/8/2007 10:59:26 AM | Attr =    ]
autodisca.dll -> %System32%\autodisca.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/9/2007 3:45:26 PM | Attr =    ]
autodiscv.dll -> %System32%\autodiscv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/16/2007 3:42:02 PM | Attr =    ]
avmeterv.dll -> %System32%\avmeterv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/14/2007 2:22:46 PM | Attr =    ]
basesrvv.dll -> %System32%\basesrvv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/11/2007 12:26:26 PM | Attr =    ]
basesrvvv.dll -> %System32%\basesrvvv.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/15/2007 2:26:44 PM | Attr =    ]
BASSMODb.dll -> %System32%\BASSMODb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/26/2007 9:34:30 PM | Attr =    ]
BASSMODvb.dll -> %System32%\BASSMODvb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/4/2007 1:40:00 PM | Attr =    ]
BitCometRes.dll -> %System32%\BitCometRes.dll -> BitComet [Ver = 1, 0, 0, 1 | Size = 2560 bytes | Modified Date = 6/22/2007 8:20:42 AM | Attr =    ]
BitCometResb.dll -> %System32%\BitCometResb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 7/17/2007 6:03:22 PM | Attr =    ]
BJAXSecurityManagerb.dll -> %System32%\BJAXSecurityManagerb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/30/2007 9:07:10 AM | Attr =    ]
BJInstallers.dll -> %System32%\BJInstallers.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/27/2007 10:06:44 PM | Attr =    ]
BMAPIa.dll -> %System32%\BMAPIa.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/22/2007 8:53:16 AM | Attr =    ]
CatRoot -> %System32%\CatRoot ->  [Folder | Modified Date = 6/25/2007 9:01:08 PM | Attr =    ]
CatRoot2 -> %System32%\CatRoot2 ->  [Folder | Modified Date = 7/18/2007 1:49:06 PM | Attr =    ]
ccfgntb.dll -> %System32%\ccfgntb.dll ->  [Ver = 1, 0, 0, 1 | Size = 21504 bytes | Modified Date = 6/29/2007 9:02:22 AM | Attr =    ]
Com -> %System32%\Com ->  [Folder | Modified Date = 6/25/2007 9:07:30 PM | Attr =    ]
dllcache -> %System32%\dllcache ->  [Folder | Modified Date = 7/14/2007 10:35:42 AM | Attr = RHS]
drivers -> %System32%\drivers ->  [Folder | Modified Date = 7/18/2007 12:58:16 PM | Attr =    ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT ->  [Ver =  | Size = 390384 bytes | Modified Date = 6/25/2007 10:10:26 PM | Attr =    ]
nvapps.xml -> %System32%\nvapps.xml ->  [Ver =  | Size = 88108 bytes | Modified Date = 7/18/2007 12:22:36 PM | Attr =    ]
perfc009.dat -> %System32%\perfc009.dat ->  [Ver =  | Size = 63856 bytes | Modified Date = 7/11/2007 3:04:42 AM | Attr =    ]
perfh009.dat -> %System32%\perfh009.dat ->  [Ver =  | Size = 403840 bytes | Modified Date = 7/11/2007 3:04:42 AM | Attr =    ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI ->  [Ver =  | Size = 457900 bytes | Modified Date = 7/11/2007 3:04:42 AM | Attr =    ]
Sweeper.cfg -> %System32%\Sweeper.cfg ->  [Ver =  | Size = 0 bytes | Modified Date = 7/18/2007 12:22:04 PM | Attr =    ]
UffHMd8h.exe -> %System32%\UffHMd8h.exe ->  [Ver =  | Size = 20544 bytes | Modified Date = 6/22/2007 9:11:00 AM | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 13646 bytes | Modified Date = 7/18/2007 12:23:32 PM | Attr =    ]
1Click DVD Copy Pro -> %AllUsersAppData%\1Click DVD Copy Pro ->  [Folder | Modified Date = 7/18/2007 12:51:38 PM | Attr =    ]
GRETECH -> %AllUsersAppData%\GRETECH ->  [Folder | Modified Date = 7/18/2007 1:40:10 PM | Attr =    ]
1clickPro -> %UserAppData%\1clickPro ->  [Folder | Modified Date = 7/9/2007 6:53:50 PM | Attr =    ]
GRETECH -> %UserAppData%\GRETECH ->  [Folder | Modified Date = 7/18/2007 1:39:24 PM | Attr =    ]
Ares -> %LocalAppData%\Ares ->  [Folder | Modified Date = 7/18/2007 1:56:58 PM | Attr =    ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ->  [Ver =  | Size = 183296 bytes | Modified Date = 7/18/2007 1:57:08 PM | Attr =    ]
IconCache.db -> %LocalAppData%\IconCache.db ->  [Ver =  | Size = 4267486 bytes | Modified Date = 6/21/2007 8:38:10 AM | Attr =  H ]
ESBK.mb -> %AllUsersDocuments%\ESBK.mb ->  [Ver =  | Size = 5381120 bytes | Modified Date = 7/17/2007 9:55:32 PM | Attr = R  ]
ESBK.mbb -> %AllUsersDocuments%\ESBK.mbb ->  [Ver =  | Size = 7590912 bytes | Modified Date = 7/17/2007 9:55:32 PM | Attr = R  ]
1CLICK DVD Copy Pro 2.5.1.8 -> %UserDocuments%\1CLICK DVD Copy Pro 2.5.1.8 ->  [Folder | Modified Date = 7/18/2007 8:34:42 AM | Attr =    ]
ClearMem -> %UserDocuments%\ClearMem ->  [Folder | Modified Date = 7/18/2007 12:48:38 PM | Attr =    ]
Clif's storm envelope.doc -> %UserDocuments%\Clif's storm envelope.doc ->  [Ver =  | Size = 19456 bytes | Modified Date = 7/15/2007 1:11:54 PM | Attr =    ]
GomPlayer -> %UserDocuments%\GomPlayer ->  [Folder | Modified Date = 7/18/2007 1:39:24 PM | Attr =    ]
GOMPLAYERENSETUP.EXE -> %UserDocuments%\GOMPLAYERENSETUP.EXE -> Gretech Corp. [Ver = 2.1 | Size = 4334408 bytes | Modified Date = 7/18/2007 1:09:00 PM | Attr =    ]
How to Boost Your Torrent Download Speeds (Video Tutorial) -> %UserDocuments%\How to Boost Your Torrent Download Speeds (Video Tutorial) ->  [Folder | Modified Date = 7/18/2007 8:37:00 AM | Attr =    ]
My PSP Files -> %UserDocuments%\My PSP Files ->  [Folder | Modified Date = 7/18/2007 3:12:20 PM | Attr =    ]
PowerISO37.exe -> %UserDocuments%\PowerISO37.exe ->  [Ver =  | Size = 1014730 bytes | Modified Date = 7/16/2007 4:13:20 AM | Attr =    ]
SageTV_v5.0.4.92-DIGERATI -> %UserDocuments%\SageTV_v5.0.4.92-DIGERATI ->  [Folder | Modified Date = 6/22/2007 9:14:54 AM | Attr =    ]
Thank You card for Clif's storm.doc -> %UserDocuments%\Thank You card for Clif's storm.doc ->  [Ver =  | Size = 19456 bytes | Modified Date = 7/5/2007 1:34:18 PM | Attr =    ]
Thank you card text Clif's storm.doc -> %UserDocuments%\Thank you card text Clif's storm.doc ->  [Ver =  | Size = 19456 bytes | Modified Date = 7/9/2007 10:40:16 AM | Attr =    ]
tskinf70.exe -> %UserDocuments%\tskinf70.exe -> Igor Arsenin (Iarsn)                                        [Ver = 7.0.8.216            | Size = 1642560 bytes | Modified Date = 7/18/2007 12:57:54 PM | Attr =    ]
unlocker1.8.5.exe -> %UserDocuments%\unlocker1.8.5.exe ->  [Ver =  | Size = 195645 bytes | Modified Date = 7/18/2007 12:55:18 PM | Attr =    ]
39679 Morris Street.doc -> %UserDesktop%\39679 Morris Street.doc ->  [Ver =  | Size = 19456 bytes | Modified Date = 6/27/2007 5:28:28 PM | Attr =    ]
Fergie - Big Girls Dont Cry.mp3 -> %UserDesktop%\Fergie - Big Girls Dont Cry.mp3 ->  [Ver =  | Size = 6840872 bytes | Modified Date = 7/12/2007 11:16:40 PM | Attr =    ]
Wedding -> %UserDesktop%\Wedding ->  [Folder | Modified Date = 7/18/2007 1:53:58 PM | Attr =    ]
windows xp -> %UserDesktop%\windows xp ->  [Folder | Modified Date = 7/16/2007 4:23:40 AM | Attr =    ]
WinPFind3u -> %UserDesktop%\WinPFind3u ->  [Folder | Modified Date = 7/19/2007 11:40:22 AM | Attr =    ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe ->  [Ver =  | Size = 355277 bytes | Modified Date = 7/19/2007 11:40:02 AM | Attr =    ]
System -> %CommonProgramFiles%\System ->  [Folder | Modified Date = 6/25/2007 9:08:10 PM | Attr =    ]

[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable ->
PEC2 ,  -> %System32%\dfrg.msc ->  [Ver =  | Size = 41397 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr =    ]
UPX! , UPX0 ,  -> %System32%\DGVorbis.dll ->  [Ver =  | Size = 182784 bytes | Modified Date = 7/19/2002 2:08:14 PM | Attr =    ]
Umonitor ,  -> %System32%\ipebase12.dll -> Hewlett-Packard Company [Ver = 1, 2, 0, 3 | Size = 331776 bytes | Modified Date = 4/28/1999 3:01:12 PM | Attr =    ]
Thawte Consulting ,  -> %System32%\SmartUI2.ocx -> Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com [Ver = 2.00.0202 | Size = 874248 bytes | Modified Date = 6/14/2004 4:04:34 PM | Attr =    ]
UPX! , UPX0 ,  -> %System32%\SrchSTS.exe -> S!Ri [Ver =  | Size = 288417 bytes | Modified Date = 4/27/2006 5:49:30 PM | Attr =    ]
UPX! , UPX0 ,  -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Modified Date = 8/29/2006 7:43:54 PM | Attr =    ]
UPX! , UPX0 ,  -> %System32%\swsc.exe ->  [Ver =  | Size = 40960 bytes | Modified Date = 1/9/2006 10:36:06 AM | Attr =    ]
@Alternate Data Stream - 0 bytes -> %System32%\Thumbs.db:encryptable ->
UPX! , UPX0 ,  -> %System32%\UffHMd8h.exe ->  [Ver =  | Size = 20544 bytes | Modified Date = 6/22/2007 9:11:00 AM | Attr =    ]
winsync ,  -> %System32%\wbdbase.deu ->  [Ver =  | Size = 1309184 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr =    ]
Thawte Consulting ,  -> %System32%\webupl50.ocx -> /n software inc. - www.nsoftware.com [Ver = 5.0.0.1284 | Size = 170248 bytes | Modified Date = 7/9/2003 5:21:24 AM | Attr =    ]
Thawte Consulting ,  -> %System32%\XceedCry.dll -> Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com [Ver = 1.1.107.0 | Size = 512688 bytes | Modified Date = 11/19/2003 3:59:36 PM | Attr =    ]
Thawte Consulting ,  -> %System32%\XceedFTP.dll -> Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com [Ver = 1.1.129.0 | Size = 279392 bytes | Modified Date = 12/6/2004 2:45:48 PM | Attr =    ]
Thawte Consulting ,  -> %System32%\XceedZip.dll -> Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com [Ver = 5.0.117.0 | Size = 427864 bytes | Modified Date = 6/14/2004 3:56:26 PM | Attr =    ]
WSUD , UPX0 ,  -> %System32%\dllcache\hwxjpn.dll ->  [Ver =  | Size = 13463552 bytes | Modified Date = 8/4/2004 7:00:00 AM | Attr =    ]
@Alternate Data Stream - 109 bytes -> %AllUsersAppData%\TEMP:364682BC ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\1clickdvdcopyprosetup.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\1clickdvdcopysetup.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\1Click_DVD_Copy_Pro_1[1].x.Loader_MP2K.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\810A_1.0e.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\calendar.exe:Zone.Identifier ->
Thawte Consulting ,  -> %UserDocuments%\ccsetup139.exe -> Piriform Ltd [Ver = 1.39.0.502 | Size = 2714784 bytes | Modified Date = 6/1/2007 10:02:52 AM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\cdr40b-a.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\cepsetup.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\DriveCheck.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\DVD43_3-8-0_Setup.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\e-n7eu01.zip:Zone.Identifier ->
UPX! , aspack , UPX0 ,  -> %UserDocuments%\EasyHex.exe -> (c) HexSoft Inc. 2003 [Ver = 1, 20, 18 | Size = 59904 bytes | Modified Date = 1/14/2004 2:01:12 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\fb_106.zip:Zone.Identifier ->
Thawte Consulting ,  -> %UserDocuments%\GOMPLAYERENSETUP.EXE -> Gretech Corp. [Ver = 2.1 | Size = 4334408 bytes | Modified Date = 7/18/2007 1:09:00 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\hw32v423.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\Hwy 642 lots.doc:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\I7-A15.EXE:Zone.Identifier ->
WSUD ,  -> %UserDocuments%\Kaci's Wedding.bmp ->  [Ver =  | Size = 3457046 bytes | Modified Date = 7/27/2004 7:59:50 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\myJAL Apollo Edition crack.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\PatientRunner20.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\pidenu08.msi:Zone.Identifier ->
USERTRUST ,  -> %UserDocuments%\polyinst.exe ->  [Ver =  | Size = 7343176 bytes | Modified Date = 4/18/2007 9:10:28 AM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\RA2v1006Trn.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\RulesExtractor[1].rar.txt:Zone.Identifier ->
UPX! ,  -> %UserDocuments%\sj650en.exe ->  [Ver =  | Size = 56756736 bytes | Modified Date = 3/30/2007 2:59:46 PM | Attr =    ]
@Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable ->
UPX! , UPX0 ,  -> %UserDocuments%\Tuneup keygen.exe ->  [Ver =  | Size = 72704 bytes | Modified Date = 7/26/2006 8:16:14 PM | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDocuments%\WinRAR_3[1].5x_CE.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\wp.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDocuments%\wrar351.exe:Zone.Identifier ->
@Alternate Data Stream - 0 bytes -> %UserDesktop%\Thumbs.db:encryptable ->


Essexboy
Administrator
Administrator
Posts: 903
Joined: Wed Sep 14, 2005 11:20 am
Location: Helston - Cornwall
Contact:

Re: pesky undeletable desktop icon or file!

Post by Essexboy » Thu Jul 19, 2007 10:15 pm

I think that is the least of your problems as you have a few trojans there

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.
[Registry - Non-Microsoft Only]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> SecureWeb -> %System32%\UffHMd8h.exe
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
YY -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\isamonitor.exe -> C:\Program Files\Gold Codec\isamonitor.exe
YY -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\pmsngr.exe -> C:\Program Files\Gold Codec\pmsngr.exe
-> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YY -> {0edc6c20-a31c-11db-8ab9-0800200c9a66} [HKLM] -> %System32%\adsnta.dll [ChangerBHO Class]
YY -> {3AAC4C68-AFC8-11DB-80EF-8AF955D89593} [HKLM] -> %ProgramFiles%\TrustIn Contextual\trustincontext.dll [ContextualAds Class]
YY -> {631f7200-642e-11db-bd13-0800200c9a66} [HKLM] -> %System32%\mscoriezb.dll [Clicker Class]
YY -> {85589B5D-D53D-4237-A677-46B82EA275F3} [HKLM] -> %SystemRoot%\xhelper.dll [XML Helper]
YN -> {ae18da4e-be15-4925-81bb-890c04af0200} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
YY -> {f015f320-ab08-11db-abbd-0800200c9a66} [HKLM] -> %SystemRoot%\inetloader.dll [WeeklyExecuter Class]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YN -> {96ebbe6a-2864-4345-b32b-26ee9be524b5} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
YN -> WebBrowser\\{96EBBE6A-2864-4345-B32B-26EE9BE524B5} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
YN -> TISA ->
-> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
YN -> {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_03 - CodeBase = http://java.sun.com/products/plugin/aut ... s-i586.cab
YN -> {EB387D2F-E27B-4D36-979E-847D1036C65D} -> QDiagHUpdateObj Class - CodeBase = http://h30155.www3.hp.com/ediags/hpfix/ ... gh.cab?326
[Files/Folders - Created Within 30 days]
NY -> xhelper.dll -> %SystemRoot%\xhelper.dll
NY -> xmlhelper2.dll -> %SystemRoot%\xmlhelper2.dll
NY -> xmlhelper4.dll -> %SystemRoot%\xmlhelper4.dll
NY -> At1.job -> %SystemRoot%\tasks\At1.job
NY -> At10.job -> %SystemRoot%\tasks\At10.job
NY -> At11.job -> %SystemRoot%\tasks\At11.job
NY -> At12.job -> %SystemRoot%\tasks\At12.job
NY -> At13.job -> %SystemRoot%\tasks\At13.job
NY -> At14.job -> %SystemRoot%\tasks\At14.job
NY -> At15.job -> %SystemRoot%\tasks\At15.job
NY -> At16.job -> %SystemRoot%\tasks\At16.job
NY -> At17.job -> %SystemRoot%\tasks\At17.job
NY -> At18.job -> %SystemRoot%\tasks\At18.job
NY -> At19.job -> %SystemRoot%\tasks\At19.job
NY -> At2.job -> %SystemRoot%\tasks\At2.job
NY -> At20.job -> %SystemRoot%\tasks\At20.job
NY -> At21.job -> %SystemRoot%\tasks\At21.job
NY -> At22.job -> %SystemRoot%\tasks\At22.job
NY -> At23.job -> %SystemRoot%\tasks\At23.job
NY -> At24.job -> %SystemRoot%\tasks\At24.job
NY -> At3.job -> %SystemRoot%\tasks\At3.job
NY -> At4.job -> %SystemRoot%\tasks\At4.job
NY -> At5.job -> %SystemRoot%\tasks\At5.job
NY -> At6.job -> %SystemRoot%\tasks\At6.job
NY -> At8.job -> %SystemRoot%\tasks\At8.job
NY -> At9.job -> %SystemRoot%\tasks\At9.job
NY -> 47B7E4AA04s.dll -> %System32%\47B7E4AA04s.dll
NY -> acctresv.dll -> %System32%\acctresv.dll
NY -> acluib.dll -> %System32%\acluib.dll
NY -> acluis.dll -> %System32%\acluis.dll
NY -> ActiveUtilsb.dll -> %System32%\ActiveUtilsb.dll
NY -> actxprxyv.dll -> %System32%\actxprxyv.dll
NY -> admparsea.dll -> %System32%\admparsea.dll
NY -> adsnta.dll -> %System32%\adsnta.dll
NY -> advapi32v.dll -> %System32%\advapi32v.dll
NY -> atlv.dll -> %System32%\atlv.dll
NY -> atmfdba.dll -> %System32%\atmfdba.dll
NY -> au3305adca.dll -> %System32%\au3305adca.dll
NY -> autodisca.dll -> %System32%\autodisca.dll
NY -> autodiscv.dll -> %System32%\autodiscv.dll
NY -> avmeterv.dll -> %System32%\avmeterv.dll
NY -> basesrvv.dll -> %System32%\basesrvv.dll
NY -> basesrvvv.dll -> %System32%\basesrvvv.dll
NY -> BASSMODb.dll -> %System32%\BASSMODb.dll
NY -> BASSMODvb.dll -> %System32%\BASSMODvb.dll
NY -> BJAXSecurityManagerb.dll -> %System32%\BJAXSecurityManagerb.dll
NY -> BJInstallers.dll -> %System32%\BJInstallers.dll
NY -> ccfgntb.dll -> %System32%\ccfgntb.dll
NY -> UffHMd8h.exe -> %System32%\UffHMd8h.exe
[File String Scan - Non-Microsoft Only]
NY -> @Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable
NY -> @Alternate Data Stream - 0 bytes -> %System32%\Thumbs.db:encryptable
NY -> @Alternate Data Stream - 109 bytes -> %AllUsersAppData%\TEMP:364682BC
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\1clickdvdcopyprosetup.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\1clickdvdcopysetup.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\1Click_DVD_Copy_Pro_1[1].x.Loader_MP2K.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\810A_1.0e.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\calendar.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\cdr40b-a.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\cepsetup.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\DriveCheck.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\DVD43_3-8-0_Setup.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\e-n7eu01.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\fb_106.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\hw32v423.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\Hwy 642 lots.doc:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\I7-A15.EXE:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\myJAL Apollo Edition crack.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\PatientRunner20.exe:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\pidenu08.msi:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\RA2v1006Trn.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\RulesExtractor[1].rar.txt:Zone.Identifier
NY -> @Alternate Data Stream - 0 bytes -> %UserDocuments%\Thumbs.db:encryptable
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\WinRAR_3[1].5x_CE.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\wp.zip:Zone.Identifier
NY -> @Alternate Data Stream - 26 bytes -> %UserDocuments%\wrar351.exe:Zone.Identifier
NY -> @Alternate Data Stream - 0 bytes -> %UserDesktop%\Thumbs.db:encryptable
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Download ComboFix from Here or Here to your Desktop.
  • Double click combofix.exe and follow the prompts.
  • When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
VISTA
XPsp2
Avast (of course)
Image


http://spaces.msn.com/members/essexboymkn/

If ignorance is bliss  why aren't more people happy?

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Fri Jul 20, 2007 5:59 pm

[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SecureWeb deleted successfully.
C:\WINDOWS\SYSTEM32\UffHMd8h.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\isamonitor.exe not found.
File C:\Program Files\Gold Codec\isamonitor.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\\pmsngr.exe not found.
File C:\Program Files\Gold Codec\pmsngr.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0edc6c20-a31c-11db-8ab9-0800200c9a66} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0edc6c20-a31c-11db-8ab9-0800200c9a66} deleted successfully.
C:\WINDOWS\SYSTEM32\adsnta.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3AAC4C68-AFC8-11DB-80EF-8AF955D89593} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3AAC4C68-AFC8-11DB-80EF-8AF955D89593} deleted successfully.
C:\Program Files\TrustIn Contextual\trustincontext.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{631f7200-642e-11db-bd13-0800200c9a66} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{631f7200-642e-11db-bd13-0800200c9a66} deleted successfully.
C:\WINDOWS\SYSTEM32\mscoriezb.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85589B5D-D53D-4237-A677-46B82EA275F3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85589B5D-D53D-4237-A677-46B82EA275F3} deleted successfully.
C:\WINDOWS\xhelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae18da4e-be15-4925-81bb-890c04af0200} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f015f320-ab08-11db-abbd-0800200c9a66} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f015f320-ab08-11db-abbd-0800200c9a66} deleted successfully.
C:\WINDOWS\inetloader.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\{96ebbe6a-2864-4345-b32b-26ee9be524b5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\WebBrowser\\{96EBBE6A-2864-4345-B32B-26EE9BE524B5} not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\\TISA deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
not found.
C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} deleted successfully.
Removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} complete!
Starting removal of ActiveX control {EB387D2F-E27B-4D36-979E-847D1036C65D}
C:\WINDOWS\system32\DDMI2.sys moved successfully.
C:\WINDOWS\system32\DLPT2.sys moved successfully.
C:\WINDOWS\system32\DLPT2.VXD moved successfully.
C:\WINDOWS\system32\DDMI.VXD moved successfully.
C:\WINDOWS\system32\qdiagh.ocx moved successfully.
C:\WINDOWS\Downloaded Program Files\qdiagh.inf moved successfully.
C:\WINDOWS\system32\qdiagh.ocx not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{EB387D2F-E27B-4D36-979E-847D1036C65D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB387D2F-E27B-4D36-979E-847D1036C65D} deleted successfully.
Removal of ActiveX control {EB387D2F-E27B-4D36-979E-847D1036C65D} complete!
[Files/Folders - Created Within 30 days]
File C:\WINDOWS\xhelper.dll not found!
C:\WINDOWS\xmlhelper2.dll moved successfully.
C:\WINDOWS\xmlhelper4.dll moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At12.job moved successfully.
C:\WINDOWS\tasks\At13.job moved successfully.
C:\WINDOWS\tasks\At14.job moved successfully.
C:\WINDOWS\tasks\At15.job moved successfully.
C:\WINDOWS\tasks\At16.job moved successfully.
C:\WINDOWS\tasks\At17.job moved successfully.
C:\WINDOWS\tasks\At18.job moved successfully.
C:\WINDOWS\tasks\At19.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At20.job moved successfully.
C:\WINDOWS\tasks\At21.job moved successfully.
C:\WINDOWS\tasks\At22.job moved successfully.
C:\WINDOWS\tasks\At23.job moved successfully.
C:\WINDOWS\tasks\At24.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At9.job moved successfully.
C:\WINDOWS\SYSTEM32\47B7E4AA04s.dll moved successfully.
C:\WINDOWS\SYSTEM32\acctresv.dll moved successfully.
C:\WINDOWS\SYSTEM32\acluib.dll moved successfully.
C:\WINDOWS\SYSTEM32\acluis.dll moved successfully.
C:\WINDOWS\SYSTEM32\ActiveUtilsb.dll moved successfully.
C:\WINDOWS\SYSTEM32\actxprxyv.dll moved successfully.
C:\WINDOWS\SYSTEM32\admparsea.dll moved successfully.
File C:\WINDOWS\SYSTEM32\adsnta.dll not found!
C:\WINDOWS\SYSTEM32\advapi32v.dll moved successfully.
C:\WINDOWS\SYSTEM32\atlv.dll moved successfully.
C:\WINDOWS\SYSTEM32\atmfdba.dll moved successfully.
C:\WINDOWS\SYSTEM32\au3305adca.dll moved successfully.
C:\WINDOWS\SYSTEM32\autodisca.dll moved successfully.
C:\WINDOWS\SYSTEM32\autodiscv.dll moved successfully.
C:\WINDOWS\SYSTEM32\avmeterv.dll moved successfully.
C:\WINDOWS\SYSTEM32\basesrvv.dll moved successfully.
C:\WINDOWS\SYSTEM32\basesrvvv.dll moved successfully.
C:\WINDOWS\SYSTEM32\BASSMODb.dll moved successfully.
C:\WINDOWS\SYSTEM32\BASSMODvb.dll moved successfully.
C:\WINDOWS\SYSTEM32\BJAXSecurityManagerb.dll moved successfully.
C:\WINDOWS\SYSTEM32\BJInstallers.dll moved successfully.
C:\WINDOWS\SYSTEM32\ccfgntb.dll moved successfully.
File C:\WINDOWS\SYSTEM32\UffHMd8h.exe not found!
[File String Scan - Non-Microsoft Only]
ADS C:\WINDOWS\Thumbs.db:encryptable deleted successfully.
ADS C:\WINDOWS\SYSTEM32\Thumbs.db:encryptable deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:364682BC deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\1clickdvdcopyprosetup.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\1clickdvdcopysetup.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\1Click_DVD_Copy_Pro_1[1].x.Loader_MP2K.zip:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\810A_1.0e.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\calendar.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\cdr40b-a.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\cepsetup.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\DriveCheck.zip:Zone.Identifier deleted successfully.
Unable to delete ADS C:\Documents and Settings\Clif & Jenny\My Documents\DVD43_3-8-0_Setup.exe:Zone.Identifier .
ADS C:\Documents and Settings\Clif & Jenny\My Documents\e-n7eu01.zip:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\fb_106.zip:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\hw32v423.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\Hwy 642 lots.doc:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\I7-A15.EXE:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\myJAL Apollo Edition crack.zip:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\PatientRunner20.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\pidenu08.msi:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\RA2v1006Trn.zip:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\RulesExtractor[1].rar.txt:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\Thumbs.db:encryptable deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\WinRAR_3[1].5x_CE.zip:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\wp.zip:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\My Documents\wrar351.exe:Zone.Identifier deleted successfully.
ADS C:\Documents and Settings\Clif & Jenny\Desktop\Thumbs.db:encryptable deleted successfully.

Created on 07/20/2007 12:56:36

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Fri Jul 20, 2007 6:28 pm

"Clif & Jenny" - 2007-07-20 13:16:46 - ComboFix 07-07-17.8 - Service Pack 2  NTFS 


(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))


C:\bold.log
C:\Program Files\video activex object
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\drivers\fad.sys


(((((((((((((((((((((((((  Files Created from 2007-06-20 to 2007-07-20  )))))))))))))))))))))))))))))))


2007-07-20 13:01 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-20 11:51 21,504 --a------ C:\WINDOWS\system32\basesrvvvv.dll
2007-07-19 14:06 d-------- C:\Program Files\RegCure
2007-07-18 13:40 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\GRETECH
2007-07-18 13:39 d-------- C:\DOCUME~1\CLIF&J~1\APPLIC~1\GRETECH
2007-07-18 13:38 d-------- C:\Program Files\GRETECH
2007-07-18 12:58 17,928 --a------ C:\WINDOWS\system32\drivers\Tsknf700.sys
2007-07-18 12:58 d-------- C:\Program Files\Iarsn
2007-07-17 18:03 21,504 --a------ C:\WINDOWS\system32\BitCometResb.dll
2007-07-16 04:14 d-------- C:\Program Files\PowerISO
2007-07-08 10:59 21,504 --a------ C:\WINDOWS\system32\audiosrvs.dll
2007-06-22 08:53 21,504 --a------ C:\WINDOWS\system32\BMAPIa.dll


((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-20 17:56:33 -------- d-----w C:\Program Files\TrustIn Contextual
2007-07-18 13:55:36 -------- d-----w C:\Program Files\BitComet
2007-07-14 15:45:50 1,080 ----a-w C:\WINDOWS\AUTOLNCH.REG
2007-07-09 23:53:49 -------- d-----w C:\DOCUME~1\CLIF&J~1\APPLIC~1\1clickPro
2007-06-27 09:18:21 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2007-06-26 02:10:35 -------- d-----w C:\Program Files\Messenger
2007-06-22 13:20:41 2,560 ----a-w C:\WINDOWS\system32\BitCometRes.dll
2007-06-21 22:43:14 -------- d-----w C:\Program Files\AutoCAD R14
2007-06-19 08:52:02 21,504 ----a-w C:\WINDOWS\system32\apphelpa.dll
2007-06-18 08:47:16 21,504 ----a-w C:\WINDOWS\system32\BASSMODa.dll
2007-06-16 18:49:25 -------- d-----w C:\DOCUME~1\CLIF&J~1\APPLIC~1\Vso
2007-06-16 18:19:50 21,504 ----a-w C:\WINDOWS\system32\atmfdb.dll
2007-06-15 00:48:39 21,504 ----a-w C:\WINDOWS\system32\avifil32s.dll
2007-06-13 21:46:21 21,504 ----a-w C:\WINDOWS\system32\batmeterb.dll
2007-06-12 15:25:17 21,504 ----a-w C:\WINDOWS\system32\ciadminb.dll
2007-06-11 00:53:48 21,504 ----a-w C:\WINDOWS\system32\Awdenc32a.dll
2007-06-10 00:19:48 21,504 ----a-w C:\WINDOWS\system32\BASSMODv.dll
2007-06-07 16:45:02 -------- d-----w C:\Program Files\Video Strip Poker Supreme
2007-06-01 15:03:32 -------- d-----w C:\Program Files\CCleaner
2007-06-01 14:50:14 -------- d-----w C:\Program Files\QuickTime
2007-05-30 03:02:52 -------- d-----w C:\Program Files\IrfanView
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-02-06 16:04:16 87,608 ----a-w C:\DOCUME~1\CLIF&J~1\APPLIC~1\ezpinst.exe
2007-02-06 16:04:16 47,360 ----a-w C:\DOCUME~1\CLIF&J~1\APPLIC~1\pcouffin.sys
2006-05-25 14:57:19 103,856 ----a-w C:\DOCUME~1\CLIF&J~1\APPLIC~1\GDIPFONTCACHEV1.DAT
2006-02-05 16:12:34 8 ----a-w C:\DOCUME~1\CLIF&J~1\APPLIC~1\GameShock.dat
2006-02-05 15:19:32 80 --sha-r C:\WINDOWS\system32\47B7E4AA04.dll
2006-02-03 22:21:52 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys


(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-01-12 21:38 63128 --a------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
2007-06-14 08:07 443968 --a------ C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}]
2005-12-09 17:22 786656 --a------ C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2005-11-10 14:22 184423 --a------ C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B56A7D7D-6927-48C8-A975-17DF180C71AC}]
2006-11-24 22:02 847608 --a------ C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-03-23 18:06]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 19:42]
"nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINDOWS\system32\nwiz.exe]
"dvd43"="C:\Program Files\dvd43\dvd43_tray.exe" [2006-05-22 14:26]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"="C:\Documents and Settings\Clif & Jenny\My Documents\volumouse\volumouse.exe" [2006-05-27 12:49]
"Spyware Doctor"="C:\Program Files\Spyware Doctor\swdoctor.exe" [2006-01-11 03:56]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-05-10 06:01]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Spyware Doctor"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"RegWinBackUp"=0 (0x0)
"NoSecurityTab"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"IntelMeM"=C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"nwiz"=nwiz.exe /install
"Ulead AutoDetector v2"=C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe


Contents of the 'Scheduled Tasks' folder
2007-07-20 06:30:00  C:\WINDOWS\tasks\1-Click Maintenance.job
2007-07-20 11:00:00  C:\WINDOWS\tasks\At7.job
2007-07-16 08:00:00  C:\WINDOWS\tasks\Disk Cleanup.job
2007-07-20 09:00:00  C:\WINDOWS\tasks\McAfee QuickClean.job
2007-07-20 18:05:37  C:\WINDOWS\tasks\RegCure Program Check.job
2007-07-19 19:06:55  C:\WINDOWS\tasks\RegCure.job
2007-07-20 06:00:00  C:\WINDOWS\tasks\Spyware Doctor.job
2007-07-16 06:30:00  C:\WINDOWS\tasks\TuneUp RegistryDefrag.job

**************************************************************************

catchme 0.3.1040 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-20 13:22:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:0000007a

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-20 13:24:53
C:\ComboFix-quarantined-files.txt ... 2007-07-20 13:24

--- E O F ---

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Fri Jul 20, 2007 6:29 pm

Logfile of HijackThis v1.99.1
Scan saved at 1:29:02 PM, on 7/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Documents and Settings\Clif & Jenny\My Documents\volumouse\volumouse.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Clif & Jenny\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKCU\..\Run: [$Volumouse$] "C:\Documents and Settings\Clif & Jenny\My Documents\volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = ?
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = ?
O4 - Global Startup: taskbar icon.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/share ... insctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7514859640
O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} - http://www.autodesk.com/global/dwfviewe ... rSetup.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/share ... cgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{385D0FDA-7B7D-4C14-8DBE-4769C2EBB492}: NameServer = 192.168.1.254,192.168.1.255
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

Clif
Contributor
Contributor
Posts: 20
Joined: Wed Jul 18, 2007 6:25 pm

Re: pesky undeletable desktop icon or file!

Post by Clif » Fri Jul 20, 2007 6:31 pm

Do you think one of these trojans may also have something to do with the undeletable file?

Post Reply