Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.
      
2 Pages V   1 2 >  
 Closed TopicStart new topic
computer restarts on it own and im at my wits end [CLOSED] [RESOLVED]
Andy35652
post Jun 11 2008, 09:41 AM
Post #1


Member
**
Posts: 10
OS: xp
thank you for all yal do to help us. here is my hijack this.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:31 AM, on 6/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Nexon\Mabinogi\npkcmsvc.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\Program Files\Speed Disk\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kaldorei.com/worldmap/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ADSTechnology module - {831CBAC0-8283-4653-9D81-FEB9F3F6E47C} - C:\Program Files\ADSTechnology\ADSTechnology.dll (file missing)
O2 - BHO: ActivationManager module - {86A44EF7-78FC-4e18-A564-B18F806F7F56} - C:\Program Files\ActivationManager\ActivationManager.dll (file missing)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: (no name) - {D5A539B9-E4B3-494E-9A09-6160BF15E7AF} - C:\WINDOWS\system32\kernel42.dll (file missing)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll (file missing)
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKLM\..\Policies\Explorer\Run: [ZboardTray] "C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Looksitup Toolbar - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\The Golden's\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1101366776687
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{49D00F5B-A5EC-4983-B527-035D4597D6B1}: NameServer = 205.152.132.23 205.152.144.23
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - E:\Nexon\Mabinogi\npkcmsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - http://portraits.olanmills.com/photos/cust...efresh=4816.628

--
End of file - 10735 bytes
Go to the top of the page
 
+Quote Post
fenzodahl512
post Jun 13 2008, 07:45 AM
Post #2


Trusted Helper
Group Icon
Posts: 4,267
OS: Windows XP
Hello Andy35652, my name is fenzodahl512 and welcome to Geekstogo.. Please do the following..


Please download Deckard's System Scanner (DSS) from HERE or HERE and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • Please let your firewall allow the scanning/downloading process.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.




Regards
fenzodahl512
Go to the top of the page
 
+Quote Post
Andy35652
post Jun 13 2008, 12:46 PM
Post #3


Member
**
Posts: 10
OS: xp
here u go

Deckard's System Scanner v20071014.68
Run by The Golden's on 2008-06-13 13:44:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-06-13 18:44:38 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as The Golden's.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:46:14 PM, on 6/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Nexon\Mabinogi\npkcmsvc.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\Program Files\Speed Disk\nopdb.exe
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\The Golden's\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\The Golden's.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kaldorei.com/worldmap/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://sidesearch.dropspam.com/sidesearch.htm
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ADSTechnology module - {831CBAC0-8283-4653-9D81-FEB9F3F6E47C} - C:\Program Files\ADSTechnology\ADSTechnology.dll (file missing)
O2 - BHO: ActivationManager module - {86A44EF7-78FC-4e18-A564-B18F806F7F56} - C:\Program Files\ActivationManager\ActivationManager.dll (file missing)
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll (file missing)
O2 - BHO: (no name) - {D5A539B9-E4B3-494E-9A09-6160BF15E7AF} - C:\WINDOWS\system32\kernel42.dll (file missing)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll (file missing)
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKLM\..\Policies\Explorer\Run: [ZboardTray] "C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Looksitup Toolbar - {B6E649FA-5461-40d7-AB4D-54FC3C8DB767} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\The Golden's\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1101366776687
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{49D00F5B-A5EC-4983-B527-035D4597D6B1}: NameServer = 205.152.132.23 205.152.144.23
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - E:\Nexon\Mabinogi\npkcmsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Program Files\Speed Disk\nopdb.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - http://portraits.olanmills.com/photos/cust...efresh=4816.628

--
End of file - 10782 bytes

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,71
.inf - inffile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69
.ini - inifile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69
.txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,70


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 d344bus - c:\windows\system32\drivers\d344bus.sys
R0 d344prt - c:\windows\system32\drivers\d344prt.sys
R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R2 npkcrypt - d:\nexon\maplestory\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>
R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>

S0 BootScreen - c:\windows\\systemroot\system32\drivers\vidstub.sys (file missing)
S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing)
S3 LHidUsbK (Logitech SetPoint USB Receiver device driver) - c:\windows\system32\drivers\lhidusbk.sys (file missing)
S3 LMouKE (Logitech SetPoint Mouse Filter Driver) - c:\windows\system32\drivers\lmouke.sys (file missing)
S3 npkcusb - d:\nexon\maplestory\npkcusb.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>
S3 npkycryp - d:\gravity\ro\npkycryp.sys (file missing)
S3 XDva004 - c:\windows\system32\xdva004.sys (file missing)
S3 XDva143 - c:\windows\system32\xdva143.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
R2 Speed Disk service - c:\program files\speed disk\nopdb.exe <Not Verified; Symantec Corporation; Norton Speed Disk>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\2005034723C00
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\2005034723C00
Service: NIC1394

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1106&DEV_3104&SUBSYS_808C1043&REV_82\3&61AAA01&0&83
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1106&DEV_3104&SUBSYS_808C1043&REV_82\3&61AAA01&0&83
Service:

Class GUID:
Description: cPATH ModemSURFR 56K External
Device ID: SERENUM\CPT2550\5&23DE782&0&0000
Manufacturer:
Name: cPATH ModemSURFR 56K External
PNP Device ID: SERENUM\CPT2550\5&23DE782&0&0000
Service:

Class GUID:
Description: Multimedia Audio Controller
Device ID: PCI\VEN_1106&DEV_3059&SUBSYS_80951043&REV_50\3&61AAA01&0&8D
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_1106&DEV_3059&SUBSYS_80951043&REV_50\3&61AAA01&0&8D
Service:


-- Scheduled Tasks -------------------------------------------------------------

2008-06-12 21:21:46 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-05-13 21:36:09 358 --a------ C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#hp psc 1300 series#1134531251.job


-- Files created between 2008-05-13 and 2008-06-13 -----------------------------

2008-06-11 10:41:12 0 d-------- C:\Program Files\Trend Micro
2008-06-10 11:53:25 0 d-------- C:\Documents and Settings\The Golden's\Application Data\Nexon
2008-05-27 09:26:26 0 d-------- C:\Program Files\Tortun
2008-05-22 09:07:20 0 d--h----- C:\$AVG8.VAULT$
2008-05-22 08:25:12 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-22 08:25:07 0 d-------- C:\Program Files\AVG
2008-05-22 08:25:07 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-17 16:22:47 0 d-------- C:\Program Files\GameSpy Arcade
2008-05-16 18:04:22 0 d-------- C:\Documents and Settings\The Golden's\Application Data\Ideazon
2008-05-16 18:01:18 49152 --a------ C:\WINDOWS\system32\Winlognotif.dll
2008-05-16 18:01:06 0 d-------- C:\Program Files\Ideazon


-- Find3M Report ---------------------------------------------------------------

2008-06-13 13:36:51 0 d-------- C:\Documents and Settings\The Golden's\Application Data\DNA
2008-06-12 09:21:49 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000F-00001102-00000004-00511102}.dat
2008-06-12 09:21:49 24 --a------ C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000F-00001102-00000004-00511102}.dat
2008-06-11 16:29:00 0 d-------- C:\Documents and Settings\The Golden's\Application Data\ShoppingReport
2008-06-06 06:23:00 0 d-------- C:\Documents and Settings\The Golden's\Application Data\AdobeUM
2008-05-27 09:52:16 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-22 11:38:29 0 d-------- C:\Program Files\DropSpam
2008-05-22 09:31:53 0 d-------- C:\Program Files\ADSTechnology
2008-05-22 09:31:53 0 d-------- C:\Program Files\ActivationManager
2008-05-17 16:36:26 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-05-11 19:24:13 0 d-------- C:\Documents and Settings\The Golden's\Application Data\dvdcss
2008-05-03 12:54:47 0 d-------- C:\Program Files\ShoppingReport
2008-05-01 15:06:38 0 d-------- C:\Program Files\FinePixViewer
2008-05-01 14:58:36 0 d-------- C:\Documents and Settings\The Golden's\Application Data\Canon
2008-05-01 13:22:18 0 d-------- C:\Program Files\DivX
2008-04-19 11:09:13 0 d-------- C:\Documents and Settings\The Golden's\Application Data\Secret of the Solstice
2008-04-19 00:35:49 0 d-------- C:\Program Files\Winamp
2008-03-22 14:11:56 1015296 --a------ C:\WINDOWS\system32\logonuiX.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-21 19:49:58 0 --a------ C:\Program Files\temp01


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
02/06/2008 07:13 AM 1173024 --a------ C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{831CBAC0-8283-4653-9D81-FEB9F3F6E47C}]
C:\Program Files\ADSTechnology\ADSTechnology.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86A44EF7-78FC-4e18-A564-B18F806F7F56}]
C:\Program Files\ActivationManager\ActivationManager.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D5A539B9-E4B3-494E-9A09-6160BF15E7AF}]
C:\WINDOWS\system32\kernel42.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe" [11/22/2002 12:49 PM]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 02:00 AM]
"CTStartup"="C:\Program Files\Creative\Splash Screen\CTEaxSpl.exe" [12/20/2001 02:00 AM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/05/2005 09:05 PM]
"DXDllRegExe"="dxdllreg.exe" []
"SemanticInsight"="C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe" []
"WINDVDPatch"="CTHELPER.EXE" [02/07/2002 01:01 PM C:\WINDOWS\system32\CTHELPER.EXE]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" []
"Jet Detection"="C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [10/04/2001 02:00 AM]
"BootSkin Startup Jobs"="C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [04/26/2004 04:21 PM]
"LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" []
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [03/16/2006 02:07 AM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [08/11/2005 03:30 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [08/11/2005 03:30 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 06:24 AM]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [02/04/2002 10:32 PM]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [11/10/2006 01:35 PM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [05/22/2008 08:25 AM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [03/30/2006 05:45 PM]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [05/26/2008 05:01 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [11/07/2006 10:29 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"ZboardTray"="C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Zboard]
Winlognotif.dll 09/03/2003 07:14 AM 49152 C:\WINDOWS\system32\Winlognotif.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Exif Launcher 2.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher 2.lnk
backup=C:\WINDOWS\pss\Exif Launcher 2.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Exif Launcher.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Exif Launcher.lnk
backup=C:\WINDOWS\pss\Exif Launcher.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
"C:\Program Files\BitTorrent_DNA\dna.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
"C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"C:\Program Files\HP\HP Software Update\HPWuSchd.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{798f8408-e376-11db-b062-9ec2a2b1fb11}]
AutoRun\command- F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbe1270c-eb94-11db-b06a-00e018e45d5d}]
AutoRun\command- F:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0affc5c-d3c0-11db-b055-fe22d1148b46}]
AutoRun\command- F:\LaunchU3.exe




-- End of Deckard's System Scanner: finished at 2008-06-13 13:46:50 ------------






Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ XP 2800+
Percentage of Memory in Use: 54%
Physical Memory (total/avail): 1023.53 MiB / 470.65 MiB
Pagefile Memory (total/avail): 2463.28 MiB / 2053.58 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1944.75 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 19.53 GiB total, 7.35 GiB free.
D: is Fixed (NTFS) - 39.06 GiB total, 14.97 GiB free.
E: is Fixed (NTFS) - 56.43 GiB total, 39.86 GiB free.
H: is CDROM (No Media)
I: is CDROM (No Media)
J: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - IC35L120AVV207-1 - 115.04 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 19.53 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 95.49 GiB - D: - E:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AntivirusOverride is set.

AV: AVG Anti-Virus Free v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Valve\\Steam\\Steam.exe"="C:\\Program Files\\Valve\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"="C:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe:*:Enabled:speed2"
"C:\\Program Files\\Activision\\Tony Hawk's Underground 2\\Game\\THUG2.exe"="C:\\Program Files\\Activision\\Tony Hawk's Underground 2\\Game\\THUG2.exe:*:Enabled:THUG2"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares"
"C:\\Documents and Settings\\Jon\\Desktop\\empire\\Empire Earth.exe"="C:\\Documents and Settings\\Jon\\Desktop\\empire\\Empire Earth.exe:*:Enabled:Empire Earth"
"D:\\World of Warcraft\\WoW-1.6.0.4500-to-1.6.1-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.6.0.4500-to-1.6.1-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-1.5.1.4449-to-1.6.0-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.5.1.4449-to-1.6.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\World of Warcraft\\WoW-1.6.0.4500-to-1.6.1-enUS-downloader.exe"="C:\\Program Files\\World of Warcraft\\WoW-1.6.0.4500-to-1.6.1-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-1.6.1.4544-to-1.7.0-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.6.1.4544-to-1.7.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-1.7.1.4695-to-1.8.0-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.7.1.4695-to-1.8.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Documents and Settings\\The Golden's\\My Documents\\My Videos\\WOWEx_Blizcon-downloader.exe"="C:\\Documents and Settings\\The Golden's\\My Documents\\My Videos\\WOWEx_Blizcon-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-1.8.3.4807-to-1.8.4.4878-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.8.3.4807-to-1.8.4.4878-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\Westwood\\RA2\\mphmd.exe"="D:\\Westwood\\RA2\\mphmd.exe:*:Enabled:mphmd"
"D:\\World of Warcraft\\WoW-1.8.4.4878-to-1.9.0.4937-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.8.4.4878-to-1.9.0.4937-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.9.2.4996-to-1.9.3.5059-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\BYOND\\bin\\dreamseeker.exe"="C:\\Program Files\\BYOND\\bin\\dreamseeker.exe:*:Enabled:dreamseeker"
"D:\\World of Warcraft\\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.9.4.5086-to-1.10.0.5195-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\BackgroundDownloader.exe"="D:\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.10.2.5302-to-1.11.0.5428-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe"="D:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe:*:Enabled:WolfMP"
"D:\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.11.1.5462-to-1.11.2.5464-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\NeverwinterNights\\NWN\\nwmain.exe"="D:\\NeverwinterNights\\NWN\\nwmain.exe:*:Enabled:Neverwinter Nights"
"D:\\NeverwinterNights\\NWN\\nwupdate.exe"="D:\\NeverwinterNights\\NWN\\nwupdate.exe:*:Enabled:NWN Update Program"
"D:\\Dreamcatcher\\Dungeon Lords\\dlords.exe"="D:\\Dreamcatcher\\Dungeon Lords\\dlords.exe:*:Enabled:dlords"
"C:\\Documents and Settings\\The Golden's\\Desktop\\Flying_Mount_PC_EG-downloader.exe"="C:\\Documents and Settings\\The Golden's\\Desktop\\Flying_Mount_PC_EG-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"D:\\Teamspeak2_RC2\\server_windows.exe"="D:\\Teamspeak2_RC2\\server_windows.exe:*:Enabled:Server"
"C:\\Documents and Settings\\The Golden's\\Desktop\\WoW_Insider_PvP_Interview-downloader.exe"="C:\\Documents and Settings\\The Golden's\\Desktop\\WoW_Insider_PvP_Interview-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"E:\\Program Files\\MythWar_en\\update.exe"="E:\\Program Files\\MythWar_en\\update.exe:*:Enabled:update Microsoft "
"D:\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.11.2.5464-to-1.12.0.5595-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"E:\\e-Games\\Survival Project\\survivalproject.exe"="E:\\e-Games\\Survival Project\\survivalproject.exe:*:Enabled:survivalproject"
"E:\\e-Games\\Survival Project\\sp.exe"="E:\\e-Games\\Survival Project\\sp.exe:*:Enabled:sp"
"D:\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-1.12.0.5595-to-1.12.1.5875-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Documents and Settings\\The Golden's\\Desktop\\WEB-WOWEx-E3-downloader.exe"="C:\\Documents and Settings\\The Golden's\\Desktop\\WEB-WOWEx-E3-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe"="D:\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"E:\\Program Files\\LimeWire\\LimeWire.exe"="E:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\\Westwood\\SUN\\GAME.ICD"="D:\\Westwood\\SUN\\GAME.ICD:*:Enabled:Main executable for Tiberian Sun"
"D:\\Warcraft III\\Warcraft III.exe"="D:\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"D:\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe"="D:\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe:*:Enabled:PlayOnline Viewer"
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"="C:\\Program Files\\BitTorrent_DNA\\dna.exe:*:Enabled:BitTorrent DNA"
"E:\\BitTorrent\\bittorrent.exe"="E:\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"D:\\Nexon\\MapleStory\\Patcher.exe"="D:\\Nexon\\MapleStory\\Patcher.exe:*:Enabled:Patcher MFC ?? ????"
"E:\\Ntreev\\Grand Chase\\main.exe"="E:\\Ntreev\\Grand Chase\\main.exe:*:Enabled:GrandChase"
"D:\\Outspark\\Solstice\\SosClient.exe"="D:\\Outspark\\Solstice\\SosClient.exe:*:Enabled:SosClient"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"D:\\Sierra\\FEAR\\fpupdate.exe"="D:\\Sierra\\FEAR\\fpupdate.exe:*:Enabled:fpupdate"
"C:\\Program Files\\Tortun\\gui.exe"="C:\\Program Files\\Tortun\\gui.exe:*:Enabled:gui"
"D:\\Sierra\\FEAR\\FEAR.exe"="D:\\Sierra\\FEAR\\FEAR.exe:*:Enabled:FEAR"
"D:\\Sierra\\FEAR\\FEARMP.exe"="D:\\Sierra\\FEAR\\FEARMP.exe:*:Enabled:FEAR"
"C:\\WINDOWS\\system32\\LEXPPS.EXE"="C:\\WINDOWS\\system32\\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\The Golden's\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MAIN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\The Golden's
LOGONSERVER=\\MAIN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\THEGOL~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\THEGOL~1\LOCALS~1\Temp
USERDOMAIN=MAIN
USERNAME=The Golden's
USERPROFILE=C:\Documents and Settings\The Golden's
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Jon (admin)
The Golden's (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Creative Tech\Sound Blaster Audigy\Program\Ctzapxx.EXE" /U /S /R
--> "C:\Program Files\Creative\SBAudigy\Program\Ctzapxx.EXE" /U /S /R
--> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88A74FA6-6B70-4D92-BFB8-DDC49629ED69}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88A74FA6-6B70-4D92-BFB8-DDC49629ED69}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE3C9F06-ED78-11D5-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE3C9F06-ED78-11D5-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6B11A0F-56CA-471B-B59F-9B5172601515}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6B11A0F-56CA-471B-B59F-9B5172601515}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DDAC9206-D5CC-49C9-80D2-CDFA992E3DFA}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DDAC9206-D5CC-49C9-80D2-CDFA992E3DFA}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E975DDC5-DA35-437F-8C09-63CF2B2F5F11}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E975DDC5-DA35-437F-8C09-63CF2B2F5F11}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
ActivationManager --> "C:\Program Files\ActivationManager\Uninstall.exe"
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ADSTechnology --> "C:\Program Files\ADSTechnology\Uninstall.exe"
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
Apple Mobile Device Support --> MsiExec.exe /I{3EBD3749-304E-4A4C-9575-C00E5F015217}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft PhotoStudio 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x336d
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Big Fish Games Client --> C:\Program Files\bfgclient\Uninstall.exe
BitTorrent --> "E:\BitTorrent\BitTorrent.exe" /UNINSTALL
BootSkin --> C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\UNWISE.EXE C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\INSTALL.LOG
Broadcom Management Programs --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{750DFF5E-C559-11D4-A441-00B0D0436EE7}\setup.exe"
Canon MP Navigator 2.0 --> "C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini
Canon MP500 --> "C:\WINDOWS\system32\CanonMP Uninstaller Information\{BA4DF4C3-196E-4128-969A-00996B5A46F8}\DelDrv.exe" /U:{BA4DF4C3-196E-4128-969A-00996B5A46F8} /L0x0009
Canon Utilities Easy-PhotoPrint --> C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Cars - Radiator Springs Adventures --> "E:\THQ\Disney-PIXAR\Cars\Radiator Springs Adventures\Uninstall_Cars - Radiator Springs Adventures\Uninstall Cars - Radiator Springs Adventures.exe"
Combined Community Codec Pack 2005-09-23 (Remove Only) --> C:\Program Files\Combined Community Codec Pack\Uninstall.exe
DAEMON Tools --> MsiExec.exe /I{83895843-3A51-4C93-9DF3-2BDB65C7E54A}
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DNA --> "C:&#
Go to the top of the page
 
+Quote Post
fenzodahl512
post Jun 14 2008, 06:28 PM
Post #4


Trusted Helper
Group Icon
Posts: 4,267
OS: Windows XP
Hello, thanks for the reply.. Please do the following..

Please go to Start >> Run and type or copy/paste the following in the run box: "%userprofile%\desktop\dss.exe" /daft . Then press Enter
  • Click on the Scan button.
  • Select everything it is displaying there
  • Click the Fix button.
  • Then rescan with DAFT again - it should say now that "All associations are OK"
  • Close DAFT if you receive that message. This means that it is fixed now.




NEXT


Please go to Start > Control Panel > Add or Remove Programs and remove the following (if present):

Viewpoint (anything that say Viewpoint)
ShoppingReport
Need2Find
ADSTechnology
ActivationManager
RXToolBar




NEXT


We need to get rid of some of the services running on your machine. To do this, copy (Ctrl +C) and paste (Ctrl +V) the text in the code box below to Notepad.

CODE
@echo off
sc stop "Viewpoint Manager Service"
sc delete "Viewpoint Manager Service"
exit


Save it to your desktop as File name: Service.bat
Save as type: All Files

Once done, double click Service.bat to run it. A command window will open briefly, then close. This is quite normal.

If you do not sure how to make a batch file, please visit HERE for the tutorial.




NEXT


Please re-open HijackThis and click on Do a system scan only. Check the boxes next to all the entries listed below.
  • R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =