'Warning Spyware Detected On Your Computer - Blue and Yellow Scree, Desktop wallpaper keeps changing to blue and yellow spyware warning |
Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.
  |
 Jul 4 2008, 02:47 AM
Post
#1
|
|
|
New Member  Posts: 8 OS: Windows XP  |
I've got the same problem as stated in a few other topics here but as some of the intructions given to other people needing help require deleting files that don't seem to appear on my computer I imagine the problem has to be solved individually. My desktop wallpaper has suddenly changed to a blue background with a yellow box stating 'Warning! Spyware detected on your computer. Install an antivirus or spyware remover to clean your computer'. Also if I try to right-click and access display properties some of the tabs on the menu are missing. A program seemed to install itself at the same time as the background appeared called 'XP spyware removal' or something similar but I think I managed to get rid of that as it doesn't seem to be appearing anymore. Here's My Hijack This log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:34:29, on 04/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Kontiki\KHost.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\GizmoPlugin\GizmoPlugin.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kontiki\KService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O3 - Toolbar: Dictionary.com - {11359F4A-B191-42D7-905A-594F8CF0387B} - C:\WINDOWS\Downloaded Program Files\lexbar.dll O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [lphc5e6j0e3rf] C:\WINDOWS\system32\lphc5e6j0e3rf.exe O4 - HKLM\..\Run: [SMrhc1e6j0e3rf] C:\Program Files\rhc1e6j0e3rf\rhc1e6j0e3rf.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe" O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: University.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Search &Dictionary - C:\Program files\Lexico\Toolbar\dictionary.htm O8 - Extra context menu item: Search &Thesaurus - C:\Program files\Lexico\Toolbar\thesaurus.htm O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=pavilion&pf=laptop O15 - Trusted Zone: *.beatport.com O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {BE1BDC4F-2AAC-494E-88B1-86B2EE4F2D6D} (CopySafe3 Control) - http://download.copysafe.net/Plugin/Download/Copysafe.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} - http://dictionary.reference.com/tools/toolbar/lexico.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Gizmo VoIP Service (Gizmo Plugin) - SIPphone, Inc. - C:\Program Files\GizmoPlugin\GizmoPlugin.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- End of file - 11242 bytes Thanks for your time Dan |
 |
 
|
|
Jul 4 2008, 06:23 AM
Post
#2
|
|
 GeekU Teacher  Posts: 9,279 From: Somewhere OS: Windows xp home |
Hello dannet
Welcome to G2Go.  ===================== Please download Deckard's System Scanner (DSS) and save it to your Desktop.
|
|
|
|
|
Jul 9 2008, 12:37 AM
Post
#3
|
|
|
New Member Posts: 8 OS: Windows XP |
Hi, thanks for your response. I've downloaded Deckard System Scanner and have been trying to use it for the last few days but everytime I do it becomes a 'not responding' program when it reaches the tempory file deletion stage. Any idea what I could be doing wrong or any other program I could use instead?
Thanks Dan |
|
|
|
|
Jul 9 2008, 03:16 AM
Post
#4
|
|
|
GeekU Teacher Posts: 9,279 From: Somewhere OS: Windows xp home |
Please go to Start > Run> then copy\paste this in "%userprofile%\desktop\dss.exe" /config then hit ok.
Uncheck System Restore and Temp File cleanup and click on ok or scan. Post those logs please. |
|
|
|
|
Jul 9 2008, 05:24 AM
Post
#5
|
|
|
New Member Posts: 8 OS: Windows XP |
Thanks a lot that worked. Here are the logs:
Main.txt: Deckard's System Scanner v20071014.68 Run by Dan Lyndon on 2008-07-09 12:16:51 Computer is in Normal Mode. -------------------------------------------------------------------------------- Backed up registry hives. System Drive C: has 0.42 GiB (less than 15%) free. -- HijackThis (run as Dan Lyndon.exe) ------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:18:31, on 09/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Kontiki\KHost.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\sysrest32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Save\Save.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\GizmoPlugin\GizmoPlugin.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kontiki\KService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\mqsvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\eHome\ehmsas.exe C:\Documents and Settings\Dan Lyndon\desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\DANLYN~1.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: (no name) - {08BBCF68-9AD5-4E1B-BC3D-29BF54B6EBFA} - C:\WINDOWS\system32\hgGywWno.dll (file missing) O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O2 - BHO: (no name) - {514A5C49-0C7D-42c3-A71B-38864A269B7A} - C:\WINDOWS\system32\kpqrgtke.dll (file missing) O2 - BHO: (no name) - {517B2963-0B48-408F-953C-3D7BD0DCB027} - C:\WINDOWS\system32\ddcCVPJy.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7B4CFDF0-6622-4440-9DB3-6DC6F84D8825} - C:\WINDOWS\system32\rqRIAQjh.dll (file missing) O2 - BHO: {487822a3-29e6-56ab-c084-2e305ddc984e} - {e489cdd5-03e2-480c-ba65-6e923a228784} - C:\WINDOWS\system32\lcqfsr.dll O3 - Toolbar: (no name) - {11359F4A-B191-42D7-905A-594F8CF0387B} - (no file) O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SMrhc1e6j0e3rf] C:\Program Files\rhc1e6j0e3rf\rhc1e6j0e3rf.exe O4 - HKLM\..\Run: [sysrest32.exe] C:\WINDOWS\system32\sysrest32.exe O4 - HKLM\..\Run: [1fa10a4c] rundll32.exe "C:\WINDOWS\system32\kcnlayvh.dll",b O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe" O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: University.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Search &Dictionary - C:\Program files\Lexico\Toolbar\dictionary.htm O8 - Extra context menu item: Search &Thesaurus - C:\Program files\Lexico\Toolbar\thesaurus.htm O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=pavilion&pf=laptop O15 - Trusted Zone: *.beatport.com O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {BE1BDC4F-2AAC-494E-88B1-86B2EE4F2D6D} (CopySafe3 Control) - http://download.copysafe.net/Plugin/Download/Copysafe.cab O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx O16 - DPF: {F0E2D69A-DC2F-4E9B-A993-684FB1C21DBC} - http://dictionary.reference.com/tools/toolbar/lexico.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: hgGywWno - hgGywWno.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Gizmo VoIP Service (Gizmo Plugin) - SIPphone, Inc. - C:\Program Files\GizmoPlugin\GizmoPlugin.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- End of file - 12192 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 Asapi - c:\windows\system32\drivers\asapi.sys <Not Verified; VOB Computersysteme GmbH; asapi> R3 btwmodem (Bluetooth Modem) - c:\windows\system32\drivers\btwmodem.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.3500> S3 sysrest.sys - c:\windows\system32\sysrest.sys S3 UIUSys (Conexant Setup API) - c:\windows\system32\drivers\uiusys.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service> R2 Gizmo Plugin (Gizmo VoIP Service) - "c:\program files\gizmoplugin\gizmoplugin.exe" <Not Verified; SIPphone, Inc.; Gizmo Plugin VOIP Service> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Bluetooth LAN Access Server Driver Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000 Manufacturer: WIDCOMM, Inc. Name: Bluetooth LAN Access Server Driver PNP Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000 Service: BTWDNDIS -- Scheduled Tasks ------------------------------------------------------------- 2008-07-04 18:46:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2008-06-09 and 2008-07-09 ----------------------------- 2008-07-09 11:39:10 15328 --a------ C:\WINDOWS\system32\sysrest.sys 2008-07-06 05:56:43 106320 --a------ C:\WINDOWS\system32\lcqfsr.dll 2008-07-06 05:56:41 106320 --a------ C:\WINDOWS\system32\hcyatfgg.dll 2008-07-06 05:53:41 82240 --a------ C:\WINDOWS\system32\kcnlayvh.dll 2008-07-06 05:50:41 399664 --ahs---- C:\WINDOWS\system32\hjQAIRqr.ini2 2008-07-06 05:47:23 23040 --a------ C:\WINDOWS\system32\sysrest32.exe 2008-07-04 11:01:25 106272 --a------ C:\WINDOWS\system32\nhngdg.dll 2008-07-04 11:01:22 106272 --a------ C:\WINDOWS\system32\dodovgca.dll 2008-07-04 09:34:06 0 d-------- C:\Program Files\Trend Micro 2008-07-04 02:05:27 0 d-------- C:\Program Files\Panda Security 2008-07-04 01:08:55 0 d-------- C:\Program Files\Universal Interactive 2008-07-04 00:31:29 0 d-------- C:\Program Files\Save 2008-07-03 11:50:10 0 d-------- C:\Program Files\Lavasoft 2008-07-03 11:50:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-07-03 11:49:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-07-02 22:55:07 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\rhc1e6j0e3rf 2008-07-02 22:53:48 60928 --a------ C:\WINDOWS\system32\blphc5e6j0e3rf.scr <Not Verified; Sysinternals; Sysinternals Blue Screen> 2008-07-01 03:12:18 430671 --ahs---- C:\WINDOWS\system32\yJPVCcdd.ini2 2008-06-28 01:48:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe 2008-06-28 01:48:34 0 d-------- C:\Program Files\Common Files\Adobe 2008-06-10 18:46:25 0 d-------- C:\Program Files\GizmoPlugin -- Find3M Report --------------------------------------------------------------- 2008-07-09 08:00:03 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\AVG7 2008-07-06 05:43:49 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\uTorrent 2008-07-04 09:59:44 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-07-04 01:05:44 0 d-------- C:\Program Files\LucasArts 2008-07-03 11:49:39 0 d-------- C:\Program Files\Common Files 2008-07-03 00:09:21 0 d-------- C:\Program Files\RGB 2008-07-01 03:23:22 208 --a------ C:\Documents and Settings\Dan Lyndon\Application Data\G-Force Prefs (WindowsMediaPlayer).txt 2008-06-29 22:13:28 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\Adobe 2008-06-28 01:47:11 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\AdobeUM 2008-06-19 09:36:54 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\Mozilla 2008-06-19 09:36:45 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\StumbleUpon 2008-06-19 09:35:50 0 d-------- C:\Program Files\Google 2008-06-04 17:58:37 0 d-------- C:\Program Files\easetech 2008-06-04 17:46:38 0 d-------- C:\Program Files\Visualization Software 2008-05-23 14:32:35 0 d-------- C:\Program Files\uTorrent 2008-05-19 03:37:43 0 d-------- C:\Documents and Settings\Dan Lyndon\Application Data\Sibelius Software 2008-05-19 03:29:47 0 d-------- C:\Program Files\Sibelius Software 2008-05-17 23:24:45 0 d-------- C:\Program Files\Safari 2008-05-17 23:22:13 0 d-------- C:\Program Files\Apple Software Update 2008-05-14 23:45:50 0 d-------- C:\Program Files\DOSBox-0.70 2008-05-11 20:34:13 32845 --a------ C:\WINDOWS\scunin.dat 2008-05-11 20:34:13 0 d-------- C:\Program Files\Starcraft 2008-05-11 20:34:11 967 --a------ C:\WINDOWS\ScUnin.pif 2008-05-11 20:34:11 70656 --a------ C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller> 2008-05-11 18:28:52 0 d-------- C:\Program Files\VDMSound 2008-04-21 02:51:15 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-04-13 23:19:18 56952 --ah----- C:\WINDOWS\system32\mlfcache.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08BBCF68-9AD5-4E1B-BC3D-29BF54B6EBFA}] C:\WINDOWS\system32\hgGywWno.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{514A5C49-0C7D-42c3-A71B-38864A269B7A}] C:\WINDOWS\system32\kpqrgtke.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{517B2963-0B48-408F-953C-3D7BD0DCB027}] C:\WINDOWS\system32\ddcCVPJy.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B4CFDF0-6622-4440-9DB3-6DC6F84D8825}] C:\WINDOWS\system32\rqRIAQjh.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e489cdd5-03e2-480c-ba65-6e923a228784}] 06/07/2008 05:56 106320 --a------ C:\WINDOWS\system32\lcqfsr.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [06/08/2005 05:56] "hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [04/05/2006 06:58] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [20/07/2006 06:58] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [20/07/2006 06:58] "nwiz"="nwiz.exe" [20/07/2006 06:58 C:\WINDOWS\system32\nwiz.exe] "MsmqIntCert"="regsvr32 /s mqrt.dll" [] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [02/06/2006 16:02 C:\WINDOWS\system32\CHDAudPropShortcut.exe] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [17/06/2006 06:22] "QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [19/07/2006 15:14] "QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [19/06/2006 11:33] "Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [19/06/2006 10:50] "RecGuard"="C:\Windows\SMINST\RecGuard.exe" [11/10/2005 10:23] "Reminder"="C:\Windows\CREATOR\Remind_XP.exe" [09/02/2006 09:52] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [22/11/2007 23:47] "4oD"="C:\Program Files\Kontiki\KHost.exe" [23/04/2007 12:23] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [15/04/2008 09:48] "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [08/05/2007 16:24] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [28/03/2008 23:37] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] "SMrhc1e6j0e3rf"="C:\Program Files\rhc1e6j0e3rf\rhc1e6j0e3rf.exe" [] "sysrest32.exe"="C:\WINDOWS\system32\sysrest32.exe" [06/07/2008 05:47] "1fa10a4c"="C:\WINDOWS\system32\kcnlayvh.dll" [06/07/2008 05:53] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [16/03/2006 05:00] "kdx"="C:\Program Files\Kontiki\KHost.exe" [23/04/2007 12:23] "msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [19/01/2007 13:54] "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [22/06/2007 13:45] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [18/10/2006 21:05] "WhenUSave"="C:\Program Files\Save\Save.exe" [25/08/2006 14:45] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoDispBackgroundPage"=1 (0x1) "NoDispScrSavPage"=1 (0x1) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{08BBCF68-9AD5-4E1B-BC3D-29BF54B6EBFA}"= C:\WINDOWS\system32\hgGywWno.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGywWno] hgGywWno.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\rqRIAQjh [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "iPod Service"=3 (0x3) -- End of Deckard's System Scanner: finished at 2008-07-09 12:19:13 ------------ Extra.txt: Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Intel® Core™2 CPU T5200 @ 1.60GHz CPU 1: Intel® Core™2 CPU T5200 @ 1.60GHz Percentage of Memory in Use: 28% Physical Memory (total/avail): 2045.98 MiB / 1469.96 MiB Pagefile Memory (total/avail): 3936.93 MiB / 3481.67 MiB Virtual Memory (total/avail): 2047.88 MiB / 1919.7 MiB C: is Fixed (NTFS) - 82.85 GiB total, 0.42 GiB free. D: is Fixed (NTFS) - 93.16 GiB total, 1.29 GiB free. E: is Fixed (FAT32) - 9.28 GiB total, 1.29 GiB free. F: is CDROM (No Media) G: is Removable (FAT) H: is CDROM (No Media) \\.\PHYSICALDRIVE0 - FUJITSU MHV2100BH PL - 93.16 GiB - 3 partitions \PARTITION0 (bootable) - Installable File System - 82.85 GiB - C: \PARTITION1 - Unknown - 9.3 GiB - E: \PARTITION2 - Unknown - 1027.6 MiB \\.\PHYSICALDRIVE1 - FUJITSU MHV2100BH PL - 93.16 GiB - 1 partition \PARTITION0 - Installable File System - 93.16 GiB - D: \\.\PHYSICALDRIVE2 - - 7.84 MiB - partitions \PARTITION0 - MS-DOS V4 Huge - 120.08 MiB -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FirstRunDisabled is set. AntiVirusDisableNotify is set. FirewallDisableNotify is set. AV: AVG 7.5.524 v7.5.524 (Grisoft) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing" "C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:µTorrent" "C:\\Program Files\\Empire Interactive\\Strangelite\\Starship Troopers\\STGame.exe"="C:\\Program Files\\Empire Interactive\\Strangelite\\Starship Troopers\\STGame.exe:*:Enabled:Starship Troopers" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Kontiki\\KService.exe"="C:\\Program Files\\Kontiki\\KService.exe:*:Enabled:Delivery Manager Service" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Documents and Settings\\Dan Lyndon\\Local Settings\\Temp\\.tt9.tmp"="C:\\Documents and Settings\\Dan Lyndon\\Local Settings\\Temp\\.tt9.tmp:*:Enabled:enable" "C:\\WINDOWS\\system32\\sysrest32.exe"="C:\\WINDOWS\\system32\\sysrest32.exe:*:Enabled:enable" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Dan Lyndon\Application Data CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=DANS-LAPTOP ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Dan Lyndon LOGONSERVER=\\DANS-LAPTOP NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\VDMSound PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PCTYPE=PAVILION PLATFORM=MCD PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip SESSIONNAME=Console SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\ SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\DANLYN~1\LOCALS~1\Temp TMP=C:\DOCUME~1\DANLYN~1\LOCALS~1\Temp USERDOMAIN=DANS-LAPTOP USERNAME=Dan Lyndon USERPROFILE=C:\Documents and Settings\Dan Lyndon VDMSPath=C:\Program Files\VDMSound windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Dan Lyndon (admin) Administrator (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}\Setup.exe" --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 4oD --> MsiExec.exe /I {8B7443F5-E141-42A0-AB61-ED2331AAD606} Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002} Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543} Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F} ASAPI Update --> C:\PROGRA~1\VOB\ASAPIU~1\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\HXFSETUP.EXE -U -IAt8VEN5a.inf CopySafe Plugin --> C:\PROGRA~1\Copysafe\UNWISE.EXE C:\PROGRA~1\Copysafe\INSTALL.LOG Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033 DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033 ffdshow [rev 1425] [2007-08-17] --> "C:\Program Files\ffdshow\unins000.exe" FoxyTunes for Firefox --> "C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul Genesis Expansion Project --> C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe Gizmo Plugin --> C:\Program Files\GizmoPlugin\uninstall.exe HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Help and Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly HP Imaging Device Functions 6.0 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP Integrated Module with Bluetooth wireless technology --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679} HP Pavilion Webcam Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC397D90-720E-426D-B381-0A10C6FD5A49}\setup.exe" -l0x9 -removeonly HP Photosmart Premier Software 6.0 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Quick Launch Buttons 6.10 A2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 -removeonly uninst HP QuickPlay 2.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall HP Update --> MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F} HP User Guides 0036 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4180B60-0239-48DE-89EF-2CE4C3650A71}\Setup.exe" -l0x9 -removeonly HP Wireless Assistant 2.00 G2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst iDump (Backing up your iPod) --> C:\Program Files\iDump\uninstall.exe Intel® PRO Network Connections Drivers --> Prounstl.exe iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B} J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060} Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Jurassic Park Operation Genesis --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D} /l1033 LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U LucasArts' Grim Fandango --> C:\WINDOWS\uninst.exe -f"C:\Program Files\LucasArts\Grim\DeIsL1.isu" Macromedia Flash Player 8 --> MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46} Macromedia Shockwave Player --> MsiExec.exe /X{838A1BC9-95CA-4880-9BE3-2A7D23600A2B} MetaFrame Presentation Server Client --> MsiExec.exe /I{DF1D5FEC-D67C-43C8-9230-41F5DF350196} Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe" Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD} RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Safari --> MsiExec.exe /I{40589552-3892-409E-B92C-9F5032A4B2F0} Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Sibelius Scorch (ActiveX Only) --> MsiExec.exe /I{15CCBC5D-66A7-4131-8D36-E05F27B0E68F} Skype 3.0 --> "C:\Program Files\Skype\Phone\unins000.exe" Skype add-on for IE --> rundll32 "C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll",FriendlyUnregisterServer 0 Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03} Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m\HXFSETUP.EXE -U -IAt8VEN5m.inf Sonic Audio Module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic Copy Module --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic Data Module --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} SonicAC3Encoder --> MsiExec.exe /I{52FBAE98-D389-4281-8C14-21B4046CCB4E} SonicMPEGEncoder --> MsiExec.exe /I{B16AF568-A644-483C-A6DA-5028CD019C8C} Spectrogram 16 --> MsiExec.exe /I{3C0B9F94-E2E2-49EC-8172-8BE789B7CA9A} Star Wars Galactic Battlegrounds --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A202BDBA-753F-41B9-B649-CFB0B45FC03E}\Setup.exe" Star Wars Galactic Battlegrounds: Clone Campaigns --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0314ED3D-26A7-4F62-86A2-6B23353445E8}\Setup.exe" Starcraft --> C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat StumbleUpon IE Toolbar --> C:\Program Files\StumbleUpon\uninstall.exe Switch Sound File Converter --> C:\Program Files\NCH Swift Sound\Switch\uninst.exe Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Syncrosoft's License Control --> C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG Update Rollup 2 for Windows XP Media Center Edition 2005 --> VDMSound --> C:\Program Files\VDMSound\uninst.exe VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe Visual MP3 Splitter & Joiner 5.9 --> "C:\Program Files\Visual MP3 Splitter & Joiner\unins000.exe" WaveLab --> "C:\Program Files\Steinberg\WaveLab\Unwise.exe" C:\PROGRA~1\STEINB~1\WaveLab\Install.log Westwood Shared Internet Components --> C:\Westwood\Internet\UnstllAP.EXE WhenU Save --> "C:\Program Files\Save\SaveUninst.exe" /w /d"WhenU Save" WhiteCap --> C:\Program Files\SoundSpectrum\WhiteCap\Uninstall.exe Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F} Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe" WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe x264 Revision 564 x264.nl (remove only) --> "C:\Program Files\x264\x264-uninstall.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type25882 / Success Event Submitted/Written: 07/09/2008 11:39:08 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type25856 / Success Event Submitted/Written: 07/09/2008 07:32:49 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type25842 / Error Event Submitted/Written: 07/08/2008 03:48:48 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application dss.exe, version 3.2.8.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type25841 / Error Event Submitted/Written: 07/08/2008 03:34:34 PM Event ID/Source: 1001 / Application Hang Event Description: Fault bucket 709208621. Event Record #/Type25840 / Error Event Submitted/Written: 07/08/2008 03:34:26 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application dss.exe, version 3.2.8.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type24531 / Warning Event Submitted/Written: 07/09/2008 11:42:26 AM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Event Record #/Type24510 / Error Event Submitted/Written: 07/09/2008 11:38:46 AM Event ID/Source: 7022 / Service Control Manager Event Description: The KService service hung on starting. Event Record #/Type24506 / Error Event Submitted/Written: 07/09/2008 11:37:01 AM Event ID/Source: 59 / SideBySide Event Description: Generate Activation Context failed for C:\Program Files\DAEMON Tools Pro\MFC80U.DLL. Reference error message: The operation completed successfully. . Event Record #/Type24505 / Error Event Submitted/Written: 07/09/2008 11:37:01 AM Event ID/Source: 59 / SideBySide Event Description: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. . Event Record #/Type24504 / Error Event Submitted/Written: 07/09/2008 11:37:01 AM Event ID/Source: 32 / SideBySide Event Description: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system. -- End of Deckard's System Scanner: finished at 2008-07-09 12:19:13 ------------ |