"Your Privacy is in Danger" Red Screen [RESOLVED]

Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis™ Logs Go Here

2 Pages

1 2 >

"Your Privacy is in Danger" Red Screen [RESOLVED], Red Screen appeared on my computer with a symbol

Options

JuanLikesChopin View Member Profile	Jul 2 2008, 12:30 PM Post #1
Member Posts: 15 From: Ft. Lauderdale, FL OS: Windows XP	Hello, I am new here and this is my first post. My desktop was suddenly taken over by a red screen with a symbol on it and it said "your Privacy Is In Danger". I was able to close the red desktop background but whenever I restarted my computer it would reappear. My antivirus would also popup messages saying it detected something. I read and tried to follow the "You Must Read This Before Posting A Hijackthis Log" post before posting this message but I didn't get very far before encountering problems. I am writing this on a laptop because my infected desktop won't even let me open Mozilla and it won't let me access geekstogo so I am using my laptop to download all of the programs and then using a flashdrive to pass them to my problematic computer. I have ran ATF Cleaner and created the System Restore Point. I downloaded the Malwarebytes' Anti-Malware setup but every time I tried to run this setup nothing would happen as if my computer won't let me open this setup. I had no choice but to skip this step. Next, I was able to run SUPERAntiSpyware and after the scan I was able to save the log file (which I'll post here). I just tried to move on to the next step of doing the Online Panda Activescan but I wasn't able to do it because my Mozilla won't open at all and Internet Explorer now began to close itself as soon as I open it saying it encountered an error and had to close. The only browser that works is Netscape but it said that I have to use Mozilla or IE for the Panda Activescan. This was the last thing I did but since I was encountering these problems I had to stop there. I have the setups for the other programs that I haven't used in a flashdrive. I would really appreciate some help. Here is the log for SUPERAntiSpyware: SUPERAntiSpyware Scan Log Generated 07/02/2008 at 07:44 AM Application Version : 3.6.1000 Core Rules Database Version : 3190 Trace Rules Database Version: 1486 Scan type : Complete Scan Total Scan Time : 02:13:35 Memory items scanned : 674 Memory threats detected : 0 Registry items scanned : 9179 Registry threats detected : 3 File items scanned : 145764 File threats detected : 7 Desktop Hijacker.AboutYourPrivacy C:\WINDOWS\privacy_danger\images\capt.gif C:\WINDOWS\privacy_danger\images\danger.jpg C:\WINDOWS\privacy_danger\images\down.gif C:\WINDOWS\privacy_danger\images\spacer.gif C:\WINDOWS\privacy_danger\images C:\WINDOWS\privacy_danger\index.htm C:\WINDOWS\privacy_danger Trojan.Net-MU/Gen HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#uninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#DisplayName

Rorschach112 View Member Profile	Jul 2 2008, 02:38 PM Post #2
GeekU Teacher Posts: 21,845 From: Dublin OS: XP	Hello Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding. Please download SmitfraudFix (by S!Ri) to your Desktop. Next, please reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, a menu with options should appear; Select the first option, to run Windows in Safe Mode, then press "Enter". Choose your usual account. Once in Safe Mode, double-click on SmitfraudFix.exe Select option #2 - Clean by typing 2 and press "Enter" to delete infected files. You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection. The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter". The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply. The report can also be found at the root of the system drive, usually at C:\rapport.txt Warning : running option #2 on a non infected computer will remove your Desktop background. Please download Deckard's System Scanner (DSS) and save it to your Desktop. Close all other windows before proceeding. Double-click on dss.exe and follow the prompts. If your anti-virus or firewall complains, please allow this script to run as it is not malicious. When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

JuanLikesChopin View Member Profile	Jul 2 2008, 06:11 PM Post #3
Member Posts: 15 From: Ft. Lauderdale, FL OS: Windows XP	Ok, I downloaded SmitFraudFix and ran my computer on safe mode. However, when I tried to open the setup on my computer nothing happens. It doesn't open and nothing happens. It's as if something is blocking it from running but I don't know what's going on. What should I do? Thank you.

Rorschach112 View Member Profile	Jul 3 2008, 12:28 PM Post #4
GeekU Teacher Posts: 21,845 From: Dublin OS: XP	Run DSS

JuanLikesChopin View Member Profile	Jul 3 2008, 03:37 PM Post #6
Member Posts: 15 From: Ft. Lauderdale, FL OS: Windows XP	Here is the DSS extra.txt log: Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: AMD Athlon™ 64 X2 Dual Core Processor 4200+ CPU 1: AMD Athlon™ 64 X2 Dual Core Processor 4200+ Percentage of Memory in Use: 39% Physical Memory (total/avail): 1982.48 MiB / 1196.55 MiB Pagefile Memory (total/avail): 3876.63 MiB / 3274.42 MiB Virtual Memory (total/avail): 2047.88 MiB / 1922.06 MiB C: is Fixed (NTFS) - 224.07 GiB total, 95.86 GiB free. D: is Fixed (FAT32) - 8.79 GiB total, 0.76 GiB free. E: is CDROM (No Media) F: is Removable (No Media) G: is Removable (No Media) H: is Removable (No Media) I: is Removable (No Media) J: is Removable (FAT32) \\.\PHYSICALDRIVE0 - WDC WD2500JS-60NCB1 - 232.88 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - 224.07 GiB - C: \PARTITION1 - Unknown - 8.81 GiB - D: \\.\PHYSICALDRIVE5 - USB Flash Memory USB Device - 3.84 GiB - 1 partition \PARTITION0 (bootable) - Unknown - 3.84 GiB - J: \\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device \\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device \\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device \\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. FW: Trend Micro PC-cillin Internet Security (Firewall) v15 (Trend Micro, Inc.) AV: Trend Micro PC-cillin Internet Security 2007 v15.30.1151 (Trend Micro, Inc.) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe::Enabled:Updates from HP" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe::Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe::Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe::Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe::Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe::Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe::Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe::Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe::Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe::Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe::Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe::Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe::Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe::Enabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe::Enabled:hpqnrs08.exe" "C:\\Program Files\\DISC\\DISCover.exe"="C:\\Program Files\\DISC\\DISCover.exe::Enabled:DISCover Drop & Play System" "C:\\Program Files\\DISC\\DiscStreamHub.exe"="C:\\Program Files\\DISC\\DiscStreamHub.exe::Enabled:DISCover Stream Hub" "C:\\Program Files\\DISC\\myFTP.exe"="C:\\Program Files\\DISC\\myFTP.exe::Enabled:DISCover FTP" "C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"="C:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe::Enabled:Updates from HP" "C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe::Enabled:Earthlink" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe::Enabled:LimeWire" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe::Enabled:Windows Messenger" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe::Enabled:Bonjour" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe::Enabled:iTunes" "J:\\virusfix\\Download_mbam-setup.exe"="J:\\virusfix\\Download_mbam-setup.exe::Enabled:Download_mbam-setup" "C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe::Enabled:SUPERAntiSpyware Free Edition" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe::Enabled:Skype" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\HP_Administrator\Application Data CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=GERMAN ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\HP_Administrator LOGONSERVER=\\GERMAN NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\Program Files\Common Files\Nero\Lib\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 75 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=4b02 ProgramFiles=C:\Program Files PROMPT=$P$G QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip RoxioCentral=C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\ SESSIONNAME=Console SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\ SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp TMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp USERDOMAIN=GERMAN USERNAME=HP_Administrator USERPROFILE=C:\Documents and Settings\HP_Administrator windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- HP_Administrator (admin)* Administrator (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 --> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {4F3FCD41-AD1C-4EE8-9D5C-35DBA58BA060} --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} --> c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920} --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002} Alien Outbreak 2 --> "C:\Program Files\HP Games\Alien Outbreak 2\Uninstall.exe" Ancient Sudoku --> "C:\Program Files\HP Games\Ancient Sudoku\Uninstall.exe" Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} Bejeweled 2 Deluxe --> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe" Big Kahuna Reef --> "C:\Program Files\HP Games\Big Kahuna Reef\Uninstall.exe" Blackhawk Striker 2 --> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe" Blasterball 2 Remix --> "C:\Program Files\HP Games\Blasterball 2 Remix\Uninstall.exe" Blasterball 2 Revolution --> "C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe" Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3} Bookworm Deluxe --> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe" Bounce Symphony --> "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe" Chuzzle Deluxe --> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe" Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033 DAO 3.5 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Intuit\DAO 3.5\Uninst.isu" Data Fax SoftModem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\HXFSETUP.EXE -U -ITrx200Ck.inf Diner Dash --> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe" DirectXInstallService --> MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75} DISCover --> "C:\Program Files\DISC\uninstall.exe" Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033 EMC 10 Content --> MsiExec.exe /X{FDB46DE7-9045-47BB-970A-3E4ED5369E03} Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /remove Fairies --> "C:\Program Files\HP Games\Fairies\Uninstall.exe" Family Feud --> "C:\Program Files\HP Games\Family Feud\Uninstall.exe" FATE --> "C:\Program Files\HP Games\FATE\Uninstall.exe" Finale NotePad 2008 --> C:\Program Files\Finale NotePad 2008\uninstallNP.exe Flip Words --> "C:\Program Files\HP Games\Flip Words\Uninstall.exe" GemMaster Mystic --> "C:\Program Files\GemMaster\uninstallgemmaster.exe" Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll" Google Web Accelerator --> MsiExec.exe /X{6A1975EB-27E6-491D-94BC-6355FA25F40F} High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB} HP Deskjet Printer Preload --> MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0} HP DigitalMedia Archive --> MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920} HP Document Viewer 6.1 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall HP Game Console --> "C:\Program Files\WildTangent\Apps\HP Game Console\Uninstall.exe" HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart 330,380,420,470,7800,8000,8200 Series --> C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat HP Photosmart Cameras 6.0 --> C:\Program Files\HP\Digital Imaging\{5D61626A-BD55-4e42-82EE-4AE89D8FD050}\setup\hpzscr01.exe -datfile hpiscr01.dat HP Photosmart for Media Center PC --> c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP PSC & OfficeJet 5.3.B --> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat HP PSC & OfficeJet 6.1.A --> "C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat HP Rhapsody --> C:\PROGRA~1\HPRHAP~1\Unwise32.exe /A C:\PROGRA~1\HPRHAP~1\install.log HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} HP Solution Center and Imaging Support Tools 6.1 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HP Web Helper --> regsvr32 /u /s "C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll" Insaniquarium Deluxe --> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe" iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B} J2SE Runtime Environment 5.0 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050} Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Jewel Quest --> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe" LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe" Mah Jong Quest --> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe" Microsoft Away Mode --> Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120 Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9} Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} muvee autoProducer 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27428D1B-8CBA-4EEA-B9C0-A23CA7B4FCC1}\setup.exe" -l0x9 muvee autoProducer unPlugged 2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x9 Mystery Case Files --> "C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe" Nero 8 --> MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891033} neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Netscape Browser (remove only) --> "C:\Program Files\Netscape\Netscape Browser\NSUninst.exe" NVIDIA Drivers --> C:\WINDOWS\system32\nvunrm.exe UninstallGUI OpenOffice.org Installer 1.0 --> MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9} Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe" PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe Poker Superstars --> "C:\Program Files\HP Games\Poker Superstars\Uninstall.exe" Polar Bowler --> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe" Polar Golfer --> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe" Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log" Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5} Quicken Basic 99 --> C:\WINDOWS\IsUninst.exe -fC:\QUICKENW\Uninst.isu QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD} RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 Realtek High Definition Audio Driver --> RtlUpd.exe -r -m Rhapsody --> C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} Ricochet Lost Worlds --> "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe" Roxio Activation Module --> MsiExec.exe /I{EC877639-07AB-495C-BFD1-D63AF9140810} Roxio BackOnTrack --> MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7} Roxio Central Audio --> MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} Roxio Central Copy --> MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} Roxio Central Core --> MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB} Roxio Central Data --> MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693} Roxio Central Tools --> MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} Roxio CinePlayer --> MsiExec.exe /I{1B683082-8791-4D00-8ADE-6C8986FCCC68} Roxio CinePlayer Decoder Pack --> MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B} Roxio Disc Gallery --> MsiExec.exe /I{3E67A8DA-FE7B-4160-8465-F5571EA18753} Roxio Easy Media Creator 10 Suite --> MsiExec.exe /I{BF83EFE2-C9F0-40D4-841C-2066668C1D7A} Roxio File Backup --> MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} Roxio MediaShare --> MsiExec.exe /I{9A9A1828-31D1-4590-A99F-022B7237AFAE} Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Samsung CLP-300 Series --> C:\Program Files\Samsung\Samsung CLP-300 Series\Install\Setup.exe /R SCRABBLE --> "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe" Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Skype™ 3.8 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Slingo Deluxe --> "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe" SmartSound Quicktracks Plugin --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} Snowy The Bears Adventure --> "C:\Program Files\HP Games\Snowy The Bears Adventure\Uninstall.exe" Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Sonic MyDVD Plus --> MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic RecordNow Audio --> MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic RecordNow Copy --> MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic RecordNow Data --> MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205} Super Granny --> "C:\Program Files\HP Games\Super Granny\Uninstall.exe" SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} Tennis Titans --> "C:\Program Files\HP Games\Tennis Titans\Uninstall.exe" Tornado Jockey --> "C:\Program Files\HP Games\Tornado Jockey\Uninstall.exe" Tradewinds --> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe" Trend Micro PC-cillin Internet Security 2007 --> C:\PROGRA~1\TRENDM~1\INTERN~1\remove.exe Trend Micro PC-cillin Internet Security 2007 --> MsiExec.exe /X{BB4B6355-D38A-492C-873B-A1B2CF6C3832} Update Rollup 2 for Windows XP Media Center Edition 2005 --> Updates from HP (remove only) --> C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB908246 --> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB912067 --> "C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type825 / Error Event Submitted/Written: 07/02/2008 01:53:14 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application iexplore.exe, version 7.0.6000.16674, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea. Processing media-specific event for [iexplore.exe!ws!] Event Record #/Type824 / Error Event Submitted/Written: 07/02/2008 01:32:50 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application notepad.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00a6000a. Processing media-specific event for [notepad.exe!ws!] Event Record #/Type823 / Error Event Submitted/Written: 07/02/2008 01:31:32 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application notepad.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00a6000a. Processing media-specific event for [notepad.exe!ws!] Event Record #/Type822 / Error Event Submitted/Written: 07/02/2008 01:27:41 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application notepad.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00a6000a. Processing media-specific event for [notepad.exe!ws!] Event Record #/Type821 / Error Event Submitted/Written: 07/02/2008 01:24:05 PM Event ID/Source: 1000 / Application Error Event Description: Faulting application notepad.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00a6000a. Processing media-specific event for [notepad.exe!ws!] -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type3003 / Error Event Submitted/Written: 07/03/2008 05:26:16 PM Event ID/Source: 7016 / Service Control Manager Event Description: The BrSplService service has reported an invalid current state 0. Event Record #/Type2980 / Error Event Submitted/Written: 07/03/2008 05:11:11 PM Event ID/Source: 7034 / Service Control Manager Event Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). Event Record #/Type2977 / Error Event Submitted/Written: 07/03/2008 05:10:39 PM Event ID/Source: 7000 / Service Control Manager Event Description: The SSPORT service failed to start due to the following error: %%2 Event Record #/Type2976 / Error Event Submitted/Written: 07/03/2008 05:10:39 PM Event ID/Source: 7000 / Service Control Manager Event Description: The SessionLauncher service failed to start due to the following error: %%3 Event Record #/Type2975 / Error Event Submitted/Written: 07/03/2008 05:10:39 PM Event ID/Source: 7000 / Service Control Manager Event Description: The DgiVecp service failed to start due to the following error: %%20 -- End of Deckard's System Scanner: finished at 2008-07-03 17:27:00 ------------