Hi - thanks for getting back to me.
The logs are below:
(The Deckard's scanner only produced one log the second time I ran it - Disk Clean-Up got in the way the first time and I did it again to make sure.
Therefore the main.txt is from the second run and the extra.txt file is from the first run. Sorry if this makes things difficult.)
SmitFraudFix v2.309
Scan done at 0:22:28.51, 31/03/2008
Run from C:\Documents and Settings\User Fiona\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{3D45AC9F-DE6D-4C85-85E5-5671B8CAD773}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{3D45AC9F-DE6D-4C85-85E5-5671B8CAD773}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{3D45AC9F-DE6D-4C85-85E5-5671B8CAD773}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
Deckard's System Scanner v20071014.68
Run by User Fiona on 2008-03-31 00:53:59
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as User Fiona.exe) ------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:54:15, on 31/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Documents and Settings\All Users\Application Data\efurebat\ufgdgfkz.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ynupoxat.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Documents and Settings\User Fiona\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\USERFI~1.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.orange.co.ukR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Orange UK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://www-cache.orangehome.co.uk:8080;ftp=http://www-cache.orangehome.co.uk:8080
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O3 - Toolbar: Orange - {4E7BD74F-2B8D-469E-A1FB-F862B587B57D} - C:\PROGRA~1\orange3\orange3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - C:\Program Files\ReGetDx\iebar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (file missing)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [sclauncher] C:\Program Files\SimpleCenter\bin\win\sclauncher.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" /RUN_SCHEDULER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DDO Launcher] C:\Program Files\Turbine\Dungeons & Dragons Online - Stormreach\dndlauncher.exe -Boot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [qmmruwap] C:\WINDOWS\system32\ynupoxat.exe
O4 - HKCU\..\RunOnce: [Launcher] C:\Program Files\Wanadoo_UK\Setup\Check.exe
O4 - HKLM\..\Policies\Explorer\Run: [rnS8053Ew8] C:\Documents and Settings\All Users\Application Data\efurebat\ufgdgfkz.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: CONNECTAUTrayApp.lnk = C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTAUTrayApp.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: PKZIP Attachments Status.lnk = C:\Program Files\PKWARE\PKZIPM\9.00.0010\PKTray.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\PROGRA~1\COMMON~1\REGETS~1\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\PROGRA~1\COMMON~1\REGETS~1\CC_All.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: orange search - file://C:\Program Files\ORANGE3\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {105C4322-CB93-11D4-9839-00C0F0214711} (JFWApi Class) -
https://www.dlp.mod..../JFWAPICtrl.dllO16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) -
http://www.king.com/ctl/kingcomie.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail....es/MSNPUpld.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebo...toUploader3.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cabO16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) -
http://update.videoe...ggPublisher.exeO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcaf...262/mcfscan.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: MonDrv - {7f509c43-2209-4d5e-98a7-6cd9192d6604} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Dawn of Magic Drivers Auto Removal (pr2ahqjb) (pr2ahqjb) - Koch Media - C:\WINDOWS\system32\pr2ahqjb.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 15511 bytes
-- Files created between 2008-02-29 and 2008-03-31 -----------------------------
2008-03-30 19:18:04 5318 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-30 18:45:43 110592 --a------ C:\WINDOWS\system32\ynupoxat.exe
2008-03-30 17:15:16 0 d-------- C:\Documents and Settings\User Fiona\Application Data\Malwarebytes
2008-03-30 17:15:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-30 17:15:05 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-30 05:13:43 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2008-03-30 04:44:02 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-30 04:43:46 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-30 04:43:46 0 d-------- C:\Documents and Settings\User Fiona\Application Data\SUPERAntiSpyware.com
2008-03-30 04:36:37 0 d-------- C:\Documents and Settings\User Fiona\Application Data\McAfee
2008-03-30 02:37:40 0 d-------- C:\Program Files\DellSupport
2008-03-30 02:25:22 0 d-------- C:\Documents and Settings\User Fiona\Application Data\Grisoft
2008-03-30 02:25:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-29 20:38:20 0 d-------- C:\Program Files\Trend Micro
2008-03-29 14:19:04 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-29 14:18:46 0 d-------- C:\Program Files\Spyware Doctor
2008-03-29 14:18:46 0 d-------- C:\Documents and Settings\User Fiona\Application Data\PC Tools
2008-03-29 02:05:35 0 d-------- C:\WINDOWS\McAfee.com
2008-03-29 00:18:33 0 d-------- C:\WINDOWS\system32\ActiveScan
2008-03-28 09:33:22 4096 --a------ C:\WINDOWS\system32winlogonpc.exe
2008-03-28 09:33:22 4096 --a------ C:\WINDOWS\system32mwin32.exe
2008-03-28 09:33:22 4096 --a------ C:\WINDOWS\system32hoproxy.dll
2008-03-28 09:33:22 4096 --a------ C:\WINDOWS\a.bat
2008-03-28 09:33:21 4096 --a------ C:\WINDOWS\system32taack.exe
2008-03-28 09:33:21 4096 --a------ C:\WINDOWS\system32taack.dat
2008-03-28 09:33:21 4096 --a------ C:\WINDOWS\system32sncntr.exe
2008-03-28 09:33:21 4096 --a------ C:\WINDOWS\system32hxiwlgpm.exe
2008-03-28 09:33:21 4096 --a------ C:\WINDOWS\system32hxiwlgpm.dat
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\system32ssurf022.dll
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\system32psoft1.exe
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\system32psof1.exe
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\system32ps1.exe
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\system32msnbho.dll
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\system32medup020.dll
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\system32bsva-egihsg52.exe
2008-03-28 09:33:20 4096 --a------ C:\WINDOWS\iTunesMusic.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32thun32.dll
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32thun.dll
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32temp#01.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32ssvchost.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32ssvchost.com
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32Rundl1.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32regm64.dll
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32regc64.dll
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32netode.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32mtr2.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32msvchost.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32msgp.exe
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32medup012.dll
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32h@tkeysh@@k.dll
2008-03-28 09:33:19 4096 --a------ C:\WINDOWS\system32dpcproxy.exe
2008-03-28 09:33:19 4096 --a------ C:\Documents and Settings\User Fiona\DesktopFWebdEditor.exe
2008-03-28 09:33:19 4096 --a------ C:\Documents and Settings\User Fiona\Desktopfwebd.exe
2008-03-28 09:33:19 4096 --a------ C:\Documents and Settings\User Fiona\Desktopfilemanagerclient.exe
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32WINWGPX.EXE
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32winsystem.exe
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32vcatchpi.dll
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32sysreq.exe
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32newsd32.exe
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32mssecu.exe
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32emesx.dll
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32bdn.com
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32awtoolb.dll
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32anticipator.dll
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\system32akttzn.exe
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\mssecu.exe
2008-03-28 09:33:18 4096 --a------ C:\WINDOWS\bdn.com
2008-03-28 09:33:17 4096 --a------ C:\WINDOWS\system32vbsys2.dll
2008-03-28 09:32:25 0 d-------- C:\Documents and Settings\All Users\Application Data\efurebat
2008-03-28 09:32:22 102400 --a------ C:\WINDOWS\system32\adobezkf.exe
2008-03-22 10:48:13 0 d-------- C:\Documents and Settings\User Fiona\Application Data\alot
-- Find3M Report ---------------------------------------------------------------
2008-03-31 00:14:46 0 d-------- C:\Program Files\Lx_cats
2008-03-30 20:50:34 6320 --ahs--c- C:\WINDOWS\system32\KGyGaAvL.sys
2008-03-30 20:50:29 104 -r-hs--c- C:\WINDOWS\system32\18AF71C6B4.sys
2008-03-30 13:00:47 0 d-------- C:\Program Files\QuickTime
2008-03-30 12:59:50 0 d-------- C:\Program Files\PC Connectivity Solution
2008-03-30 12:54:07 0 d-------- C:\Program Files\Messenger
2008-03-30 12:52:19 0 d-------- C:\Program Files\iTunes
2008-03-30 12:50:10 0 d-------- C:\Program Files\ewido anti-malware
2008-03-30 12:49:41 0 d-------- C:\Program Files\Digital Line Detect
2008-03-30 12:48:49 0 d-------- C:\Program Files\DAEMON Tools
2008-03-30 12:41:12 0 d-------- C:\Program Files\Apoint
2008-03-30 11:41:38 0 d-------- C:\Program Files\McAfee
2008-03-30 05:13:58 0 d-------- C:\Program Files\NetWaiting
2008-03-30 04:50:31 0 d--h----- C:\Documents and Settings\User Fiona\Application Data\Gtek
2008-03-30 04:43:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-29 13:11:16 0 d-------- C:\Program Files\Common Files\McAfee
2008-03-28 23:06:51 0 d-------- C:\Documents and Settings\User Fiona\Application Data\SiteAdvisor
2008-03-28 09:34:38 0 d-------- C:\Program Files\ReGetDx
2008-03-08 19:44:08 0 d-------- C:\Documents and Settings\User Fiona\Application Data\AdobeUM
2008-03-08 18:36:17 0 d-------- C:\Documents and Settings\User Fiona\Application Data\Adobe
2008-03-04 21:37:39 0 d-------- C:\Program Files\Google
2008-02-23 18:50:32 0 d-------- C:\Program Files\PurePlay
2008-01-24 20:02:38 100 --a------ C:\WINDOWS\system32\doscam52.dll
2008-01-24 20:00:34 29696 --a------ C:\WINDOWS\system32\VB5StKit.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-01-24 20:00:34 71680 --a------ C:\WINDOWS\ST5UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-01-24 20:00:33 180224 --a------ C:\WINDOWS\system32\ijl11.dll <Not Verified; Intel Corporation; Intel® JPEG Library>
2008-01-24 20:00:32 73216 --a------ C:\WINDOWS\system32\ODBCTL32.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
26/11/2007 11:46 324936 --a------ c:\PROGRA~1\mcafee\msk\mcapbho.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [07/10/2005 07:13]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [19/11/2003 18:48]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [05/08/2005 22:05]
"@"="" []
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [30/10/2004 15:59]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [10/06/2005 11:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/06/2005 11:44]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [08/09/2005 06:20]
"LXCFCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [20/07/2005 18:47]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [12/11/2006 11:48]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [17/01/2007 20:24]
"sclauncher"="C:\Program Files\SimpleCenter\bin\win\sclauncher.exe" [13/09/2006 16:37]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [01/11/2007 20:12]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [30/11/2007 06:42]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [01/02/2008 13:55]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [09/03/2006 12:43]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [13/07/2006 13:41]
"NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [28/11/2006 01:12]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [14/06/2006 16:24]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [29/09/2005 15:01]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [05/10/2005 04:12]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [01/09/2005 18:24]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" [31/08/2005 12:06]
"CONNECTScheduler"="C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler.exe" []
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 23:46]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [18/06/2007 15:10]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 10:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [10/08/2004 06:00]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [19/06/2007 10:17]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [15/03/2007 11:09]
"DDO Launcher"="C:\Program Files\Turbine\Dungeons & Dragons Online - Stormreach\dndlauncher.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [30/03/2008 18:52]
"qmmruwap"="C:\WINDOWS\system32\ynupoxat.exe" [30/03/2008 18:45]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"Launcher"=C:\Program Files\Wanadoo_UK\Setup\Check.exe
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"rnS8053Ew8"=C:\Documents and Settings\All Users\Application Data\efurebat\ufgdgfkz.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 30/03/2008 18:52 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 07/09/2004 17:08 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe
-- End of Deckard's System Scanner: finished at 2008-03-31 00:57:02 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® M processor 1.86GHz
Percentage of Memory in Use: 71%
Physical Memory (total/avail): 1023.37 MiB / 295.34 MiB
Pagefile Memory (total/avail): 2459.43 MiB / 1545.86 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.01 MiB
C: is Fixed (NTFS) - 51.14 GiB total, 30.15 GiB free.
D: is CDROM (No Media)
G: is CDROM (No Media)
H: is Removable (FAT)
\\.\PHYSICALDRIVE0 - FUJITSU MHV2060AH - 55.89 GiB - 3 partitions
\PARTITION0 - Unknown - 94.1 MiB
\PARTITION1 (bootable) - Installable File System - 51.14 GiB - C:
\PARTITION2 - Unknown - 4.64 GiB
\\.\PHYSICALDRIVE1 - - 7.84 MiB - partitions
\PARTITION0 - MS-DOS V4 Huge - 242.45 MiB
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\EA GAMES\\The Battle for Middle-earth \\game.dat"="C:\\Program Files\\EA GAMES\\The Battle for Middle-earth \\game.dat:*:Enabled:The Battle for Middle-earth "
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:java"
"C:\\Documents and Settings\\User Fiona\\Local Settings\\Temp\\Rar$EX01.078\\Age of Empires II - Age of Kings\\empires2.exe"="C:\\Documents and Settings\\User Fiona\\Local Settings\\Temp\\Rar$EX01.078\\Age of Empires II - Age of Kings\\empires2.exe:*:Enabled:Age of Empires II"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Turbine\\Dungeons & Dragons Online - Stormreach\\dndclient.exe"="C:\\Program Files\\Turbine\\Dungeons & Dragons Online - Stormreach\\dndclient.exe:*:Enabled:dndclient"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\SimpleCenter\\Home Media Server.exe"="C:\\Program Files\\SimpleCenter\\Home Media Server.exe:*:Enabled:Nokia's Media Manager and Server"
"C:\\Program Files\\Java\\j2re1.4.2_03\\launch4j-tmp\\yahtzee.exe"="C:\\Program Files\\Java\\j2re1.4.2_03\\launch4j-tmp\\yahtzee.exe:*:Disabled:yahtzee"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\User Fiona\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DELL
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\User Fiona
LOGONSERVER=\\DELL
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Samsung\Samsung PC Studio 3\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\USERFI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\USERFI~1\LOCALS~1\Temp
USERDOMAIN=DELL
USERNAME=User Fiona
USERPROFILE=C:\Documents and Settings\User Fiona
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
User Fiona
(admin)User Chris
(admin)Administrator
(admin)-- Add/Remove Programs ---------------------------------------------------------
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Nokia PC Suite -->
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
VideoEgg Publisher --> C:\Documents and Settings\User Fiona\Application Data\VideoEgg\Uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type7031 / Error
Event Submitted/Written: 03/30/2008 03:12:01 PM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 489773561.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.
Event Record #/Type7029 / Error
Event Submitted/Written: 03/30/2008 03:11:57 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.3156, faulting module acrord32.dll, version 7.0.8.218, fault address 0x000026ba.
Processing media-specific event for [explorer.exe!ws!]
Event Record #/Type7027 / Error
Event Submitted/Written: 03/30/2008 01:38:17 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application SUPERAntiSpyware.exe, version 3.6.0.1000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type7026 / Warning
Event Submitted/Written: 03/30/2008 11:44:46 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}', feature 'Platform' failed during request for component '{7BA39C00-ED40-417C-8C5C-3804B2DDD646}'
Event Record #/Type7025 / Warning
Event Submitted/Written: 03/30/2008 11:44:46 AM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}', feature 'PCSuite', component '{9B373FD2-8E0A-4A76-80C7-63B6521FD237}' failed. The resource 'HKEY_CURRENT_USER\Software\Nokia\' does not exist.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type42957 / Warning
Event Submitted/Written: 03/30/2008 04:44:12 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00166F65DF91. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type42935 / Warning
Event Submitted/Written: 03/30/2008 01:28:53 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00166F65DF91. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type42930 / Warning
Event Submitted/Written: 03/30/2008 01:28:29 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 00166F65DF91. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
Event Record #/Type42905 / Warning
Event Submitted/Written: 03/30/2008 11:41:08 AM / 03/30/2008 11:41:38 AM
Event ID/Source: 51 / Cdrom
Event Description:
An error was detected on device \Device\CdRom1 during a paging operation.
Event Record #/Type42901 / Error
Event Submitted/Written: 03/30/2008 11:40:10 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1053" attempting to start the service lxcf_device with arguments ""
in order to run the server:
{323CE21C-A448-40AA-BA74-7FCF1E44106F}
-- End of Deckard's System Scanner: finished at 2008-03-30 17:22:25 ------------