i surfed the net & now my pc has spyware pop ups,i copied the highjacker file for you to help me out

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Wednesday 23.7.2008 / 18:25

Search:

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > i surfed the net & now my pc has spyware pop ups,i copied the highjacker file for you to help me out

Browse by topic

Forums

Start a new thread

i surfed the net & now my pc has spyware pop ups,i copied the highjacker file for you to help me out

Jump to:

Posted

Message

Page:	1	2	3	4	5	... Next >	Last >>

engin123

Account closed as per user's own request

28. March 2008 @ 01:38

Link to this message

this is a log fie from highjacker can someone please read this & help me out iv'e tried a few adawre programs & one or two antivirus programs & cc-cleaner but to no avail,through surving the net trying to just look at an adult site i got viruses gurlor,

im only a basic pc user i tried to read up on how to try to get rid of this spyware pop up problem by safe moding & starting avg then to start another program to then do another three or four steps i just got confused,i am lost without my pc shes my lover & a friend that does not argue with me nor want to use me or abuse me for my money,

she just is sensitive to the web sites,please help me restore some of my lost or damaged dills & redownload internet explorer 7 ,it seems as if some softwares rely on it,& about(files missing),im hearing popup sounds in the back ground,my pc is going mad ,i have uninstalled both firefox 3 beta version & i uninstalled the internet explorer 7.

it had to me bugs,& every minute it was driving me crazy with alll these pop ups to open this & open that to download antivirus software to help me fix the problem,but they want me to part with my money,i want a a freeware software please of anything you give me help with & a easier guide to solving the issue,

being that iv'e used the highjacker program to obtain the details i needed to pass them over to you an expert who can tell me what to do,because i might delete the wrong items then my pc wont be functioning properly,please get it back to the way she was intended to perform my friends at afterdawn.com,

isn't there also a internet software that can protect my pc from these adult sites being that i might be tempted to want to just surf on through them now & again & maybe download the odd few movies now & again,like a surf the web anonimous antispyware sheild that protects my pc from getting attacked like this because just because i like to surf around a lot i have got script problems files missing dills missing,

maybe my drivers are not working right now because of all this,freeware is what i need & a basic guide to solving this major spyware pop up adaware & trojuns that iv'e got. thank you. -Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:47:14, on 28/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Kontiki\KService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NetProject\sbmntr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Common Files\WinPCDoctor\strpmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\NetProject\sbsm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MemInfo\meminfo.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher...w=%s&tbid=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: 299914 helper - {47DF236B-7D10-4C01-9820-50C0D54E7841} - C:\WINDOWS\system32\299914\299914.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: 375013 helper - {74F7DB6B-86E9-4B91-9D9F-B0D954D7AA5B} - C:\WINDOWS\system32\375013\375013.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - C:\Program Files\NetProject\sbmdl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [strpmon] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com ad=http://winpcdoctor.com sd=http://inspaid.winpcdoctor.com
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com ad=http://winpcdoctor.com sd=http://inspaid.winpcdoctor.com
O4 - HKLM\..\Run: [SM_IAN] C:\Program Files\AdvancedCleaner Free\ian_monitor.exe
O4 - HKCU\..\Run: [WinPatrol Helper DLL] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [SpyShredder] C:\Program Files\SpyShredder\SpyShredder.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe
O4 - Startup: WordWeb.lnk = C:\Documents and Settings\EDDY\My Documents\WordWeb\wweb32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727103468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727078062
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/j...ows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{99525DF8-A407-4756-8479-1E90AA2806D3}: NameServer = 62.30.112.39,194.117.134.19
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: bimaculate - {d70e9b0f-aabc-4066-8176-c6de84d92fa1} - C:\WINDOWS\system32\kknwg.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe

--
End of file - 7276 bytes

[ + quote]

Ltangel

Member

28. March 2008 @ 05:26

Link to this message

Hey engin123,

Please be patient while I review your HijackThis log and follow the instructions below. Do not fix anything until you are instructed to. Thanks. :)

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

[*]Close all other windows before proceeding.
[*]Double-click on dss.exe and follow the prompts.
[*]When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

Go!

~Ltangel~

[ + quote]

Windows and system security is my priority.

engin123

Account closed as per user's own request

28. March 2008 @ 05:38

Link to this message

this is the main text notepad i will send the second one to you straight after,god bless bro,you should be my neighbour/

Deckard's System Scanner v20071014.68
Run by EDDY on 2008-03-28 09:31:43
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
112: 2008-03-28 09:31:53 UTC - RP112 - Deckard's System Scanner Restore Point
111: 2008-03-28 03:05:56 UTC - RP111 - Software Distribution Service 3.0
110: 2008-03-28 01:39:42 UTC - RP110 - Restore Operation
109: 2008-03-28 01:32:02 UTC - RP109 - Restore Operation
108: 2008-03-28 01:26:11 UTC - RP108 - 12/03/08 AT 1200

-- First Restore Point --
1: 2008-01-30 01:47:21 UTC - RP1 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as EDDY.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:32:56, on 28/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NetProject\sbmntr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Common Files\WinPCDoctor\strpmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\NetProject\sbsm.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Kontiki\KService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MemInfo\meminfo.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Azureus\Azureus.exe
C:\Documents and Settings\EDDY\Local Settings\Temporary Internet Files\Content.IE5\Z05KFWRG\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\EDDY.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher...w=%s&tbid=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: 299914 helper - {47DF236B-7D10-4C01-9820-50C0D54E7841} - C:\WINDOWS\system32\299914\299914.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: 375013 helper - {74F7DB6B-86E9-4B91-9D9F-B0D954D7AA5B} - C:\WINDOWS\system32\375013\375013.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - C:\Program Files\NetProject\sbmdl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [strpmon] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com ad=http://winpcdoctor.com sd=http://inspaid.winpcdoctor.com
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" dm=http://winpcdoctor.com ad=http://winpcdoctor.com sd=http://inspaid.winpcdoctor.com
O4 - HKLM\..\Run: [SM_IAN] C:\Program Files\AdvancedCleaner Free\ian_monitor.exe
O4 - HKCU\..\Run: [WinPatrol Helper DLL] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [SpyShredder] C:\Program Files\SpyShredder\SpyShredder.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\NetProject\scit.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe
O4 - Startup: WordWeb.lnk = C:\Documents and Settings\EDDY\My Documents\WordWeb\wweb32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727103468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727078062
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/j...ows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{99525DF8-A407-4756-8479-1E90AA2806D3}: NameServer = 62.30.112.39,194.117.134.19
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: bimaculate - {d70e9b0f-aabc-4066-8176-c6de84d92fa1} - C:\WINDOWS\system32\kknwg.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe

--
End of file - 7216 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 Pcatip - c:\windows\system32\drivers\pcatip.sys <Not Verified; VSO Software; Patin-Couffin Autoplay(tm) support driver>
R3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 ZSMC302 (VIMICRO USB PC Camera) - c:\windows\system32\drivers\usbvm31b.sys <Not Verified; VM; >

S3 BDFsDrv - c:\program files\softwin\bitdefender10\bdfsdrv.sys (file missing)
S3 BDRsDrv - c:\program files\softwin\bitdefender10\bdrsdrv.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------

2008-03-27 18:00:00 440 --a------ C:\WINDOWS\Tasks\ParetoLogic Registration.job
2008-03-24 16:02:47 344 --a------ C:\WINDOWS\Tasks\SmartDefrag.job

-- Files created between 2008-02-28 and 2008-03-28 -----------------------------

2008-03-28 07:45:57 0 d-------- C:\UBCD4Win
2008-03-28 04:57:20 0 d-------- C:\Program Files\AntiSpyKit 5.3
2008-03-28 01:46:19 0 d-------- C:\Program Files\Trend Micro
2008-03-28 01:37:46 0 d-------- C:\Program Files\Microsoft Silverlight
2008-03-28 00:57:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-27 23:01:14 0 d-------- C:\WINDOWS\system32\299914
2008-03-27 20:40:55 0 d-------- C:\Program Files\Lavasoft
2008-03-27 20:40:55 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-27 20:40:02 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-27 18:48:55 0 dr-h----- C:\Documents and Settings\EDDY\Recent
2008-03-27 12:00:09 0 d-------- C:\Program Files\CCleaner
2008-03-27 02:29:56 0 d-------- C:\Documents and Settings\All Users\Application Data\YourPrivacyGuard
2008-03-27 00:31:45 0 d-------- C:\Program Files\Common Files\SecurePCCleaner
2008-03-27 00:24:13 0 dr------- C:\Documents and Settings\All Users\Application Data\winpcdoctor
2008-03-27 00:23:40 0 d-------- C:\Program Files\Common Files\WinPCDoctor
2008-03-27 00:21:49 261896 --a------ C:\Documents and Settings\EDDY\Application Data\setup_en[1].exe <Not Verified; Locus Software, Inc.; Locus Installer>
2008-03-26 23:55:19 0 d-------- C:\WINDOWS\system32\375013
2008-03-26 23:54:55 0 d-------- C:\Program Files\NetProject
2008-03-24 11:22:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-03-23 14:11:22 0 d-------- C:\Documents and Settings\EDDY\Application Data\MozillaControl
2008-03-23 10:24:49 0 d-------- C:\Documents and Settings\EDDY\Application Data\Opera
2008-03-22 21:16:04 0 d-------- C:\Documents and Settings\EDDY\AbiSuite
2008-03-22 18:30:41 0 d-------- C:\Program Files\LingvoSoft
2008-03-22 18:13:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Transparent
2008-03-20 12:58:30 0 d-------- C:\Program Files\Mozilla Firefox 3 Beta 4
2008-03-19 00:32:46 81984 --a------ C:\WINDOWS\system32\bdod.bin
2008-03-19 00:27:21 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-03-18 23:36:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2008-03-18 23:36:12 216576 --a------ C:\WINDOWS\system32\monln.dll <Not Verified; Comodo Inc.; Comodo Anti-Viruspyware>
2008-03-15 19:34:08 0 d-------- C:\Program Files\DivX
2008-03-15 19:28:29 36734 --a------ C:\WINDOWS\system32\OggDSuninst.exe
2008-03-15 19:04:51 0 d-------- C:\Program Files\Common Files\xing shared
2008-03-11 12:09:41 0 d-------- C:\Program Files\Kontiki
2008-03-11 12:09:41 0 d-------- C:\logs3
2008-03-11 12:09:41 0 d-------- C:\Documents and Settings\All Users\Application Data\Kontiki
2008-03-11 12:09:23 0 d-------- C:\WINDOWS\Downloaded Installations
2008-03-06 00:05:37 0 d-------- C:\Documents and Settings\EDDY\Application Data\Real
2008-03-02 06:54:26 56832 --a------ C:\WINDOWS\system32\Iyvu9_32.dll
2008-03-02 06:54:26 27648 --a------ C:\WINDOWS\system32\ir50_lcs.dll <Not Verified; Intel Corporation.; Intel Indeo® video 5.0 LC>
2008-03-02 06:54:09 305152 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-03-02 06:51:00 0 d-------- C:\Program Files\LEAD Technologies, Inc
2008-03-02 06:35:04 62464 --a------ C:\WINDOWS\system32\cygz.dll
2008-03-02 06:35:04 1208320 --a------ C:\WINDOWS\system32\cygxml2-2.dll
2008-03-02 06:35:04 1153417 --a------ C:\WINDOWS\system32\cygwin1.dll <Not Verified; Red Hat; Cygwin>
2008-03-02 06:35:04 980992 --a------ C:\WINDOWS\system32\cygiconv-2.dll
2008-03-02 06:33:57 57344 --a------ C:\WINDOWS\system32\WNASPINT.DLL <Not Verified; NexiTech, Inc.; NexiTech ASPI for Win32>
2008-03-01 18:34:45 0 d-------- C:\Program Files\iPod

-- Find3M Report ---------------------------------------------------------------

2008-03-28 09:32:59 0 d-------- C:\Documents and Settings\EDDY\Application Data\Azureus
2008-03-28 09:28:06 0 d-------- C:\Documents and Settings\EDDY\Application Data\Vso
2008-03-28 09:28:05 668 --a------ C:\Documents and Settings\EDDY\Application Data\vso_ts_preview.xml
2008-03-27 20:40:02 0 d-------- C:\Program Files\Common Files
2008-03-27 20:30:25 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-27 02:40:00 6397 --a------ C:\Documents and Settings\EDDY\Application Data\update.log
2008-03-25 21:39:00 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-25 13:04:56 0 d-------- C:\Program Files\Azureus
2008-03-25 09:57:13 0 d-------- C:\Documents and Settings\EDDY\Application Data\uTorrent
2008-03-24 16:02:39 0 d-------- C:\Program Files\IObit
2008-03-24 15:12:31 13312 --a-s---- C:\WINDOWS\system32\kknwg.dll
2008-03-24 10:35:11 0 d-------- C:\Documents and Settings\EDDY\Application Data\CopyToDvd
2008-03-20 12:58:54 0 d-------- C:\Documents and Settings\EDDY\Application Data\Mozilla
2008-03-19 01:05:13 0 d-------- C:\Program Files\XP Smoker
2008-03-17 22:31:51 0 d-------- C:\Documents and Settings\EDDY\Application Data\BSplayer PRO
2008-03-15 19:10:00 0 d-------- C:\Documents and Settings\EDDY\Application Data\DivX
2008-03-14 22:48:10 0 d-------- C:\Documents and Settings\EDDY\Application Data\DVD Flick
2008-03-02 06:36:17 0 d-------- C:\Program Files\Cucusoft
2008-03-01 18:34:56 0 d-------- C:\Program Files\iTunes
2008-02-21 02:04:16 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-02-21 02:04:04 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-02-21 02:04:04 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-02-21 02:04:04 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-02-21 02:03:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-02-18 13:13:14 0 d-------- C:\Program Files\NCH Swift Sound
2008-02-15 02:44:08 0 d-------- C:\Program Files\Driver Magician
2008-02-15 01:19:03 0 d-------- C:\Documents and Settings\EDDY\Application Data\Help
2008-02-10 18:29:35 0 d-------- C:\Documents and Settings\EDDY\Application Data\ImgBurn
2008-02-10 18:29:11 0 d-------- C:\Program Files\ImgBurn
2008-02-10 00:00:44 0 d-------- C:\Program Files\Alwil Software
2008-02-09 20:03:52 0 d-------- C:\Documents and Settings\EDDY\Application Data\Any DVD Converter Professional
2008-02-09 20:00:49 0 d-------- C:\Program Files\Any DVD Converter Professional
2008-02-09 19:53:20 0 d-------- C:\Documents and Settings\EDDY\Application Data\Media Player Classic
2008-02-09 19:51:54 680 --a------ C:\Documents and Settings\EDDY\Application Data\coreavc.ini
2008-02-08 22:50:25 0 d-------- C:\Program Files\iSofter
2008-02-06 21:29:10 0 d-------- C:\Documents and Settings\EDDY\Application Data\Nero
2008-02-06 11:11:06 0 d-------- C:\Documents and Settings\EDDY\Application Data\WinSpyControl
2008-02-05 22:05:06 0 d-------- C:\Program Files\VSO
2008-02-05 15:19:29 0 d-------- C:\Documents and Settings\EDDY\Application Data\NCH Swift Sound
2008-02-05 10:43:54 0 d-------- C:\Documents and Settings\EDDY\Application Data\Launchy
2008-02-05 09:30:17 0 d-------- C:\Documents and Settings\EDDY\Application Data\VSO_HWE
2008-02-04 20:51:15 0 d-------- C:\Documents and Settings\EDDY\Application Data\Ahead
2008-02-04 20:18:29 0 d-------- C:\Program Files\MSECache
2008-02-04 19:59:33 0 d-------- C:\Program Files\Microsoft DirectX SDK (November 2007)
2008-02-04 18:04:39 0 d-------- C:\Program Files\Noël Danjou
2008-02-04 07:20:46 0 d-------- C:\Program Files\MemInfo
2008-02-02 19:55:19 0 d-------- C:\Documents and Settings\EDDY\Application Data\IObit
2008-02-02 18:18:36 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-02 17:16:29 0 d-------- C:\Documents and Settings\EDDY\Application Data\SpywareRemover
2008-02-02 17:08:34 0 d-------- C:\Documents and Settings\EDDY\Application Data\Avant Profiles
2008-02-02 17:08:31 0 d-------- C:\Program Files\Avant Browser
2008-02-02 16:59:45 0 d-------- C:\Program Files\Citi-Software
2008-02-02 16:17:06 0 d-------- C:\Program Files\NCH Software
2008-02-01 23:01:14 0 d-------- C:\Program Files\Cool PDF Reader
2008-02-01 22:32:14 0 d-------- C:\Program Files\Machinist2DLL
2008-02-01 21:49:28 0 d-------- C:\Program Files\007DVD
2008-02-01 09:31:39 0 dr------- C:\Documents and Settings\EDDY\Application Data\Brother
2008-02-01 09:17:42 50 --a------ C:\WINDOWS\system32\bridf07a.dat
2008-02-01 09:17:29 0 d-------- C:\Program Files\Brother
2008-02-01 09:15:57 0 d-------- C:\Documents and Settings\EDDY\Application Data\InstallShield
2008-02-01 09:14:56 0 d-------- C:\Program Files\Nuance
2008-02-01 09:13:42 0 d-------- C:\Program Files\Common Files\ScanSoft Shared
2008-02-01 09:13:38 0 d-------- C:\Program Files\Common Files\InstallShield
2008-02-01 09:13:24 0 d-------- C:\Program Files\ScanSoft
2008-02-01 08:05:19 0 d-------- C:\Program Files\uTorrent
2008-02-01 01:00:58 0 d-------- C:\Program Files\Real
2008-02-01 00:42:44 0 d-------- C:\Program Files\AC3Filter
2008-02-01 00:18:46 0 d-------- C:\Program Files\coverXP
2008-02-01 00:07:28 0 d-------- C:\Program Files\DVDFab Gold 4
2008-01-31 23:56:41 34 --a------ C:\Documents and Settings\EDDY\Application Data\pcouffin.log
2008-01-31 23:56:36 47360 --a------ C:\Documents and Settings\EDDY\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-01-31 23:56:36 1144 --a------ C:\Documents and Settings\EDDY\Application Data\pcouffin.inf
2008-01-31 23:56:36 7887 --a------ C:\Documents and Settings\EDDY\Application Data\pcouffin.cat
2008-01-31 23:56:35 0 d-------- C:\Program Files\DVDFab Platinum 4
2008-01-31 23:50:08 0 d-------- C:\Documents and Settings\EDDY\Application Data\Apple Computer
2008-01-31 23:49:35 0 d-------- C:\Program Files\Bonjour
2008-01-31 23:48:29 0 d-------- C:\Program Files\Apple Software Update
2008-01-31 23:48:05 0 d-------- C:\Program Files\Common Files\Apple
2008-01-31 23:34:38 0 d-------- C:\Documents and Settings\EDDY\Application Data\WinPatrol
2008-01-31 23:34:30 0 d-------- C:\Program Files\BillP Studios
2008-01-31 23:17:33 0 d-------- C:\Documents and Settings\EDDY\Application Data\Adobe
2008-01-31 22:42:23 0 d-------- C:\Program Files\Windows Live
2008-01-31 22:40:15 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-31 22:20:31 0 d-------- C:\Program Files\Messenger
2008-01-31 21:07:37 0 d-------- C:\Documents and Settings\EDDY\Application Data\LimeWire
2008-01-31 21:04:37 0 d-------- C:\Program Files\LimeWire
2008-01-31 20:35:27 0 d-------- C:\Program Files\Vimicro
2008-01-31 20:32:04 0 d-------- C:\Program Files\Xvid
2008-01-31 02:31:12 0 d-------- C:\Program Files\Microsoft Works
2008-01-31 02:30:57 0 d-------- C:\Program Files\MSBuild
2008-01-31 02:29:23 0 d-------- C:\Program Files\Microsoft.NET
2008-01-31 02:27:38 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-01-30 23:41:23 0 d-------- C:\Program Files\Common Files\Ahead
2008-01-30 23:34:49 0 d-------- C:\Program Files\Nero
2008-01-30 23:31:15 0 d-------- C:\Documents and Settings\EDDY\Application Data\vlc
2008-01-30 23:28:39 0 d-------- C:\Program Files\VideoLAN
2008-01-30 23:26:52 1167 --a------ C:\WINDOWS\mozver.dat
2008-01-30 23:23:17 0 d-------- C:\Documents and Settings\EDDY\Application Data\Macromedia
2008-01-30 23:12:31 0 d-------- C:\Documents and Settings\EDDY\Application Data\Sun
2008-01-30 23:03:20 0 d-------- C:\Program Files\Java
2008-01-30 23:01:58 0 d-------- C:\Program Files\Common Files\Java
2008-01-30 21:20:12 0 d-------- C:\Program Files\MSXML 6.0
2008-01-30 21:20:01 0 d-------- C:\Program Files\MSXML 4.0
2008-01-30 02:48:09 25004 --a------ C:\WINDOWS\system32\tcpipbak.reg
2008-01-30 02:34:19 0 --a------ C:\WINDOWS\nsreg.dat
2008-01-30 01:47:09 0 d-------- C:\Documents and Settings\EDDY\Application Data\Identities
2008-01-30 01:19:05 0 d-------- C:\Program Files\microsoft frontpage
2008-01-30 01:18:49 0 -rahs---- C:\MSDOS.SYS
2008-01-30 01:18:49 0 -rahs---- C:\IO.SYS
2008-01-30 01:18:49 0 --a------ C:\CONFIG.SYS
2008-01-30 01:18:49 0 --a------ C:\AUTOEXEC.BAT
2008-01-30 01:17:32 0 d--h----- C:\Program Files\WindowsUpdate
2008-01-30 01:16:37 0 d-------- C:\Program Files\Common Files\MSSoap
2008-01-30 01:16:26 0 d-------- C:\Program Files\Movie Maker
2008-01-30 01:15:33 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-01-30 01:15:12 0 d-------- C:\Program Files\Online Services
2008-01-30 01:14:55 0 d-------- C:\Program Files\MSN Gaming Zone
2008-01-30 01:14:47 0 d-------- C:\Program Files\Windows NT
2008-01-30 01:07:55 0 d-------- C:\Program Files\Common Files\ODBC
2008-01-30 01:07:51 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-01-30 01:07:28 62 --ahs---- C:\Documents and Settings\EDDY\Application Data\desktop.ini

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47DF236B-7D10-4C01-9820-50C0D54E7841}]
27/03/2008 23:01 13312 --a------ C:\WINDOWS\system32\299914\299914.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74F7DB6B-86E9-4B91-9D9F-B0D954D7AA5B}]
26/03/2008 23:55 13312 --a------ C:\WINDOWS\system32\375013\375013.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7C109800-A5D5-438F-9640-18D17E168B88}]
28/03/2008 03:14 10240 --a------ C:\Program Files\NetProject\sbmdl.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DB9FBA9D-AB1B-4CC6-9745-F3B549D64E40}"= C:\Program Files\NetProject\wamdl.dll [26/03/2008 23:55 85504]

[-HKEY_CLASSES_ROOT\CLSID\{DB9FBA9D-AB1B-4CC6-9745-F3B549D64E40}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [19/02/2008 13:10]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [09/06/2004 15:37]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [07/01/2008 23:29]
"strpmon"="C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" [26/02/2008 09:40]
"Salestart"="C:\Program Files\Common Files\WinPCDoctor\strpmon.exe" [26/02/2008 09:40]
"SM_IAN"="C:\Program Files\AdvancedCleaner Free\ian_monitor.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol Helper DLL"="C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll" [27/01/2008 05:38]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [18/10/2007 11:34]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [03/08/2004 23:56]
"kdx"="C:\Program Files\Kontiki\KHost.exe" [27/02/2008 17:56]
"Windows update loader"="C:\Windows\xpupdate.exe" [27/03/2008 23:00]
"SpyShredder"="C:\Program Files\SpyShredder\SpyShredder.exe" []

C:\Documents and Settings\EDDY\Start Menu\Programs\Startup\
MemInfo.lnk - C:\Program Files\MemInfo\meminfo.exe [13/01/2008 17:16:32]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"Wallpaper"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
"NoStartMenuEjectPC"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"some"=C:\Program Files\NetProject\scit.exe
"start"=C:\Program Files\NetProject\sbmntr.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceActiveDesktopOn"=1 (0x1)
"NoSetActiveDesktop"=0 (0x0)
"NoActiveDesktopChanges"=0 (0x0)
"NoActiveDesktop"=2 (0x2)
"NoViewContextMenu"=0 (0x0)
"NoDFSTab"=0 (0x0)
"NoSecurityTab"=0 (0x0)
"NoHardwareTab"=0 (0x0)
"NoToolbarCustomize"=1 (0x1)
"NoBandCustomize"=0 (0x0)
"NoFileMenu"=0 (0x0)
"NoFolderOptions"=0 (0x0)
"NoPropertiesMyComputer"=0 (0x0)
"NoFileAssociate"=0 (0x0)
"NoLowDiskSpaceChecks"=1 (0x1)
"NoInstrumentation"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"ClearRecentDocsOnExit"=0 (0x0)
"NoDesktopCleanupWizard"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoRecycleFiles"=1 (0x1)
"NoWelcomeScreen"=1 (0x1)
"NoStartMenuEjectPC"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{d70e9b0f-aabc-4066-8176-c6de84d92fa1}"= C:\WINDOWS\system32\kknwg.dll [24/03/2008 15:12 13312]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

-- End of Deckard's System Scanner: finished at 2008-03-28 09:33:24 ------------

[ + quote]

engin123

Account closed as per user's own request

28. March 2008 @ 05:41

Link to this message

this is the extra text notepad.

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) 64 Processor 3200+
Percentage of Memory in Use: 55%
Physical Memory (total/avail): 1022.48 MiB / 453.87 MiB
Pagefile Memory (total/avail): 2459.68 MiB / 2094.34 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1933.43 MiB

C: is Fixed (NTFS) - 186.3 GiB total, 128.93 GiB free.
D: is Removable (No Media)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is CDROM (No Media)
I: is CDROM (No Media)
J: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST3200822AS - 186.31 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 186.3 GiB - C:

\\.\PHYSICALDRIVE5 - Brother DCP-135C USB Device

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Documents and Settings\\EDDY\\Desktop\\Azureus\\Azureus.exe"="C:\\Documents and Settings\\EDDY\\Desktop\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Avant Browser\\avant.exe"="C:\\Program Files\\Avant Browser\\avant.exe:*:Enabled:Avant Browser"
"C:\\Documents and Settings\\EDDY\\Desktop\\uTorrent\\uTorrent.exe"="C:\\Documents and Settings\\EDDY\\Desktop\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Kontiki\\KService.exe"="C:\\Program Files\\Kontiki\\KService.exe:*:Enabled:Delivery Manager Service"
"C:\\Program Files\\007DVD\\007 DVD Creator\\DVDCreator.exe"="C:\\Program Files\\007DVD\\007 DVD Creator\\DVDCreator.exe:*:Enabled:007 DVD Creator"
"C:\\Program Files\\Any DVD Converter Professional\\DVDConvPro.exe"="C:\\Program Files\\Any DVD Converter Professional\\DVDConvPro.exe:*:Enabled:Any DVD Converter Professional"
"C:\\Program Files\\VSO\\ConvertX\\3\\ConvertXtoDvd.exe"="C:\\Program Files\\VSO\\ConvertX\\3\\ConvertXtoDvd.exe:*:Enabled:ConvertXToDVD 3"
"C:\\Program Files\\DivX\\DivX Codec\\DivX EKG.exe"="C:\\Program Files\\DivX\\DivX Codec\\DivX EKG.exe:*:Enabled:DivX EKG"
"C:\\Program Files\\DivX\\DivX Player\\DivX Player.exe"="C:\\Program Files\\DivX\\DivX Player\\DivX Player.exe:*:Enabled:DivX Player"
"C:\\Program Files\\VSO\\DivxToDVD\\DivxToDVD.exe"="C:\\Program Files\\VSO\\DivxToDVD\\DivxToDVD.exe:*:Enabled:DivxToDVD"
"C:\\Program Files\\DVDFab Gold 4\\DVDFabGold.exe"="C:\\Program Files\\DVDFab Gold 4\\DVDFabGold.exe:*:Enabled:DVDFab Gold 4"
"C:\\Program Files\\DVDFab Platinum 4\\DVDFabPlatinum.exe"="C:\\Program Files\\DVDFab Platinum 4\\DVDFabPlatinum.exe:*:Enabled:DVDFab Platinum 4"
"C:\\Program Files\\IObit\\IObit SmartDefrag\\IObit SmartDefrag.exe"="C:\\Program Files\\IObit\\IObit SmartDefrag\\IObit SmartDefrag.exe:*:Enabled:IObit SmartDefrag"
"C:\\Documents and Settings\\EDDY\\My Documents\\The KMPlayer\\KMPlayer.exe"="C:\\Documents and Settings\\EDDY\\My Documents\\The KMPlayer\\KMPlayer.exe:*:Enabled:KMPlayer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire PRO 4.13.0"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Windows Live\\Mail\\wlmail.exe"="C:\\Program Files\\Windows Live\\Mail\\wlmail.exe:*:Enabled:Windows Live Mail"
"C:\\Program Files\\BillP Studios\\WinPatrol\\WinPatrol.exe"="C:\\Program Files\\BillP Studios\\WinPatrol\\WinPatrol.exe:*:Enabled:WinPatrol"
"C:\\Program Files\\WinRAR\\WinRAR.exe"="C:\\Program Files\\WinRAR\\WinRAR.exe:*:Enabled:WinRAR"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\EDDY\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EDDY1
ComSpec=C:\WINDOWS\system32\cmd.exe
DXSDK_DIR=C:\Program Files\Microsoft DirectX SDK (November 2007)\
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\EDDY
LOGONSERVER=\\EDDY1
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Windows Live\Messenger\;C:\Program Files\Microsoft DirectX SDK (November 2007)\Utilities\Bin\x86;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Final Codecs\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 15 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0f00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\EDDY\LOCALS~1\Temp
TMP=C:\DOCUME~1\EDDY\LOCALS~1\Temp
USERDOMAIN=EDDY1
USERNAME=EDDY
USERPROFILE=C:\Documents and Settings\EDDY
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

EDDY (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
007 DVD Creator 2.0 --> "C:\Program Files\007DVD\007 DVD Creator\unins000.exe"
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Access Manager 2 --> MsiExec.exe /I{5590FCB1-AA19-4510-9FC1-BB6A8E0A14A5}
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Agere Systems PCI Soft Modem --> agrsmdel
AMCap --> C:\Program Files\Noël Danjou\AMCap\uninst.exe
Any DVD Converter Professional 3.5.6 --> "C:\Program Files\Any DVD Converter Professional\unins000.exe"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avant Browser (remove only) --> "C:\Program Files\Avant Browser\uninst.exe"
Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
BBC iPlayer Download Manager --> MsiExec.exe /I {D466F3D9-510C-4729-B7D4-2E70490E4CDF}
Before You Know It 3.6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D4304DB-EDF8-4EEC-A5B1-E46D978E1F21}\Setup.exe" -l0x9
BlindWrite5 --> "C:\Program Files\VSO\BlindWrite5\unins000.exe"
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Brother MFL-Pro Suite --> "C:\Program Files\InstallShield Installation Information\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Setup.exe" -runfromtemp -l0x0009 Brunin03.dll -removeonly
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
ConvertXtoDVD 2.99.9.600b --> "C:\Program Files\VSO\ConvertX\3\unins000.exe"
CopyToDVD --> "C:\Program Files\vso\CopyToDVD\unins000.exe"
coverXP (remove only) --> "C:\Program Files\coverXP\cxp-uninst.exe"
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 --> "C:\Program Files\Cucusoft\avi-dvd-pro\unins000.exe"
Direct Show Ogg Vorbis Filter (remove only) --> "C:\WINDOWS\system32\OggDSuninst.exe"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivxToDVD 0.5.2b --> "C:\Program Files\vso\DivxToDVD\unins000.exe"
Driver Magician 2.8 --> "C:\Program Files\Driver Magician\unins000.exe"
DVDFab Gold (Non-CSS Version) 4.0.3.0 --> "C:\Program Files\DVDFab Gold 4\unins000.exe"
DVDFab Platinum 4.0.3.0 --> "C:\Program Files\DVDFab Platinum 4\unins000.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
ImgBurn --> "C:\Program Files\ImgBurn\uninstall.exe"
Intel A/V Codecs V2.0 --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\CDUninst.isu
Internet Service --> "C:\Program Files\NetProject\waun.exe"
IObit SmartDefrag Beta4.03 --> "C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LEAD MCMP_MJPEG Codec Eval --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6C6303B-F56F-11D5-B90B-005004892044}\setup.exe"
LimeWire PRO 4.13.0 --> "C:\Program Files\LimeWire\uninstall.exe"
Machinist2DLL --> C:\Program Files\Machinist2DLL\uninstall.exe
MemInfo (remove only) --> "C:\Program Files\MemInfo\uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft DirectX SDK (November 2007) --> MsiExec.exe /I{CA97B421-06CB-4040-8EC9-6ED02EA87930}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English) --> MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0b4) --> C:\Program Files\Mozilla Firefox 3 Beta 4\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 7 Premium --> MsiExec.exe /I{70AB1576-7883-2313-C650-7A71270B1033}
NetMos Multi-IO Controller --> NmUninst.exe
PaperPort Image Printer --> MsiExec.exe /X{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
ScanSoft PaperPort 11 --> MsiExec.exe /I{B6C89654-A6A2-477C-873B-724EC1C56407}
Scientific-Atlanta WebSTAR 2000 series Cable Modem --> UNDPX2A.EXE
Secure Browsing --> "C:\Program Files\NetProject\sbun.exe"
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
The KMPlayer (remove only) --> "C:\Documents and Settings\EDDY\My Documents\The KMPlayer\uninstall.exe"
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
UBCD4Win 3.12 --> "C:\UBCD4Win\unins000.exe"
Update for Outlook 2007 Junk Email Filter (kb947945) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E397056B-7AE5-4FF1-8B13-276BF8201847}
Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}
VideoLAN VLC media player 0.8.6d --> C:\Documents and Settings\EDDY\My Documents\VLC\uninstall.exe
Vimicro USB PC Camera --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail --> MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinPatrol 2007 --> C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
XP Smoker Pro 5.1 --> "C:\Program Files\XP Smoker\unins000.exe"
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"

-- Application Event Log -------------------------------------------------------

Event Record #/Type2951 / Success
Event Submitted/Written: 03/28/2008 04:55:04 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type2942 / Success
Event Submitted/Written: 03/28/2008 01:40:18 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type2931 / Success
Event Submitted/Written: 03/28/2008 01:16:48 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type2917 / Success
Event Submitted/Written: 03/28/2008 01:07:22 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type2904 / Success
Event Submitted/Written: 03/27/2008 11:52:16 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type4155 / Warning
Event Submitted/Written: 03/28/2008 09:30:14 AM
Event ID/Source: 57 / Ftdisk
Event Description:
The system failed to flush data to the transaction log. Corruption may occur.

Event Record #/Type4139 / Error
Event Submitted/Written: 03/28/2008 03:14:27 AM
Event ID/Source: 2 / ParVdm
Event Description:
Unable to get device object pointer for port object.

Event Record #/Type4109 / Error
Event Submitted/Written: 03/28/2008 01:39:27 AM
Event ID/Source: 2 / ParVdm
Event Description:
Unable to get device object pointer for port object.

Event Record #/Type4097 / Error
Event Submitted/Written: 03/28/2008 01:31:41 AM
Event ID/Source: 2 / ParVdm
Event Description:
Unable to get device object pointer for port object.

Event Record #/Type4074 / Error
Event Submitted/Written: 03/28/2008 01:16:27 AM
Event ID/Source: 2 / ParVdm
Event Description:
Unable to get device object pointer for port object.

-- End of Deckard's System Scanner: finished at 2008-03-28 09:33:24 ------------

[ + quote]

Ltangel

Member

28. March 2008 @ 06:11

Link to this message

Hey engin123,

Looks like you didn't follow my instructions carefully. :( I asked you to save dss.exe to your desktop.

Please delete the dss[1].exe you downloaded from this folder: C:\Documents and Settings\EDDY\Local Settings\Temporary Internet Files\Content.IE5\Z05KFWRG\and REdownload it and save it to your desktop. Rescan with it, this time, do NOT post me the logs.

NB: In the future, please read EVERY word in my instructions carefully, and follow them as closely as possible. I'm not trying to be naggy here, one wrong step can cause serious damage to your computer. Thanks for your cooperation and understanding.

~Ltangel~

[ + quote]

Windows and system security is my priority.

Ltangel

Member

28. March 2008 @ 06:46

Link to this message

Hey engin123,

From your HijackThis log, you have no anti-virus running on your computer! This is very dangerous and you are vunerable to all kinds of infections! It is vital that you download and install ONE of the anti-virus programs listed below:

AVG 7.5 free Anti-virus
Avast anti-virus

NB: Please follow my instructions as closely as possible, and ask if you don't understand any part of the instructions.

----------------------------------------------------------------------

Run ComboFix

Please disable Avast or AVG 7.5 free anti-virus(depending on which one you chose to install) before you run ComboFix, instructions are as follows:

AVAST
Right click on the avast! icon in system tray and choose (Stop On-Access Protection)

AVG
Please open the AVG Control Center program -> double-click on the "AVG Resident Shield" component -> deselect the "Turn on AVG Resident Shield" checkmark and save the setting.

*********

[*]Close any open browsers.
[*]WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
[*]Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
[*]If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------
[*]Double click on combofix.exe & follow the prompts.
[*]When finished, it will produce a report for you.
[*]Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Next reply (please include):

Fresh HijackThis log
C:\ComboFix.txt

Go!

~Ltangel~

[ + quote]

Windows and system security is my priority.

engin123

Account closed as per user's own request

28. March 2008 @ 08:47

Link to this message

is this what it is that you want me to uninsta lUBCD4WinV312.exe then reinstal first then scan it with highjacker then save that note book to my desktop plus after iv'e done the rescan i must sent the results to you,but some of this stuff is new to me im worried,i did download this but im not sure what im meant to be using it for,

im downloding music files sometimes more movies so is this for that because i do get codecs problems somes times when the software would tell me that you cant convert this file because you don't have the right codecs installed thats for audio & video sometimes then the copies not really now but before sometimes they will play for a bit then stop & will not play any further,

i knw sometimes it is the discs if they get a clink on the surface that glitch can cause you picsaltation problems & freezing at the parts of the movie where you are enjoying it the most,or they say it might be your drivers need updating,or they say it might be the software you are using there might be a bug in it,

or they might say that you should change the dvd-r settings to doa instead of soa i hope im saying this correctly but as you are an expert you must know what im getting at,but is there a software for that problem to,im fed up of wasting so many blank discs,

don't even know how to find these dills missing files or reg hkeys & i want to know all in one go what do i do first in easier diagram,im not a computer buff im just a junior,im sending you this link also where it says you cant really use the files if you have windows xp,im gtting confused again,copy & past this link into your browser & you will yourself what it is saying as you read down the list,

what is it that im having all these problems with i just don't get- go to this link & you will see then read it then try to find an easie alternitve if you can to solve this please,

& to stop all these pop ups they are driving me insane,can you also give me a free web browser surfing security anti virus protector that would be one of te best tools for me because im always on the net,so you can pick up viruses just going to more or less any web siteso help me im just a leaner in this field but im quite good i some things yet in others im useless,

please it would make it more understandable if you tel me in more detail so that i can save this information to my pc so that if it happens to me again this happens again i might have more knowllege aboutit & so that if my computer expert friend ever came to help me he would have the information right in front of him

another problem i need to solve is that you cant copy & paste everything on the pc,how can you do it another way if you tried to copy & pasting it & you then try to put it into the message blog here in the box it just wont do it,but if i knew how to do it then i will have given you all the information to tell you what is running on my pc & whats maybe in the back ground,is there a software that you can use for this,sorry for bugging you,

im disabled so im not as fast as your average bear,i await your speedy responce-heres the link it,http://glenstegner.com/dss1/copyqm.htm

[ + quote]

This message has been edited since posting. Last time this message was edited on 28. March 2008 @ 09:02

Ltangel

Member

28. March 2008 @ 09:00

Link to this message

Ok, one step at a time.

First, I need you to download and install an anti-virus to protect your computer, I would highly recommend you to use AVG 7.5, please download and install it at this link:

http://free.grisoft.com/filedir/inst/avg75free_519a1276.exe

Just do the above and tell me when you are done. Also, please rescan your computer with HijackThis and post the rescanned log.

To copy and paste texts, just highlight the texts you want and press Ctrl+C and then press Ctrl+V to paste it.

Go!

~Ltangel~

[ + quote]

Windows and system security is my priority.

This message has been edited since posting. Last time this message was edited on 28. March 2008 @ 09:01

engin123

Account closed as per user's own request

28. March 2008 @ 09:42

Link to this message

there you go ive downloaded avg free & ive installed it now im sending you the latest highjacker report log notebook,i await your next instructions,if we go through it like this slowly but surly we would have tweaked my pc back to better then its original state,it was quite slow in the past with a lot of freezing,because i like to open up page after page when im surfing is there a sofware free one out for that i need that so much,im downloading to as well sometimes to when im surfing but i do have 20 meg broard band which in the summer time will go up to 50 meg,im in all day today so everytime you reply i will be repling you bck as quick as i can ,thank you my friend,ive never really ever had many people in my life helping me out but i was always thinking & caring for them,i thank you so much NjUx20 NjUx20 NjUx20 NjUx20 NjUx20 NjUx20 NjUx20 NjUx20 NjUx20 NjUx20 NjUx20 NjUx20Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:36:02, on 28/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NetP


		User name	Password

		Not registered yet? Register here. Lost your password? Click here.