Tech Support Forum - View Single Post - NOWFIND will NOT give up

kris84 · 03-23-2005, 04:31 PM

Hi Bobrocks

Thanks again for the prompt reply.

Before I post the log, some info that may be useful

All the stuff in the 'Launch Manager' is to do with the acer laptop (this computer)
The 'Synaptics' refers to the touch pad
(Just incase you were wonder what some of them are.)
Ok here it is

----------------------------------

StartDreck (build 2.1.7 public stable) - 2005-03-24 @ 09:27:26 (GMT +10:00)
Platform: Windows XP (Win NT 5.1.2600 Service Pack 1)
Internet Explorer: 6.0.2800.1106
Logged in as Rossow at LAPTOP

»Registry
»Run Keys
»Current User
»Run
»RunOnce
»Default User
»Run
»RunOnce
»Local Machine
»Run
*SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
*SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
*AcerNotebookManager=C:\Program Files\Acer\Notebook Manager\almxptray.exe
*LaunchAp=C:\Program Files\Launch Manager\LaunchAp.exe
*PowerKey="C:\Program Files\Launch Manager\PowerKey.exe"
*LManager=C:\Program Files\Launch Manager\HotkeyApp.exe
*CtrlVol=C:\Program Files\Launch Manager\CtrlVol.exe
*Wbutton="C:\Program Files\Launch Manager\Wbutton.exe"
*WG511WLU=C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe -hide
*gcasServ="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*NoChange=1
*Installed=1
+MAPI
*NoChange=1
*Installed=1
»RunOnce
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\System32\mshta.exe "%1" %*
+.htm
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.html
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
+Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
+Microsoft Windows Media Player 6.4/{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Windows Messenger/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser
+Microsoft Windows Media Player 8/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
+Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\system32\ie4uinit.exe
+Fax/{8b15971b-5355-4c82-8c07-7e181ea07608}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
»Browser Helper Objects (LM)
»Internet Explorer
»Current User
*Default_Page_URL=http://www.nowfind.net/003/clickpps.php
*Default_Search_URL=http://www.nowfind.net/003/clickpps.php
*Local Page=C:\WINDOWS\System32\blank.htm
*Search Bar=http://www.nowfind.net/003/clickpps.php
*Search Page=http://www.nowfind.net/003/clickpps.php
*Start Page=http://www.nowfind.net/003/clickpps.php
*CustomizeSearch=http://www.nowfind.net/003/clickpps.php
*SearchAssistant=http://www.nowfind.net/003/clickpps.php
+SearchUrl
*provider=
»Default User
»Local Machine
*Default_Page_URL=http://www.google.com
*Default_Search_URL=http://www.nowfind.net/003/clickpps.php
*Local Page=C:\WINDOWS\System32\blank.htm
*Search Bar=http://www.google.com
*Search Page=http://www.nowfind.net/003/clickpps.php
*Start Page=http://www.nowfind.net/003/clickpps.php
*CustomizeSearch=http://www.nowfind.net/003/clickpps.php
*SearchAssistant=http://www.nowfind.net/003/clickpps.php
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=
*SHELL=Explorer.exe
*Userinit=C:\WINDOWS\system32\userinit.exe,
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\Rossow\Start Menu\Programs\Startup\desktop.ini
»Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
»Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\System32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\autoexec.bat
*C:\WINDOWS\System32\autoexec.nt
`@echo off
`lh %SystemRoot%\system32\mscdexnt.exe
`lh %SystemRoot%\system32\redir
`lh %SystemRoot%\system32\dosx
`SET BLASTER=A220 I5 D1 P330 T3
*C:\WINDOWS\System32\drivers\etc\hosts
`auto.search.msn.com 127.0.0.1
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\System32\win.com
*C:\WINDOWS\explorer.exe
»%PATH% Companion Files
+C:\WINDOWS\System32\taskman.exe
*C:\WINDOWS\TASKMAN.EXE
+C:\WINDOWS\System32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
+C:\WINDOWS\System32\agrsmdel.exe
*C:\WINDOWS\agrsmdel.exe
+C:\WINDOWS\System32\notepad.exe
*C:\WINDOWS\notepad.exe
»System/Drivers
»Running Processes
+0=<idle>
+4=<system>
+564=\SystemRoot\System32\smss.exe
+664=\??\C:\WINDOWS\system32\csrss.exe
+688=\??\C:\WINDOWS\system32\winlogon.exe
+732=C:\WINDOWS\system32\services.exe
+744=C:\WINDOWS\system32\lsass.exe
+912=C:\WINDOWS\system32\svchost.exe
+1040=C:\WINDOWS\System32\svchost.exe
+1204=C:\WINDOWS\System32\svchost.exe
+1256=C:\WINDOWS\System32\svchost.exe
+1496=C:\WINDOWS\Explorer.EXE
+1744=C:\WINDOWS\system32\spoolsv.exe
+320=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
+332=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
+340=C:\Program Files\Acer\Notebook Manager\almxptray.exe
+392=C:\Program Files\Launch Manager\LaunchAp.exe
+412=C:\Program Files\Launch Manager\PowerKey.exe
+432=C:\Program Files\Launch Manager\HotkeyApp.exe
+440=C:\Program Files\Launch Manager\CtrlVol.exe
+452=C:\Program Files\Launch Manager\Wbutton.exe
+460=C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe
+468=C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
+1012=C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
+1236=C:\Program Files\Internet Explorer\iexplore.exe
+172=C:\Documents and Settings\Rossow\Desktop\StartDreck\StartDreck.exe
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
*C:\WINDOWS\System32\IoSubSys\iomega.vxd
*C:\WINDOWS\System32\IoSubSys\NTI4CDR.VXD
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User

03-23-2005, 04:31 PM	#7 (permalink)
kris84 Registered User Join Date: Mar 2005 Location: Sunshine Coast, QLD, Australia Posts: 7 OS: XP SP1	Hi Bobrocks Thanks again for the prompt reply. Before I post the log, some info that may be useful All the stuff in the 'Launch Manager' is to do with the acer laptop (this computer) The 'Synaptics' refers to the touch pad (Just incase you were wonder what some of them are.) Ok here it is ---------------------------------- StartDreck (build 2.1.7 public stable) - 2005-03-24 @ 09:27:26 (GMT +10:00) Platform: Windows XP (Win NT 5.1.2600 Service Pack 1) Internet Explorer: 6.0.2800.1106 Logged in as Rossow at LAPTOP »Registry »Run Keys »Current User »Run »RunOnce »Default User »Run »RunOnce »Local Machine »Run SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe AcerNotebookManager=C:\Program Files\Acer\Notebook Manager\almxptray.exe LaunchAp=C:\Program Files\Launch Manager\LaunchAp.exe PowerKey="C:\Program Files\Launch Manager\PowerKey.exe" LManager=C:\Program Files\Launch Manager\HotkeyApp.exe CtrlVol=C:\Program Files\Launch Manager\CtrlVol.exe Wbutton="C:\Program Files\Launch Manager\Wbutton.exe" WG511WLU=C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe -hide gcasServ="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" +OptionalComponents +MSFS Installed=1 +MAPI NoChange=1 Installed=1 +MAPI NoChange=1 Installed=1 »RunOnce »RunServices »RunServicesOnce »RunOnceEx »RunServicesOnceEx »File Associations (CR) +.bat batfile="%1" %* +.com comfile="%1" % +.disabled SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1" +.exe exefile="%1" %* +.hta htafile=C:\WINDOWS\System32\mshta.exe "%1" % +.htm htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome +.html htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome +.js JSFile=%SystemRoot%\System32\WScript.exe "%1" % +.jse JSEFile=%SystemRoot%\System32\WScript.exe "%1" % +.pif piffile="%1" % +.reg regfile=regedit.exe "%1" +.scr scrfile="%1" /S +.txt txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1 +.vbs VBSFile=%SystemRoot%\System32\WScript.exe "%1" %* +.vbe VBEFile=%SystemRoot%\System32\WScript.exe "%1" % +.wsh WSHFile=%SystemRoot%\System32\WScript.exe "%1" % +.wsf WSFFile=%SystemRoot%\System32\WScript.exe "%1" % +.lnk `lnkfile= [key or value does not exist] »Active Setup (LM) +Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c} StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE +Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP +Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE +Microsoft Windows Media Player 6.4/{22d6f312-b0f6-11d0-94ab-0080c74c7e95} StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT +Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED} StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll +Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C} StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install +NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B} StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT +Windows Messenger/{5945c046-1e7d-11d1-bc44-00c04fd912be} StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser +Microsoft Windows Media Player 8/{6BF52A52-394A-11d3-B153-00C04F79FAA6} StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub +Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02} StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install +Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340} StubPath=regsvr32.exe /s /n /i:U shell32.dll +Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383} StubPath=%SystemRoot%\system32\ie4uinit.exe +Fax/{8b15971b-5355-4c82-8c07-7e181ea07608} StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser »Browser Helper Objects (LM) »Internet Explorer »Current User Default_Page_URL=http://www.nowfind.net/003/clickpps.php Default_Search_URL=http://www.nowfind.net/003/clickpps.php Local Page=C:\WINDOWS\System32\blank.htm Search Bar=http://www.nowfind.net/003/clickpps.php Search Page=http://www.nowfind.net/003/clickpps.php Start Page=http://www.nowfind.net/003/clickpps.php CustomizeSearch=http://www.nowfind.net/003/clickpps.php SearchAssistant=http://www.nowfind.net/003/clickpps.php +SearchUrl provider= »Default User »Local Machine Default_Page_URL=http://www.google.com Default_Search_URL=http://www.nowfind.net/003/clickpps.php Local Page=C:\WINDOWS\System32\blank.htm Search Bar=http://www.google.com Search Page=http://www.nowfind.net/003/clickpps.php Start Page=http://www.nowfind.net/003/clickpps.php CustomizeSearch=http://www.nowfind.net/003/clickpps.php SearchAssistant=http://www.nowfind.net/003/clickpps.php »ShellServiceObjectDelayLoad (LM) PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9} `InprocServer32=%SystemRoot%\system32\SHELL32.dll CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9} `InprocServer32=%SystemRoot%\system32\SHELL32.dll WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED} `InprocServer32=%SystemRoot%\System32\webcheck.dll SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153} `InprocServer32=C:\WINDOWS\System32\stobject.dll »Special NT Values »Current User Load= Run= Programs=com exe bat pif cmd SHELL= »Default User Load= Run= Programs=com exe bat pif cmd SHELL= »Local Machine AppInit_DLLs= SHELL=Explorer.exe Userinit=C:\WINDOWS\system32\userinit.exe, »Files »Autostart Folders »Current User C:\Documents and Settings\Rossow\Start Menu\Programs\Startup\desktop.ini »Default User C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini »Local Machine C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk »INI-Files »WIN.INI\[windows] LOAD= RUN= »SYSTEM.INI\[boot] SHELL=Explorer.exe »Text Files C:\boot.ini `[boot loader] `timeout=30 `default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS `[operating systems] `multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect C:\msdos.sys C:\config.sys C:\WINDOWS\System32\config.nt `dos=high, umb `device=%SystemRoot%\system32\himem.sys `files=40 C:\autoexec.bat C:\WINDOWS\System32\autoexec.nt `@echo off `lh %SystemRoot%\system32\mscdexnt.exe `lh %SystemRoot%\system32\redir `lh %SystemRoot%\system32\dosx `SET BLASTER=A220 I5 D1 P330 T3 C:\WINDOWS\System32\drivers\etc\hosts `auto.search.msn.com 127.0.0.1 »Program Files C:\ntldr C:\ntdetect.com C:\io.sys C:\WINDOWS\System32\win.com C:\WINDOWS\explorer.exe »%PATH% Companion Files +C:\WINDOWS\System32\taskman.exe C:\WINDOWS\TASKMAN.EXE +C:\WINDOWS\System32\winhlp32.exe C:\WINDOWS\winhlp32.exe +C:\WINDOWS\System32\agrsmdel.exe C:\WINDOWS\agrsmdel.exe +C:\WINDOWS\System32\notepad.exe C:\WINDOWS\notepad.exe »System/Drivers »Running Processes +0=<idle> +4=<system> +564=\SystemRoot\System32\smss.exe +664=\??\C:\WINDOWS\system32\csrss.exe +688=\??\C:\WINDOWS\system32\winlogon.exe +732=C:\WINDOWS\system32\services.exe +744=C:\WINDOWS\system32\lsass.exe +912=C:\WINDOWS\system32\svchost.exe +1040=C:\WINDOWS\System32\svchost.exe +1204=C:\WINDOWS\System32\svchost.exe +1256=C:\WINDOWS\System32\svchost.exe +1496=C:\WINDOWS\Explorer.EXE +1744=C:\WINDOWS\system32\spoolsv.exe +320=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe +332=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe +340=C:\Program Files\Acer\Notebook Manager\almxptray.exe +392=C:\Program Files\Launch Manager\LaunchAp.exe +412=C:\Program Files\Launch Manager\PowerKey.exe +432=C:\Program Files\Launch Manager\HotkeyApp.exe +440=C:\Program Files\Launch Manager\CtrlVol.exe +452=C:\Program Files\Launch Manager\Wbutton.exe +460=C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe +468=C:\Program Files\Microsoft AntiSpyware\gcasServ.exe +1012=C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe +1236=C:\Program Files\Internet Explorer\iexplore.exe +172=C:\Documents and Settings\Rossow\Desktop\StartDreck\StartDreck.exe »VMM32Files (LM) »%System%\VMM32 »%System%\IOSUBSYS C:\WINDOWS\System32\IoSubSys\iomega.vxd C:\WINDOWS\System32\IoSubSys\NTI4CDR.VXD »Application specific »MS Office 97/8.0 STARTUP-PATH »Current User »Default User »Local Machine »ICQ NetDetect »Current User »Default User