flashing(X)and a(?) in toolo bar??

scaper123 · 06-18-2008, 07:28 AM

flashing icon thats has a(X) and a (?) flashing then it pops up saying that there has been a number of spywere etc found on the computer then my avg 8 says that the site is a bad site when i click the bubble

ps and when it happend they installed a suposinally spyware,trojan scanner sort of thing that kept sayin attack on port (example) 34567 and it jus wouldnt go away i had to
disable it in the MSCONFIG plz help plz

here is a log from hijack this do i need anything else??
------------------------------------------------------------------------
Log File
-------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 09:49:07, on 18/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\PROGRA~1\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework...ex/TmHcmsX.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SymantecAntiBotAgent - Unknown owner - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe" SymantecAntiBotAgent (file missing)
O23 - Service: SymantecAntiBotWatcher - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
-------------------------------------------------------------------------
Deckard's scan
-----------------------------------------------------------------------

Deckard's System Scanner v20071014.68
Run by User on 2008-06-18 15:02:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
37: 2008-06-18 14

38 UTC - RP197 - Deckard's System Scanner Restore Point
36: 2008-06-18 08:14:28 UTC - RP196 - Spyware Terminator - restore point
35: 2008-06-18 08:11:38 UTC - RP195 - Installed Norton AntiBot.
34: 2008-06-18 08:05:00 UTC - RP194 - Spyware Terminator - restore point
33: 2008-06-18 07:43:00 UTC - RP193 - Removed Google Toolbar for Internet Explorer

-- First Restore Point --
1: 2008-05-08 03:13:49 UTC - RP161 - Spyware Doctor: Cleaning Threats

Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 496 MiB (512 MiB recommended).

-- HijackThis (run as User.exe) ------------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-18 15:21:25
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG8\avgwdsvc.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgemc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe
C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe
C:\WINDOWS\system32\mspaint.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Documents and Settings\User\Desktop\dss.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\AVG\AVG8\avgupd.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/downlo...eckControl.cab
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework...ex/TmHcmsX.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get.../ultrashim.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: chaplin - {257f6f44-2c64-46bb-acb4-55f9b9e0ae08} - C:\WINDOWS\system32\psqnuvo.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SymantecAntiBotAgent - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe
O23 - Service: SymantecAntiBotWatcher - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPcservice.exe

--
End of file - 7826 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 sp_rsdrv2 (Spyware Terminator Driver 2) - c:\windows\system32\drivers\sp_rsdrv2.sys

S2 spydetector - c:\documents and settings\user\desktop\spdetec.3.12\crck\spydetector.sys (file missing)
S2 zntport (NTPort Library Driver) - c:\windows\system32\zntport.sys (file missing)
S3 CEDRIVER51 - c:\program files\cheat engine\dbk32.sys (file missing)
S3 hamachi (Hamachi Network Interface) - c:\windows\system32\drivers\hamachi.sys <Not Verified; Applied Networking Inc.; Hamachi Virtual Network Interface Driver>
S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\progra~1\common~1\motive\mrendis5.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator>

S4 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Files created between 2008-05-18 and 2008-06-18 -----------------------------

2027-04-25 13:16:50 0 d-------- C:\Program Files\Rapidown
2008-06-18 09:11:58 0 d-------- C:\Program Files\Symantec
2008-06-18 09:11:58 0 d-------- C:\Documents and Settings\User\Application Data\Symantec
2008-06-18 09:10:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-06-18 08:58:25 141312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-06-18 08:58:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-06-18 08:58:24 0 d-------- C:\Documents and Settings\User\Application Data\Spyware Terminator
2008-06-18 08:58:14 0 d-------- C:\Program Files\Spyware Terminator
2008-06-18 08:51:24 0 d-------- C:\Program Files\Spyware Process Detector
2008-06-17 04:56:41 0 d-------- C:\Program Files\EasyEclipse Expert Java 1.3.1.1
2008-06-16 23:27:11 0 d-------- C:\Program Files\Autodesk
2008-06-16 23:12:47 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-16 12:56:41 0 d-------- C:\Documents and Settings\Guest\Application Data\Netscape
2008-06-14 02:53:49 0 d-------- C:\WINDOWS\system32\QuickTime
2008-06-14 02:53:19 0 d-------- C:\Documents and Settings\All Users\Application Data\TechSmith
2008-06-14 02:52:45 0 d-------- C:\Program Files\Common Files\TechSmith Shared
2008-06-14 02:52:09 0 d-------- C:\Program Files\TechSmith
2008-06-13 18:29:38 0 d-------- C:\Program Files\Common Files\eSellerate
2008-06-13 16:04:37 216576 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2008-06-13 15:27:49 92276 --a------ C:\WINDOWS\BricoPackUninst.cmd
2008-06-13 15:25:04 3227 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-06-13 09:31:37 0 d-------- C:\Documents and Settings\User\Application Data\Netscape
2008-06-13 09:31:15 0 d-------- C:\Program Files\Netscape
2008-06-13 02:07:15 53760 --a------ C:\WINDOWS\system32\zlib.dll <Not Verified; ; ZLib.DLL>
2008-06-09 12:38:22 0 d-------- C:\.jagex_cache_32
2008-06-06 22:12:18 0 d-------- C:\Documents and Settings\Guest\Application Data\AVGTOOLBAR
2008-06-06 02:43:25 0 d-------- C:\Program Files\JitBit
2008-06-06 02:13:57 0 d-------- C:\Program Files\SpeederXP
2008-06-05 18:57:41 0 d-------- C:\FPC
2008-06-05 17:30:08 0 d-------- C:\Program Files\Sun
2008-06-05 17:21:19 0 d-------- C:\Program Files\Common Files\Java
2008-06-05 15:36:52 0 d-------- C:\Documents and Settings\User\Application Data\com.syncrosvnclient
2008-06-05 15:36:13 0 d-------- C:\Program Files\Syncro SVN Client 3.1
2008-06-05 13:19:08 0 d--h----- C:\$AVG8.VAULT$
2008-06-05 00:00:55 0 d-------- C:\Program Files\Conduit
2008-06-05 00:00:42 0 d-------- C:\Program Files\TorrentMan
2008-06-05 00:00:18 0 d-------- C:\Program Files\BitLord
2008-06-04 16:14:23 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-04 16:14:21 0 d-------- C:\Documents and Settings\User\Application Data\AVGTOOLBAR
2008-06-04 16:13:58 0 d-------- C:\Program Files\AVG
2008-06-04 16:13:58 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-29 04:25:12 0 d-------- C:\Documents and Settings\Guest\Application Data\Notepad++
2008-05-28 02:39:17 0 d-------- C:\WINDOWS\system32\LogFiles
2008-05-22 17:42:49 0 d-------- C:\WINDOWS\BricoPacks
2008-05-22 17:21:42 0 d-------- C:\WINDOWS\.jagex_cache_32
2008-05-22 15:43:00 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-05-22 02:31:07 5169152 --a------ C:\Documents and Settings\User\ntuser.dat
2008-05-19 16:11:56 0 d-------- C:\Documents and Settings\Guest\Application Data\Seekmo
2008-05-19 16:11:47 0 d-------- C:\Documents and Settings\Guest\Application Data\ShoppingReport

-- Find3M Report ---------------------------------------------------------------

2008-06-18 08:44:58 0 d-------- C:\Documents and Settings\User\Application Data\Mozilla
2008-06-18 08:44:27 0 d-------- C:\Program Files\SwiftKit
2008-06-18 08:43:06 0 d-------- C:\Program Files\Google
2008-06-18 08:41:19 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-18 08:40:21 0 d-------- C:\Program Files\TextPad 5
2008-06-18 08:39:58 0 d-------- C:\Program Files\SCAR 3.15
2008-06-18 04:02:31 0 d-------- C:\Documents and Settings\User\Application Data\Adobe
2008-06-17 01:04:44 1956 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-06-16 23:12:47 0 d-------- C:\Program Files\Common Files
2008-06-16 22

15 2068 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-14 16:05:11 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-13 18:24:01 0 d-------- C:\Program Files\Movie Maker
2008-06-13 16:04:37 13312 --a-s---- C:\WINDOWS\system32\psqnuvo.dll
2008-06-13 15:27:46 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-05 17:29:55 0 d-------- C:\Program Files\Java
2008-05-12 18:21:07 0 d-------- C:\Program Files\SCAR 3.14
2008-04-29 23:08:31 0 d-------- C:\Documents and Settings\User\Application Data\Smart PC Solutions
2008-04-29 23:02:06 95 --a------ C:\WINDOWS\system32\productregistry
2008-04-29 17:44:57 0 d-------- C:\Documents and Settings\User\Application Data\Help
2008-04-25 14:12:32 0 d-------- C:\Program Files\Network Stumbler
2008-04-25 14:12:13 0 d-------- C:\Program Files\Covey Inc
2008-04-24 03:40:36 0 d-------- C:\Documents and Settings\User\Application Data\TextPad
2008-04-24 03:35:02 0 d-------- C:\Documents and Settings\User\Application Data\Helios
2008-04-21 05:30:14 0 d-------- C:\Documents and Settings\User\Application Data\LimeWire
2008-03-29 11:02:25 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>
2008-03-29 11:02:21 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{56FA7933-DC3E-403b-8D47-BB5E3F345A21}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
04/06/2008 16:14 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [04/06/2008 16:14 2050816]

[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04/06/2008 16:14]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [18/06/2008 08:58]
"NortonAntiBot"="C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" [12/11/2007 22:59]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56]
"eyeBeam SIP Client"="" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

C:\Documents and Settings\User\Start Menu\Programs\Startup\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [18/03/2007 23:05:02]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{257f6f44-2c64-46bb-acb4-55f9b9e0ae08}"= C:\WINDOWS\system32\psqnuvo.dll [13/06/2008 16:04 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Rapidown.lnk]
path=C:\Documents and Settings\User\Start Menu\Programs\Startup\Rapidown.lnk
backup=C:\WINDOWS\pss\Rapidown.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiSpyCheck]
C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiSpyCheck 2.1.0]
"C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLD.EXE]
C:\Program Files\Download Direct\DLD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoOE]
C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoSA]
"C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSA.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
%systemroot%\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YBrowser]
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YPCService"=3 (0x3)
"gusvc"=3 (0x3)

*Newly Created Service* - SP_RSDRV2
*Newly Created Service* - SP_RSSRV
*Newly Created Service* - SYMANTECANTIBOTAGENT
*Newly Created Service* - SYMANTECANTIBOTDRIVER
*Newly Created Service* - SYMANTECANTIBOTFILTER
*Newly Created Service* - SYMANTECANTIBOTSHIM
*Newly Created Service* - SYMANTECANTIBOTWATCHER

-- Hosts -----------------------------------------------------------------------

127.0.0.1 localhost 127.0.0.1 advert.runescape.com

-- End of Deckard's System Scanner: finished at 2008-06-18 15:28:30 ------------
----------------------------------------------------------------------
Deckards extra
---------------------------------------------------------------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Duron(tm) Processor
Percentage of Memory in Use: 73%
Physical Memory (total/avail): 495.48 MiB / 129.07 MiB
Pagefile Memory (total/avail): 1158.27 MiB / 711.48 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1938.62 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 31.48 GiB total, 19.33 GiB free.

\\.\PHYSICALDRIVE0 - ST340014A - 37.27 GiB - 2 partitions
\PARTITION0 - Unknown - 5.78 GiB
\PARTITION1 (bootable) - Installable File System - 31.48 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG Anti-Virus Free v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"D:\\Utils\\UpgradeWizard\\UpgradeBT\\upgradeBThub.exe"="D:\\Utils\\UpgradeWizard\\UpgradeBT\\upgradeBThub.exe:*:Enabled:BT Home Hub Upgrade Wizard"
"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Documents and Settings\\User\\Local Settings\\Temp\\java_ee_sdk-5_04-windows.exe2\\package\\jre\\bin\\javaw.exe"="C:\\Documents and Settings\\User\\Local Settings\\Temp\\java_ee_sdk-5_04-windows.exe2\\package\\jre\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Sun\\SDK\\jdk\\bin\\java.exe"="C:\\Sun\\SDK\\jdk\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\Program Files\\Autodesk\\Maya 8.5 Personal Learning Edition\\bin\\maya.exe"="C:\\Program Files\\Autodesk\\Maya 8.5 Personal Learning Edition\\bin\\maya.exe:*:Enabled:Maya"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\User\Application Data
APR_ICONV_PATH=C:\Program Files\Subversion\iconv
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=COMP-1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\User
LOGONSERVER=\\COMP-1
MOZ_CRASHREPORTER_DATA_DIRECTORY=C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Crash Reports
MOZ_CRASHREPORTER_RESTART_ARG_0=C:\Program Files\Mozilla Firefox\firefox.exe
MOZ_CRASHREPORTER_STRINGS_OVERRIDE=C:\Program Files\Mozilla Firefox\crashreporter-override.ini
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Subversion\bin;;c:\program files\Java\jdk1.6.0_05\bin;;C:\FPC\2.2.0\bin\i386-Win32;.
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 7 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0701
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\User\LOCALS~1\Temp
TMP=C:\DOCUME~1\User\LOCALS~1\Temp
USERDOMAIN=COMP-1
USERNAME=User
USERPROFILE=C:\Documents and Settings\User
windir=C:\WINDOWS
__PROCESS_HISTORY=C:\DOCUME~1\User\LOCALS~1\Temp\7zS24.tmp\setup.exe

-- User Profiles ---------------------------------------------------------------

User (admin)
Administrator (admin)
Guest (guest)

-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BT Home Hub --> C:\Program Files\BT Home Hub\Uninstall.exe
BT Yahoo! Applications --> C:\PROGRA~1\Yahoo!\Common\uninstall.exe
Camtasia Studio 5 --> MsiExec.exe /I{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324}
EasyEclipse Expert Java 1.3.1.1 --> "C:\Program Files\EasyEclipse Expert Java 1.3.1.1\uninstall-easyeclipse-1.3.exe"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
HijackThis 1.99.1 --> C:\Program Files\HijackThis\HijackThis.exe /uninstall
Java DB 10.3.1.4 --> MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02}
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) SE Development Kit 6 Update 6 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160060}
Jitbit Macro Recorder --> MsiExec.exe /I{2D57FB4E-6277-4A6D-8739-304C38051B89}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Norton AntiBot --> MsiExec.exe /X{B8E11ED9-889E-4FE1-9720-0B72C9E5E436}
Notepad++ --> C:\Program Files\Notepad++\uninstall.exe
Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
SpeederXP 1.80 --> "C:\Program Files\SpeederXP\unins000.exe"
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Process Detector v3.12 --> "C:\Program Files\Spyware Process Detector\Uninstall\unins000.exe"
Spyware Terminator --> "C:\Program Files\Spyware Terminator\unins000.exe"
Subversion 1.4.5-r25188 --> "C:\Program Files\Subversion\unins000.exe"
Syncro SVN Client 3.1 --> C:\Program Files\Syncro SVN Client 3.1\uninstall.exe
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Zune Desktop Theme --> MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}

-- Application Event Log -------------------------------------------------------

Event Record #/Type1658 / Error
Event Submitted/Written: 06/17/2008 07:14:27 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application Photoshop.exe, version 10.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type1645 / Error
Event Submitted/Written: 06/14/2008 02:55:16 AM
Event ID/Source: 11904 / MsiInstaller
Event Description:
Product: Camtasia Studio 5 -- Error 1904. Module C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx failed to register. HRESULT -2147220473. Contact your support personnel.

Event Record #/Type1628 / Error
Event Submitted/Written: 06/11/2008 03:13:09 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application scar.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type1627 / Error
Event Submitted/Written: 06/11/2008 03:13:09 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application scar.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type1626 / Error
Event Submitted/Written: 06/11/2008 00:36:11 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application scar.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type8072 / Error
Event Submitted/Written: 06/18/2008 08:52:17 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The spydetector service failed to start due to the following error:
%%2

Event Record #/Type8071 / Error
Event Submitted/Written: 06/18/2008 08:52:13 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The spydetector service failed to start due to the following error:
%%2

Event Record #/Type8070 / Error
Event Submitted/Written: 06/18/2008 08:52:05 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The spydetector service failed to start due to the following error:
%%2

Event Record #/Type8069 / Error
Event Submitted/Written: 06/18/2008 08:51:00 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The spydetector service failed to start due to the following error:
%%2

Event Record #/Type8046 / Error
Event Submitted/Written: 06/18/2008 08:27:43 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The NTPort Library Driver service failed to start due to the following error:
%%2

-- End of Deckard's System Scanner: finished at 2008-06-18 15:28:30 ------------

scaper123 · 06-20-2008, 12:23 PM

bump up up up

come on been 3 days now it is realy lagging my comp i have had to shut what ever it is the installed off in msconfig

06-18-2008, 07:28 AM	#1 (permalink)
scaper123 Registered User Join Date: Jun 2008 Posts: 7 OS: xp proffesional	flashing(X)and a(?) in toolo bar?? flashing icon thats has a(X) and a (?) flashing then it pops up saying that there has been a number of spywere etc found on the computer then my avg 8 says that the site is a bad site when i click the bubble ps and when it happend they installed a suposinally spyware,trojan scanner sort of thing that kept sayin attack on port (example) 34567 and it jus wouldnt go away i had to disable it in the MSCONFIG plz help plz here is a log from hijack this do i need anything else?? ------------------------------------------------------------------------ Log File ------------------------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 09:49:07, on 18/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\PROGRA~1\Yahoo!\Common\YIeTagBm.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework...ex/TmHcmsX.CAB O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SymantecAntiBotAgent - Unknown owner - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe" SymantecAntiBotAgent (file missing) O23 - Service: SymantecAntiBotWatcher - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe ------------------------------------------------------------------------- Deckard's scan ----------------------------------------------------------------------- Deckard's System Scanner v20071014.68 Run by User on 2008-06-18 15:02:55 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 37: 2008-06-18 1438 UTC - RP197 - Deckard's System Scanner Restore Point 36: 2008-06-18 08:14:28 UTC - RP196 - Spyware Terminator - restore point 35: 2008-06-18 08:11:38 UTC - RP195 - Installed Norton AntiBot. 34: 2008-06-18 08:05:00 UTC - RP194 - Spyware Terminator - restore point 33: 2008-06-18 07:43:00 UTC - RP193 - Removed Google Toolbar for Internet Explorer -- First Restore Point -- 1: 2008-05-08 03:13:49 UTC - RP161 - Spyware Doctor: Cleaning Threats Backed up registry hives. Performed disk cleanup. Total Physical Memory: 496 MiB (512 MiB recommended). -- HijackThis (run as User.exe) ------------------------------------------------ Unable to find log (file not found); running clone. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-06-18 15:21:25 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG8\avgwdsvc.exe C:\Program Files\AVG\AVG8\avgrsx.exe C:\Program Files\AVG\AVG8\avgemc.exe C:\WINDOWS\explorer.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe C:\WINDOWS\system32\mspaint.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG8\avgscanx.exe C:\Documents and Settings\User\Desktop\dss.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Spyware Terminator\SpywareTerminator.exe C:\Program Files\AVG\AVG8\avgupd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - (no file) O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files\AVG\AVG8\avgtoolbar.dll O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/downlo...eckControl.cab O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework...ex/TmHcmsX.CAB O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get.../ultrashim.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: chaplin - {257f6f44-2c64-46bb-acb4-55f9b9e0ae08} - C:\WINDOWS\system32\psqnuvo.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: SymantecAntiBotAgent - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe O23 - Service: SymantecAntiBotWatcher - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPcservice.exe -- End of file - 7826 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 sp_rsdrv2 (Spyware Terminator Driver 2) - c:\windows\system32\drivers\sp_rsdrv2.sys S2 spydetector - c:\documents and settings\user\desktop\spdetec.3.12\crck\spydetector.sys (file missing) S2 zntport (NTPort Library Driver) - c:\windows\system32\zntport.sys (file missing) S3 CEDRIVER51 - c:\program files\cheat engine\dbk32.sys (file missing) S3 hamachi (Hamachi Network Interface) - c:\windows\system32\drivers\hamachi.sys <Not Verified; Applied Networking Inc.; Hamachi Virtual Network Interface Driver> S3 MRENDIS5 (MRENDIS5 NDIS Protocol Driver) - c:\progra~1\common~1\motive\mrendis5.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 sp_rssrv (Spyware Terminator Realtime Shield Service) - "c:\program files\spyware terminator\sp_rsser.exe" <Not Verified; Crawler.com; Crawler Spyware Terminator> S4 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module> -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-05-18 and 2008-06-18 ----------------------------- 2027-04-25 13:16:50 0 d-------- C:\Program Files\Rapidown 2008-06-18 09:11:58 0 d-------- C:\Program Files\Symantec 2008-06-18 09:11:58 0 d-------- C:\Documents and Settings\User\Application Data\Symantec 2008-06-18 09:10:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations 2008-06-18 08:58:25 141312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2008-06-18 08:58:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2008-06-18 08:58:24 0 d-------- C:\Documents and Settings\User\Application Data\Spyware Terminator 2008-06-18 08:58:14 0 d-------- C:\Program Files\Spyware Terminator 2008-06-18 08:51:24 0 d-------- C:\Program Files\Spyware Process Detector 2008-06-17 04:56:41 0 d-------- C:\Program Files\EasyEclipse Expert Java 1.3.1.1 2008-06-16 23:27:11 0 d-------- C:\Program Files\Autodesk 2008-06-16 23:12:47 0 d-------- C:\Program Files\Common Files\InstallShield 2008-06-16 12:56:41 0 d-------- C:\Documents and Settings\Guest\Application Data\Netscape 2008-06-14 02:53:49 0 d-------- C:\WINDOWS\system32\QuickTime 2008-06-14 02:53:19 0 d-------- C:\Documents and Settings\All Users\Application Data\TechSmith 2008-06-14 02:52:45 0 d-------- C:\Program Files\Common Files\TechSmith Shared 2008-06-14 02:52:09 0 d-------- C:\Program Files\TechSmith 2008-06-13 18:29:38 0 d-------- C:\Program Files\Common Files\eSellerate 2008-06-13 16:04:37 216576 --a------ C:\WINDOWS\system32\SpoonUninstall.exe 2008-06-13 15:27:49 92276 --a------ C:\WINDOWS\BricoPackUninst.cmd 2008-06-13 15:25:04 3227 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd 2008-06-13 09:31:37 0 d-------- C:\Documents and Settings\User\Application Data\Netscape 2008-06-13 09:31:15 0 d-------- C:\Program Files\Netscape 2008-06-13 02:07:15 53760 --a------ C:\WINDOWS\system32\zlib.dll <Not Verified; ; ZLib.DLL> 2008-06-09 12:38:22 0 d-------- C:\.jagex_cache_32 2008-06-06 22:12:18 0 d-------- C:\Documents and Settings\Guest\Application Data\AVGTOOLBAR 2008-06-06 02:43:25 0 d-------- C:\Program Files\JitBit 2008-06-06 02:13:57 0 d-------- C:\Program Files\SpeederXP 2008-06-05 18:57:41 0 d-------- C:\FPC 2008-06-05 17:30:08 0 d-------- C:\Program Files\Sun 2008-06-05 17:21:19 0 d-------- C:\Program Files\Common Files\Java 2008-06-05 15:36:52 0 d-------- C:\Documents and Settings\User\Application Data\com.syncrosvnclient 2008-06-05 15:36:13 0 d-------- C:\Program Files\Syncro SVN Client 3.1 2008-06-05 13:19:08 0 d--h----- C:\$AVG8.VAULT$ 2008-06-05 00:00:55 0 d-------- C:\Program Files\Conduit 2008-06-05 00:00:42 0 d-------- C:\Program Files\TorrentMan 2008-06-05 00:00:18 0 d-------- C:\Program Files\BitLord 2008-06-04 16:14:23 0 d-------- C:\WINDOWS\system32\drivers\Avg 2008-06-04 16:14:21 0 d-------- C:\Documents and Settings\User\Application Data\AVGTOOLBAR 2008-06-04 16:13:58 0 d-------- C:\Program Files\AVG 2008-06-04 16:13:58 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-05-29 04:25:12 0 d-------- C:\Documents and Settings\Guest\Application Data\Notepad++ 2008-05-28 02:39:17 0 d-------- C:\WINDOWS\system32\LogFiles 2008-05-22 17:42:49 0 d-------- C:\WINDOWS\BricoPacks 2008-05-22 17:21:42 0 d-------- C:\WINDOWS\.jagex_cache_32 2008-05-22 15:43:00 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla 2008-05-22 02:31:07 5169152 --a------ C:\Documents and Settings\User\ntuser.dat 2008-05-19 16:11:56 0 d-------- C:\Documents and Settings\Guest\Application Data\Seekmo 2008-05-19 16:11:47 0 d-------- C:\Documents and Settings\Guest\Application Data\ShoppingReport -- Find3M Report --------------------------------------------------------------- 2008-06-18 08:44:58 0 d-------- C:\Documents and Settings\User\Application Data\Mozilla 2008-06-18 08:44:27 0 d-------- C:\Program Files\SwiftKit 2008-06-18 08:43:06 0 d-------- C:\Program Files\Google 2008-06-18 08:41:19 0 d-------- C:\Program Files\Common Files\Symantec Shared 2008-06-18 08:40:21 0 d-------- C:\Program Files\TextPad 5 2008-06-18 08:39:58 0 d-------- C:\Program Files\SCAR 3.15 2008-06-18 04:02:31 0 d-------- C:\Documents and Settings\User\Application Data\Adobe 2008-06-17 01:04:44 1956 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-06-16 23:12:47 0 d-------- C:\Program Files\Common Files 2008-06-16 2215 2068 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-06-14 16:05:11 0 d-------- C:\Program Files\Common Files\Adobe 2008-06-13 18:24:01 0 d-------- C:\Program Files\Movie Maker 2008-06-13 16:04:37 13312 --a-s---- C:\WINDOWS\system32\psqnuvo.dll 2008-06-13 15:27:46 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System> 2008-06-05 17:29:55 0 d-------- C:\Program Files\Java 2008-05-12 18:21:07 0 d-------- C:\Program Files\SCAR 3.14 2008-04-29 23:08:31 0 d-------- C:\Documents and Settings\User\Application Data\Smart PC Solutions 2008-04-29 23:02:06 95 --a------ C:\WINDOWS\system32\productregistry 2008-04-29 17:44:57 0 d-------- C:\Documents and Settings\User\Application Data\Help 2008-04-25 14:12:32 0 d-------- C:\Program Files\Network Stumbler 2008-04-25 14:12:13 0 d-------- C:\Program Files\Covey Inc 2008-04-24 03:40:36 0 d-------- C:\Documents and Settings\User\Application Data\TextPad 2008-04-24 03:35:02 0 d-------- C:\Documents and Settings\User\Application Data\Helios 2008-04-21 05:30:14 0 d-------- C:\Documents and Settings\User\Application Data\LimeWire 2008-03-29 11:02:25 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows> 2008-03-29 11:02:21 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows> -- Registry Dump --------------------------------------------------------------- Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{56FA7933-DC3E-403b-8D47-BB5E3F345A21}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] 04/06/2008 16:14 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [04/06/2008 16:14 2050816] [-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04/06/2008 16:14] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [18/06/2008 08:58] "NortonAntiBot"="C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" [12/11/2007 22:59] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56] "eyeBeam SIP Client"="" [] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "RunNarrator"=Narrator.exe C:\Documents and Settings\User\Start Menu\Programs\Startup\ RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [18/03/2007 23:05:02] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoInstrumentation"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{257f6f44-2c64-46bb-acb4-55f9b9e0ae08}"= C:\WINDOWS\system32\psqnuvo.dll [13/06/2008 16:04 13312] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Rapidown.lnk] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\Rapidown.lnk backup=C:\WINDOWS\pss\Rapidown.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiSpyCheck] C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiSpyCheck 2.1.0] "C:\Program Files\AntiSpyCheck\AntiSpyCheck.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLD.EXE] C:\Program Files\Download Direct\DLD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoOE] C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSA.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck] %systemroot%\system32\dumprep 0 -u [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "YPCService"=3 (0x3) "gusvc"=3 (0x3) Newly Created Service - SP_RSDRV2 Newly Created Service - SP_RSSRV Newly Created Service - SYMANTECANTIBOTAGENT Newly Created Service - SYMANTECANTIBOTDRIVER Newly Created Service - SYMANTECANTIBOTFILTER Newly Created Service - SYMANTECANTIBOTSHIM Newly Created Service - SYMANTECANTIBOTWATCHER -- Hosts ----------------------------------------------------------------------- 127.0.0.1 localhost 127.0.0.1 advert.runescape.com -- End of Deckard's System Scanner: finished at 2008-06-18 15:28:30 ------------ ---------------------------------------------------------------------- Deckards extra --------------------------------------------------------------------- Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: AMD Duron(tm) Processor Percentage of Memory in Use: 73% Physical Memory (total/avail): 495.48 MiB / 129.07 MiB Pagefile Memory (total/avail): 1158.27 MiB / 711.48 MiB Virtual Memory (total/avail): 2047.88 MiB / 1938.62 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 31.48 GiB total, 19.33 GiB free. \\.\PHYSICALDRIVE0 - ST340014A - 37.27 GiB - 2 partitions \PARTITION0 - Unknown - 5.78 GiB \PARTITION1 (bootable) - Installable File System - 31.48 GiB - C: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. AV: AVG Anti-Virus Free v8.0 (AVG Technologies) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe::Enabled:Windows Live Messenger (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe::Enabled:Yahoo! Messenger" "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe::Enabled:Yahoo! FT Server" "D:\\Utils\\UpgradeWizard\\UpgradeBT\\upgradeBThub.exe"="D:\\Utils\\UpgradeWizard\\UpgradeBT\\upgradeBThub.exe::Enabled:BT Home Hub Upgrade Wizard" "C:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe::Enabled:Java(TM) Platform SE binary" "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe::Enabled:Internet Explorer" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe::Enabled:Firefox" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe::Disabled:Windows Messenger" "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe::Enabled:avginet.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe::Enabled:avgamsvr.exe" "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe::Enabled:avgcc.exe" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe::Enabled:LimeWire" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe::Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe::Enabled:Windows Live Messenger (Phone)" "C:\\Documents and Settings\\User\\Local Settings\\Temp\\java_ee_sdk-5_04-windows.exe2\\package\\jre\\bin\\javaw.exe"="C:\\Documents and Settings\\User\\Local Settings\\Temp\\java_ee_sdk-5_04-windows.exe2\\package\\jre\\bin\\javaw.exe::Enabled:Java(TM) Platform SE binary" "C:\\Sun\\SDK\\jdk\\bin\\java.exe"="C:\\Sun\\SDK\\jdk\\bin\\java.exe::Enabled:Java(TM) Platform SE binary" "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe::Enabled:avgupd.exe" "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe::Enabled:avgemc.exe" "C:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe::Enabled:Java(TM) Platform SE binary" "C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe::Enabled:BitLord" "C:\\Program Files\\Autodesk\\Maya 8.5 Personal Learning Edition\\bin\\maya.exe"="C:\\Program Files\\Autodesk\\Maya 8.5 Personal Learning Edition\\bin\\maya.exe::Enabled:Maya" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\User\Application Data APR_ICONV_PATH=C:\Program Files\Subversion\iconv CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=COMP-1 ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\User LOGONSERVER=\\COMP-1 MOZ_CRASHREPORTER_DATA_DIRECTORY=C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Crash Reports MOZ_CRASHREPORTER_RESTART_ARG_0=C:\Program Files\Mozilla Firefox\firefox.exe MOZ_CRASHREPORTER_STRINGS_OVERRIDE=C:\Program Files\Mozilla Firefox\crashreporter-override.ini NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\PROGRA~1\Java\JRE16~1.0_0\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Subversion\bin;;c:\program files\Java\jdk1.6.0_05\bin;;C:\FPC\2.2.0\bin\i386-Win32;. PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 7 Stepping 1, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0701 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\User\LOCALS~1\Temp TMP=C:\DOCUME~1\User\LOCALS~1\Temp USERDOMAIN=COMP-1 USERNAME=User USERPROFILE=C:\Documents and Settings\User windir=C:\WINDOWS __PROCESS_HISTORY=C:\DOCUME~1\User\LOCALS~1\Temp\7zS24.tmp\setup.exe -- User Profiles --------------------------------------------------------------- User (admin) Administrator (admin) Guest (guest) -- Add/Remove Programs --------------------------------------------------------- --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003} Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL BT Home Hub --> C:\Program Files\BT Home Hub\Uninstall.exe BT Yahoo! Applications --> C:\PROGRA~1\Yahoo!\Common\uninstall.exe Camtasia Studio 5 --> MsiExec.exe /I{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324} EasyEclipse Expert Java 1.3.1.1 --> "C:\Program Files\EasyEclipse Expert Java 1.3.1.1\uninstall-easyeclipse-1.3.exe" Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall HijackThis 1.99.1 --> C:\Program Files\HijackThis\HijackThis.exe /uninstall Java DB 10.3.1.4 --> MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02} Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060} Java(TM) SE Development Kit 6 Update 6 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160060} Jitbit Macro Recorder --> MsiExec.exe /I{2D57FB4E-6277-4A6D-8739-304C38051B89} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP Norton AntiBot --> MsiExec.exe /X{B8E11ED9-889E-4FE1-9720-0B72C9E5E436} Notepad++ --> C:\Program Files\Notepad++\uninstall.exe Pack Vista Inspirat 2 1.0 --> C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe SpeederXP 1.80 --> "C:\Program Files\SpeederXP\unins000.exe" Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spyware Process Detector v3.12 --> "C:\Program Files\Spyware Process Detector\Uninstall\unins000.exe" Spyware Terminator --> "C:\Program Files\Spyware Terminator\unins000.exe" Subversion 1.4.5-r25188 --> "C:\Program Files\Subversion\unins000.exe" Syncro SVN Client 3.1 --> C:\Program Files\Syncro SVN Client 3.1\uninstall.exe Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320} Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0} WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe Zune Desktop Theme --> MsiExec.exe /X{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4} -- Application Event Log ------------------------------------------------------- Event Record #/Type1658 / Error Event Submitted/Written: 06/17/2008 07:14:27 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application Photoshop.exe, version 10.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type1645 / Error Event Submitted/Written: 06/14/2008 02:55:16 AM Event ID/Source: 11904 / MsiInstaller Event Description: Product: Camtasia Studio 5 -- Error 1904. Module C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx failed to register. HRESULT -2147220473. Contact your support personnel. Event Record #/Type1628 / Error Event Submitted/Written: 06/11/2008 03:13:09 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application scar.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type1627 / Error Event Submitted/Written: 06/11/2008 03:13:09 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application scar.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type1626 / Error Event Submitted/Written: 06/11/2008 00:36:11 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application scar.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type8072 / Error Event Submitted/Written: 06/18/2008 08:52:17 AM Event ID/Source: 7000 / Service Control Manager Event Description: The spydetector service failed to start due to the following error: %%2 Event Record #/Type8071 / Error Event Submitted/Written: 06/18/2008 08:52:13 AM Event ID/Source: 7000 / Service Control Manager Event Description: The spydetector service failed to start due to the following error: %%2 Event Record #/Type8070 / Error Event Submitted/Written: 06/18/2008 08:52:05 AM Event ID/Source: 7000 / Service Control Manager Event Description: The spydetector service failed to start due to the following error: %%2 Event Record #/Type8069 / Error Event Submitted/Written: 06/18/2008 08:51:00 AM Event ID/Source: 7000 / Service Control Manager Event Description: The spydetector service failed to start due to the following error: %%2 Event Record #/Type8046 / Error Event Submitted/Written: 06/18/2008 08:27:43 AM Event ID/Source: 7000 / Service Control Manager Event Description: The NTPort Library Driver service failed to start due to the following error: %%2 -- End of Deckard's System Scanner: finished at 2008-06-18 15:28:30 ------------ Last edited by TheBruce1 : 06-23-2008 at 02:26 PM.

06-20-2008, 12:23 PM	#2 (permalink)
scaper123 Registered User Join Date: Jun 2008 Posts: 7 OS: xp proffesional	Re: flashing(X)and a(?) in toolo bar?? bump up up up come on been 3 days now it is realy lagging my comp i have had to shut what ever it is the installed off in msconfig Last edited by scaper123 : 06-20-2008 at 12:24 PM.