Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help > HijackThis Log Help (Inactive)
about:blank about:blank
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

 
 
Thread Tools
Old 07-13-2008, 12:58 PM   #1 (permalink)
Registered User
 
Join Date: Jul 2008
Posts: 1
OS: vista


about:blank
I have attached the logs below of the required scans. What is happening is when I try to start IE I get a black page that does the following:

1st A pop up opens up saying that there is a Critical Error, and that some of my files corrupted. I can click either yes or no. I have not clicked yes, but when I click no I get the following web page to pop up
hxxp://free-viruscan.com/id/4912933/4/1/

then it will open to my home page. When I then try to go to any other page, the same thing happens again. I have copied and pasted each of the logs here as requested:

Active Scan
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-07-13 14:37:10
PROTECTIONS: 2
MALWARE: 20
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Defender 1.1.3704.0 No Yes
McAfee VirusScan Enterprise 8.5.0.781 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00101555 Application/KillApp.B HackTools No 0 Yes No C:\HP\BIN\KillIt.exe
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.atdmt.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.mediaplex.com/]
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.clickbank.net/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.com.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.xiti.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Cookies\jenny@ad.yieldmanager[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[ad.yieldmanager.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.apmebf.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.bs.serving-sys.com/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.adtech.de/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[server.iad.liveperson.net/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[server.iad.liveperson.net/hc/19452074]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[server.iad.liveperson.net/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.advertising.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[statse.webtrendslive.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.questionmarket.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.did-it.com/]
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.did-it.com/]
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\3pws4f42.default\cookies.txt[.ads.addynamix.com/]
;===================================================================================================================================================================================
SUSPECTS
Sent Location p:����s5
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description p:����s5
;===================================================================================================================================================================================
;===================================================================================================================================================================================


Deckard's System Scanner v20071014.68 (main.txt)
Deckard's System Scanner v20071014.68
Run by Jenny on 2008-07-13 14:44:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 958 MiB (1024 MiB recommended).


-- HijackThis (run as Jenny.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:46:14 PM, on 7/13/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Users\Jenny\Desktop\dss.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jenny.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IE.Filter - {8B2AE9C0-1555-4C92-905A-531532F15698} - C:\Windows\system32\intefltr.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Universal Installer] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /fromrun /starthidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn...tDetection.cab
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbf_device - - C:\Windows\system32\lxbfcoms.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\lotus\notes\ntmulti.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9750 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080713-111114-960 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
backup-20080713-130218-304 O4 - HKCU\..\Run: [AntispywareBot] C:\Program Files\AntiSpywareBot\AntispywareBot.exe -boot
backup-20080713-130218-441 O23 - Service: AntiSpywareBot Scanning Engine (AntiSpywareBotSrv) - Unknown owner - C:\Program Files\AntiSpywareBot\AntiSpywareBot.srv.exe

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\program files\hp\quickplay\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module>
R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\program files\hp\quickplay\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module>
R2 HP Health Check Service - "c:\program files\hewlett-packard\hp health check\hphc_service.exe" <Not Verified; Hewlett-Packard; HP Health Check Service>
R2 Multi-user Cleanup Service - c:\lotus\notes\ntmulti.exe <Not Verified; IBM Corp; IBM Lotus Notes/Domino>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-13 13:04:54 520 --a------ C:\Windows\Tasks\AntispywareBot Scheduled Scan.job


-- Files created between 2008-06-13 and 2008-07-13 -----------------------------

2010-08-18 08:30:32 0 d-------- C:\Program Files\zMUD
2008-07-13 14:40:21 0 d-------- C:\Program Files\SpywareBlaster
2008-07-13 13:22:20 0 d-------- C:\Program Files\Panda Security
2008-07-13 12:46:43 0 d-------- C:\Program Files\Common Files\scosoft.com
2008-07-13 12:46:42 0 d-------- C:\Program Files\Scorpio Software
2008-07-13 11:13:17 0 d-------- C:\Program Files\Registrar Registry Manager
2008-07-13 11:08:12 0 d-------- C:\Program Files\Trend Micro
2008-07-13 10:27:44 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-07-12 22:59:16 0 d-------- C:\Users\Jenny\.housecall6.6
2008-07-12 22:19:38 0 d-------- C:\Users\All Users\Yahoo! Companion
2008-07-12 22:13:34 0 d-------- C:\Program Files\CCleaner
2008-07-12 2252 0 d-------- C:\Users\All Users\Lavasoft
2008-07-12 16:41:46 20992 --a------ C:\Windows\system32\intefltr.dll
2008-07-12 16:40:44 20992 --a------ C:\Windows\system32\iexpfltr.dll
2008-07-12 16:19:57 0 d-------- C:\Program Files\Video Strip Poker Supreme
2008-07-12 00:14:15 0 d-------- C:\Program Files\Video Strip Poker
2008-07-11 23:49:29 0 d-------- C:\Users\All Users\Glamour Strip Poker
2008-07-11 23:42:54 0 d-------- C:\Program Files\Heartbreak Strip Poker - Gold Edition
2008-07-11 08:38:30 0 d-------- C:\Users\All Users\Comcast
2008-07-07 09:28:49 0 d-------- C:\Program Files\Outspark
2008-07-06 19:26:52 0 d-------- C:\Program Files\Lexmark X6100 Series
2008-07-06 19:26:40 274432 --a------ C:\Windows\system32\LXBFinst.dll
2008-07-06 19:26:40 323584 --a------ C:\Windows\system32\LXBFhcp.dll <Not Verified; ; Printer Communication System>
2008-07-06 19:15:48 0 d-------- C:\drivers
2008-07-06 18:39:39 299520 --a------ C:\Windows\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-06-30 18:11:05 0 d-------- C:\Users\All Users\Yahoo!
2008-06-27 17:33:52 0 d-------- C:\Program Files\RADVideo
2008-06-27 16:51:28 0 d-------- C:\Program Files\Atari
2008-06-14 22:20:03 0 d-------- C:\Program Files\LimeWire
2008-06-14 21:16:00 0 d-------- C:\Program Files\SHOUTcast
2008-06-13 16:58:00 0 d-------- C:\Program Files\7-Zip


-- Find3M Report ---------------------------------------------------------------

2008-07-13 13:05:49 41662 --a------ C:\Users\Jenny\AppData\Roaming\nvModes.001
2008-07-13 13:03:30 12 --a------ C:\Windows\bthservsdp.dat
2008-07-13 12:46:43 0 d-------- C:\Program Files\Common Files
2008-07-13 12:07:56 0 d-------- C:\Users\Jenny\AppData\Roaming\AntispywareBot
2008-07-13 10:58:02 0 d-------- C:\Users\Jenny\AppData\Roaming\AdwareAlert
2008-07-12 22:13:43 0 d-------- C:\Program Files\Yahoo!
2008-07-12 00:26:57 41662 --a------ C:\Users\Jenny\AppData\Roaming\nvModes.dat
2008-07-11 18:46:35 530 --a------ C:\Users\Jenny\AppData\Roaming\wklnhst.dat
2008-07-10 06:37:57 0 d-------- C:\Program Files\Windows Mail
2008-07-01 18:43:34 0 d-------- C:\Program Files\Microsoft Games
2008-07-01 05:51:03 0 d-------- C:\Users\Jenny\AppData\Roaming\Yahoo!
2008-06-28 09:44:45 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-28 09:34:22 43520 --a------ C:\Windows\system32\CmdLineExt03.dll
2008-06-23 17:07:05 0 d-------- C:\Users\Jenny\AppData\Roaming\LimeWire
2008-06-14 21:42:30 0 d-------- C:\Users\Jenny\AppData\Roaming\Winamp
2008-06-14 21:39:50 0 d-------- C:\Program Files\Winamp
2008-06-08 0915 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-30 22:59:59 681 --a------ C:\Windows\mozver.dat
2008-05-30 16:35:07 0 d-------- C:\Program Files\Hewlett-Packard
2008-05-26 16:55:26 8192 --a------ C:\Windows\d3dx.dat
2008-05-24 08:22:49 0 d-------- C:\Program Files\Diablo II
2008-05-20 16:49:35 37406 --a------ C:\Windows\DIIUnin.dat
2008-05-17 01:05:50 0 d-------- C:\Program Files\Common Files\SupportSoft
2008-05-17 01:05:47 0 d-------- C:\Program Files\Comcast
2008-05-16 19:04:11 0 d-------- C:\Program Files\Microsoft Silverlight
2008-05-16 18:42:44 0 d-------- C:\Program Files\ComcastUI
2008-05-16 12:20:16 10 --a------ C:\Windows\popcinfo.dat
2008-05-15 21:01:41 0 d-------- C:\Program Files\Windows Live
2008-05-15 20:59:38 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-05-12 22:32:49 174 --ahs---- C:\Program Files\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8B2AE9C0-1555-4C92-905A-531532F15698}]
07/12/2008 04:41 PM 20992 --a------ C:\Windows\system32\intefltr.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [01/19/2008 02:38 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/28/2008 02:05 AM]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [11/24/2006 06:33 PM]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [11/06/2006 01:58 PM]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" []
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [10/18/2006 12:56 PM]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [10/18/2006 12:32 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [12/19/2006 10:58 AM]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [09/15/2007 02:29 AM]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [02/22/2007 08:50 PM]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [12/19/2006 11:27 AM]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [11/07/2007 08:05 AM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [11/07/2007 08:05 AM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [11/07/2007 08:05 AM]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [04/01/2008 01:49 PM]
"ddoctorv2"="C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [04/24/2008 01:25 PM]
"@"="" []
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [05/08/2007 04:24 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/19/2008 02:33 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [01/19/2008 02:33 AM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [02/16/2005 07:15 PM]
"Universal Installer"="C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" [03/18/2008 02:50 PM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [01/19/2008 02:33 AM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [08/30/2007 05:43 PM]
"AdwareAlert"="C:\Program Files\AdwareAlert\AdwareAlert.exe" []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
HP Connections.lnk - C:\Program Files\HP Connections\6811507\Program\HP Connections.exe [12/19/2006 10:40:43 AM]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [4/28/2008 11:20:00 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
"EnableUIADesktopToggle"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21b9699b-2bbd-11dc-a0e1-001b24111b07}]
AutoRun\command- setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{be05b657-5ff2-11dc-8af7-001b24111b07}]
AutoRun\command- setupSNK.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-07-13 14:48:18 ------------

Deckard's System Scanner v20071014.68 (extra.txt)
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6001) SP 1.0
Architecture: X86; Language: English

CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-52
Percentage of Memory in Use: 68%
Physical Memory (total/avail): 957.87 MiB / 299.09 MiB
Pagefile Memory (total/avail): 2182.34 MiB / 1188.7 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1901.25 MiB

C: is Fixed (NTFS) - 105.2 GiB total, 67.68 GiB free.
D: is Fixed (NTFS) - 6.59 GiB total, 0.61 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST912082 1AS SCSI Disk Device - 111.79 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 105.2 GiB - C:
\PARTITION1 - Installable File System - 6.59 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: McAfee VirusScan Enterprise v8.5.0.781 (McAfee, Inc.)
AS: AntispywareBot v ()
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Jenny\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JENNY-PC
ComSpec=C:\Windows\system32\cmd.exe
DEFLOGDIR=C:\ProgramData\McAfee\DesktopProtection
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Jenny
LOCALAPPDATA=C:\Users\Jenny\AppData\Local
LOGONSERVER=\\JENNY-PC
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4802
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Jenny\AppData\Local\Temp
TMP=C:\Users\Jenny\AppData\Local\Temp
USERDOMAIN=Jenny-PC
USERNAME=Jenny
USERPROFILE=C:\Users\Jenny
VSEDEFLOGDIR=C:\ProgramData\McAfee\DesktopProtection
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Jenny (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\HP Games\Ancient Sudoku\Uninstall.exe"
--> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Big Kahuna Reef\Uninstall.exe"
--> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
--> "C:\Program Files\HP Games\Boggle Supreme\Uninstall.exe"
--> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
--> "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
--> "C:\Program Files\HP Games\FATE\Uninstall.exe"
--> "C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
--> "C:\Program Files\HP Games\Flip Words\Uninstall.exe"
--> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\Lemonade Tycoon 2\Uninstall.exe"
--> "C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
--> "C:\Program Files\HP Games\Otto\Uninstall.exe"
--> "C:\Program Files\HP Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\HP Games\Poker Superstars 2\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Tubing\Uninstall.exe"
--> "C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
--> "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
--> "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
--> "C:\Program Files\HP Games\The Apprentice\Uninstall.exe"
--> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
--> "C:\Program Files\HP Games\Word Symphony\Uninstall.exe"
--> "C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
7-Zip 4.57 --> "C:\Program Files\7-Zip\Uninstall.exe"
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader 8.1.2 Security Update 1 (KB403742) -->
Adobe Shockwave Player --> C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
ASL_HS_Installer32 --> MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
Bink and Smacker --> C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
Broadcom 802.11 Wireless LAN Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Comcast Universal Installer v1.2 --> MsiExec.exe /I{54AE3C08-D7D8-45FF-9348-0B4BE0D5A6CB}
Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IwisR30B7.INF
Desktop Doctor --> MsiExec.exe /I{D87149B3-7A1D-4548-9CBF-032B791E5908}
Diablo II --> C:\Windows\DIIUnin.exe C:\Windows\DIIUnin.dat
DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
Fiesta --> C:\Program Files\Outspark\Fiesta\uninstall.exe
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf
Hewlett-Packard Active Check --> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check --> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library --> C:\Program Files\InstallShield Installation Information\{11BB336F-0E58-4977-B866-F24FA334616B}\setup.exe -runfromtemp -l0x0409
HP Connections (remove only) --> C:\Windows\HPCPCUninstall-6811507\HPBWSetup.exe -appid 6811507 -uninstall
HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Easy Setup - Core --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9
HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP Help and Support --> MsiExec.exe /I{584B0895-8EF3-4175-8E80-1B68BFA04636}
HP Pavilion Webcam Driver for Vista v061.001.00005 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CA81D12-9EC2-4082-972B-43ECA63F41F2}\setup.exe" -l0x9 -removeonly
HP Product Detection --> MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Quick Launch Buttons 6.10 B9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x9 uninst
HP QuickPlay 3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
HP Total Care Advisor --> MsiExec.exe /X{A12A3DED-CCDA-4F29-A1BA-00F0C6521CD5}
HP Update --> MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guide 0042 --> MsiExec.exe /I{B0F97FBF-9F98-4522-B65D-8980FE38C726}
HP Wireless Assistant --> MsiExec.exe /I{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}
HPNetworkAssistant --> MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Lexmark X6100 Series --> C:\Program Files\Lexmark X6100 Series\Install\x86\Uninst.exe
LimeWire 4.18.2 --> "C:\Program Files\LimeWire\uninstall.exe"
Lotus Notes 7.0.2 --> MsiExec.exe /I{3DFB275E-92F1-4D4A-A546-C5475917FA41}
McAfee VirusScan Enterprise --> MsiExec.exe /X{35C03C04-3F1F-42C2-A989-A757EE691F65}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.15) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
muvee autoProducer 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99C5770C-1C90-42E7-9B74-D47CFAF14621}\setup.exe" -l0x9
My HP Games --> "C:\Program Files\HP Games\Uninstall.exe"
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Outspark Launcher --> C:\Program Files\Outspark\Launcher\uninstall.exe
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
QuickTime --> C:\Windows\unvise32qt.exe C:\Windows\system32\QuickTime\Uninstall.log
Remove about:blank Buddy 5.0 --> "C:\Program Files\Scorpio Software\Remove About Blank Buddy\unins000.exe"
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9 --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive --> MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3 --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9 --> MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
SHOUTcast Source DSP 1.9.0 (remove only) --> C:\Program Files\Winamp\uninst-dsp.exe
Sid Meier's Civilization 4 --> C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe -runfromtemp -l0x0009 -removeonly
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
Temple of Elemental Evil --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD80F06B-0F21-4EEE-934D-BEF0D21E6383}\SETUP.EXE" -l0x9
Temple of Elemental Evil - Circle of Eight Mod Pack 5.0.0 FINAL --> "C:\Program Files\Atari\Temple of Elemental Evil\unins000.exe"
Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinZip 11.2 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type17406 / Success
Event Submitted/Written: 07/13/2008 01:05:05 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type17404 / Success
Event Submitted/Written: 07/13/2008 01:05:04 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type17400 / Success
Event Submitted/Written: 07/13/2008 01:04:59 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type17390 / Warning
Event Submitted/Written: 07/13/2008 01:03:14 PM
Event ID/Source: 1530 / profsvc
Event Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1607383011-2100351227-771695652-1000_Classes:
Process 904 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1607383011-2100351227-771695652-1000_CLASSES

Event Record #/Type17389 / Warning
Event Submitted/Written: 07/13/2008 01:03:13 PM
Event ID/Source: 1530 / profsvc
Event Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
3 user registry handles leaked from \Registry\User\S-1-5-21-1607383011-2100351227-771695652-1000:
Process 904 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1607383011-2100351227-771695652-1000
Process 6092 (\Device\HarddiskVolume1\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1607383011-2100351227-771695652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 6092 (\Device\HarddiskVolume1\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-1607383011-2100351227-771695652-1000\Software\Microsoft\Windows\CurrentVersion\Explorer



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type64621 / Warning
Event Submitted/Written: 07/13/2008 02:46:32 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Jenny-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Jenny-PC27 can't undo changes that you allow.

For more information please see the following:
%Jenny-PC275

Scan ID: {0CE616DC-5DB3-42FF-BEC6-8781C71E62E2}

User: Jenny-PC\Jenny

Name: %Jenny-PC271

ID: %Jenny-PC272

Severity ID: %Jenny-PC273

Category ID: %Jenny-PC274

Path Found: %Jenny-PC276

Alert Type: %Jenny-PC278

Detection Type: 1.1.1600.02

Event Record #/Type64620 / Warning
Event Submitted/Written: 07/13/2008 02:46:32 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Jenny-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Jenny-PC27 can't undo changes that you allow.

For more information please see the following:
%Jenny-PC275

Scan ID: {75F64239-B3A1-454E-83E4-3057FC88D16A}

User: Jenny-PC\Jenny

Name: %Jenny-PC271

ID: %Jenny-PC272

Severity ID: %Jenny-PC273

Category ID: %Jenny-PC274

Path Found: %Jenny-PC276

Alert Type: %Jenny-PC278

Detection Type: 1.1.1600.02

Event Record #/Type64619 / Warning
Event Submitted/Written: 07/13/2008 02:46:32 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Jenny-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Jenny-PC27 can't undo changes that you allow.

For more information please see the following:
%Jenny-PC275

Scan ID: {91102271-C2E1-43D7-8FFE-557FB2467F27}

User: Jenny-PC\Jenny

Name: %Jenny-PC271

ID: %Jenny-PC272

Severity ID: %Jenny-PC273

Category ID: %Jenny-PC274

Path Found: %Jenny-PC276

Alert Type: %Jenny-PC278

Detection Type: 1.1.1600.02

Event Record #/Type64618 / Warning
Event Submitted/Written: 07/13/2008 02:46:32 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Jenny-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Jenny-PC27 can't undo changes that you allow.

For more information please see the following:
%Jenny-PC275

Scan ID: {21D8897E-2917-4308-B0C6-BAAB032FBD77}

User: Jenny-PC\Jenny

Name: %Jenny-PC271

ID: %Jenny-PC272

Severity ID: %Jenny-PC273

Category ID: %Jenny-PC274

Path Found: %Jenny-PC276

Alert Type: %Jenny-PC278

Detection Type: 1.1.1600.02

Event Record #/Type64609 / Warning
Event Submitted/Written: 07/13/2008 01:24:26 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%Jenny-PC27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %Jenny-PC27 can't undo changes that you allow.

For more information please see the following:
%Jenny-PC275

Scan ID: {1B32C20A-864E-4A0E-AF67-09C9D4CD019C}

User: Jenny-PC\Jenny

Name: %Jenny-PC271

ID: %Jenny-PC272

Severity ID: %Jenny-PC273

Category ID: %Jenny-PC274

Path Found: %Jenny-PC276

Alert Type: %Jenny-PC278

Detection Type: 1.1.1600.02



-- End of Deckard's System Scanner: finished at 2008-07-13 14:48:18 ------------

ActiveScan.txt

main.txt

extra.txt

I have attached the files as well for easier reading. Please advise me as to what I have to do to fix this problem.

Thanks

Dan
dwwithers is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-18-2008, 10:03 AM   #2 (permalink)
Manager, Security Center, TSF Academy; Analyst, Security Team
 
tetonbob's Avatar
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 25,526
OS: 2000 Pro; XP Pro; XP Home


Re: about:blank
Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Open HijackThis by right clicking on it, and selecting Run As Administrator.

Click on 'Do a System Scan Only'. Check the following entries if they exist (make sure you do not miss any) and click Fix Checked

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IE.Filter - {8B2AE9C0-1555-4C92-905A-531532F15698} - C:\Windows\system32\intefltr.dll
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot


Close HijackThis now.

---------------------------------------------------------------------------------------------

Please download OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please right click on OTMoveit2.exe and select "Run as an Administrator" to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Quote:
    C:\Windows\system32\intefltr.dll
    C:\Windows\system32\iexpfltr.dll
    C:\Users\Jenny\AppData\Roaming\AntispywareBot
    C:\Users\Jenny\AppData\Roaming\AdwareAlert
    C:\Windows\Tasks\AntispywareBot Scheduled Scan.job
    C:\Program Files\AntiSpywareBot
  • Return to OTMoveIt2, right click in the "Paste List Of Files/Patterns To Search For and Move" window (under the yellow bar) and choose Paste. Place a check in the "Zip Files after Move" box.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

=====================================================

Open HijackThis (right click on HijackThis.exe and select "Run as an Administrator") and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006
Our help is voluntary, but this site needs donations to operate.
Please consider Donating to the Forum.

Please do not ask for help via Private Message. Ask in the forums, so all may gain from the experience.
tetonbob is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 02:32 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82