Tech Support Forum banner
Cancel

Windows Explorer crashes when I try to use context menu - log included

Jump to Latest Follow
Status
Not open for further replies.
1 - 3 of 3 Posts
R

· Registered
Joined
·
3 Posts
Discussion Starter · #1 ·
Windows Explorer crashes whenever I try to use the right-click menu on the desktop. It also crashes whenever I use Search.

I've taken as many of the five steps as possible:

Pre-step 1: Did backup.

Step 1: Found no programs from the list on my PC.

Turned off system restore and deleted restore points.

Step 2 could not be completed. Several attempts to run ActiveScan stalled at this file:

C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe

I clicked on "Cancel", but nothing else happened. It told me I had 155 infected files. I don't know what they are, since I didn't even get a log to post here.

Step 3: I've used Spyware Blaster for a while now. I added Zoned Out in place of IE-SPYAD, since the latter isn't available anymore.

Step 4: I have WinXP Service Pack 2. I haven't updated to #3 yet.

Step 5: Ran System Scanner. Log is below; "extra.txt" is attached.

------------------------------------
Deckard's System Scanner v20071014.68
Run by Don on 2008-06-19 19:34:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-06-20 00:35:15 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-19 19:37:57
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Common Files\Stardock\SDMCP.exe
C:\WINDOWS\explorer.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Documents and Settings\Don\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {864CB4B2-15FF-476B-BFAC-02A5F657E022} - (no file)
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand203000018.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - AutorunsDisabled - (file missing)
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180249965593
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1182436546234
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} () - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://crucial.com/controls/cpcScanner.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} (CTAdjust Class) - http://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{0BF0DF5A-793A-4FAC-BE6F-B7F4E99085FC}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\guard32.dll
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\Stardock\MCPCore.dll
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Amazon Unbox Video Service (ADVService) - Unknown owner - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe


--
End of file - 11126 bytes

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - C:\Documents and Settings\All Users\Documents\Stardock\IconPackager\FauxS-XPCobaltV1-5\FauxS-XP (Cobalt) V1.5\FauxS-XP (Cobalt) V1.5 Icon 69.ico,0
.cmd - cmdfile - DefaultIcon - C:\WINDOWS\System32\shell32.dll,-153
.hlp - hlpfile - DefaultIcon - C:\WINDOWS\System32\shell32.dll,23
.inf - inffile - DefaultIcon - C:\Documents and Settings\All Users\Documents\Stardock\IconPackager\FauxS-XPCobaltV1-5\FauxS-XP (Cobalt) V1.5\FauxS-XP (Cobalt) V1.5 Icon 93.ico,0
.ini - inifile - DefaultIcon - C:\Documents and Settings\All Users\Documents\Stardock\IconPackager\FauxS-XPCobaltV1-5\FauxS-XP (Cobalt) V1.5\FauxS-XP (Cobalt) V1.5 Icon 59.ico,0
.js - JSFile - DefaultIcon - C:\WINDOWS\System32\WScript.exe,3
.reg - regfile - DefaultIcon - C:\WINDOWS\regedit.exe,1
.txt - txtfile - DefaultIcon - C:\Documents and Settings\All Users\Documents\Stardock\IconPackager\FauxS-XPCobaltV1-5\FauxS-XP (Cobalt) V1.5\FauxS-XP (Cobalt) V1.5 Icon 71.ico,0
.txt - txtfile - shell\open\command - notepad.exe %1
.vbs - VBSFile - DefaultIcon - C:\WINDOWS\system32\WScript.exe,2


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 StarPortLite (StarPort Storage Controller (Lite)) - c:\windows\system32\drivers\starportlite.sys <Not Verified; Rocket Division Software; StarPort Storage Controller>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 pgfilter - c:\program files\peerguardian2\pgfilter.sys

S3 BOCDRIVE (BOClean Kernel Monitor.) - c:\program files\comodo\cboclean\bocdrive.sys (file missing)
S3 GMSIPCI - f:\install\gmsipci.sys (file missing)
S3 NTACCESS - f:\ntaccess.sys (file missing)
S3 SndTDriverV32 - c:\windows\system32\drivers\sndtdriverv32.sys <Not Verified; Windows (R) 2000/XP; Windows (R) 2000/XP Driver>
S3 XDva098 - c:\windows\system32\xdva098.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>
R2 Diskeeper - "c:\program files\executive software\diskeeperlite\dkservice.exe" <Not Verified; Executive Software International, Inc.; Diskeeper (TM) Disk Defragmenter>
R2 FirebirdGuardianDefaultInstance (Firebird Guardian - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbguard.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R3 FirebirdServerDefaultInstance (Firebird Server - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbserver.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>

S3 ADVService (Amazon Unbox Video Service) - "c:\program files\amazon\amazon unbox video\advwindowsclientservice.exe" (file missing)
S4 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-05-19 and 2008-06-19 -----------------------------

2008-06-19 19:24:10 0 dr-h----- C:\Documents and Settings\Don\Recent
2008-06-19 19:06:16 0 d-------- C:\ie-spyad_zo
2008-06-19 18:45:07 0 d-------- C:\Program Files\ZonedOut
2008-06-19 15:16:25 0 d-------- C:\Documents and Settings\Don\.housecall6.6
2008-06-18 20:39:53 0 d-------- C:\Program Files\Panda Security
2008-06-18 12:11:56 0 d-------- C:\Documents and Settings\Don\Application Data\IrfanView
2008-06-18 11:53:34 0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-17 20:16:23 0 d-------- C:\Program Files\Common Files\Nero
2008-06-17 09:56:30 0 d-------- C:\Program Files\Common Files\Ahead
2008-06-15 23:04:35 0 d-------- C:\Program Files\IrfanView
2008-06-13 13:29:00 0 d-------- C:\WINDOWS\system32\Adobe
2008-06-12 17:48:27 0 d-------- C:\Program Files\SHOUTcast
2008-06-12 17:02:22 0 d-------- C:\Documents and Settings\Don\Application Data\Winamp
2008-06-11 12:36:42 8576 --a------ C:\WINDOWS\system32\drivers\dsdphbimevtk.sys <Not Verified; Panda Software International; RKPavProc Driver>
2008-06-11 12:36:06 8576 --a------ C:\WINDOWS\system32\drivers\dxmexswsbpxj.sys <Not Verified; Panda Software International; RKPavProc Driver>
2008-06-11 12:35:39 0 d-------- C:\Documents and Settings\Don\Pavark
2008-06-11 12:31:05 0 d-------- C:\Documents and Settings\Don\Application Data\aignes
2008-06-11 12:26:49 0 d-------- C:\Program Files\AM-DeadLink
2008-06-11 12:22:11 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-06-10 22:03:03 0 d-------- C:\Program Files\JAP
2008-06-10 19:56:50 0 d-------- C:\Program Files\a-squared Free
2008-06-09 23:22:43 0 d-------- C:\Documents and Settings\Don\Application Data\CDBurnerXP_Soft
2008-06-09 23:21:10 0 d-------- C:\Program Files\CDBurnerXP
2008-06-09 22:59:13 0 d-------- C:\Documents and Settings\Don\Application Data\XnView
2008-06-06 19:58:16 0 dr-h----- C:\Documents and Settings\Jason\Recent
2008-06-06 17:25:54 0 d-------- C:\Documents and Settings\Jason\WINDOWS
2008-06-06 09:17:35 0 d-------- C:\Documents and Settings\Don\Application Data\Ahead
2008-06-05 19:46:35 0 d-------- C:\Documents and Settings\Don\Application Data\WinFF
2008-06-05 19:46:32 0 d-------- C:\Program Files\WinFF
2008-06-05 13:35:47 0 d-------- C:\Documents and Settings\Don\Application Data\UseNeXT
2008-06-04 23:40:16 0 d-------- C:\Documents and Settings\Don\WINDOWS
2008-06-04 23:40:01 151040 --a------ C:\WINDOWS\system\IR32.DLL
2008-06-04 23:40:01 77664 --a------ C:\WINDOWS\system\IR21_R.DLL
2008-06-04 23:40:01 0 d-------- C:\GRYPHON
2008-06-04 23:40:00 49616 --a------ C:\WINDOWS\system\MSACM.DLL <Not Verified; Microsoft Corporation; Microsoft Audio Compression Manager>
2008-06-04 23:40:00 7168 --a------ C:\WINDOWS\system\DISPDIB.DLL <Not Verified; Microsoft Corporation; Microsoft Video for Windows>
2008-06-04 23:40:00 14208 --a------ C:\WINDOWS\system\CTL3D.DLL <Not Verified; Microsoft Corporation; 3d Windows Control>
2008-06-04 23:40:00 12800 --a------ C:\WINDOWS\system\ACMCMPRS.DLL <Not Verified; Microsoft Corporation; Microsoft Video for Windows>
2008-06-04 23:35:55 0 d-------- C:\Program Files\Microsoft Kids
2008-06-01 17:03:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Kristanix Games
2008-06-01 17:02:54 0 d-------- C:\Program Files\Theseus and the Minotaur
2008-05-31 08:40:36 0 d-------- C:\Documents and Settings\Jason\Application Data\MusicIP
2008-05-29 18:41:49 0 d-------- C:\Program Files\COMODO
2008-05-29 16:14:55 0 d-------- C:\Program Files\ToniArts
2008-05-29 13:20:53 0 d-------- C:\Program Files\Avira
2008-05-29 13:20:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-20 23:16:29 0 d-------- C:\Documents and Settings\Don\dwhelper
2008-05-20 22:58:45 0 d-------- C:\Program Files\FreeCommander
2008-05-20 21:20:42 0 d-------- C:\Program Files\Mozilla Firefox 3


-- Find3M Report ---------------------------------------------------------------

2008-06-19 19:38:36 0 d-------- C:\Program Files\PeerGuardian2
2008-06-19 19:28:47 0 d-------- C:\Program Files\SpywareBlaster
2008-06-19 16:02:18 0 d-------- C:\Program Files\FrostWire
2008-06-18 20:35:10 0 d-------- C:\Documents and Settings\Don\Application Data\BitTyrant
2008-06-18 18:15:10 0 d-------- C:\Program Files\Winamp
2008-06-18 13:56:42 42 --a----c- C:\WINDOWS\popcinfo.dat
2008-06-17 20:16:23 0 d-------- C:\Program Files\Nero
2008-06-17 20:16:23 0 d-------- C:\Program Files\Common Files
2008-06-17 17:11:41 0 d-------- C:\Program Files\PopCap Games
2008-06-17 08:45:43 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-06-15 22:26:56 0 d-------- C:\Documents and Settings\Don\Application Data\OpenOffice.org2
2008-06-13 00:18:40 0 d-------- C:\Documents and Settings\Don\Application Data\MusicIP
2008-06-12 17:13:40 0 d-------- C:\Program Files\MusicIP
2008-06-09 21:55:46 0 d-------- C:\Documents and Settings\Don\Application Data\Yahoo!
2008-06-09 21:48:13 0 d-------- C:\Program Files\FireTune
2008-06-09 21:48:01 0 d-------- C:\Program Files\Runtime Software
2008-06-09 19:52:10 0 d-------- C:\Documents and Settings\Don\Application Data\Joost
2008-06-09 13:38:14 0 d-------- C:\Documents and Settings\Don\Application Data\SiteAdvisor
2008-06-06 08:49:39 0 d-------- C:\Program Files\NCH Swift Sound
2008-06-04 13:22:12 0 d-------- C:\Program Files\Monitor Calibration Wizard
2008-06-01 17:08:41 0 d-------- C:\Program Files\Joost
2008-06-01 17:01:17 3063 --a------ C:\Documents and Settings\Don\Application Data\mainhst.zgh
2008-06-01 15:08:11 0 d-------- C:\Program Files\Alawar
2008-05-29 18:41:54 0 d-------- C:\Documents and Settings\Don\Application Data\Comodo
2008-05-29 17:43:23 0 d-------- C:\Documents and Settings\Don\Application Data\Simple Sudoku
2008-05-29 17:30:35 0 d-------- C:\Program Files\Executive Software
2008-05-29 16:25:42 0 d-------- C:\Program Files\BitTyrant
2008-05-29 16:22:19 0 d-------- C:\Program Files\Azureus
2008-05-29 16:14:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-29 12:47:48 0 d-------- C:\Documents and Settings\Don\Application Data\Azureus
2008-05-22 18:45:01 0 d-------- C:\Program Files\SiteAdvisor
2008-05-21 15:27:26 0 d-------- C:\Program Files\BonkEnc
2008-05-21 13:27:00 0 d-------- C:\Program Files\Mp3 My Mp3 2.0
2008-05-20 21:40:52 0 d-------- C:\Program Files\Simple Sudoku
2008-05-20 21:20:54 0 d-------- C:\Documents and Settings\Don\Application Data\Mozilla
2008-05-20 21:13:13 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-05-18 10:58:40 0 d-------- C:\Program Files\Oberon Media
2008-05-17 01:33:48 0 d-------- C:\Program Files\AviSynth 2.5
2008-05-17 01:29:14 0 d-------- C:\Program Files\eRightSoft
2008-05-15 18:41:02 0 -r-hs---- C:\config.sys
2008-05-14 17:28:08 0 d-------- C:\Program Files\Realore
2008-05-13 21:35:45 0 d-------- C:\Program Files\Merscom
2008-05-13 21:32:47 0 d-------- C:\Documents and Settings\Don\Application Data\InstallShield
2008-05-13 21:30:53 0 d-------- C:\Program Files\Atlantis Quest
2008-05-10 17:19:55 0 d-------- C:\Program Files\Yahoo! Games
2008-05-08 19:17:21 0 d-------- C:\Documents and Settings\Don\Application Data\Nero
2008-05-08 18:45:05 0 d-------- C:\Program Files\7-Zip
2008-05-01 20:41:03 0 d-------- C:\Program Files\Veoh Networks
2008-04-30 11:15:33 0 d-------- C:\Program Files\Xvid
2008-04-28 09:43:54 2404 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-27 18:17:42 0 d-------- C:\Program Files\Virtools
2008-04-27 10:35:28 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-04-27 10:33:36 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-04-27 08:44:13 0 d-------- C:\Program Files\Telltale Games
2008-04-27 00:08:40 0 d-------- C:\Program Files\Weather Pulse
2008-04-24 22:42:00 0 d-------- C:\Documents and Settings\Don\Application Data\InfraRecorder
2008-04-24 14:02:44 0 d-------- C:\Program Files\Windows Media Connect 2
2008-04-24 14:02:43 0 d-------- C:\Program Files\Wal-Mart Music Downloads Store
2008-04-24 14:02:43 0 d-------- C:\Program Files\SystemScheduler
2008-04-24 14:02:43 0 d-------- C:\Program Files\Shockwave.com
2008-04-24 14:02:41 0 d-------- C:\Program Files\Frets on Fire
2008-04-24 14:02:41 0 d-------- C:\Program Files\DivX
2008-04-24 14:02:40 0 d-------- C:\Program Files\Launchy
2008-04-24 14:02:40 0 d-------- C:\Program Files\Ingenious
2008-04-24 14:02:40 0 d-------- C:\Program Files\GameHouse
2008-04-24 14:02:39 0 d-------- C:\Program Files\Messenger
2008-04-24 14:02:38 0 d-------- C:\Program Files\AirXonix
2008-04-23 18:55:46 186043 --a------ C:\wubildr
2008-04-23 18:42:38 0 d-------- C:\Documents and Settings\Don\Application Data\Weather Pulse
2008-04-23 10:17:11 0 d-------- C:\Program Files\mp3DirectCut
2008-04-09 20:05:51 28885 --a------ C:\WINDOWS\system32\XDva098.sys
2008-03-29 14:18:11 17 --a------ C:\WINDOWS\popcinfot.dat
2008-03-29 10:20:10 0 --a------ C:\WINDOWS\popcreg.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" [08/13/2007 01:05 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/16/2006 09:51 AM]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [03/20/2006 05:34 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/19/2007 09:16 PM]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [02/12/2008 10:06 AM]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [05/31/2008 12:57 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [03/01/2007 02:57 PM]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [12/03/2007 02:21 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/28/2006 07:00 AM]
"CursorFX"="C:\Program Files\Stardock\CursorFX\CursorFX.exe" [02/05/2008 12:23 PM]
"Weather Pulse"="" []
"@"="" []
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [06/02/2007 03:52 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 10:40:10 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
"ClearRecentDocsOnExit"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoLowDiskSpaceChecks"=0 (0x0)
"NoDesktopCleanupWizard"=0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=1 (0x1)
"ClearRecentDocsOnExit"=01

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll 01/31/2005 03:13 PM 49152 C:\PROGRA~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 10/04/2007 11:58 AM 184320 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
Debugger="C:\Program Files\AnVir Task Manager Free\AnVir.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Scripts\Shutdown\0\0]
"Script"=C:\fastboot.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{565944eb-0cea-11dc-819a-000d5699915e}]
AutoRun\command- E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe

*Newly Created Service* - PGFILTER



-- End of Deckard's System Scanner: finished at 2008-06-19 19:39:00 ------------
 

Attachments

Ried

· TSF Security Manager, Emeritus
Joined
·
42,952 Posts
#3 ·
Hello Radiodad and welcome,

Were you able to run an online scan at Panda? If you have those results, please attach them in your next reply.

If you've not performed the online scan, kindly do so now:

Perform an online scan with Panda ActiveScan

  • Click on Scan Your PC Now
  • A "pop up" window will appear, or a new tab will open.
  • Click on Register
  • Choose the option you like most, but we recommend the Free Registration.
  • Click on Register
  • Enter your e-mail address, and create a password.
  • Select "I do not want to receive any type of information". (unless you want to receive such information)
  • Click on Send
  • Confirm registration, and continue by entering your user name and password, then click on Enter
  • Select Full Scan, then Click on Scan Now
  • Wait for the components to be loaded and installed. Don't close this window or go to another page while it is downloading. You can continue using the Internet by opening another window in your browser.
  • If it finds any malware it can disinfect, the Disinfect button will be enabled. Click on Disinfect
  • Please ignore the offer to buy the program. Click on Export To
  • Export the log and save it to your desktop.
  • Please attach the contents of that log in your next reply.

* Turn off the real time scanner of any existing antivirus program while performing the online scan
 
Save Share
1 - 3 of 3 Posts
Status
Not open for further replies.
About this Discussion
2 Replies
2 Participants
Last post:
Ried
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top