Jump to content

Keith W

Advanced Member
  • Content Count

    637
  • Joined

  • Last visited

About Keith W

  • Rank
    Advanced Member

Profile Information

  • Gender
    Male

Previous Fields

  • Teams:
    Nothing Selected
  1. For so many reasons Take your pick.... CLICK
  2. Thank you Jacee Here is something as a small token of my appreciation for all your help
  3. I wish I could help you with the CSS style sheet issue but I am afraid I am just as clueless By the way JAlbum is free software, also they offer free album hosting as well if ever you want to try it out, then when you are maybe able to buy a domain name and hosting you would be familiar with how JAlbum works
  4. Have you thought about buying your own domain name and building your own web site rather than using wikidot.com? You could then use something like JAlbum for your pictures/artwork
  5. Have you tried sending a contact to the person you linked to on DA to see if they can help?
  6. Hi Jacee, Sorry to bother you but I am still looking for information on how to uninstall safely a couple of the programs you got me to download as they do not show up in add and remove programs. Any guidance you can give me would be much appreciated. Take care, Keith
  7. HI Jacee, My computer seems to be running fine now, touch wood *taps self on head* I have been out and purchased Kaspersky Internet security for all the computers in the house as I am not to happy with the fact that avast appears to have failed me, I am pretty good when it comes to avoiding viruses and the like, this is the first time in all my years on the Internet and I have a sneaky suspicion someone else in my household is responsible for my infection. Is it OK to remove the programs that you got me to download and if so which is the best way to do so? It just remains for me to say thank you very much for all your help, it is very much appreciated. Take care, Keith
  8. Find AWF report by noahdfear ©2006 Version 1.40 The current date is: 04/01/2008 The current time is: 6:53:05.39 bak folders found ~~~~~~~~~~~ Duplicate files of bak directory contents ~~~~~~~~~~~~~~~~~~~~~~~ end of report
  9. SUPERAntiSpyware Scan Log SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 01/04/2008 at 01:53 AM Application Version : 3.9.1008 Core Rules Database Version : 3372 Trace Rules Database Version: 1367 Scan type : Complete Scan Total Scan Time : 02:18:26 Memory items scanned : 433 Memory threats detected : 0 Registry items scanned : 5274 Registry threats detected : 0 File items scanned : 164630 File threats detected : 107 Adware.Tracking Cookie C:\Documents and Settings\Keith\Cookies\keith@hitbox[1].txt C:\Documents and Settings\Keith\Cookies\keith@collective-media[2].txt C:\Documents and Settings\Keith\Cookies\keith@ads3.qsoft.co[2].txt C:\Documents and Settings\Keith\Cookies\keith@www.scrabblewordfinder[1].txt C:\Documents and Settings\Keith\Cookies\keith@ehg-bskyb.hitbox[1].txt C:\Documents and Settings\Keith\Cookies\keith@adtech[1].txt C:\Documents and Settings\Keith\Cookies\keith@revsci[1].txt C:\Documents and Settings\Keith\Cookies\keith@adbrite[2].txt C:\Documents and Settings\Keith\Cookies\keith@ads.adbrite[1].txt C:\Documents and Settings\Keith\Cookies\keith@status-cable.virginmedia[1].txt C:\Documents and Settings\Keith\Cookies\keith@stat.onestat[2].txt C:\Documents and Settings\Keith\Cookies\keith@cgi-bin[1].txt C:\Documents and Settings\Keith\Cookies\keith@statcounter[1].txt C:\Documents and Settings\Keith\Cookies\keith@boltblue.adbureau[2].txt C:\Documents and Settings\Keith\Cookies\keith@weborama[2].txt C:\Documents and Settings\Keith\Cookies\keith@tribalfusion[1].txt C:\Documents and Settings\Keith\Cookies\keith@server.iad.liveperson[2].txt C:\Documents and Settings\Keith\Cookies\keith@ads.pointroll[1].txt C:\Documents and Settings\Keith\Cookies\keith@empiredirect[1].txt C:\Documents and Settings\Keith\Cookies\keith@webstat[1].txt C:\Documents and Settings\Keith\Cookies\keith@adserver[1].txt C:\Documents and Settings\Keith\Cookies\keith@tracking.summitmedia.co[1].txt C:\Documents and Settings\Keith\Cookies\keith@adrevolver[3].txt C:\Documents and Settings\Keith\Cookies\keith@adserver.mediarun[1].txt C:\Documents and Settings\Keith\Cookies\keith@hc2.humanclick[1].txt C:\Documents and Settings\Keith\Cookies\keith@scrabblewordfinder[2].txt C:\Documents and Settings\Keith\Cookies\keith@track.adform[1].txt C:\Documents and Settings\Keith\Cookies\keith@whitbread[1].txt C:\Documents and Settings\Keith\Cookies\keith@serving-sys[2].txt C:\Documents and Settings\Keith\Cookies\keith@msnportal.112.2o7[1].txt C:\Documents and Settings\Keith\Cookies\keith@dnsstuff.adbureau[2].txt C:\Documents and Settings\Keith\Cookies\keith@advertising[1].txt C:\Documents and Settings\Keith\Cookies\keith@fastclick[2].txt C:\Documents and Settings\Keith\Cookies\keith@33645339[2].txt C:\Documents and Settings\Keith\Cookies\keith@as-eu.falkag[1].txt C:\Documents and Settings\Keith\Cookies\keith@kenwoodworld[2].txt C:\Documents and Settings\Keith\Cookies\keith@82763522[2].txt C:\Documents and Settings\Keith\Cookies\keith@eas.apm.emediate[2].txt C:\Documents and Settings\Keith\Cookies\keith@112.2o7[1].txt C:\Documents and Settings\Keith\Cookies\keith@adrevolver[2].txt C:\Documents and Settings\Keith\Cookies\keith@mediaplex[1].txt C:\Documents and Settings\Keith\Cookies\keith@travelinn[1].txt C:\Documents and Settings\Keith\Cookies\keith@www.burstnet[1].txt C:\Documents and Settings\Keith\Cookies\keith@zedo[2].txt C:\Documents and Settings\Keith\Cookies\keith@adecn[1].txt C:\Documents and Settings\Keith\Cookies\keith@3.adbrite[1].txt C:\Documents and Settings\Keith\Cookies\keith@burstnet[2].txt C:\Documents and Settings\Keith\Cookies\keith@atdmt[2].txt C:\Documents and Settings\Keith\Cookies\keith@statse.webtrendslive[1].txt C:\Documents and Settings\Keith\Cookies\keith@cgi-bin[2].txt C:\Documents and Settings\Keith\Cookies\keith@www.virginmedia[1].txt C:\Documents and Settings\Keith\Cookies\keith@virginmedia[2].txt C:\Documents and Settings\Keith\Cookies\keith@allyours.virginmedia[2].txt C:\Documents and Settings\Keith\Cookies\keith@tradedoubler[1].txt C:\Documents and Settings\Keith\Cookies\keith@a[1].txt C:\Documents and Settings\Keith\Cookies\keith@premiumtv.122.2o7[1].txt C:\Documents and Settings\Keith\Cookies\keith@ad.yieldmanager[2].txt C:\Documents and Settings\Keith\Cookies\keith@bs.serving-sys[2].txt C:\Documents and Settings\Keith\Cookies\keith@specificclick[2].txt C:\Documents and Settings\Keith\Cookies\keith@s[1].txt C:\Documents and Settings\Keith\Cookies\keith@casalemedia[1].txt C:\Documents and Settings\Keith\Cookies\keith@trafficmp[2].txt C:\Documents and Settings\Keith\Cookies\keith@doubleclick[2].txt C:\Documents and Settings\Keith\Cookies\keith@tripod.lycos[1].txt C:\Documents and Settings\Keith\Cookies\keith@metacafe.122.2o7[1].txt C:\Documents and Settings\Keith\Cookies\keith@2o7[2].txt C:\Documents and Settings\Keith\Cookies\keith@1069771471[1].txt C:\Documents and Settings\Keith\Cookies\keith@iacas.adbureau[2].txt C:\Documents and Settings\Keith\Cookies\keith@adopt.euroclick[1].txt C:\Documents and Settings\Keith\Cookies\keith@ad1.emediate[1].txt C:\Documents and Settings\Keith\Cookies\keith@media.adrevolver[2].txt C:\Documents and Settings\Keith\Cookies\keith@overture[1].txt C:\Documents and Settings\Keith\Cookies\keith@diy[2].txt C:\Documents and Settings\Keith\Cookies\keith@apmebf[1].txt C:\Documents and Settings\Keith\Cookies\keith@tacoda[2].txt C:\Documents and Settings\Keith\Cookies\keith@clicktorrent[1].txt C:\Documents and Settings\Keith\Cookies\keith@videoegg.adbureau[2].txt C:\Documents and Settings\Keith\Cookies\keith@citi.bridgetrack[2].txt C:\Documents and Settings\Keith\Cookies\keith@livenation.122.2o7[1].txt C:\Documents and Settings\Keith\Cookies\keith@ads.tripod.lycos[2].txt C:\Documents and Settings\Keith\Cookies\keith@ehg-whitbread.hitbox[2].txt C:\Documents and Settings\Keith\Cookies\keith@ads.froonie[1].txt C:\Documents and Settings\Keith\Cookies\keith@1062477781[1].txt C:\Documents and Settings\Keith\Cookies\keith@counter.hitslink[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@aboveallroads.tripod[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@adinterax[2].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@adrevolver[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@adrevolver[3].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@allyours.virginmedia[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@anad.tacoda[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@anat.tacoda[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@atdmt[2].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@clicktorrent[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@dealtime.co[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@server.lon.liveperson[2].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@tracking.summitmedia.co[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@virginmedia[2].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@weborama[1].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@www.burstnet[2].txt D:\A STUFF\Documents and Settings\Keith W\Cookies\keith w@www.virginmedia[2].txt D:\A STUFF\Documents and Settings\Keith W\Local Settings\Temp\Cookies\keith w@clickondetroit[1].txt D:\A STUFF\Documents and Settings\Keith W\Local Settings\Temp\Cookies\keith w@girlwithaonetrackmind.blogspot[1].txt D:\A STUFF\Documents and Settings\Keith W\Local Settings\Temp\Cookies\keith w@tracking.summitmedia.co[1].txt D:\A STUFF\Documents and Settings\Keith W\Local Settings\Temp\Cookies\keith w@www.clickondetroit[1].txt D:\A STUFF\Documents and Settings\Keith W.KEITH\Cookies\keith w@toplist[1].txt F:\Save2\D\Documents and Settings\Keith W.KEITH\Cookies\keith w@toplist[1].txt Trojan.Downloader-Gen/DualGurl C:\DECKARD\SYSTEM SCANNER\BACKUP\WINDOWS\TEMP\SVCIPA.EXE HJT Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:00:19, on 04/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\VM305_STI.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Magicbox\Voice 320\Voice 320.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Program Files\Icecast2 Win32\icecastService.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Palm\Hotsync.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\Program Files\Magicbox\Voice 320\player_btn.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Magicbox\Voice 320\player_setting.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wapshott.org/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Voice 320] C:\Program Files\Magicbox\Voice 320\Voice 320.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: Exif Launcher.lnk = ? O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190169885546 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190169870078 O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.phreik.com/controls/msnchat45.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 12320 bytes
  10. Hi Jacee, I am in the UK so have to head off to bed now as I have an early start. Anyway I just wanted to let you know so you didn't think I was ignoring you. Will be back tomorrow as soon as I can. Thanks for your help so far. Take care, Keith
  11. Main.txt Deckard's System Scanner v20071014.68 Run by Keith on 2008-01-03 00:32:10 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 75: 2008-01-03 00:32:16 UTC - RP238 - Deckard's System Scanner Restore Point 74: 2008-01-02 21:16:13 UTC - RP237 - System Checkpoint 73: 2008-01-01 19:52:36 UTC - RP236 - System Checkpoint 72: 2007-12-31 19:03:07 UTC - RP235 - System Checkpoint 71: 2007-12-30 01:06:35 UTC - RP234 - Removed Microsoft Expression Web -- First Restore Point -- 1: 2007-10-05 16:21:18 UTC - RP164 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Keith.exe) ----------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:33:30, on 03/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\VM305_STI.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Magicbox\Voice 320\Voice 320.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Palm\Hotsync.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Icecast2 Win32\icecastService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Magicbox\Voice 320\player_btn.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Magicbox\Voice 320\player_setting.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Documents and Settings\Keith\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Keith.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wapshott.org/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Voice 320] C:\Program Files\Magicbox\Voice 320\Voice 320.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: Exif Launcher.lnk = ? O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190169885546 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190169870078 O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.phreik.com/controls/msnchat45.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 12202 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7> R2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.3500> R2 BTSLBCSP (Bluetooth Port Client Driver) - c:\windows\system32\drivers\btslbcsp.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.3500> R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT> S3 CO_Mon - c:\windows\system32\drivers\co_mon.sys S3 ZSMC0305 (VIMICRO USB PC Camera V) - c:\windows\system32\drivers\usbvm305.sys <Not Verified; Vimicro Corporation; > -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 CLCapSvc (CyberLink Background Capture Service (CBCS)) - "c:\program files\cyberlink\powercinema\kernel\tv\clcapsvc.exe" <Not Verified; ; CLCapSvc Module> R2 CLSched (CyberLink Task Scheduler (CTS)) - "c:\program files\cyberlink\powercinema\kernel\tv\clsched.exe" <Not Verified; ; CLSched Module> R2 FirebirdGuardianDefaultInstance (Firebird Guardian - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbguard.exe -s <Not Verified; The Firebird Project; Firebird SQL Server> R2 Icecast (Icecast Media Server) - "c:\program files\icecast2 win32\icecastservice.exe" "c:\program files\icecast2 win32" R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> R3 FirebirdServerDefaultInstance (Firebird Server - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbserver.exe -s <Not Verified; The Firebird Project; Firebird SQL Server> S3 AresChatServer (Ares Chatroom server) - c:\program files\ares\chatserver.exe <Not Verified; Ares Development Group; Ares Chat Server> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\6F4FDF148500 Manufacturer: Microsoft Name: 1394 Net Adapter PNP Device ID: V1394\NIC1394\6F4FDF148500 Service: NIC1394 -- Files created between 2007-12-03 and 2008-01-03 ----------------------------- 2008-01-02 07:05:44 0 d-------- C:\Program Files\Trend Micro 2008-01-02 04:53:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-01-02 04:53:55 0 d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-12-30 00:32:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2007-12-18 10:51:11 0 d-------- C:\Documents and Settings\Keith\Application Data\Recordpad 2007-12-18 10:51:11 0 d-------- C:\Documents and Settings\Keith\Application Data\NCH Swift Sound 2007-12-18 10:51:00 0 d-------- C:\Program Files\NCH Software 2007-12-18 10:50:53 0 d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound 2007-12-18 10:50:09 0 d-------- C:\Program Files\NCH Swift Sound 2007-12-16 01:38:12 0 d-------- C:\Program Files\SopCast 2007-12-10 19:39:17 0 d-------- C:\Documents and Settings\Keith\Application Data\Arcsoft 2007-12-10 18:16:11 0 d-------- C:\Documents and Settings\Keith\Application Data\Leadertech 2007-12-10 18:11:09 0 d-------- C:\Program Files\Common Files\DataViz 2007-12-10 18:11:09 0 d-------- C:\Documents and Settings\All Users\Application Data\DataViz 2007-12-10 18:11:03 0 d-------- C:\Program Files\Documents To Go 2007-12-10 18:10:29 0 d-------- C:\Documents and Settings\All Users\Application Data\HotSync 2007-12-10 18:09:52 0 d-------- C:\Program Files\Palm 2007-12-10 18:09:05 0 d-------- C:\Documents and Settings\Keith\Application Data\HotSync 2007-12-10 18:08:50 0 d-------- C:\WINDOWS\Downloaded Installations -- Find3M Report --------------------------------------------------------------- 2008-01-02 23:52:26 0 d-------- C:\Documents and Settings\Keith\Application Data\Mozilla 2008-01-02 23:47:31 0 d-------- C:\Documents and Settings\Keith\Application Data\Skype 2008-01-02 20:41:52 0 d-------- C:\Program Files\FinePixViewer 2008-01-02 10:47:31 0 d-------- C:\Documents and Settings\Keith\Application Data\skypePM 2007-12-29 19:29:04 0 d-------- C:\Documents and Settings\Keith\Application Data\Azureus 2007-12-29 18:26:00 0 d-------- C:\Program Files\Azureus 2007-12-10 18:11:09 0 d-------- C:\Program Files\Common Files 2007-12-01 23:15:05 0 d-------- C:\Program Files\Avery Dennison 2007-11-21 19:54:52 0 d-------- C:\Documents and Settings\Keith\Application Data\CyberLink 2007-11-21 19:50:02 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-11-21 19:50:02 0 d-------- C:\Program Files\Cyberlink 2007-11-21 16:55:33 0 d-------- C:\Program Files\Windows Media Connect 2 2007-11-21 16:29:05 0 d-------- C:\Program Files\Philips 2007-11-17 17:03:23 0 d-------- C:\Documents and Settings\Keith\Application Data\TVU Networks 2007-11-17 05:05:45 0 d-------- C:\Program Files\Skype 2007-11-17 00:16:49 0 d-------- C:\Program Files\Common Files\Skype 2007-11-16 22:49:42 0 d-------- C:\Program Files\Avery Wizard 3.1 2007-11-16 22:49:23 0 d-------- C:\Program Files\K-Lite Codec Pack 2007-11-13 22:29:45 0 d-------- C:\Program Files\Magicbox 2007-11-13 22:29:13 0 d-------- C:\Documents and Settings\Keith\Application Data\Macromedia 2007-11-05 23:38:19 0 d-------- C:\Program Files\Common Files\Avery 2007-11-05 23:37:20 0 d-------- C:\Program Files\Common Files\InstallShield -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [01/06/2006 16:22] "nwiz"="nwiz.exe" [01/06/2006 16:22 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [01/06/2006 16:22] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [07/01/2005 16:07 C:\WINDOWS\system32\HdAShCut.exe] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 13:00] "Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [12/01/2006 19:52] "@"="" [] "BigDog305"="C:\WINDOWS\VM305_STI.exe" [05/08/2005 14:15] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [04/02/2002 21:32] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11] "RTHDCPL"="RTHDCPL.EXE" [05/07/2007 15:08 C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [03/05/2005 17:43 C:\WINDOWS\Alcmtr.exe] "PCMService"="C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [27/12/2006 14:59] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [28/02/2006 12:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/05/2007 02:20] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [12/11/2007 15:48] "Voice 320"="C:\Program Files\Magicbox\Voice 320\Voice 320.exe" [04/04/2007 10:25] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [06/05/2007 03:48:03] Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [12/05/2006 12:33:22] DataViz Inc Messenger.lnk - C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe [10/12/2007 18:11:09] Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [31/05/2007 22:19:49] Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [06/05/2007 02:20:57] HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe [09/06/2004 14:27:34] -- End of Deckard's System Scanner: finished at 2008-01-03 00:34:26 ------------ extra.txt Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Intel® Pentium® 4 CPU 3.06GHz Percentage of Memory in Use: 46% Physical Memory (total/avail): 1023.48 MiB / 545.45 MiB Pagefile Memory (total/avail): 4924.84 MiB / 4529.45 MiB Virtual Memory (total/avail): 2047.88 MiB / 1934.45 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 60.2 GiB total, 50.92 GiB free. D: is Fixed (NTFS) - 81.05 GiB total, 53.8 GiB free. E: is CDROM (No Media) F: is Fixed (FAT32) - 232.83 GiB total, 212.33 GiB free. \\.\PHYSICALDRIVE0 - ST3160023AS - 149.05 GiB - 3 partitions \PARTITION0 - Unknown - 7.81 GiB \PARTITION1 (bootable) - Installable File System - 60.2 GiB - C: \PARTITION2 - Installable File System - 81.05 GiB - D: \\.\PHYSICALDRIVE1 - WDC WD25 00JB-00REA0 USB Device - 232.88 GiB - 1 partition \PARTITION0 - Unknown - 232.88 GiB - F: -- Security Center ------------------------------------------------------------- AUOptions is disabled. Windows Internal Firewall is disabled. FirstRunDisabled is set. AV: avast! antivirus 4.7.1098 [VPS 080101-0] v4.7.1098 (ALWIL Software) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Enabled:Ares p2p for windows" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Cyberlink\\PowerCinema\\PowerCinema.exe"="C:\\Program Files\\Cyberlink\\PowerCinema\\PowerCinema.exe:*:Enabled:CyberLink PowerCinema" "C:\\Program Files\\Cyberlink\\PowerCinema\\PCMService.exe"="C:\\Program Files\\Cyberlink\\PowerCinema\\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program" "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer" "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"="C:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Disabled:SopCast Adver" "C:\\Program Files\\SopCast\\SopCast.exe"="C:\\Program Files\\SopCast\\SopCast.exe:*:Disabled:SopCast Main Application" "C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Keith\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=KEITHW ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Keith LOGONSERVER=\\KEITHW NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0401 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Keith\LOCALS~1\Temp TMP=C:\DOCUME~1\Keith\LOCALS~1\Temp USERDOMAIN=KEITHW USERNAME=Keith USERPROFILE=C:\Documents and Settings\Keith windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Keith (admin) -- Add/Remove Programs --------------------------------------------------------- --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 7.0.9 Professional --> msiexec /I {AC76BA86-1033-0000-7760-000000000002} Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe AM-DeadLink 3.1 --> "C:\Program Files\AM-DeadLink\unins000.exe" Ares 2.0.8 --> "C:\Program Files\Ares\uninstall.exe" Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe" avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup Azureus --> C:\Program Files\Azureus\Uninstall.exe Canon i455 --> C:\WINDOWS\system32\CNMCP5i.exe "-PRINTERNAMECanon i455" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i455 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i455 Installer\Inst2\cnmi0409.dll" Canon Utilities Easy-PhotoPrint --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Canon\Easy-PhotoPrint\Uninst.isu" -c"C:\Program Files\Canon\Easy-PhotoPrint\EZUNINST.DLL" CoffeeCup Flash Form Builder - Registered --> C:\PROGRA~1\COFFEE~1\COFFEE~2\UNWISE.EXE C:\PROGRA~1\COFFEE~1\COFFEE~2\INSTALL.LOG CoffeeCup Flash Form Builder - Trial --> C:\PROGRA~1\COFFEE~1\COFFEE~2\UNWISE.EXE C:\PROGRA~1\COFFEE~1\COFFEE~2\INSTALL.LOG CoffeeCup Free FTP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B66899F2-C58D-4CEC-9FA8-867883FFB707}\Setup.exe" -l0x9 CoffeeCup Web Form Builder - Registered --> C:\PROGRA~1\COFFEE~1\COFFEE~3\UNWISE.EXE C:\PROGRA~1\COFFEE~1\COFFEE~3\INSTALL.LOG COWON Media Center - jetAudio Basic --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x9 -removeonly dBpoweramp FLAC Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat dBpowerAMP Music Converter --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat DesignPro 5 Lite Edition --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{DA8E52C7-8638-4AD6-B94E-53ED24EE5202} Documents To Go --> MsiExec.exe /X{EB807EB6-5179-48B7-98D4-7B4934A57A81} FinePixViewer Resource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\SETUP.EXE" -l0x9 FinePixViewer Ver.5.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE" -l0x9 Firebird 1.5.1.4481 --> "C:\Program Files\Firebird\Firebird_1_5\unins000.exe" FUJIFILM USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE" Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe" Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Icecast v2.3.1 --> "C:\Program Files\Icecast2 Win32\unins000.exe" ieSpell --> "C:\Program Files\ieSpell\uninst.exe" ImageMixer VCD2 for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{934E9442-D305-4ACF-AD87-A6C11D677CB9}\setup.exe" ImageMixer VCD2 LE for FinePix --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B093990A-AAF2-44AC-9216-14BB7A2189B6}\SETUP.EXE" -l0x9 JAlbum --> "C:\Program Files\JAlbum\Uninstall_JAlbum\Uninstall JAlbum.exe" Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9} Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" MicroStaff WINASPI --> C:\MWASPI\uninst.exe mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall Notepad++ --> C:\Program Files\Notepad++\uninstall.exe NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI Paint Shop Pro 7 ESD --> MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A} Palm --> MsiExec.exe /X{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3} Philips Intelligent Agent --> "C:\Program Files\Philips\Intelligent Agent\Uninst\unins000.exe" PowerCinema --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall RAW FILE CONVERTER LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D680C913-5955-469D-9D88-C1940F7506D6}\SETUP.EXE" -l0x9 Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly Recuva (remove only) --> "C:\Program Files\Recuva\uninst.exe" SAM Broadcaster (remove only) --> "C:\Program Files\SpacialAudio\SAMBC\uninstall.exe" Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SopCast 2.0.4 --> C:\Program Files\SopCast\uninst.exe Unlocker 1.8.5 --> C:\Program Files\Unlocker\uninst.exe VIMICRO USB PC Camera V --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}\setup.exe" -l0x9 Voice 320 V3.1.0.1 --> "C:\Program Files\Magicbox\Voice 320\unins000.exe" WIDCOMM Bluetooth Software --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679} Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live installer --> MsiExec.exe /X{7BC43F11-02C8-45FA-ABDC-E2F9FF31F825} Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0} Windows Live Sign-in Assistant --> MsiExec.exe /I{CB5EA99C-8A5B-49F2-9A1A-2EF78BE4DB41} WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall -- Application Event Log ------------------------------------------------------- Event Record #/Type436 / Error Event Submitted/Written: 01/02/2008 10:03:15 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type435 / Error Event Submitted/Written: 01/02/2008 10:01:56 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type434 / Error Event Submitted/Written: 01/02/2008 09:46:49 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type433 / Error Event Submitted/Written: 01/02/2008 09:41:54 PM Event ID/Source: 1002 / Application Hang Event Description: Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Event Record #/Type423 / Warning Event Submitted/Written: 01/01/2008 06:36:12 PM Event ID/Source: 1001 / MsiInstaller Event Description: Detection of product '{90170409-6000-11D3-8CFE-0150048383C9}', feature 'FPClientFiles' failed during request for component '{81E9830C-5A6B-436A-BEC9-4FB759282DE3}' -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type10885 / Error Event Submitted/Written: 01/03/2008 00:33:37 AM Event ID/Source: 7016 / Service Control Manager Event Description: The SmartLinkService service has reported an invalid current state 0. Event Record #/Type10884 / Warning Event Submitted/Written: 01/03/2008 00:26:31 AM Event ID/Source: 36 / W32Time Event Description: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Event Record #/Type10856 / Warning Event Submitted/Written: 01/02/2008 06:37:54 AM Event ID/Source: 36 / W32Time Event Description: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Event Record #/Type10820 / Warning Event Submitted/Written: 01/01/2008 04:08:48 AM Event ID/Source: 36 / W32Time Event Description: The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized. Event Record #/Type10817 / Warning Event Submitted/Written: 12/31/2007 04:47:47 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. -- End of Deckard's System Scanner: finished at 2008-01-03 00:34:26 ------------
  12. HI Jacee, I did save the Kaspersky log but unfortunately it wont post here as it is so lange, the log is 8.60mb in size and has 28,103 lines of text I have uploaded the file to my ISP web space and it can be accessed here: http://kwapshott.pwp.blueyonder.co.uk/Kaspersky1.txt It looks a bit messy but comes up OK when copied into notepad. Sorry to have to do it this way but as I said it will not post here. Thanks for your help. Take care, Keith
  13. HI All, After many years on the net without so much as a sniff of infect it seems my computer has been infected with not 1 but 16 viruses. I did a Kaspersky online scan and it found 16 viruses and 120 infected objects Any help you can give to help clean up my PC would be much appreciated. Here is my HJT log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:06:00, on 02/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\VM305_STI.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Icecast2 Win32\icecastService.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Program Files\FinePixViewer\QuickDCF.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Palm\Hotsync.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe C:\DOCUME~1\Keith\LOCALS~1\Temp\Adobelm_Cleanup.0001 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe C:\DOCUME~1\Keith\LOCALS~1\Temp\Adobelm_Cleanup.0001 C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wapshott.org/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [bigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Voice 320] C:\Program Files\Magicbox\Voice 320\Voice 320.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe O4 - Global Startup: Exif Launcher.lnk = ? O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190169885546 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190169870078 O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.phreik.com/controls/msnchat45.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- End of file - 12324 bytes
×
×
  • Create New...