Hi there.Here are the DSS scans,I will run kaspersky now and post back the results.Thankyou.
Deckard's System Scanner v20071014.68
Run by liz on 2008-05-18 14:44:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 1 Restore Point(s) --
1: 2008-05-18 09:49:44 UTC - RP65 - Scheduled Checkpoint
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 766 MiB (1024 MiB recommended).-- HijackThis (run as liz.exe) -------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:45:20, on 18/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\liz.paul-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BVL0E3GT\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\liz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://format.packardbell.com/cgi-bin/r ... ey=IESTARTR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 5158 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: USB CF Reader
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_USB_CF_READER&REV_1.01#2004888&1#
Manufacturer: Generic
Name: USB CF Reader
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_USB_CF_READER&REV_1.01#2004888&1#
Service: WUDFRd
-- Scheduled Tasks -------------------------------------------------------------
2008-05-18 14:30:00 336 --a------ C:\Windows\Tasks\Recovery DVD Creator.job
-- Files created between 2008-04-18 and 2008-05-18 -----------------------------
2008-05-16 18:15:30 0 d-------- C:\Program Files\Trend Micro
2008-05-10 17:43:43 0 d-------- C:\Program Files\a-squared Anti-Malware
2008-05-10 14:25:21 0 d-------- C:\Windows\system32\HouseCall 6.6
2008-05-10 13:48:21 0 d-------- C:\Users\liz.paul-PC\.housecall6.6
2008-05-10 13:39:13 0 d-------- C:\Windows\Sun
2008-05-09 17:56:55 0 dr------- C:\Users\Paul\Searches
2008-05-09 17:56:43 0 dr------- C:\Users\Paul\Contacts
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Videos
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\Templates
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\Start Menu
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\SendTo
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Saved Games
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\Recent
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\PrintHood
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Pictures
2008-05-09 17:56:36 1835008 --ahs---- C:\Users\Paul\NTUSER.DAT
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\NetHood
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\My Documents
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Music
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\Local Settings
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Links
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Favorites
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Downloads
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Documents
2008-05-09 17:56:36 0 dr------- C:\Users\Paul\Desktop
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\Cookies
2008-05-09 17:56:36 0 d--hs---- C:\Users\Paul\Application Data
2008-05-09 17:56:36 0 d--h----- C:\Users\Paul\AppData
2008-05-08 21:22:46 0 --a------ C:\Users\liz.paul-PC\vssadmin
2008-05-03 17:26:49 0 d-------- C:\Program Files\Auslogics
2008-04-25 17:20:37 0 d-------- C:\Program Files\Winamp
2008-04-24 19:05:27 0 d-------- C:\Program Files\uTorrent
2008-04-24 18:34:43 118784 --a------ C:\Windows\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-04-23 23:52:44 3636 --a------ C:\Windows\system32\drivers\nvphy.bin
2008-04-23 20:27:42 0 d-------- C:\Windows\SoftwareDistribution
2008-04-23 20:06:00 0 dr------- C:\Users\liz.paul-PC\Searches
2008-04-23 20:05:45 0 dr------- C:\Users\liz.paul-PC\Contacts
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\Templates
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\Start Menu
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\SendTo
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\Recent
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\PrintHood
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\NetHood
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\My Documents
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\Local Settings
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\Cookies
2008-04-23 20:02:09 0 d--hs---- C:\Users\liz.paul-PC\Application Data
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Videos
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Saved Games
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Pictures
2008-04-23 20:02:08 2621440 --a------ C:\Users\liz.paul-PC\NTUSER.DAT
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Music
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Links
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Favorites
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Downloads
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Documents
2008-04-23 20:02:08 0 dr------- C:\Users\liz.paul-PC\Desktop
2008-04-23 20:02:08 0 d--h----- C:\Users\liz.paul-PC\AppData
2008-04-20 19:20:38 0 d-------- C:\Program Files\Eusing Free Registry Cleaner
2008-04-20 14:22:22 0 d-------- C:\Users\All Users\Avg7
-- Find3M Report ---------------------------------------------------------------
2008-05-18 14:43:14 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\uTorrent
2008-05-17 14:17:58 0 d-------- C:\Program Files\SpywareBlaster
2008-05-13 18:24:50 0 d-------- C:\Program Files\Windows Mail
2008-05-11 21:21:57 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Packard Bell
2008-05-05 18:56:44 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\AVG7
2008-05-03 17:33:52 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Auslogics
2008-05-03 16:21:19 0 d-------- C:\Program Files\WinASO
2008-05-01 16:27:14 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Roxio
2008-04-26 09:49:40 174 --ahs---- C:\Program Files\desktop.ini
2008-04-26 09:40:55 0 d-------- C:\Program Files\Windows Calendar
2008-04-26 09:40:54 0 d-------- C:\Program Files\Windows Sidebar
2008-04-26 09:40:54 0 d-------- C:\Program Files\Movie Maker
2008-04-26 09:40:50 0 d-------- C:\Program Files\Windows Journal
2008-04-26 09:40:49 0 d-------- C:\Program Files\Windows Photo Gallery
2008-04-26 09:40:41 0 d-------- C:\Program Files\Windows Defender
2008-04-25 17:26:08 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Macromedia
2008-04-25 17:26:07 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Adobe
2008-04-25 17:21:39 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Winamp
2008-04-24 13:17:07 0 d-------- C:\Program Files\Common Files
2008-04-24 04:55:15 0 d-------- C:\Program Files\HDReg
2008-04-23 22:04:34 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-23 22:04:20 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-23 21:57:23 0 d-------- C:\Program Files\Google
2008-04-23 21:49:13 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Google
2008-04-23 20:05:47 0 d-------- C:\Users\liz.paul-PC\AppData\Roaming\Identities
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"NvSvc"="C:\Windows\system32\nvsvc.dll" [12/09/2007 05:28]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [12/09/2007 05:28]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [12/09/2007 05:28]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [20/04/2008 14:39]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19/01/2008 08:38]
"RtHDVCpl"="RtHDVCpl.exe" [09/11/2006 10:57 C:\Windows\RtHDVCpl.exe]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28/01/2008 11:43]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19/01/2008 08:33]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)
"EnableUIADesktopToggle"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"LogonHoursAction"=2 (0x2)
"DontDisplayLogonHoursWarnings"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 23/04/2008 23:54 9216 C:\Windows\System32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]
"C:\Program Files\a-squared Anti-Malware\a2guard.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmpcSys]
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- Hosts -----------------------------------------------------------------------
127.0.0.1
http://www.007guard.com127.0.0.1 007guard.com
127.0.0.1 010402.com
127.0.0.1
http://www.032439.com127.0.0.1 032439.com
127.0.0.1
http://www.1001-search.info127.0.0.1 1001-search.info
127.0.0.1
http://www.100888290cs.com127.0.0.1 100888290cs.com
127.0.0.1
http://www.100sexlinks.com8378 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-05-18 14:47:17 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6001) SP 1.0
Architecture: X86; Language: English
CPU 0: AMD Athlon(tm) 64 Processor 3800+
Percentage of Memory in Use: 64%
Physical Memory (total/avail): 765.82 MiB / 270.71 MiB
Pagefile Memory (total/avail): 1796.25 MiB / 983.37 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1905.27 MiB
C: is Fixed (NTFS) - 141.04 GiB total, 105.48 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST316021 2AS SCSI Disk Device - 149.05 GiB - 2 partitions
\PARTITION0 - Unknown - 8.01 GiB
\PARTITION1 (bootable) - Installable File System - 141.04 GiB - C:
\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device
\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device
\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device
\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device
-- Security Center -------------------------------------------------------------
AUOptions is set to notify before download.
Windows Internal Firewall is enabled.
AV: AVG 7.5.524 v7.5.524 (Grisoft)
AS: Spybot - Search and Destroy v1.0.0.5 (Safer Networking Ltd.)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\liz.paul-PC\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LIZ-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HKCU_S=\REGISTRY\CUSER\Software
HKLM_S=\REGISTRY\MACHINE\Software
HOMEDRIVE=C:
HOMEPATH=\Users\liz.paul-PC
LOCALAPPDATA=C:\Users\liz.paul-PC\AppData\Local
LOGONSERVER=\\LIZ-PC
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 95 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=5f02
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\LIZ~1.PAU\AppData\Local\Temp
TMP=C:\Users\LIZ~1.PAU\AppData\Local\Temp
USERDOMAIN=LIZ-PC
USERNAME=liz
USERPROFILE=C:\Users\liz.paul-PC
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
liz.paul-PC
(admin)Paul
-- Add/Remove Programs ---------------------------------------------------------
--> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
--> MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
--> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
--> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
--> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
--> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
--> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
--> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
a-squared Anti-Malware 3.5 --> "C:\Program Files\a-squared Anti-Malware\unins000.exe"
Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{685A56F8-75B6-44AD-B3DA-FB0A3266B47C}
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player --> MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
AusLogics Disk Defrag --> "C:\Program Files\Auslogics\AusLogics Disk Defrag\unins000.exe"
AusLogics Registry Defrag --> "C:\Program Files\Auslogics\AusLogics Registry Defrag\unins000.exe"
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Browser Address Error Redirector --> regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Creator 9 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*
Flash Player plugins 9 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*
Google BAE --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
GoogleDesktop --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*
GoogleToolbar --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
HDReg --> MsiExec.exe /I{AB7032FF-AFED-4C58-AA5C-8473B273793A}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Infocentre Rev. 2.0 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Microsoft Works 8.5 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *MSWorks85*
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NVIDIA Drivers --> C:\Windows\system32\nvunrm.exe UninstallGUI
Packard Bell - Skype 2.5 --> "C:\Program Files\Skype\Phone\unins000.exe"
Packard Bell Updator --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
Realtek HD Audio V6.0.1.5322 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Roxio Creator 9 LE --> MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
RTC Client API v1.2 --> MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
SetUp My PC --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_GB*
Shockwave player 10 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Shockwave*
Skype 2.5.2.151 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Video NVIDIA v97.46 --> "C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA*
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
WinASO Registry Optimizer 3.2 --> "C:\Program Files\WinASO\Registry Optimizer 3.2\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type2562 / Success
Event Submitted/Written: 05/18/2008 10:19:59 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
Event Record #/Type2555 / Success
Event Submitted/Written: 05/18/2008 10:19:42 AM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type2554 / Success
Event Submitted/Written: 05/18/2008 10:19:40 AM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type2533 / Success
Event Submitted/Written: 05/17/2008 05:15:32 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
Event Record #/Type2526 / Success
Event Submitted/Written: 05/17/2008 05:15:18 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type24695 / Warning
Event Submitted/Written: 05/18/2008 02:42:16 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type24689 / Warning
Event Submitted/Written: 05/18/2008 00:34:03 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type24687 / Warning
Event Submitted/Written: 05/18/2008 11:30:01 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type24680 / Warning
Event Submitted/Written: 05/18/2008 10:53:03 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type24676 / Warning
Event Submitted/Written: 05/18/2008 10:36:58 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
-- End of Deckard's System Scanner: finished at 2008-05-18 14:47:17 ------------