Hiya,
this is the main.txt and the extra.txt is below it.
i'm not sure if it's worth noting but i have checked the "work offline" option in my ie so i won't get the pop-ups. instead i got the asked to work-online tab.
Thanxs a lot for helping out.
Deckard's System Scanner v20071014.68
Run by Tyger on 2008-05-25 09:41:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
56: 2008-05-24 23:41:48 UTC - RP65 - Deckard's System Scanner Restore Point
55: 2008-05-24 18:17:39 UTC - RP64 - System Checkpoint
54: 2008-05-22 14:20:40 UTC - RP63 - System Checkpoint
53: 2008-05-21 13:28:03 UTC - RP62 - System Checkpoint
52: 2008-05-19 13:02:12 UTC - RP61 - Software Distribution Service 3.0
-- First Restore Point --
1: 2008-03-27 14:42:35 UTC - RP10 - Installed Windows Installer KB893803v2.
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 511 MiB (512 MiB recommended).-- HijackThis (run as Tyger.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:43:56 AM, on 25/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Tyger\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tyger.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: cpmsky browser optimizer - {201a16d4-3cd6-acd6-1978-a01c33b980f9} - C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: adzgalore - {994B5FB4-0103-44A6-B6B3-C73572B362BC} - C:\WINDOWS\system32\nsiF8.dll
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll" DllInit
O4 - HKLM\..\Run: [{950c4ecc-1464-0be4-58d8-f3d928d279d4}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll" DllInit
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
--
End of file - 8567 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 BsStor (B.H.A Storage Helper Driver) - c:\windows\system32\drivers\bsstor.sys <Not Verified; B.H.A Co.,Ltd.; >
R0 TVALZ (TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver) - c:\windows\system32\drivers\tvalz.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Common Modules>
R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >
R2 BsUDF (B.H.A UDF Filesystem) - c:\windows\system32\drivers\bsudf.sys <Not Verified; B.H.A Co.,Ltd.; UDF File System Driver (WindowsXP)>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.2.1.0) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.2>
R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 tsdhd (TOSHIBA SD Card Host Controller Driver) - c:\windows\system32\drivers\tsdhd.sys <Not Verified; TOSHIBA Corporation; SD Card Driver Set>
S3 Ad-Watch Connect Filter (Ad-Watch Connect Kernel Filter) - c:\windows\system32\drivers\nsdriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 CFSvcs (ConfigFree Service) - c:\program files\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)>
R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >
R2 RegSrvc - c:\windows\system32\regsrvc.exe <Not Verified; Intel Corporation; RegSrvc Module>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-27 18:49:34 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-04-25 and 2008-05-25 -----------------------------
2008-05-25 03:24:07 0 d-------- C:\Program Files\Trend Micro
2008-05-05 21:33:32 331264 --a------ C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll
-- Find3M Report ---------------------------------------------------------------
2008-05-25 09:34:47 0 d-------- C:\Documents and Settings\Tyger\Application Data\DNA
2008-05-03 10:54:19 53873 --a------ C:\WINDOWS\system32\adzgalore-remove.exe
2008-05-01 22:16:57 0 d-------- C:\Documents and Settings\Tyger\Application Data\Skype
2008-05-01 22:15:01 0 d-------- C:\Documents and Settings\Tyger\Application Data\skypePM
2008-04-15 17:18:21 0 d-------- C:\Documents and Settings\Tyger\Application Data\LimeWire
2008-04-15 15:05:27 0 d-------- C:\Program Files\LimeWire
2008-04-15 15:04:55 0 d-------- C:\Program Files\Java
2008-04-10 23:14:24 0 d-------- C:\Program Files\iTunes
2008-04-10 23:13:42 0 d-------- C:\Program Files\iPod
2008-04-10 23:08:20 0 d-------- C:\Program Files\QuickTime
2008-04-10 22:53:16 0 d-------- C:\Documents and Settings\Tyger\Application Data\Apple Computer
2008-04-03 21:04:50 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-03 21:04:45 0 d-------- C:\Program Files\DFX
2008-04-03 20:21:09 0 d-------- C:\Documents and Settings\Tyger\Application Data\BitTorrent
2008-04-03 16:23:56 886784 --a------ C:\WINDOWS\ebook_library.dll
2008-04-01 23:43:53 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-04-01 23:20:36 0 d-------- C:\Documents and Settings\Tyger\Application Data\Media Player Classic
2008-04-01 18:33:26 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-01 18:24:52 0 d-------- C:\Documents and Settings\Tyger\Application Data\Adobe
2008-03-30 02:47:42 0 d-------- C:\Program Files\Messenger
2008-03-28 11:16:54 0 d-------- C:\Program Files\Lavasoft
2008-03-28 11:16:12 0 d-------- C:\Program Files\Common Files
2008-03-28 11:07:07 0 d-------- C:\Program Files\BitTorrent
2008-03-28 11:07:01 0 d-------- C:\Program Files\DNA
2008-03-28 10:55:24 0 d-------- C:\Documents and Settings\Tyger\Application Data\WinRAR
2008-03-28 00:55:22 0 d-------- C:\Program Files\Windows Live
2008-03-28 00:54:46 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-28 00:44:32 0 d-------- C:\Program Files\Skype
2008-03-28 00:44:28 0 d-------- C:\Program Files\Common Files\Skype
2008-03-27 21:49:25 0 d-------- C:\Documents and Settings\Tyger\Application Data\Macromedia
2008-03-27 21:49:12 1158 --a------ C:\WINDOWS\mozver.dat
2008-03-27 21:35:14 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-27 21:34:55 0 d-------- C:\Documents and Settings\Tyger\Application Data\Mozilla
2008-03-27 19:01:18 0 d-------- C:\Documents and Settings\Tyger\Application Data\Real
2008-03-27 18:58:41 0 d-------- C:\Documents and Settings\Tyger\Application Data\vlc
2008-03-27 18:54:16 0 d-------- C:\Program Files\Common Files\xing shared
2008-03-27 18:54:11 0 d-------- C:\Program Files\Common Files\Real
2008-03-27 18:53:49 0 d-------- C:\Program Files\Real
2008-03-27 18:52:08 0 d-------- C:\Program Files\VideoLAN
2008-03-27 18:49:24 0 d-------- C:\Program Files\Apple Software Update
2008-03-27 18:48:47 0 d-------- C:\Program Files\Common Files\Apple
2008-03-27 18:21:01 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-03-27 09:13:58 0 d-------- C:\Program Files\Alwil Software
2008-03-27 08:43:27 0 d-------- C:\Program Files\Movie Maker
2008-03-27 08:39:46 0 d-------- C:\Program Files\Windows NT
2008-03-27 08:17:12 0 d-------- C:\Program Files\Toshiba
2008-03-27 08:13:22 0 d-------- C:\Program Files\Intel
2008-03-27 08:05:00 0 d-------- C:\Program Files\ltmoh
2008-03-26 14:29:50 0 d--h----- C:\Program Files\WindowsUpdate
2008-03-13 02:33:29 1996336 --a------ C:\WINDOWS\system32\Checker.exe
2008-03-04 11:33:18 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201a16d4-3cd6-acd6-1978-a01c33b980f9}]
05/05/2008 09:33 PM 331264 --a------ C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{994B5FB4-0103-44A6-B6B3-C73572B362BC}]
07/02/2008 03:21 AM 233472 --a------ C:\WINDOWS\system32\nsiF8.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00THotkey"="C:\WINDOWS\System32\00THotkey.exe" [16/04/2003 01:01 PM]
"000StTHK"="000StTHK.exe" [24/06/2001 01:28 PM C:\WINDOWS\system32\000StTHK.exe]
"TFNF5"="TFNF5.exe" [18/07/2003 06:41 PM C:\WINDOWS\system32\TFNF5.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [30/05/2003 08:25 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [30/05/2003 08:23 PM]
"TouchED"="C:\Program Files\TOSHIBA\TouchED\TouchED.Exe" [22/01/2003 11:00 AM]
"TPSMain"="TPSMain.exe" [26/09/2003 03:19 AM C:\WINDOWS\system32\TPSMain.exe]
"TFncKy"="TFncKy.exe" []
"SigmaTel StacMon"="C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe" [03/08/2003 05:01 PM]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [24/09/2003 07:00 PM]
"nwiz"="nwiz.exe" [24/09/2003 07:00 PM C:\WINDOWS\system32\nwiz.exe]
"ezShieldProtector for Px"="C:\WINDOWS\System32\ezSP_Px.exe" [21/08/2002 04:29 AM]
"Drag'n Drop CD+DVD"="C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe" [09/08/2003 12:54 PM]
"NDSTray.exe"="NDSTray.exe" []
"B'sCLiP"="C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe" [04/02/2004 11:43 PM]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [02/01/2003 05:16 PM]
"AGRSMMSG"="AGRSMMSG.exe" [18/04/2003 12:20 PM C:\WINDOWS\agrsmmsg.exe]
"PRONoMgr.exe"="C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [10/12/2003 01:36 AM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [16/05/2008 09:19 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [27/03/2008 06:53 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 09:16 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [28/03/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30/03/2008 10:36 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [14/12/2007 03:42 AM]
"spa_start"="C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll" [05/05/2008 09:33 PM]
"{950c4ecc-1464-0be4-58d8-f3d928d279d4}"="C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll" [05/05/2008 09:33 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [05/09/2003 08:24 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [03/08/2004 11:56 PM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 10:34 AM]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [21/05/2008 11:40 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
C:\WINDOWS\System32\LgNotify.dll 16/12/2003 07:32 AM 110592 C:\WINDOWS\system32\LgNotify.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
-- End of Deckard's System Scanner: finished at 2008-05-25 09:44:47 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) M processor 1.50GHz
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 510.92 MiB / 275.71 MiB
Pagefile Memory (total/avail): 1247.35 MiB / 914.7 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.46 MiB
C: is Fixed (NTFS) - 24.41 GiB total, 14.36 GiB free.
D: is Fixed (NTFS) - 12.84 GiB total, 5.86 GiB free.
E: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - TOSHIBA MK4025GAS - 37.26 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 24.41 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 12.84 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.
AV: avast! antivirus 4.8.1201 [VPS 080524-0] v4.8.1201 (ALWIL Software)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Tyger\Application Data
CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-AYZ9QSTPH1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Tyger
LOGONSERVER=\\YOUR-AYZ9QSTPH1
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d06
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Tyger\LOCALS~1\Temp
TMP=C:\DOCUME~1\Tyger\LOCALS~1\Temp
USERDOMAIN=YOUR-AYZ9QSTPH1
USERNAME=Tyger
USERPROFILE=C:\Documents and Settings\Tyger
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
Tyger
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> MsiExec.exe /I{B5D8CCBF-08D8-46C0-8B04-3BC0CAEDA094}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
B's CLiP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}\Setup.exe" -l0x9
BitTorrent --> C:\Program Files\BitTorrent\uninst.exe
Browser Optimizer Adzgalore --> C:\WINDOWS\system32\adzgalore-remove.exe
CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
DNA --> "C:\Program Files\DNA\btdna.exe" /UNINSTALL
Drag'n Drop CD+DVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DDC146FA-73E0-4FA1-A353-841EA14BF600}\Setup.exe" -l0x9 deleteall
DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\Setup.exe" DVD-RAM Driver
Enhancement Browser Tools Cpmsky --> C:\WINDOWS\system32\{48ff6f67-2d82-3227-a9fe-fb9ab0b14596}.dll-uninst.exe
HijackThis 2.0.2 --> "C:\DOCUME~1\Tyger\LOCALS~1\Temp\Rar$EX00.904\HijackThis.exe" /uninstall
Intel(R) PRO Network Adapters and Drivers --> Prounstl.exe
Intel(R) PROSet for Wireless --> MsiExec.exe /I{85376E80-1A9D-4b13-92FE-5B0797FFB7DA}
InterVideo WinDVD 4 --> "C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
K-Lite Mega Codec Pack 3.8.5 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
Microsoft Office OneNote 2003 --> MsiExec.exe /I{91A10409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvts.inf
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Registry Mechanic 5.1 --> "C:\Program Files\Registry Mechanic\unins000.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
SigmaTel AC97 Audio Drivers --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7959721D-8268-4565-9E0E-C41A9F4848A9}\setup.exe" -l0x9 -nodialog -uninstall
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x9 UNINSTALL
TOSHIBA Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}\Setup.exe" -l0x9
TOSHIBA Controls --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Display Devices Change Utility --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TDspBtn.inf,DefaultUninstall,5
Toshiba Hotkey Utility for Display Devices --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,DefaultUninstall,5
TOSHIBA Power Saver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\System32\TPSDel.dll"
TOSHIBA SD Memory Card Format --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\setup.exe"
TOSHIBA Software Modem --> Tosmreg -U
TOSHIBA TouchPad On/Off Utility V2.05.00 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\TouchED\Uninst.isu" -c"C:\Program Files\TOSHIBA\TouchED\tpedinst.dll"
TOSHIBA Utilities --> tutildel.exe
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type1380 / Error
Event Submitted/Written: 05/25/2008 03:04:37 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application msnmsgr.exe, version 8.5.1302.1018, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Event Record #/Type1367 / Success
Event Submitted/Written: 05/24/2008 00:13:42 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1356 / Success
Event Submitted/Written: 05/23/2008 00:01:27 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1322 / Success
Event Submitted/Written: 05/21/2008 09:34:41 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type1290 / Success
Event Submitted/Written: 05/18/2008 08:39:45 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type5513 / Warning
Event Submitted/Written: 05/25/2008 03:28:15 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type5512 / Warning
Event Submitted/Written: 05/25/2008 02:04:53 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type5510 / Warning
Event Submitted/Written: 05/25/2008 01:34:58 AM
Event ID/Source: 2504 / Server
Event Description:
The server could not bind to the transport \Device\NetBT_Tcpip_{C024FC6C-B165-4ADB-BEFA-698ACC5722E5}.
Event Record #/Type5505 / Warning
Event Submitted/Written: 05/24/2008 01:05:35 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Event Record #/Type5504 / Warning
Event Submitted/Written: 05/24/2008 00:46:40 AM
Event ID/Source: 52 / Disk
Event Description:
The driver has detected that device \Device\Harddisk0\DR0 has predicted that it will fail.
Immediately back up your data and replace your hard disk drive. A failure
may be imminent.
-- End of Deckard's System Scanner: finished at 2008-05-25 09:44:47 ------------