dejanvu

May 30, 2008

Will do, thanks for your help.

May 30, 2008

Thanks again for all your help, however, my problem has not been resolved. I still have the original issues I posted about.

Something with Java/Active X/Flash.

Shoult we keep trying, otherwise, what are my options? At what point do I just backup and reinstall Vista witht he factory disc?

DeJaN

May 30, 2008

Here are the results of my SUPERAntiSpyware scan:

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 05/29/2008 at 01:03 AM

Application Version : 4.1.1046

Core Rules Database Version : 3470

Trace Rules Database Version: 1461

Scan type : Complete Scan

Total Scan Time : 04:30:52

Memory items scanned : 489

Memory threats detected : 0

Registry items scanned : 7272

Registry threats detected : 0

File items scanned : 598906

File threats detected : 84

Adware.Tracking Cookie

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt

C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt

C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Documents and Settings\Dejan\Cookies\dejan@doubleclick[1].txt

C:\Documents and Settings\Dejan\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@adrevolver[2].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@adultfriendfinder[2].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@atdmt[2].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@bluestreak[2].txt

C:\Documents and Settings\Dejan\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@cracked[2].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@dmtracker[1].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@doubleclick[1].txt

C:\Documents and Settings\Dejan\Cookies\Low\[email protected][1].txt

C:\Documents and Settings\Dejan\Cookies\Low\[email protected][2].txt

C:\Documents and Settings\Dejan\Cookies\Low\dejan@sextracker[1].txt

C:\Documents and Settings\Dejan\Cookies\Low\[email protected][2].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt

C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt

C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt

C:\Users\Dejan\Cookies\dejan@doubleclick[1].txt

C:\Users\Dejan\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\Cookies\Low\dejan@adrevolver[2].txt

C:\Users\Dejan\Cookies\Low\dejan@adultfriendfinder[2].txt

C:\Users\Dejan\Cookies\Low\dejan@atdmt[2].txt

C:\Users\Dejan\Cookies\Low\dejan@bluestreak[2].txt

C:\Users\Dejan\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\Cookies\Low\dejan@cracked[2].txt

C:\Users\Dejan\Cookies\Low\dejan@dmtracker[1].txt

C:\Users\Dejan\Cookies\Low\dejan@doubleclick[1].txt

C:\Users\Dejan\Cookies\Low\[email protected][1].txt

C:\Users\Dejan\Cookies\Low\[email protected][2].txt

C:\Users\Dejan\Cookies\Low\dejan@sextracker[1].txt

C:\Users\Dejan\Cookies\Low\[email protected][2].txt

May 28, 2008

Dial A Fix does not work for Vista. Still willing to try anything else you can think of...

May 25, 2008

Once again, no dice, the scan now buttons do not work. Noticed that for each link that does not work for scanning, etc., there is a message that reads "java script:void(0);" in the lower right-hand corner of Explorer.

I am getting ready to do a complete system restore, just backup everything on my external drive and reinstall Vista with the factory disc. What other options do I have at this point?

Thanks alot for your efforts to fix this!

May 24, 2008

Thanks for helping me out...unfortunately....once again.....nothing happens once I click on the START SCANNING button. Is it possible for something to be on my computer and actually prevent me from doing ANY type of virus scan? The SCAN NOW button on every free viruscan site I have been to does not work. I downloaded my McAfee VirusScan on my laptop, saved it, copied it to a disc, moved the .exe file to my desktop computer, and of course, installation does not proceed.

What else can I try?

May 23, 2008

1. Followed step 1 and installed Jave Runtime Environment 6 Update 6

2. Cannot complete step 2, I am running Vista

3. Cannot complete Kaspersky WebScanner. When I click on Accept, nothing happens. Part of the same problem I believe.

After rebooting and installing Java, I am still having the same problems.

May 23, 2008

Here is the Deckard System Scanner Extra.txt file:

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

MicrosoftÂ® Windows Vistaâ„¢ Home Premium (build 6000)

Architecture: X86; Language: English

CPU 0: Intel® Pentium® D CPU 2.80GHz

Percentage of Memory in Use: 43%

Physical Memory (total/avail): 2037.32 MiB / 1155.77 MiB

Pagefile Memory (total/avail): 6066.49 MiB / 5210.81 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1925.23 MiB

C: is Fixed (NTFS) - 138.97 GiB total, 52.55 GiB free.

D: is Fixed (NTFS) - 10 GiB total, 4.13 GiB free.

E: is CDROM (No Media)

F: is CDROM (UDF)

H: is Fixed (FAT32) - 189.87 GiB total, 42.02 GiB free.

J: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST3160812AS - 149.01 GiB - 3 partitions

\PARTITION0 - Unknown - 39.19 MiB

\PARTITION1 - Installable File System - 10 GiB - D:

\PARTITION2 (bootable) - Installable File System - 138.97 GiB - C:

\\.\PHYSICALDRIVE1 - EPSON Stylus Storage USB Device

\\.\PHYSICALDRIVE2 - Maxtor 6 L200R0 USB Device - 189.92 GiB - 1 partition

\PARTITION0 (bootable) - Unknown - 189.92 GiB - H:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.

Windows Internal Firewall is disabled.

FW: McAfee Personal Firewall v (McAfee) Disabled

FW: ZoneAlarm Pro Firewall v7.1.248.000 (Check Point, LTD.) Disabled

AV: McAfee VirusScan v (McAfee)

AS: McAfee VirusScan v (McAfee)

AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData

APPDATA=C:\Users\Dejan\AppData\Roaming

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=HAL2000

ComSpec=C:\Windows\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Users\Dejan

LOCALAPPDATA=C:\Users\Dejan\AppData\Local

LOGONSERVER=\\HAL2000

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

Path=C:\Program Files\Common Files\ArcSoft\Bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 7, GenuineIntel

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=0407

ProgramData=C:\ProgramData

ProgramFiles=C:\Program Files

PROMPT=$P$G

PUBLIC=C:\Users\Public

RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

SystemDrive=C:

SystemRoot=C:\Windows

TEMP=C:\Users\Dejan\AppData\Local\Temp

TMP=C:\Users\Dejan\AppData\Local\Temp

tvdumpflags=8

USERDOMAIN=HAL2000

USERNAME=Dejan

USERPROFILE=C:\Users\Dejan

windir=C:\Windows

-- User Profiles ---------------------------------------------------------------

Dejan

-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Dell Games\Battleship - Fleet Command\Uninstall.exe"

--> "C:\Program Files\Dell Games\Bejeweled 2 Deluxe\Uninstall.exe"

--> "C:\Program Files\Dell Games\Blackhawk Striker 2\Uninstall.exe"

--> "C:\Program Files\Dell Games\Blasterball 3\Uninstall.exe"

--> "C:\Program Files\Dell Games\Chuzzle Deluxe\Uninstall.exe"

--> "C:\Program Files\Dell Games\Dell Game Console\Uninstall.exe"

--> "C:\Program Files\Dell Games\Dell Media Center Game Console\Uninstall.exe"

--> "C:\Program Files\Dell Games\FATE\Uninstall.exe"

--> "C:\Program Files\Dell Games\JEOPARDY\Uninstall.exe"

--> "C:\Program Files\Dell Games\Penguins!\Uninstall.exe"

--> "C:\Program Files\Dell Games\Polar Bowler\Uninstall.exe"

--> "C:\Program Files\Dell Games\Polar Golfer\Uninstall.exe"

--> "C:\Program Files\Dell Games\SCRABBLE\Uninstall.exe"

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete

Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}

ArcSoft PhotoImpression 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}\Setup.exe" -l0x9

ArcSoft PhotoImpression 6 --> C:\Program Files\InstallShield Installation Information\{D03E7B00-CA85-4684-9321-1888873C34BD}\Setup.exe -runfromtemp -l0x0009 -removeonly

ArcSoft Print Creations --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9

ArcSoft Print Creations - Album Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1AlbumPage

ArcSoft Print Creations - Funhouse --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Funhouse

ArcSoft Print Creations - Greeting Card --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1GreetingCard

ArcSoft Print Creations - Photo Book --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1PhotoBook

ArcSoft Print Creations - Photo Calendar --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Calendar

ArcSoft Print Creations - Photo Prints --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1PhotoPrint

ArcSoft Print Creations - Scrapbook --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1ScrapBook

ArcSoft Print Creations - Slimline Card --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Slimline

Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"

Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"

Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"

Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"

Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"

Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"

Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"

Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"

Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"

Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"

Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"

Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"

Dell Games --> "C:\Program Files\Dell Games\Uninstall.exe"

Dell System Customization Wizard --> MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}

DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}

Documentation & Support Launcher --> MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}

DVDFab Gold 3.0.9.8 --> "C:\Program Files\DVDFab Gold 3\unins000.exe"

DVDFab Gold 4.0.5.0 --> "C:\Program Files\DVDFab Gold 4\unins000.exe"

EarthLink Setup Files --> MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}

EPSON Print CD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\Setup.exe" -l0x9 -SYSTEM

EPSON Printer Software --> C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON RX595 User's Guide --> C:\Program Files\epson\guide\sprx595_e\uninstall.exe

EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r

EPSON Stylus Photo RX595 Series Scanner Driver Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}\Setup.exe" -l0x9

Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe

Games, Music, & Photos Launcher --> MsiExec.exe /I{3E25E350-949F-4DB7-8288-2A60E018B4C1}

Giggles Computer Funtime For Babyâ„¢ - ABC's & 123's --> "C:\Program Files\Giggles Computer Funtime For Baby\Giggles-ABCs & 123s\unins000.exe"

Giggles Computer Funtime For Babyâ„¢ - ABC's & 123's Vista Update --> "C:\Program Files\Giggles Computer Funtime For Baby\Giggles-ABCs & 123s\unins001.exe"

Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

iMesh --> C:\Program Files\iMesh Applications\iMesh\UninstallSurvey.exe C:\PROGRA~1\IMESHA~1\iMesh\UNWISE.EXE C:\PROGRA~1\IMESHA~1\iMesh\INSTALL.LOG

iMesh MediaBar --> C:\Program Files\iMesh applications\iMesh MediaBar\Uninstall.exe

iMesh MediaBar --> regsvr32 /u /s "C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll"

Intel® Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall

Intel® Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe

Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}

LimeWire 4.12.15 --> "C:\Program Files\LimeWire\uninstall.exe"

McAfee SiteAdvisor --> C:\Program Files\SiteAdvisor\6253\uninstall.exe

Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"

RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}

Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}

Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}

Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}

Roxio Drag-to-Disc --> MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}

Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}

Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}

Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}

Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}

Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}

Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}

Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}

SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly

Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}

URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"

User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"

Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S

Yahoo! Install Manager --> C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

Yahoo! Internet Mail --> C:\Windows\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll

Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

Yahoo! Music Jukebox --> MsiExec.exe /X{7C49EA42-5647-4051-84C2-E6404F25A931}

Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe

ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type9325 / Error

Event Submitted/Written: 05/22/2008 09:48:52 PM

Event ID/Source: 1000 / Application Error

Event Description:

Faulting application PhotoImpression.exe, version 6.1.3.100, time stamp 0x45b0234f, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception code 0xc0000374, fault offset 0x000af1c9,

process id 0x514, application start time 0xPhotoImpression.exe0.

Event Record #/Type9309 / Success

Event Submitted/Written: 05/22/2008 00:02:52 PM

Event ID/Source: 5617 / WinMgmt

Event Description:

Event Record #/Type9308 / Success

Event Submitted/Written: 05/22/2008 00:02:52 PM

Event ID/Source: 5615 / WinMgmt

Event Description:

Event Record #/Type9306 / Success

Event Submitted/Written: 05/22/2008 00:02:50 PM

Event ID/Source: 902 / Software Licensing Service

Event Description:

The Software Licensing service has started.

Event Record #/Type9296 / Warning

Event Submitted/Written: 05/22/2008 11:45:23 AM

Event ID/Source: 6005 / Wlclntfy

Event Description:

The winlogon notification subscriber <Sens> is taking long time to handle the notification event (Logoff).

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type49983 / Warning

Event Submitted/Written: 05/23/2008 03:11:37 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.

For more information please see the following:

%HAL2000275

Scan ID: {E4197CA1-8BB3-490D-A03C-6B17614F4428}

User: HAL2000\Dejan

Name: %HAL2000271

ID: %HAL2000272

Severity ID: %HAL2000273

Category ID: %HAL2000274

Path Found: %HAL2000276

Alert Type: %HAL2000278

Detection Type: 1.1.1505.02

Event Record #/Type49982 / Warning

Event Submitted/Written: 05/23/2008 03:11:35 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.

For more information please see the following:

%HAL2000275

Scan ID: {D5E9E2BE-97E3-4D5B-A513-A95C3ABD5717}

User: HAL2000\Dejan

Name: %HAL2000271

ID: %HAL2000272

Severity ID: %HAL2000273

Category ID: %HAL2000274

Path Found: %HAL2000276

Alert Type: %HAL2000278

Detection Type: 1.1.1505.02

Event Record #/Type49981 / Warning

Event Submitted/Written: 05/23/2008 03:11:35 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.

For more information please see the following:

%HAL2000275

Scan ID: {C0DEBBE5-C382-4FF5-81BE-11C4D3150876}

User: HAL2000\Dejan

Name: %HAL2000271

ID: %HAL2000272

Severity ID: %HAL2000273

Category ID: %HAL2000274

Path Found: %HAL2000276

Alert Type: %HAL2000278

Detection Type: 1.1.1505.02

Event Record #/Type49980 / Warning

Event Submitted/Written: 05/23/2008 03:11:35 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.

For more information please see the following:

%HAL2000275

Scan ID: {001EC527-7E60-45D4-A6B4-5DEE5EC3763F}

User: HAL2000\Dejan

Name: %HAL2000271

ID: %HAL2000272

Severity ID: %HAL2000273

Category ID: %HAL2000274

Path Found: %HAL2000276

Alert Type: %HAL2000278

Detection Type: 1.1.1505.02

Event Record #/Type49979 / Warning

Event Submitted/Written: 05/23/2008 03:11:35 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.

For more information please see the following:

%HAL2000275

Scan ID: {8AEADFB0-C33C-4A1F-8D8B-7D3F47A29CAB}

User: HAL2000\Dejan

Name: %HAL2000271

ID: %HAL2000272

Severity ID: %HAL2000273

Category ID: %HAL2000274

Path Found: %HAL2000276

Alert Type: %HAL2000278

Detection Type: 1.1.1505.02

-- End of Deckard's System Scanner: finished at 2008-05-23 15:12:40 ------------

May 23, 2008

Here is the Deckard System Scanner Main.txt file:

Deckard's System Scanner v20071014.68

Run by Dejan on 2008-05-23 15:10:17

Computer is in Normal Mode.

--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --

11: 2008-05-23 18:58:30 UTC - RP436 - Windows Update

10: 2008-05-22 16:09:12 UTC - RP435 - Windows Update

9: 2008-05-22 00:12:45 UTC - RP434 - Scheduled Checkpoint

8: 2008-05-20 21:31:49 UTC - RP433 - Scheduled Checkpoint

7: 2008-05-19 16:24:56 UTC - RP432 - Windows Backup

-- First Restore Point --

1: 2008-05-14 03:25:46 UTC - RP426 - Windows Update

Backed up registry hives.

Performed disk cleanup.

-- HijackThis (run as Dejan.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:11:21 PM, on 5/23/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\sttray.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\System32\spool\drivers\w32x86\3\E_FATICLA.EXE

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Windows\system32\taskeng.exe

C:\Users\Dejan\Desktop\dss.exe

C:\Windows\system32\DllHost.exe

C:\PROGRA~1\TRENDM~1\HIJACK~1\Dejan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O1 - Hosts: ::1 localhost

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: XBTP01621 - {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} - C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [EPSON Stylus Photo RX595 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICLA.EXE /FU "C:\Windows\TEMP\E_S243F.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'Default user')

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--

End of file - 8733 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 dsunidrv - \??\c:\program files\dellsupport\drivers\dsunidrv.sys

R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft® ASPI Shell>

S3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >

R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>

S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>

S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Files created between 2008-04-23 and 2008-05-23 -----------------------------

2008-05-16 17:49:43 0 d-------- C:\Windows\Sun

-- Find3M Report ---------------------------------------------------------------

2008-05-22 21:52:38 0 d-------- C:\Users\Dejan\AppData\Roaming\U3

2008-05-16 17:55:09 0 d-------- C:\Program Files\Trend Micro

2008-05-16 17:49:19 0 d-------- C:\Program Files\Java

2008-05-14 03:01:58 0 d-------- C:\Program Files\Windows Mail

2008-05-11 21:56:47 0 d-------- C:\Users\Dejan\AppData\Roaming\MagicEffect Photo

2008-05-10 20:02:01 0 d-------- C:\Users\Dejan\AppData\Roaming\Vso

2008-05-07 21:23:00 0 d-------- C:\Users\Dejan\AppData\Roaming\LimeWire

2008-04-27 11:43:56 0 d-------- C:\Users\Dejan\AppData\Roaming\EPSON

2008-04-22 12:15:20 0 d-------- C:\Program Files\Google

2008-04-20 19:49:48 0 d-------- C:\Users\Dejan\AppData\Roaming\FUJIFILM

2008-04-20 19:36:54 0 d-------- C:\Users\Dejan\AppData\Roaming\Yahoo!

2008-04-20 19:34:29 0 d-------- C:\Program Files\FinePixViewerS

2008-04-20 19:33:12 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-04-19 23:35:40 0 d-------- C:\Users\Dejan\AppData\Roaming\Talkback

2008-04-19 23:35:31 0 d-------- C:\Users\Dejan\AppData\Roaming\Mozilla

2008-04-17 21:31:48 0 d-------- C:\Users\Dejan\AppData\Roaming\SiteAdvisor

2008-04-17 21:31:07 0 d-------- C:\Program Files\Common Files

2008-04-17 21:25:04 0 d-------- C:\Program Files\SiteAdvisor

2008-04-05 15:04:00 0 d-------- C:\Users\Dejan\AppData\Roaming\ArcSoft

2008-04-04 21:56:14 0 d-------- C:\Users\Dejan\AppData\Roaming\iMesh

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/22/2007 04:01 AM]

"IgfxTray"="C:\Windows\system32\igfxtray.exe" [02/09/2007 02:32 PM]

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [02/09/2007 02:32 PM]

"Persistence"="C:\Windows\system32\igfxpers.exe" [02/09/2007 02:32 PM]

"SigmatelSysTrayApp"="sttray.exe" [02/08/2007 01:16 AM C:\Windows\sttray.exe]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [09/29/2006 12:39 PM]

"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/03/2006 11:37 AM]

"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [10/03/2006 11:35 AM]

"@"="" []

"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [11/05/2006 12:22 PM]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [11/11/2007 12:05 PM]

"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [01/16/2008 06:19 PM]

"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [02/08/2007 10:39 PM]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/08/2008 06:05 PM]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 08:36 AM]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [11/02/2006 08:35 AM]

"EPSON Stylus Photo RX595 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICLA.exe" [03/30/2007 07:00 AM]

"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 06:43 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"EPSON Stylus Photo R380 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU"

"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableTaskMgr"=0 (0x0)

"DisableChangePassword"=0 (0x0)

"DisableLockWorkstation"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoClose"=0 (0x0)

"NoLogoff"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]

AutoRun\command- I:\LaunchU3.exe -a

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

-- End of Deckard's System Scanner: finished at 2008-05-23 15:12:40 ------------

May 23, 2008

Here is my HiJackThis log, following the instructions you provided:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:05:26 PM, on 5/23/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\sttray.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\SiteAdvisor\6253\SiteAdv.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\System32\spool\drivers\w32x86\3\E_FATICLA.EXE

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe