dejanvu
-
Content Count
14 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by dejanvu
-
-
Thanks again for all your help, however, my problem has not been resolved. I still have the original issues I posted about.
Something with Java/Active X/Flash.
Shoult we keep trying, otherwise, what are my options? At what point do I just backup and reinstall Vista witht he factory disc?
DeJaN
-
Here are the results of my SUPERAntiSpyware scan:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 05/29/2008 at 01:03 AM
Application Version : 4.1.1046
Core Rules Database Version : 3470
Trace Rules Database Version: 1461
Scan type : Complete Scan
Total Scan Time : 04:30:52
Memory items scanned : 489
Memory threats detected : 0
Registry items scanned : 7272
Registry threats detected : 0
File items scanned : 598906
File threats detected : 84
Adware.Tracking Cookie
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt
C:\Documents and Settings\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt
C:\Documents and Settings\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Documents and Settings\Dejan\Cookies\dejan@doubleclick[1].txt
C:\Documents and Settings\Dejan\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@adrevolver[2].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@adultfriendfinder[2].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@atdmt[2].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@bluestreak[2].txt
C:\Documents and Settings\Dejan\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@cracked[2].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@dmtracker[1].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@doubleclick[1].txt
C:\Documents and Settings\Dejan\Cookies\Low\[email protected][1].txt
C:\Documents and Settings\Dejan\Cookies\Low\[email protected][2].txt
C:\Documents and Settings\Dejan\Cookies\Low\dejan@sextracker[1].txt
C:\Documents and Settings\Dejan\Cookies\Low\[email protected][2].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt
C:\Users\Dejan\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\dejan@doubleclick[1].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adrevolver[2].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@adultfriendfinder[2].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@atdmt[2].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@bluestreak[2].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@cracked[2].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@dmtracker[1].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@doubleclick[1].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\dejan@sextracker[1].txt
C:\Users\Dejan\Application Data\Microsoft\Windows\Cookies\Low\[email protected][2].txt
C:\Users\Dejan\Cookies\dejan@doubleclick[1].txt
C:\Users\Dejan\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\Cookies\Low\dejan@adrevolver[2].txt
C:\Users\Dejan\Cookies\Low\dejan@adultfriendfinder[2].txt
C:\Users\Dejan\Cookies\Low\dejan@atdmt[2].txt
C:\Users\Dejan\Cookies\Low\dejan@bluestreak[2].txt
C:\Users\Dejan\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\Cookies\Low\dejan@cracked[2].txt
C:\Users\Dejan\Cookies\Low\dejan@dmtracker[1].txt
C:\Users\Dejan\Cookies\Low\dejan@doubleclick[1].txt
C:\Users\Dejan\Cookies\Low\[email protected][1].txt
C:\Users\Dejan\Cookies\Low\[email protected][2].txt
C:\Users\Dejan\Cookies\Low\dejan@sextracker[1].txt
C:\Users\Dejan\Cookies\Low\[email protected][2].txt
-
Dial A Fix does not work for Vista. Still willing to try anything else you can think of...
-
Once again, no dice, the scan now buttons do not work. Noticed that for each link that does not work for scanning, etc., there is a message that reads "java script:void(0);" in the lower right-hand corner of Explorer.
I am getting ready to do a complete system restore, just backup everything on my external drive and reinstall Vista with the factory disc. What other options do I have at this point?
Thanks alot for your efforts to fix this!
-
Thanks for helping me out...unfortunately....once again.....nothing happens once I click on the START SCANNING button. Is it possible for something to be on my computer and actually prevent me from doing ANY type of virus scan? The SCAN NOW button on every free viruscan site I have been to does not work. I downloaded my McAfee VirusScan on my laptop, saved it, copied it to a disc, moved the .exe file to my desktop computer, and of course, installation does not proceed.
What else can I try?
-
1. Followed step 1 and installed Jave Runtime Environment 6 Update 6
2. Cannot complete step 2, I am running Vista
3. Cannot complete Kaspersky WebScanner. When I click on Accept, nothing happens. Part of the same problem I believe.
After rebooting and installing Java, I am still having the same problems.
-
Here is the Deckard System Scanner Extra.txt file:
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English
CPU 0: Intel® Pentium® D CPU 2.80GHz
Percentage of Memory in Use: 43%
Physical Memory (total/avail): 2037.32 MiB / 1155.77 MiB
Pagefile Memory (total/avail): 6066.49 MiB / 5210.81 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.23 MiB
C: is Fixed (NTFS) - 138.97 GiB total, 52.55 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 4.13 GiB free.
E: is CDROM (No Media)
F: is CDROM (UDF)
H: is Fixed (FAT32) - 189.87 GiB total, 42.02 GiB free.
J: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3160812AS - 149.01 GiB - 3 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 - Installable File System - 10 GiB - D:
\PARTITION2 (bootable) - Installable File System - 138.97 GiB - C:
\\.\PHYSICALDRIVE1 - EPSON Stylus Storage USB Device
\\.\PHYSICALDRIVE2 - Maxtor 6 L200R0 USB Device - 189.92 GiB - 1 partition
\PARTITION0 (bootable) - Unknown - 189.92 GiB - H:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: McAfee Personal Firewall v (McAfee) Disabled
FW: ZoneAlarm Pro Firewall v7.1.248.000 (Check Point, LTD.) Disabled
AV: McAfee VirusScan v (McAfee)
AS: McAfee VirusScan v (McAfee)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Dejan\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HAL2000
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Dejan
LOCALAPPDATA=C:\Users\Dejan\AppData\Local
LOGONSERVER=\\HAL2000
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Common Files\ArcSoft\Bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0407
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Dejan\AppData\Local\Temp
TMP=C:\Users\Dejan\AppData\Local\Temp
tvdumpflags=8
USERDOMAIN=HAL2000
USERNAME=Dejan
USERPROFILE=C:\Users\Dejan
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Dejan
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\Dell Games\Battleship - Fleet Command\Uninstall.exe"
--> "C:\Program Files\Dell Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\Dell Games\Blackhawk Striker 2\Uninstall.exe"
--> "C:\Program Files\Dell Games\Blasterball 3\Uninstall.exe"
--> "C:\Program Files\Dell Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\Dell Games\Dell Game Console\Uninstall.exe"
--> "C:\Program Files\Dell Games\Dell Media Center Game Console\Uninstall.exe"
--> "C:\Program Files\Dell Games\FATE\Uninstall.exe"
--> "C:\Program Files\Dell Games\JEOPARDY\Uninstall.exe"
--> "C:\Program Files\Dell Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\Dell Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\Dell Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\Dell Games\SCRABBLE\Uninstall.exe"
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
ArcSoft PhotoImpression 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}\Setup.exe" -l0x9
ArcSoft PhotoImpression 6 --> C:\Program Files\InstallShield Installation Information\{D03E7B00-CA85-4684-9321-1888873C34BD}\Setup.exe -runfromtemp -l0x0009 -removeonly
ArcSoft Print Creations --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9
ArcSoft Print Creations - Album Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1AlbumPage
ArcSoft Print Creations - Funhouse --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Funhouse
ArcSoft Print Creations - Greeting Card --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1GreetingCard
ArcSoft Print Creations - Photo Book --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1PhotoBook
ArcSoft Print Creations - Photo Calendar --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Calendar
ArcSoft Print Creations - Photo Prints --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1PhotoPrint
ArcSoft Print Creations - Scrapbook --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1ScrapBook
ArcSoft Print Creations - Slimline Card --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F75F3D8C-8051-49FC-A595-75245E526DA6}\Setup.exe" -l0x9 -1Slimline
Canon Camera Access Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini"
Canon Camera Window DC_DV 5 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Camera Window DC_DV 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Camera Window MC 6 for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini"
Canon G.726 WMP-Decoder --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon RAW Image Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini"
Canon RemoteCapture Task for ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities EOS Utility --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX --> "C:\Program Files\Common Files\Canon\UIW\1.0.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Dell Games --> "C:\Program Files\Dell Games\Uninstall.exe"
Dell System Customization Wizard --> MsiExec.exe /I{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Documentation & Support Launcher --> MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
DVDFab Gold 3.0.9.8 --> "C:\Program Files\DVDFab Gold 3\unins000.exe"
DVDFab Gold 4.0.5.0 --> "C:\Program Files\DVDFab Gold 4\unins000.exe"
EarthLink Setup Files --> MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}
EPSON Print CD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\Setup.exe" -l0x9 -SYSTEM
EPSON Printer Software --> C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON RX595 User's Guide --> C:\Program Files\epson\guide\sprx595_e\uninstall.exe
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Stylus Photo RX595 Series Scanner Driver Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}\Setup.exe" -l0x9
Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Games, Music, & Photos Launcher --> MsiExec.exe /I{3E25E350-949F-4DB7-8288-2A60E018B4C1}
Giggles Computer Funtime For Babyâ„¢ - ABC's & 123's --> "C:\Program Files\Giggles Computer Funtime For Baby\Giggles-ABCs & 123s\unins000.exe"
Giggles Computer Funtime For Babyâ„¢ - ABC's & 123's Vista Update --> "C:\Program Files\Giggles Computer Funtime For Baby\Giggles-ABCs & 123s\unins001.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iMesh --> C:\Program Files\iMesh Applications\iMesh\UninstallSurvey.exe C:\PROGRA~1\IMESHA~1\iMesh\UNWISE.EXE C:\PROGRA~1\IMESHA~1\iMesh\INSTALL.LOG
iMesh MediaBar --> C:\Program Files\iMesh applications\iMesh MediaBar\Uninstall.exe
iMesh MediaBar --> regsvr32 /u /s "C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll"
Intel® Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
Intel® Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe
Java 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
LimeWire 4.12.15 --> "C:\Program Files\LimeWire\uninstall.exe"
McAfee SiteAdvisor --> C:\Program Files\SiteAdvisor\6253\uninstall.exe
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Drag-to-Disc --> MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager --> C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\Windows\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Music Jukebox --> MsiExec.exe /X{7C49EA42-5647-4051-84C2-E6404F25A931}
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZoneAlarm Pro --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type9325 / Error
Event Submitted/Written: 05/22/2008 09:48:52 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application PhotoImpression.exe, version 6.1.3.100, time stamp 0x45b0234f, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9, exception code 0xc0000374, fault offset 0x000af1c9,
process id 0x514, application start time 0xPhotoImpression.exe0.
Event Record #/Type9309 / Success
Event Submitted/Written: 05/22/2008 00:02:52 PM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type9308 / Success
Event Submitted/Written: 05/22/2008 00:02:52 PM
Event ID/Source: 5615 / WinMgmt
Event Description:
Event Record #/Type9306 / Success
Event Submitted/Written: 05/22/2008 00:02:50 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
Event Record #/Type9296 / Warning
Event Submitted/Written: 05/22/2008 11:45:23 AM
Event ID/Source: 6005 / Wlclntfy
Event Description:
The winlogon notification subscriber <Sens> is taking long time to handle the notification event (Logoff).
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type49983 / Warning
Event Submitted/Written: 05/23/2008 03:11:37 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.
For more information please see the following:
%HAL2000275
Scan ID: {E4197CA1-8BB3-490D-A03C-6B17614F4428}
User: HAL2000\Dejan
Name: %HAL2000271
ID: %HAL2000272
Severity ID: %HAL2000273
Category ID: %HAL2000274
Path Found: %HAL2000276
Alert Type: %HAL2000278
Detection Type: 1.1.1505.02
Event Record #/Type49982 / Warning
Event Submitted/Written: 05/23/2008 03:11:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.
For more information please see the following:
%HAL2000275
Scan ID: {D5E9E2BE-97E3-4D5B-A513-A95C3ABD5717}
User: HAL2000\Dejan
Name: %HAL2000271
ID: %HAL2000272
Severity ID: %HAL2000273
Category ID: %HAL2000274
Path Found: %HAL2000276
Alert Type: %HAL2000278
Detection Type: 1.1.1505.02
Event Record #/Type49981 / Warning
Event Submitted/Written: 05/23/2008 03:11:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.
For more information please see the following:
%HAL2000275
Scan ID: {C0DEBBE5-C382-4FF5-81BE-11C4D3150876}
User: HAL2000\Dejan
Name: %HAL2000271
ID: %HAL2000272
Severity ID: %HAL2000273
Category ID: %HAL2000274
Path Found: %HAL2000276
Alert Type: %HAL2000278
Detection Type: 1.1.1505.02
Event Record #/Type49980 / Warning
Event Submitted/Written: 05/23/2008 03:11:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.
For more information please see the following:
%HAL2000275
Scan ID: {001EC527-7E60-45D4-A6B4-5DEE5EC3763F}
User: HAL2000\Dejan
Name: %HAL2000271
ID: %HAL2000272
Severity ID: %HAL2000273
Category ID: %HAL2000274
Path Found: %HAL2000276
Alert Type: %HAL2000278
Detection Type: 1.1.1505.02
Event Record #/Type49979 / Warning
Event Submitted/Written: 05/23/2008 03:11:35 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%HAL200027 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %HAL200027 can't undo changes that you allow.
For more information please see the following:
%HAL2000275
Scan ID: {8AEADFB0-C33C-4A1F-8D8B-7D3F47A29CAB}
User: HAL2000\Dejan
Name: %HAL2000271
ID: %HAL2000272
Severity ID: %HAL2000273
Category ID: %HAL2000274
Path Found: %HAL2000276
Alert Type: %HAL2000278
Detection Type: 1.1.1505.02
-- End of Deckard's System Scanner: finished at 2008-05-23 15:12:40 ------------
-
Here is the Deckard System Scanner Main.txt file:
Deckard's System Scanner v20071014.68
Run by Dejan on 2008-05-23 15:10:17
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- Last 5 Restore Point(s) --
11: 2008-05-23 18:58:30 UTC - RP436 - Windows Update
10: 2008-05-22 16:09:12 UTC - RP435 - Windows Update
9: 2008-05-22 00:12:45 UTC - RP434 - Scheduled Checkpoint
8: 2008-05-20 21:31:49 UTC - RP433 - Scheduled Checkpoint
7: 2008-05-19 16:24:56 UTC - RP432 - Windows Backup
-- First Restore Point --
1: 2008-05-14 03:25:46 UTC - RP426 - Windows Update
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Dejan.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:11:21 PM, on 5/23/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATICLA.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Users\Dejan\Desktop\dss.exe
C:\Windows\system32\DllHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Dejan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: XBTP01621 - {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} - C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo RX595 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICLA.EXE /FU "C:\Windows\TEMP\E_S243F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 8733 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 dsunidrv - \??\c:\program files\dellsupport\drivers\dsunidrv.sys
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft® ASPI Shell>
S3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>
S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Files created between 2008-04-23 and 2008-05-23 -----------------------------
2008-05-16 17:49:43 0 d-------- C:\Windows\Sun
-- Find3M Report ---------------------------------------------------------------
2008-05-22 21:52:38 0 d-------- C:\Users\Dejan\AppData\Roaming\U3
2008-05-16 17:55:09 0 d-------- C:\Program Files\Trend Micro
2008-05-16 17:49:19 0 d-------- C:\Program Files\Java
2008-05-14 03:01:58 0 d-------- C:\Program Files\Windows Mail
2008-05-11 21:56:47 0 d-------- C:\Users\Dejan\AppData\Roaming\MagicEffect Photo
2008-05-10 20:02:01 0 d-------- C:\Users\Dejan\AppData\Roaming\Vso
2008-05-07 21:23:00 0 d-------- C:\Users\Dejan\AppData\Roaming\LimeWire
2008-04-27 11:43:56 0 d-------- C:\Users\Dejan\AppData\Roaming\EPSON
2008-04-22 12:15:20 0 d-------- C:\Program Files\Google
2008-04-20 19:49:48 0 d-------- C:\Users\Dejan\AppData\Roaming\FUJIFILM
2008-04-20 19:36:54 0 d-------- C:\Users\Dejan\AppData\Roaming\Yahoo!
2008-04-20 19:34:29 0 d-------- C:\Program Files\FinePixViewerS
2008-04-20 19:33:12 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-19 23:35:40 0 d-------- C:\Users\Dejan\AppData\Roaming\Talkback
2008-04-19 23:35:31 0 d-------- C:\Users\Dejan\AppData\Roaming\Mozilla
2008-04-17 21:31:48 0 d-------- C:\Users\Dejan\AppData\Roaming\SiteAdvisor
2008-04-17 21:31:07 0 d-------- C:\Program Files\Common Files
2008-04-17 21:25:04 0 d-------- C:\Program Files\SiteAdvisor
2008-04-05 15:04:00 0 d-------- C:\Users\Dejan\AppData\Roaming\ArcSoft
2008-04-04 21:56:14 0 d-------- C:\Users\Dejan\AppData\Roaming\iMesh
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/22/2007 04:01 AM]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [02/09/2007 02:32 PM]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [02/09/2007 02:32 PM]
"Persistence"="C:\Windows\system32\igfxpers.exe" [02/09/2007 02:32 PM]
"SigmatelSysTrayApp"="sttray.exe" [02/08/2007 01:16 AM C:\Windows\sttray.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [09/29/2006 12:39 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/03/2006 11:37 AM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [10/03/2006 11:35 AM]
"@"="" []
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [11/05/2006 12:22 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [11/11/2007 12:05 PM]
"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [01/16/2008 06:19 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [02/08/2007 10:39 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/08/2008 06:05 PM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 08:36 AM]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [11/02/2006 08:35 AM]
"EPSON Stylus Photo RX595 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICLA.exe" [03/30/2007 07:00 AM]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 06:43 PM]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"EPSON Stylus Photo R380 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU"
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"DisableChangePassword"=0 (0x0)
"DisableLockWorkstation"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"=0 (0x0)
"NoLogoff"=0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
AutoRun\command- I:\LaunchU3.exe -a
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
-- End of Deckard's System Scanner: finished at 2008-05-23 15:12:40 ------------
-
Here is my HiJackThis log, following the instructions you provided:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:05:26 PM, on 5/23/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATICLA.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: XBTP01621 - {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} - C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo RX595 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICLA.EXE /FU "C:\Windows\TEMP\E_S243F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 8732 bytes
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:42:10 PM, on 5/16/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATICLA.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Dejan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ER4H978\HiJackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: XBTP01621 - {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} - C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\iMesh applications\iMesh MediaBar\MediaBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus Photo RX595 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICLA.EXE /FU "C:\Windows\TEMP\E_S243F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-18\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON Stylus Photo R380 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBOA.EXE /FU "C:\Windows\TEMP\E_S200D.tmp" /EF "HKCU" (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 8403 bytes
-
What browser?
IE 7
-
I really need some help. Basically the story goes like this:
My subscription to McAfee Security Center expired and I was having problems with downloading my renewal once I paid for another year's subscription on the website. So I went to online chat customer service on service.mcafee.com. They advised me to uninstall the entire McAfee product, which I did online with the rep, and was told re-boot, then go to a link and then download the new product.
I rebooted, and went online to download McAfee Anti-Virus, but nothing worked from there worked.
Anything which seems to use Java, Flash, or maybe Active X (?) controls does not work. I cannot login to anything. Links on service.mcafee.com do not work anymore. Certain videos do not play. I cannot renew my ZoneAlarm subscription, etc.
What can I try?
Hijack This Log[RESOLVED]
in Malware Removal
Posted
Will do, thanks for your help.