Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can "not" Log Into Forums Using Ie6


  • This topic is locked This topic is locked
3 replies to this topic

#1 eddie11013

eddie11013

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 30 July 2008 - 10:22 PM

I posted my problem in the: Web Browsing/Email and Other Internet Applications forum. Saw this about Highjack this so I thought it might be helpful. http://www.bleepingcomputer.com/forums/t/160358/can-not-log-into-forums-using-ie6/
Ran Kaspersky Online Scanner - it came up clean.
Ran DSS, logs follow:

Deckard's System Scanner v20071014.68
Run by Administrator on 2008-07-30 22:06:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
5: 2008-07-31 03:06:45 UTC - RP5 - Deckard's System Scanner Restore Point
4: 2008-07-30 19:29:38 UTC - RP4 - System Checkpoint
3: 2008-07-29 19:28:05 UTC - RP3 - Avira AntiVir Personal - 7/29/2008 14:28
2: 2008-07-29 19:24:21 UTC - RP2 - Avira AntiVir Personal - 7/29/2008 14:24
1: 2008-07-29 05:30:53 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:07:21 PM, on 7/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Weather Watcher\ww.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\Program Files\1-Click Answers\answers.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\PROGRA~1\1-CLIC~1\agtserv.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [WeatherWatcher] "C:\Program Files\Weather Watcher\ww.exe"
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O4 - Global Startup: 1-Click Answers.lnk = C:\Program Files\1-Click Answers\answers.exe
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Monitor CPU Usage.lnk = C:\WINDOWS\system32\taskmgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: &Search - C:\search\search.htm
O8 - Extra context menu item: Answers... - file://C:\Program Files\1-Click Answers\Html\atiemenu.htm
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7106 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - unable to read value


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys
R3 ialm - c:\windows\system32\drivers\ialmnt5.sys
R3 smwdm - c:\windows\system32\drivers\smwdm.sys

S0 BootScreen - c:\windows\\systemroot\system32\drivers\vidstub.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AntiVirScheduler (Avira AntiVir Personal - Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe"
R2 UPHClean (User Profile Hive Cleanup) - c:\program files\uphclean\uphclean.exe

S2 SiteAdvisor Service - "c:\program files\siteadvisor\6261\saservice.exe" (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-06-30 and 2008-07-30 -----------------------------

2008-07-30 17:48:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\SiteAdvisor
2008-07-30 15:41:05 0 d-------- C:\Documents and Settings\LocalService\Application Data\SACore
2008-07-30 15:15:42 0 d-------- C:\Program Files\Common Files\McAfee
2008-07-30 15:14:43 0 d-------- C:\Program Files\McAfee
2008-07-30 13:18:47 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-07-30 12:20:01 25992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe
2008-07-30 08:57:47 0 d-------- C:\Program Files\Trend Micro
2008-07-29 14:29:26 0 d-------- C:\Program Files\Avira
2008-07-29 12:45:13 0 d-------- C:\Documents and Settings\Administrator\Application Data\DeepBurner
2008-07-29 11:13:12 0 d-------- C:\WINDOWS\BDOSCAN8
2008-07-28 23:21:56 0 d-------- C:\WINDOWS\system32\appmgmt
2008-07-28 22:33:02 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-28 22:32:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-07-28 22:14:10 0 d-------- C:\WINDOWS\Sun
2008-07-28 19:00:11 0 d-------- C:\Program Files\NT Registry Optimizer
2008-07-28 17:48:32 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-28 16:53:31 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-07-28 16:36:02 262144 --a------ C:\WINDOWS\system32\default_user_class.dat
2008-07-28 16:32:55 0 d-------- C:\search
2008-07-28 16:31:01 0 d-------- C:\Documents and Settings\Administrator\Application Data\POP Peeper
2008-07-28 16:29:08 0 d-------- C:\Documents and Settings\Administrator\usrusmt2.tmp
2008-07-28 16:24:08 0 d---s---- C:\Documents and Settings\Administrator\UserData
2008-07-28 16:12:43 0 d-------- C:\Program Files\Gadwin Systems
2008-07-28 16:07:31 0 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-28 16:07:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-28 16:07:25 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-28 16:05:48 0 d-------- C:\Program Files\Astonsoft
2008-07-28 16:04:42 0 d-------- C:\Program Files\1-Click Answers
2008-07-28 16:04:29 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-28 16:04:16 0 d-------- C:\Program Files\Common Files\InstallShield
2008-07-28 16:01:11 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-07-28 16:01:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-07-28 16:01:00 0 d-------- C:\Documents and Settings\Administrator\Application Data\Google
2008-07-28 15:58:26 0 d-------- C:\Documents and Settings\Administrator\Application Data\WeatherWatcher
2008-07-28 15:57:48 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-28 15:50:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Template
2008-07-28 15:46:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-28 15:40:20 0 d-------- C:\Program Files\epson
2008-07-28 15:40:06 0 d-------- C:\EPSON
2008-07-28 15:31:35 0 d-------- C:\My Music
2008-07-28 15:30:49 0 d-------- C:\Program Files\Webshots
2008-07-28 15:30:49 0 d-------- C:\Documents and Settings\Administrator\Application Data\Webshots
2008-07-28 15:27:55 1843232 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-28 15:26:35 175 --a------ C:\CCleanerSound.cmd
2008-07-28 15:26:02 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-07-28 15:25:58 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-28 15:25:52 11264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-07-28 15:25:49 0 d-------- C:\WINDOWS\LastGood
2008-07-28 15:25:36 0 d-------- C:\WINDOWS\system32\ZoneLabs
2008-07-28 15:25:00 0 d-------- C:\WINDOWS\Internet Logs
2008-07-28 15:20:05 0 d-------- C:\add ons
2008-07-28 15:18:37 163840 --a------ C:\WINDOWS\system32\igfxres.dll
2008-07-28 15:18:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-07-28 15:18:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-07-28 15:17:57 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-07-28 15:17:57 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-07-28 15:17:57 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-07-28 15:17:57 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-07-28 15:17:57 1835008 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2008-07-28 15:17:57 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-07-28 15:17:57 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-07-28 15:17:57 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-07-28 15:17:57 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-07-28 15:17:57 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-07-28 15:17:57 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-07-28 15:17:57 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-07-28 15:17:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-07-28 15:17:57 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-07-28 15:17:57 0 d-------- C:\Documents and Settings\Administrator\7zS8CE.tmp
2008-07-28 15:17:35 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-07-28 15:17:32 0 d-------- C:\Documents and Settings\LocalService\Desktop
2008-07-28 15:17:31 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-07-28 15:17:31 0 d-------- C:\WINDOWS\Prefetch
2008-07-28 15:17:29 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-07-28 15:17:29 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-07-28 15:17:29 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-07-28 15:17:29 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-07-28 15:17:28 1048576 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2008-07-28 15:17:18 1048576 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-07-28 15:17:18 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-07-28 15:17:18 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-07-28 15:17:18 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-07-28 15:17:18 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-07-28 15:15:24 0 d-------- C:\DELL
2008-07-28 15:15:23 937984 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-07-28 15:15:11 0 d-------- C:\WINDOWS\system32\PreInstall
2008-07-28 15:15:09 0 d--h----- C:\WINDOWS\$hf_mig$
2008-07-28 15:14:33 102400 --a------ C:\WINDOWS\system32\unzip32.dll
2008-07-28 15:14:33 0 d-------- C:\Program Files\Weather Watcher
2008-07-28 15:14:29 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-07-28 15:14:29 0 d-------- C:\Documents and Settings\Default User\Application Data\SUPERAntiSpyware.com
2008-07-28 15:14:19 0 d-------- C:\Program Files\SiteAdvisor
2008-07-28 15:14:19 0 d-------- C:\Documents and Settings\Default User\Application Data\SiteAdvisor
2008-07-28 15:14:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-07-28 15:14:19 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-07-28 15:14:12 0 d-------- C:\Program Files\POP Peeper
2008-07-28 15:14:10 0 d-------- C:\Program Files\VirtuallTek
2008-07-28 15:14:07 0 d-------- C:\Program Files\nLite
2008-07-28 15:13:36 0 d-------- C:\Program Files\Microsoft Works
2008-07-28 15:10:32 0 d-------- C:\Program Files\Java
2008-07-28 15:10:30 0 d-------- C:\Program Files\Common Files\Java
2008-07-28 15:10:25 0 d-------- C:\Documents and Settings\Default User\Application Data\Sun
2008-07-28 15:10:06 0 d-------- C:\Program Files\IZArc
2008-07-28 15:10:01 0 d-------- C:\Program Files\ieSpell
2008-07-28 15:09:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-07-28 15:09:54 0 d-------- C:\Program Files\Google
2008-07-28 15:09:52 0 d-------- C:\Program Files\PC Magazine Utilities
2008-07-28 15:07:51 0 d-------- C:\Program Files\CCleaner
2008-07-28 15:07:49 0 d-------- C:\Program Files\Common Files\Stardock
2008-07-28 15:07:48 163712 --a------ C:\WINDOWS\system32\drivers\vidstub.sys
2008-07-28 15:07:48 0 d-------- C:\Program Files\Stardock
2008-07-28 15:07:46 0 d-------- C:\Documents and Settings\Default User\7zS8CE.tmp
2008-07-28 15:07:35 0 d-------- C:\Program Files\a-squared Free
2008-07-28 15:07:09 0 d-------- C:\WINDOWS\system32\Adobe
2008-07-28 15:06:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-28 15:06:53 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-28 15:06:18 0 d-------- C:\Program Files\7-Zip
2008-07-28 15:06:05 0 -rahs---- C:\MSDOS.SYS
2008-07-28 15:06:05 0 -rahs---- C:\IO.SYS
2008-07-28 15:06:05 0 --a------ C:\CONFIG.SYS
2008-07-28 15:06:05 0 --a------ C:\AUTOEXEC.BAT
2008-07-28 15:05:39 0 d-------- C:\WINDOWS\system32\dllcache
2008-07-28 15:04:46 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-07-28 15:04:32 0 dr------- C:\WINDOWS\Offline Web Pages
2008-07-28 15:04:32 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-07-28 15:04:16 0 d--h----- C:\Program Files\WindowsUpdate
2008-07-28 15:04:11 0 d-------- C:\Program Files\Online Services
2008-07-28 15:03:55 0 d-------- C:\WINDOWS\system32\DirectX
2008-07-28 15:03:37 0 d---s---- C:\WINDOWS\Tasks
2008-07-28 15:03:36 0 d-------- C:\Program Files\Common Files\MSSoap
2008-07-28 15:03:34 0 d-------- C:\WINDOWS\system32\Macromed
2008-07-28 15:03:08 0 d-------- C:\WINDOWS\system32\Restore
2008-07-28 15:02:49 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-07-28 15:02:31 0 d-------- C:\WINDOWS\Registration
2008-07-28 15:01:26 0 d-------- C:\Program Files\Windows Media Connect 2
2008-07-28 15:01:22 0 d-------- C:\Program Files\SpywareBlaster
2008-07-28 15:01:21 0 d-------- C:\Program Files\UPHClean
2008-07-28 15:00:57 0 d-------- C:\Program Files\Windows NT
2008-07-28 15:00:52 0 d-------- C:\WINDOWS\system32\MsDtc
2008-07-28 15:00:50 0 d-------- C:\WINDOWS\system32\Com
2008-07-28 09:56:48 0 d--hs---- C:\WINDOWS\Installer
2008-07-28 09:56:47 0 dr------- C:\Program Files
2008-07-28 09:56:47 0 d-------- C:\Program Files\Common Files
2008-07-28 09:56:47 0 d-------- C:\Program Files\Common Files\ODBC
2008-07-28 09:56:42 0 d-------- C:\WINDOWS\LastGood.Tmp
2008-07-28 09:56:27 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-07-28 09:56:27 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-07-28 09:56:27 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-07-28 09:56:27 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-07-28 09:56:27 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-07-28 09:56:27 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-07-28 09:56:27 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-07-28 09:56:27 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-07-28 09:56:27 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-07-28 09:56:27 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-07-28 09:56:27 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-07-28 09:56:27 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-07-28 09:56:27 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-07-28 09:56:27 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-07-28 09:56:27 0 dr------- C:\Documents and Settings\All Users\Documents
2008-07-28 09:56:27 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-07-28 09:56:12 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-07-28 09:56:12 0 d-------- C:\WINDOWS\system32\CatRoot
2008-07-28 09:56:06 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-07-28 09:56:06 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-07-28 09:56:06 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-07-28 09:56:06 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-07-28 09:55:42 0 d-------- C:\Documents and Settings
2008-07-28 09:55:41 0 d--hs---- C:\System Volume Information
2008-07-28 09:52:24 0 d-------- C:\My Downloads
2008-07-28 09:49:51 0 d-------- C:\WINDOWS
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\WinSxS
2008-07-28 09:49:51 0 dr------- C:\WINDOWS\Web
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\twain_32
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\wins
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\wbem
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\usmt
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\spool
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\ShellExt
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\Setup
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\scripting
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\ras
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\oobe
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\npp
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\mui
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\IME
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\icsxml
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\ias
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\export
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\en
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\drivers
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\dhcp
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\config
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\3076
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\2052
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1054
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1042
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1041
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1037
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1033
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1031
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1028
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system32\1025
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\system
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\security
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Resources
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\repair
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Provisioning
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\PeerNet
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\pchealth
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Network Diagnostic
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\mui
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\msapps
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\msagent
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Media
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\L2Schemas
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\java
2008-07-28 09:49:51 0 d--h----- C:\WINDOWS\inf
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\ime
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Help
2008-07-28 09:49:51 0 dr--s---- C:\WINDOWS\Fonts
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Driver Cache
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Debug
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Cursors
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\Config
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\AppPatch
2008-07-28 09:49:51 0 d-------- C:\WINDOWS\addins


-- Find3M Report ---------------------------------------------------------------

2008-07-28 09:56:27 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2008-06-18 09:50:43 720896 --a------ C:\WINDOWS\system32\a3d.dll
2008-06-18 09:50:40 114688 --a------ C:\WINDOWS\system32\igfxzoom.exe
2008-06-18 09:50:40 155648 --a------ C:\WINDOWS\system32\igfxtray.exe
2008-06-18 09:50:39 348160 --a------ C:\WINDOWS\system32\igfxsrvc.dll
2008-06-18 09:50:35 1245184 --a------ C:\WINDOWS\system32\igfxress.dll
2008-06-18 09:50:31 225280 --a------ C:\WINDOWS\system32\igfxpph.dll
2008-06-18 09:50:29 126976 --a------ C:\WINDOWS\system32\igfxhk.dll
2008-06-18 09:50:26 106496 --a------ C:\WINDOWS\system32\igfxext.exe
2008-06-18 09:50:25 36864 --a------ C:\WINDOWS\system32\igfxexps.dll
2008-06-18 09:50:25 225280 --a------ C:\WINDOWS\system32\igfxeud.dll
2008-06-18 09:50:24 86016 --a------ C:\WINDOWS\system32\igfxdo.dll
2008-06-18 09:50:24 151552 --a------ C:\WINDOWS\system32\igfxdiag.exe
2008-06-18 09:50:23 45056 --a------ C:\WINDOWS\system32\igfxdgps.dll
2008-06-18 09:50:23 139264 --a------ C:\WINDOWS\system32\igfxdev.dll
2008-06-18 09:50:22 503808 --a------ C:\WINDOWS\system32\igfxcfg.exe
2008-06-18 09:50:21 38016 --a------ C:\WINDOWS\system32\ialmrnt5.dll
2008-06-18 09:50:20 49152 --a------ C:\WINDOWS\system32\ialmrem.dll
2008-06-18 09:50:18 2289664 --a------ C:\WINDOWS\system32\ialmgicd.dll
2008-06-18 09:50:14 516096 --a------ C:\WINDOWS\system32\ialmgdev.dll
2008-06-18 09:50:12 108157 --a------ C:\WINDOWS\system32\ialmdnt5.dll
2008-06-18 09:50:12 178844 --a------ C:\WINDOWS\system32\ialmdev5.dll
2008-06-18 09:50:11 879228 --a------ C:\WINDOWS\system32\ialmdd5.dll
2008-06-18 09:50:09 61440 --a------ C:\WINDOWS\system32\iAlmCoIn_v4342.dll
2008-06-18 09:50:09 126976 --a------ C:\WINDOWS\system32\hkcmd.exe
2008-06-18 09:50:08 118784 --a------ C:\WINDOWS\system32\hccutils.dll
2008-06-18 09:47:24 140288 --a------ C:\WINDOWS\system32\sfc_os.dll
2008-06-18 09:41:27 119808 --a------ C:\WINDOWS\system32\msstdfmt.dll
2008-06-18 09:40:57 524288 --a------ C:\WINDOWS\opuc.dll
2008-06-18 09:37:57 175 --a------ C:\WINDOWS\system32\nlite.cmd


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" []
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [07/09/2008 09:05 AM]
"BootSkin Startup Jobs"="C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [04/26/2004 04:21 PM]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [06/12/2008 02:28 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WeatherWatcher"="C:\Program Files\Weather Watcher\ww.exe" [07/26/2008 09:12 AM]
"Gadwin PrintScreen"="C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" [08/20/2007 03:42 AM]
"POP Peeper"="C:\Program Files\POP Peeper\POPPeeper.exe" [03/11/2008 06:09 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [7/28/2008 3:30:50 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
1-Click Answers.lnk - C:\Program Files\1-Click Answers\answers.exe [7/28/2008 4:04:43 PM]
Monitor CPU Usage.lnk - C:\WINDOWS\system32\taskmgr.exe [4/14/2008 5:42:38 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideRunAsVerb"=1 (0x1)
"NoRemoteRecursiveEvents"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"=1 (0x1)
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoSMMyPictures"=1 (0x1)
"NoSMHelp"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"ForceStartMenuLogoff"=0 (0x0)
"NoSMConfigurePrograms"=1 (0x1)
"NoNetConnectDisconnect"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"=1 (0x1)
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoSMMyPictures"=1 (0x1)
"NoSMHelp"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"ForceStartMenuLogoff"=0 (0x0)
"NoSMConfigurePrograms"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService WebClient LmHosts upnphost SSDPSRV
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc

*Newly Created Service* - MCAFEE_SITEADVISOR_SERVICE



-- End of Deckard's System Scanner: finished at 2008-07-30 22:09:34 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: English

CPU 0: Intel® Celeron® CPU 2.00GHz
Percentage of Memory in Use: 36%
Physical Memory (total/avail): 1022.48 MiB / 646.83 MiB
Pagefile Memory (total/avail): 2461.17 MiB / 2159.09 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1881.28 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 55.87 GiB total, 49.71 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)

\\.\PHYSICALDRIVE0 - WDC WD600BB-75CAA0 - 55.87 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 55.87 GiB - C:

\\.\PHYSICALDRIVE1 - EPSON Stylus Storage USB Device



-- Security Center -------------------------------------------------------------

AUOptions is disabled.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DELL
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\DELL
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0207
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=DELL
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
1-Click Answers --> C:\Program Files\1-Click Answers\Answers.exe /Un
7-Zip 4.58 beta --> "C:\Program Files\7-Zip\Uninstall.exe"
a-squared Free 3.5 --> "C:\Program Files\a-squared Free\unins000.exe"
Add-On Maker 1.2 --> "C:\Program Files\VirtuallTek\Add-On Maker\unins000.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> MsiExec.exe /X{211E8730-5681-49ED-BC6A-78C9F88E95F5}
Avira AntiVir Personal - Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BCM V.92 56K Modem --> C:\WINDOWS\BCMSMU.exe quiet
BootSkin --> C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\UNWISE.EXE C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\INSTALL.LOG
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
DeepBurner v1.9.0.228 --> "C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log" -u
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan --> C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\Setup.exe" -l0x9 -anything
FavOrg --> C:\PROGRA~1\PCMAGA~1\FavOrg\UNWISE.EXE C:\PROGRA~1\PCMAGA~1\FavOrg\INSTALL.LOG
Gadwin PrintScreen --> C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe
Google Toolbar for Internet Explorer --> "C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_10FCC68A3F52E15D.exe" /uninstall
Google Toolbar for Internet Explorer --> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
ieSpell --> "C:\Program Files\ieSpell\uninst.exe"
Intel® Extreme Graphics Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562
IZArc 3.81 --> "C:\Program Files\IZArc\unins000.exe"
Java™ 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee SiteAdvisor --> C:\Program Files\SiteAdvisor\6261\uninstall.exe
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Works 7.0 --> MsiExec.exe /I{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}
Mozilla Firefox (3.0.1) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
nLite 1.4.6 --> "C:\Program Files\nLite\unins000.exe"
NTREGOPT 1.1j --> "C:\Program Files\NT Registry Optimizer\unins000.exe"
POP Peeper --> C:\Program Files\POP Peeper\Uninstall.exe
Spell Checker For OE 2.1 --> C:\Program Files\Common Files\Microsoft Shared\proof\Uninstal.exe
SpywareBlaster 4.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Weather Watcher --> "C:\Program Files\Weather Watcher\unins000.exe"
Webshots Desktop --> "C:\Program Files\Webshots\unins000.exe"
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type132 / Error
Event Submitted/Written: 07/29/2008 10:12:09 AM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
EXCEPTION calling function for the file
C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[UNKNOWN Exception!! EIP = 20598784]
Please inform Avira and submit the appropriate file!

Event Record #/Type127 / Error
Event Submitted/Written: 07/29/2008 00:04:14 AM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
EXCEPTION calling function for the file
C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[UNKNOWN Exception!! EIP = 20598784]
Please inform Avira and submit the appropriate file!

Event Record #/Type122 / Error
Event Submitted/Written: 07/28/2008 11:39:52 PM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
EXCEPTION calling function for the file
C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[UNKNOWN Exception!! EIP = 20598784]
Please inform Avira and submit the appropriate file!

Event Record #/Type117 / Error
Event Submitted/Written: 07/28/2008 10:32:42 PM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
EXCEPTION calling function for the file
C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[UNKNOWN Exception!! EIP = 20598784]
Please inform Avira and submit the appropriate file!

Event Record #/Type116 / Error
Event Submitted/Written: 07/28/2008 10:32:09 PM
Event ID/Source: 4118 / Avira AntiVir
Event Description:
EXCEPTION calling function for the file
C:\Documents and Settings\Administrator\Local Settings\Temp\7zS21.tmp\localized\searchplugins\amazondotcom.xml
[UNKNOWN Exception!! EIP = 20598784]
Please inform Avira and submit the appropriate file!



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type458 / Error
Event Submitted/Written: 07/30/2008 05:44:15 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The McAfee SiteAdvisor Service service failed to start due to the following error:
%%1053

Event Record #/Type457 / Error
Event Submitted/Written: 07/30/2008 05:44:14 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the McAfee SiteAdvisor Service service to connect.

Event Record #/Type345 / Warning
Event Submitted/Written: 07/29/2008 02:18:11 PM
Event ID/Source: 1073 / USER32
Event Description:
The attempt to reboot DELL failed

Event Record #/Type239 / Error
Event Submitted/Written: 07/28/2008 07:43:58 PM
Event ID/Source: 10000 / DCOM
Event Description:
Unable to start a DCOM Server: {FB7199AB-79BF-11D2-8D94-0000F875C541}.
The error:
"%%2"
Happened while starting this command:
-Embedding

Event Record #/Type79 / Warning
Event Submitted/Written: 07/28/2008 03:42:52 PM
Event ID/Source: 20 / Print
Event Description:
Printer Driver EPSON Stylus CX4800 Series for Windows NT x86 Version-3 was added or updated. Files:- E_FMAIADA.DLL, E_FUICADA.DLL, E_FVIFADA.VIF, E_QI041E.HLP, E_FDSPADA.DLL, E_FJBCADA.DLL, E_FCONADA.DLL, E_FPRMADA.PRM, E_FBSRADA.EXE, E_FUIRADA.DLL, E_FCF0ADA.CFG, E_FGRCADA.DLL, E_FPRUADA.DLL, E_FPREADA.EXE, EPSET32.DLL, E_FHM0ADA.DLL, E_FMW0ADA.DLL, E_FHT0ADA.DLL, E_FSR0ADA.DLL, E_FHBRADA.DLL, E_FHUTADA.DLL, E_FHUTADA.EXE, E_FHSRADA.DLL, E_FBAPADA.DLL, E_FBLPADA.DLL, E_FBIDADA.DAT, EBPSHRE4.DLL, SAGENT4.EXE, EBPSAGT4.DAT, E_FBAGADA.DLL, EPUPDATE.EXE, EPUPDATE.DAT, E_FARNADA.EXE, E_FASKADA.DLL, E_FAMTADA.EXE, E_FAMDADA.EXE, E_FAHLADA.HLP, E_FAIRADA.DLL, E_FAPRADA.DLL, E_FATIADA.EXE, E_FASRADA.DLL, E_FBINADA.EXE, E_FAIFADA.DAT, E_S00RP1.EXE.



-- End of Deckard's System Scanner: finished at 2008-07-30 22:09:34 ------------


Thanks in advance for any assistance,
Eddie

BC AdBot (Login to Remove)

 


#2 SNOWHITE

SNOWHITE

    missy malware magnet


  • Members
  • 2,676 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Bitola, Macedonia
  • Local time:08:02 PM

Posted 10 August 2008 - 10:13 PM

Hello and welcome to BC

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. We aim to provide the valuable service known to come from BC to every member we can, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

Thanks and again sorry for the delay.

Please download Deckard's System Scanner (DSS) and save to your Desktop.
alternate download site

DSS will do the following:
  • Create a new System Restore point in Windows XP and Vista.
  • Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.
  • Check some important areas of your system and produce a report for an analyst to review.
  • Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.
You must be logged onto an account with administrator privileges when using.
  • Close all applications and windows.
  • Double-click on dss.exe to run it and follow the prompts.
  • If your anti-virus or firewall complains, please allow this script to run as it is not
    malicious.
  • When the scan is complete, two text files will open in Notepad:
    • main.txt <- this one will be maximized
    • extra.txt <- this one will be minimized
  • If not, they both can be found in the C:\Deckard\System Scanner folder.
  • Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.
-- When running DSS, some firewalls may warn that it is trying to access the Internet especially if your asked to download the most current version of HijackThis. Please ensure that you allow it permission to do so.
-- If you get a warning from your anti-virus while DSS is scanning, please allow DSS to continue as the scan is not harmful.


If you already preformed the steps above We still need to see the current state of the machine fresh scan and logs are still necessary

click on Start, click on Run
copy and paste the following in bold in the open window and then click OK
"%userprofile%\desktop\dss.exe" /config
This will open up DSS configuration
click on Check All
click Scan
DSS will now run again when finished
Please post back both logs that open in notepad
Main txt and extra txt



Next
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
Please post back with dss reports main.txt, extra.txt and Kaspersky report.

Regards
SNOWHITE
Posted Image

#3 eddie11013

eddie11013
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 11 August 2008 - 08:57 AM

Thanks, problem resolved.
Seems when I slipstreamed the Google Tool bar it created this problem. I reformatted, going back to Windows XP Pro, only. After the usual basic install stuff and windows updates, I began to install my various programs. Up till this time I could login to msfn.org, etc., without issue. Upon installation of Google tool bar, I lost the ability to login to msfn.org & cnet and being able to get a new Yahoo account. Uninstalled Google toolbar, and everything was fine again. Don't know why Google toolbar breaks my computer but it does. Too bad, because it took a while to decide to try this toolbar, and I really liked it. So sad. Oh well, life goes on.
Just an FYI to anyone regarding 'tool bars'.
Eddie

#4 SNOWHITE

SNOWHITE

    missy malware magnet


  • Members
  • 2,676 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Bitola, Macedonia
  • Local time:08:02 PM

Posted 12 August 2008 - 05:46 PM

Thanks, problem resolved.
Seems when I slipstreamed the Google Tool bar it created this problem. I reformatted, going back to Windows XP Pro, only. After the usual basic install stuff and windows updates, I began to install my various programs. Up till this time I could login to msfn.org, etc., without issue. Upon installation of Google tool bar, I lost the ability to login to msfn.org & cnet and being able to get a new Yahoo account. Uninstalled Google toolbar, and everything was fine again. Don't know why Google toolbar breaks my computer but it does. Too bad, because it took a while to decide to try this toolbar, and I really liked it. So sad. Oh well, life goes on.
Just an FYI to anyone regarding 'tool bars'.
Eddie

Hello again eddie11013 and thank you for letting us know that you have resolved your problem :thumbsup:

As the problem here seems to be resolved this topic is now closed.
To get it reopened PM a staff member with the address of this thread.
This applies to the topic starter only, everyone else with similar problems start a new topic.
SNOWHITE
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users