Unable To Restart By Click, Screen Freezes, Have To Manually Switch Off

caynick · August 2008

Hi all

I am unable to restart/shutdown by clicking (via start menu or Ctrl.Alt.Delete)

and can only switch off manually - obviously this is not very healthy

can you advise at all please?

Many thanks

XP service pack 2

HP Compaq dx2300 Microtower

Intel ® Pentium ® Dual CPU

E2140 @ 1.60 GHZ

504 MB of RAM

caynick · August 2008

sorry guys i didnt click the "enable notification:"

minxparties@gmail.com

thanks

Niels · August 2008

Hello caynick,

Please download Deckard's System Scanner. You need to save it on your desktop. Close all other applications and windows. First right click on dss(.exe) and choose for run as administrator. Now double click on dss(.exe) Confirm the warnings. It can take a while. Please copy the content of main and extra textfiles. Extra will be minimized and paste it at your next post. Because it will be large spread them about a few posts.

Kind regards,

Niels

caynick · August 2008

Thanks Niels, so much

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --

6: 2008-08-12 22:03:43 UTC - RP262 - Deckard's System Scanner Restore Point

5: 2008-08-12 16:48:43 UTC - RP261 - Installed Windows Installer Clean Up

4: 2008-08-12 09:45:23 UTC - RP260 - System Checkpoint

3: 2008-08-11 09:39:50 UTC - RP259 - System Checkpoint

2: 2008-08-10 09:28:00 UTC - RP258 - System Checkpoint

-- First Restore Point --

1: 2008-08-09 07:59:21 UTC - RP257 - System Checkpoint

Backed up registry hives.

Performed disk cleanup.

Percentage of Memory in Use: 83% (more than 75%).

Total Physical Memory: 503 MiB (512 MiB recommended).

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2008-08-12 17:05:03

Platform: Windows XP Service Pack 2 (5.01.2600)

MSIE: Internet Explorer (7.00.5730.13)

Boot mode: Normal

Running processes:

C:\WINDOWS\system32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\a-squared Anti-Malware\a2service.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG8\avgwdsvc.exe

C:\Program Files\AVG\AVG8\avgfws8.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\PDF Complete\pdfsvc.exe

C:\Program Files\AVG\AVG8\avgam.exe

C:\Program Files\AVG\AVG8\avgrsx.exe

C:\Program Files\AVG\AVG8\avgnsx.exe

C:\WINDOWS\SMINST\Scheduler.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Documents and Settings\All Users\Application Data\Microsoft\Msapps\Rm\Rmc80.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\PDF Complete\pdfsty.exe

C:\Program Files\Syncrosoft\POS\H2O\cledx.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\Documents and Settings\nick.pitman\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///H:/Marketing/Wiki/Index.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll (file missing)

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll

O2 - BHO: (no name) - {D6862A22-1DD6-11D3-BB7C-444553540000} - (no file)

O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O4 - HKLM\..\Run: [setRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe

O4 - HKLM\..\Run: [scheduler] C:\WINDOWS\SMINST\Scheduler.exe

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Rm] C:\Documents and Settings\All Users\Application Data\Microsoft\Msapps\Rm\Rmc80.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe

O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP Premium\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP Premium\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {B9940246-4344-4D1B-BD82-DBAF7E657FF9} (AudioClient Control) - http://192.168.60.253:50000/SysCamInst.cab

O16 - DPF: {D27CDB6E-0000-0000-0000-000000000000} () - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O17 - HKLM\Software\..\Telephony: DomainName = cmlor.local

O17 - HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: Domain = cmlor.local

O17 - HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: Domain = cmlor.local

O18 - Protocol: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG8\avgfws8.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee Task Manager (McTaskManager) - Unknown owner - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe

O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

caynick · August 2008

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 BANTExt (Belarc SMBios Access) - c:\windows\system32\drivers\bantext.sys

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>

R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shldrv51.sys (file missing)

R2 PavProc (Panda Process Protection Driver) - c:\windows\system32\drivers\pavproc.sys (file missing)

R3 CLEDX (Team H2O CLEDX service) - c:\windows\system32\drivers\cledx.sys <Not Verified; Team H2O; CLEDX>

R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

R4 catchme - c:\combofix\catchme.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>

S2 McAfeeFramework (McAfee Framework Service) - "c:\program files\mcafee\common framework\frameworkservice.exe" /servicestart (file missing)

S2 McTaskManager (McAfee Task Manager) - "c:\program files\mcafee\virusscan enterprise\vstskmgr.exe" (file missing)

S3 HP Status Server - c:\windows\system32\spool\drivers\w32x86\3\hpboid.exe <Not Verified; Hewlett-Packard Company; HP Status Server>

S4 PCA (PC Angel) - c:\windows\sminst\pcangel.exe <Not Verified; SoftThinks; PCAngel Application>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------

2008-08-08 09:10:30 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2008-05-06 14:56:35 350 --a------ C:\WINDOWS\Tasks\Uniblue SpyEraser.job

-- Files created between 2008-07-12 and 2008-08-12 -----------------------------

2008-08-12 11:48:45 0 d-------- C:\Program Files\Windows Installer Clean Up

2008-08-12 11:48:19 0 d-------- C:\Program Files\MSECACHE

2008-08-12 11:42:11 0 d-------- C:\Program Files\Common Files\Panda Software

2008-08-12 09:36:36 3840 --a------ C:\WINDOWS\system32\drivers\BANTExt.sys

2008-08-12 09:36:35 0 d-------- C:\Program Files\Belarc

2008-08-12 09:25:15 0 d-------- C:\Program Files\Panda Security

2008-08-08 16:42:24 0 dr-h----- C:\Documents and Settings\nick.pitman\Recent

2008-08-06 08:54:42 0 d-------- C:\Program Files\Apple Software Update

2008-08-06 08:53:00 0 d-------- C:\Program Files\iPod

2008-08-06 08:52:41 0 d-------- C:\Program Files\iTunes

2008-08-06 08:50:22 0 d-------- C:\Program Files\QuickTime

2008-08-05 15:36:09 0 d-------- C:\Program Files\a-squared Anti-Malware

2008-07-31 15:15:15 0 d-------- C:\Program Files\acar

2008-07-31 14:38:35 0 d-------- C:\Program Files\Steinberg

2008-07-31 14:31:19 45056 --a------ C:\WINDOWS\system32\Synsopos.exe <Not Verified; Syncrosoft Hard- und Software GmbH; Syncrosoft Synsopos>

2008-07-31 14:31:15 147456 --a------ C:\WINDOWS\system32\SynsoLChk.dll <Not Verified; Syncrosoft Hard- und Software GmbH; >

2008-07-31 14:31:14 704512 --a------ C:\WINDOWS\system32\SYNSOACC.dll <Not Verified; Syncrosoft Hard- und Software GmbH; SYNCROSOFT SYNSOACC>

2008-07-31 09:46:33 0 d-------- C:\Program Files\Conduit

2008-07-31 09:46:28 0 d-------- C:\Program Files\sunriseradio

2008-07-28 14:19:19 0 d-------- C:\Documents and Settings\nick.pitman\Application Data\streamripper

2008-07-28 14:18:46 0 d-------- C:\Program Files\Streamripper

2008-07-28 11:40:49 0 d-------- C:\Program Files\Screamer Radio

2008-07-21 15:00:26 0 d--h----- C:\$AVG8.VAULT$

2008-07-21 13:53:58 0 d-------- C:\WINDOWS\system32\drivers\Avg

2008-07-16 08:44:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg8

-- Find3M Report ---------------------------------------------------------------

2008-08-12 17:00:21 0 d-------- C:\Documents and Settings\nick.pitman\Application Data\BitTorrent

2008-08-12 16:30:19 0 d-------- C:\Documents and Settings\nick.pitman\Application Data\Skype

2008-08-12 14:52:30 0 d-------- C:\Program Files\Common Files

2008-08-08 16:13:10 0 d-------- C:\Program Files\PowerISO

2008-07-31 14:31:41 0 d-------- C:\Program Files\Syncrosoft

2008-07-18 14:46:01 0 d-------- C:\Documents and Settings\nick.pitman\Application Data\Apple Computer

2008-07-15 12:15:31 0 d-------- C:\Program Files\BitTorrent

2008-07-15 10:06:48 0 d-------- C:\Program Files\DNA

2008-07-15 10:03:21 0 d-------- C:\Documents and Settings\nick.pitman\Application Data\DNA

2008-07-03 16:21:52 0 d-------- C:\Program Files\AVG

2008-07-03 16:12:06 363 --a------ C:\Documents and Settings\nick.pitman\Application Data\ubroadcastStationManager.xml

2008-07-03 14:50:13 0 d-------- C:\Program Files\Common Files\Macrovision Shared

2008-07-03 14:49:24 0 d-------- C:\Program Files\Common Files\Adobe

2008-07-03 14:32:54 0 d-------- C:\Documents and Settings\nick.pitman\Application Data\Adobe

2008-06-27 14:47:28 0 d-------- C:\Program Files\SysShield Tools

2008-06-23 09:15:15 0 d-------- C:\Documents and Settings\nick.pitman\Application Data\YouSendIt

2008-06-20 14:47:03 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-06-20 14:45:21 0 d-------- C:\Program Files\YouSendIt

2008-06-18 18:12:11 0 d-------- C:\Program Files\K-Meleon

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D6862A22-1DD6-11D3-BB7C-444553540000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SetRefresh"="C:\Program Files\Compaq\SetRefresh\SetRefresh.exe" [11/20/2003 02:01 PM]

"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [04/24/2006 12:42 PM]

"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [05/12/2006 02:50 PM]

"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [09/25/2006 04:12 AM]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [09/25/2006 04:13 AM]

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [09/25/2006 04:12 AM]

"Rm"="C:\Documents and Settings\All Users\Application Data\Microsoft\Msapps\Rm\Rmc80.exe" [02/08/2008 02:51 PM]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [01/29/2008 10:08 AM]

"PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [08/07/2007 12:59 PM]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [07/29/2008 08:53 AM]

"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [10/23/2005 12:00 AM]

"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [07/31/2008 02:46 PM]

"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [07/22/2008 08:42 PM]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [05/27/2008 10:50 AM]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [07/30/2008 10:47 AM]

"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [07/07/2008 02:34 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:00 AM]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [05/14/2008 10:47 AM]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [09/13/2007 01:31 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"HideLegacyLogonScripts"=0 (0x0)

"HideLogoffScripts"=0 (0x0)

"RunLogonScriptSync"=1 (0x1)

"RunStartupScriptSync"=0 (0x0)

"HideStartupScripts"=0 (0x0)

"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"HideLegacyLogonScripts"=0 (0x0)

"HideLogoffScripts"=0 (0x0)

"RunLogonScriptSync"=1 (0x1)

"RunStartupScriptSync"=0 (0x0)

"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"NAIMServInst"=3 (0x3)

-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

8828 more entries in hosts file.

-- End of Deckard's System Scanner: finished at 2008-08-12 17:06:00 ------------

caynick · August 2008

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0

Architecture: X86; Language: English

CPU 0: Intel® Pentium® Dual CPU E2140 @ 1.60GHz

CPU 1: Intel® Pentium® Dual CPU E2140 @ 1.60GHz

Percentage of Memory in Use: 87%

Physical Memory (total/avail): 502.42 MiB / 61.55 MiB

Pagefile Memory (total/avail): 1469.9 MiB / 872.06 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1923.18 MiB

C: is Fixed (NTFS) - 64.51 GiB total, 15.09 GiB free.

is Fixed (NTFS) - 10 GiB total, 8.26 GiB free.

E: is CDROM (No Media)

F: is CDROM (No Media)

H: is Network (NTFS)

M: is Network (NTFS)

\\.\PHYSICALDRIVE0 - ST380815AS - 74.53 GiB - 2 partitions

\PARTITION0 (bootable) - Installable File System - 64.51 GiB - C:

\PARTITION1 - Installable File System - 10 GiB -

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.

Windows Internal Firewall is enabled.

FirstRunDisabled is set.

FW: AVG Firewall v8.0 (AVG Technologies CZ, s.r.o.) Disabled

AV: AVG Anti-Virus v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Disabled:Orb"

"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"="C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe:*:Enabled:McAfee Framework Service"

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"

"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"

"C:\\Program Files\\GreedyTorrent\\GTor.exe"="C:\\Program Files\\GreedyTorrent\\GTor.exe:*:Enabled:GTor"

"C:\\Program Files\\Free Download Manager\\fdm.exe"="C:\\Program Files\\Free Download Manager\\fdm.exe:*:Enabled:Free Download Manager"

"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Enabled:RealPlayer"

"C:\\Program Files\\DAP Premium\\DAP.exe"="C:\\Program Files\\DAP Premium\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"

"C:\\Program Files\\K-Meleon\\k-meleon.exe"="C:\\Program Files\\K-Meleon\\k-meleon.exe:*:Enabled:K-Meleon Web Browser"

"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"

"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"

"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"

"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\WINDOWS\\SMINST\\Scheduler.exe"="C:\\WINDOWS\\SMINST\\Scheduler.exe:*:Enabled:Scheduler "

"C:\\Program Files\\Microsoft Off

caynick · August 2008