hijack This Log

  1. 29-04-2007  #1
    Franksie
    Franksie is offline Full Member

    hijack This Log

    Hi i have done this as instructed I am getting loads of CiD pop ups constantly!!


    Deckard's System Scanner v20070423.42
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Home Edition (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Intel(R) Pentium(R) 4 CPU 3.40GHz
    CPU 1: Intel(R) Pentium(R) 4 CPU 3.40GHz
    Percentage of Memory in Use: 75%
    Physical Memory (total/avail): 1022.09 MiB / 253.67 MiB
    Pagefile Memory (total/avail): 2460.48 MiB / 1793.52 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1927.14 MiB

    A: is Removable (No Media)
    C: is Fixed (NTFS) - 229.26 GiB total, 23.17 GiB free.
    D: is CDROM (CDFS)
    E: is CDROM (CDFS)


    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is disabled.

    FirstRunDisabled is set.

    FW: Norton Personal Firewall v2006 (Symantec Corporation)
    AV: Norton AntiVirus v2005 (Symantec Corporation)


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Paula\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.5.0_09\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=PAULA-0BFEEFF0A
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Paula
    LOGONSERVER=\\PAULA-0BFEEFF0A
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\Program Files\Internet Explorer;;C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOW S\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0304
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.5.0_09\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\Paula\LOCALS~1\Temp
    TMP=C:\DOCUME~1\Paula\LOCALS~1\Temp
    USERDOMAIN=PAULA-0BFEEFF0A
    USERNAME=Paula
    USERPROFILE=C:\Documents and Settings\Paula
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    Paula (admin)
    Administrator.PAULA-0BFEEFF0A (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    -->
    --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}.exe" /X
    --> "C:\Program Files\Common Files\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe" /X
    --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
    --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\Setup.exe" -l0x9
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
    Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
    Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
    Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
    Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
    ArcSoft Camera Suite 1.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}\setup.exe" -l0x9
    ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallI NFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
    µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"
    Audio2VCD --> "C:\Program Files\Audio2VCD\unins000.exe"
    AutoUpdate -->
    AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    AVI DivX to DVD SVCD VCD Converter 1.1.2 --> "C:\Program Files\AVI DivX to DVD SVCD VCD Converter\unins000.exe"
    AVI to VCD/DVD 4.02 --> "C:\Program Files\Cucusoft\avi-vcd-dvd\unins000.exe"
    AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
    Battle of Britain II --> C:\BATTLE~1\UNWISE.EXE C:\BATTLE~1\tempwp.log
    Bejeweled 2 --> C:\PROGRA~1\GAMEHO~1\BEJEWE~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\BEJEWE~1\INSTALL.LOG
    BlueSoleil --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\setup.exe" -l0x9
    Boilosft AVI to VCD SVCD DVD Converter 1.28 --> "C:\Program Files\Boilsoft AVI Converter\unins000.exe"
    Broadcom Advanced Control Suite 2 -->
    Broadcom Advanced Control Suite 2 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2E086814-7392-4E0F-ADB8-54A81E47406C} /l1033
    Broadcom Gigabit Integrated Controller -->
    Broadcom Gigabit Integrated Controller --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE6890C7-31EF-478C-812E-1E2899ABFCA9} /l1033
    BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
    BT Softphone 1.5.3.6 --> "C:\Program Files\BT Broadband Talk Softphone\unins000.exe"
    BT Voyager Wireless Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F811E029-35C8-4742-933D-0EAEFB5958C9}\Setup.exe" -l0x9
    BT Yahoo! Applications --> C:\PROGRA~1\Yahoo!\Common\uninstall.exe
    CC_ccProxyExt --> MsiExec.exe /I{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}
    ccCommon --> MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
    CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
    ccPxyCore --> MsiExec.exe /I{30738666-9805-4926-A78F-91DA33B6C437}
    Cinema Craft Encoder SP Version 2.50 -->
    CloneCD --> "C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
    CloneDVD 3.5 --> "C:\Program Files\CloneDVD\unins000.exe"
    Command & Conquer Generals -->
    Command & Conquer Generals --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\ID river.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
    Command & Conquer Tiberian Sun --> C:\Westwood\SUN\Uninstll.EXE
    Command and ConquerTM Generals Zero Hour -->
    Command and ConquerTM Generals Zero Hour --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\ID river.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
    ConvertMovie 2.0 --> C:\Program Files\ConvertMovie 2.0\uninst.exe
    coverXP (remove only) --> "C:\Program Files\coverXP\cxp-uninst.exe"
    Creative Audio Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x9 /remove
    Crimson Skies (c) Microsoft --> C:\Neo\Crimson\UNWISE.EXE C:\Neo\Crimson\INSTALL.LOG
    Cucusoft AVI to DVD/VCD/SVCD/MPEG Converter Pro 4.17 --> "C:\Program Files\Cucusoft\avi-dvd-pro\unins001.exe"
    Cucusoft MPEG to DVD Burner 2.18 --> "C:\Program Files\Cucusoft\MPEG-DVD-Burner\unins000.exe"
    Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro 5.07.1 --> "C:\Program Files\Cucusoft\avi-dvd-pro\unins000.exe"
    DC++ 0.698 --> "C:\Program Files\DC++\uninstall.exe"
    Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
    Disk and Registry Alert Trial --> "C:\Program Files\Disk and Registry Alert Trial\unins000.exe"
    DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    EA SPORTS online 2007 --> C:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
    EPSON CardMonitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x9 uninst
    EPSON PhotoQuicker3.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x9 uninst
    EPSON PhotoStarter3.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x9 uninst
    EPSON Print CD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x9 -SYSTEM
    EPSON PRINT Image Framer Tool2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anything
    EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDAT E.EXE /R
    ESPR300 Reference Guide --> C:\Program Files\EPSON\ESPR300\REF_G\DOCUNINS.EXE
    ESPR300 Software Guide --> C:\Program Files\EPSON\ESPR300\PQU_G\DOCUNINS.EXE
    ESPR300 Standalone Guide --> C:\Program Files\EPSON\ESPR300\STA_G\DOCUNINS.EXE
    G-Force --> C:\Program Files\SoundSpectrum\G-Force\Uninstall.exe
    Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
    Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly
    Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly
    Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Google Video Player --> "C:\Program Files\Google\Google Video Player\Uninstall.exe"
    Half-Life(R) 2 --> MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA}
    Huffyuv AVI lossless video codec (Remove Only) --> rundll.exe setupx.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\HUFFYUV.INF
    Image Resizer Powertoy for Windows XP --> MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
    Intel(R) 537EP V9x DF PCI Modem --> rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EP V9x DF PCI Modem"
    Internet Worm Protection --> MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
    IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
    IsoBuster 2.1 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
    iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
    J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
    Jewel Quest (remove only) --> "C:\Program Files\Jewel Quest\Uninstall.exe"
    Luxor --> "C:\WINDOWS\Luxor\uninstall.exe" "/U:C:\Program Files\Luxor\Uninstall\uninstall.xml"
    Luxor --> C:\PROGRA~1\GAMEHO~1\Luxor\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\Luxor\INSTALL.LOG
    Luxor - Amun Rising --> "C:\Program Files\Oberon Media\Luxor - Amun Rising\Uninstall.exe" "C:\Program Files\Oberon Media\Luxor - Amun Rising\install.log"
    Luxor 2 (remove only) --> "C:\Program Files\MumboJumbo\Luxor 2\Uninstall.exe"
    Macrogaming SweetIM 2.0 --> MsiExec.exe /X{D9BBFA60-4514-4F08-A78F-91957F957495}
    Macromedia Authorware Web Player --> C:\WINDOWS\system32\Macromed\AUTHORWA\UNWISE.EXE C:\WINDOWS\system32\Macromed\AUTHORWA\Install.log
    Macromedia Flash Player 8 --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\swflash.inf,DefaultUninstall,5
    Microsoft Crimson Skies --> "C:\Neo\Crimson\UNINSTAL.EXE" /runtemp /addremove
    Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
    Microsoft Text To Speech Engine --> MsiExec.exe /X{647B6F8B-645C-4992-99D8-49202C689C05}
    Microsoft Windows Vista Upgrade Advisor --> MsiExec.exe /I{962DE60D-D080-4E77-BD0C-F97A179C50B7}
    mIRC -->
    Monopoly --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20FA8AEE-E785-4F79-98EB-2067A8F395F4}\setup.exe" -l0x9
    MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSRedist --> MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
    NAVShortcut --> MsiExec.exe /I{F325CF11-27CE-4872-8022-6E9EB27DF24F}
    Network Play System (Patching) --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
    Nokia Connectivity Cable Driver --> MsiExec.exe /X{3675AD63-CF95-4778-B981-225FB9225D7C}
    Nokia PC Suite --> MsiExec.exe /I{4CE0B4BA-8862-444D-A94D-EF39AD48C8BC}
    Nokia Software Updater --> MsiExec.exe /X{DDE986ED-87F8-41AA-A27E-120CAB0700F6}
    Norton AntiSpam --> MsiExec.exe /I{3B29A786-5803-4E9E-9B58-3014A5B4E519}
    Norton AntiVirus 2006 --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
    Norton AntiVirus Help --> MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
    Norton AntiVirus Parent MSI --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
    Norton AntiVirus SYMLT MSI --> MsiExec.exe /I{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}
    Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
    Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
    Norton Personal Firewall --> MsiExec.exe /I{3BD0196C-6553-460c-A0C4-90D8AE5D60D2}
    Norton Personal Firewall --> MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
    Norton Personal Firewall --> MsiExec.exe /I{FFB4DD53-28B7-4981-BFF0-9BD801F61095}
    Norton Protection Center --> MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
    Norton Spyware Scan provided by Yahoo! --> C:\PROGRA~1\Yahoo!\Common\unynss.exe
    Norton WMI Update --> MsiExec.exe /X{E85FA9A1-C241-4698-893B-DD99509B8DB0}
    Norton WMI Update --> MsiExec.exe /X{F64306A5-4C32-41bb-B153-53986527FAB4}
    PC Connectivity Solution --> MsiExec.exe /I{04F3BF74-9E34-4D3E-93C3-D3D1F24199C8}
    PC VGA Camer@ -->
    PC VGA Camer@ --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\ID river.exe /M{8E52A993-2C62-4470-9FE0-8F931496A985} /l1033
    PIF DESIGNER2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x9 anything
    PowerDVD 5.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    Quick CD/DVD Burner V2.6 --> C:\PROGRA~1\QUICKC~1\UNWISE.EXE C:\PROGRA~1\QUICKC~1\INSTALL.LOG
    QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
    RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Registry Mechanic 4.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
    ScanToWeb --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\SETUP.EXE" ADDREMOVEDLG
    Scrabble (remove only) --> "C:\Documents and Settings\Paula\Desktop\Scrabble\Uninstall.exe"
    Silent Hunter III -->
    Silent Hunter III --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7} /l1033
    Sim AQUARIUM 2 --> "C:\Program Files\Sim AQUARIUM 2\unins000.exe"
    SimAQUARIUM2 Tank-1 Screensaver --> "C:\Program Files\SimAQUARIUM2\unins000.exe"
    Skype 2.0 --> "C:\Program Files\Skype\Phone\unins000.exe"
    Sonic 3D --> C:\Sega\Sonic3D\directx\setup /r
    Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    SoundFont Bank Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\Setup.exe" -l0x9 /remove
    SPBBC --> MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
    Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Steam(TM) --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    Super DVD Creator 5.0 --> "C:\Program Files\Super DVD Creator 5.0\unins000.exe"
    SweetIM For Internet Explorer 3.0b --> MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
    Symantec --> MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
    The Sims --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Maxis\The Sims\Uninst.isu"
    The Sims 2 --> C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
    Tiger Woods PGA TOUR 07 --> C:\Program Files\EA SPORTS\Tiger Woods PGA TOUR 07\EAUninstall.exe
    Total Annihilation --> C:\CAVEDOG\TOTALA\setup.exe -u
    TrackMania United DVD Patch 2006-12-15 --> "C:\Program Files\TrackMania United\unins000.exe"
    V5388 Digital Camera Driver --> C:\PROGRA~1\V5388D~1\UNWISE.EXE C:\PROGRA~1\V5388D~1\INSTALL.LOG
    VCDEasy --> "C:\Program Files\VCDEasy\unins000.exe"
    VideoLAN VLC media player 0.8.6a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
    WebFldrs XP -->
    Westwood Shared Internet Components --> C:\Westwood\Internet\UnstllAP.EXE
    WinAce Archiver --> C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
    WinAVIVideoConverter --> "C:\Program Files\WinAVIVideoConverter\unins000.exe"
    Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
    Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC45 7D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_6B630EE2E6 6584353C6CD8683D447072872F34D8\pccswpddriver.inf
    Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC45 7D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08 EDFDE145390033D8EF099DA65567\nokbtmdm.inf
    Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
    Windows Live Sign-in Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
    Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {9DA72A9F-4246-4C10-B0FA-D8C1037D45F8}
    Windows Live Toolbar --> MsiExec.exe /X{9DA72A9F-4246-4C10-B0FA-D8C1037D45F8}
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
    Zone Media --> C:\DOCUME~1\Paula\APPLIC~1\OPTION~1\WARN ENC.exe -uninstall
    Zuma Deluxe 1.0 --> C:\Program Files\PopCap Games\Zuma Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Zuma Deluxe\Install.log"


    -- End of Deckard's System Scanner: finished at 2007-04-26 at 15:10:10 ---------

    And This

    Deckard's System Scanner v20070423.42
    Run by Paula on 2007-04-26 at 15:20:30
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------



    -- HijackThis (run as Paula.exe) -----------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 15:20, on 07-04-26
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Common Files\Symantec Shared\DJSNETCN.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F 2.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Valve\Steam\Steam.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Messenger\msmsgs.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Yahoo!\NAV\navapsvc.exe
    C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Documents and Settings\Paula\Desktop\dss.exe
    C:\DOCUME~1\Paula\Desktop\HJT\Paula.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Yahoo!\NAV\NavShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\sw g.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F 2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Common Files\Symantec Shared\DJSNETCN.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] ~C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [Cdrom wait] C:\DOCUME~1\Paula\APPLIC~1\OPTION~1\WARN ENC.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BlueSoleil.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://xolaurenmcaulayox.spaces.live...d/MsnPUpld.cab
    O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
    O16 - DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} (mailhelper Class) - https://register.btinternet.com/temp...control013.cab
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/def...jolauncher.cab
    O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} (ZPA_DMNO Object) - http://zone.msn.com/bingame/zpagames...o.cab42341.cab
    O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames...1.cab55579.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/upload...reUploader.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
    O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15023/CTPID.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Yahoo!\NPF\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\DJSNETCN.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\SAVScan.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE


    -- Files created between 2007-03-26 and 2007-04-26 -----------------------------

    2007-04-24 12:34:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-04-19 15:05:47 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver; 1.0.0.14; 1.0.0.14>
    2007-04-13 21:10:06 0 d-------- C:\Program Files\ArcSoft
    2007-04-13 21:10:05 212480 --a------ C:\WINDOWS\pcdlib32.dll <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit; 3, 0, 0, 0; 3, 0, 0, 0>
    2007-04-12 16:29:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth
    2007-04-12 16:25:50 0 d-------- C:\Program Files\IVT Corporation
    2007-04-12 16:23:48 63488 -ra------ C:\WINDOWS\system32\drivers\wssbtr1f.sys <Not Verified; National Semiconductor Sweden AB; National Semiconductor Sweden AB BlueCard PCMCIA driver; 2, 0, 0, 57; 2, 0, 0, 57>
    2007-04-12 16:23:48 48556 -ra------ C:\WINDOWS\system32\drivers\SktBt2k.sys <Not Verified; Socket Communications, Inc.; SIO9502K; 1, 0, 0, 1; 1, 0, 3, 7>
    2007-04-12 16:23:48 77824 -ra------ C:\WINDOWS\system32\drivers\SioUi2k.dll <Not Verified; Socket Communications Inc.; 16C950; 1.0.00.001; 1, 0, 0, 2>
    2007-04-12 16:23:48 48076 -ra------ C:\WINDOWS\system32\drivers\Sio9502k.sys <Not Verified; Socket Communications, Inc.; SIO9502K; 1, 0, 0, 1; 1, 0, 3, 5>
    2007-04-12 16:23:47 40960 -ra------ C:\WINDOWS\system32\drivers\SCTray.exe <Not Verified; Socket Communications Inc.; SCTray; 1, 0, 0, 1; 1, 0, 0, 2>
    2007-04-12 16:23:47 51169 -ra------ C:\WINDOWS\system32\drivers\OXSER.SYS <Not Verified; OEM; OX16C95x; 3.0.4.001; 3.0.4.001>
    2007-04-12 16:23:38 11736 --a------ C:\WINDOWS\system32\drivers\VHIDMini.sys <Not Verified; IVT Corporation; IVT BlueSoleil; 1.4.x; 1.2.2.0>
    2007-04-12 16:23:38 82148 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys <Not Verified; IVT Corporation; BlueSoleil; 1.4.x; 2.20>
    2007-04-12 16:23:38 61312 --a------ C:\WINDOWS\system32\drivers\VComm.sys <Not Verified; IVT Corporation; BlueSoleil; 1.4.x; 2.20>
    2007-04-12 16:23:38 11860 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys
    2007-04-12 16:23:38 13304 --a------ C:\WINDOWS\system32\drivers\BTNetFilter.sys
    2007-04-12 16:23:38 148830 --a------ C:\WINDOWS\system32\drivers\bcbthub.sys <Not Verified; Broadcom Corporation; USB Driver for Broadcom Blutonium Bluetooth Adapter; 3.3.6.0; 3.3.6.0>
    2007-04-12 16:23:37 116021 --a------ C:\WINDOWS\system32\drivers\fw203x.sys <Not Verified; Broadcom; ; ; 2.15.7>
    2007-04-12 16:23:37 10804 --a------ C:\WINDOWS\system32\drivers\BtNetDrv.sys <Not Verified; IVT Corporation; BlueSoleil; 1.4.x; 1.2.0>
    2007-04-12 16:23:37 28271 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys <Not Verified; IVT Corporation; BlueSoleil(c); 1.4.x; 1.2.2.0>
    2007-04-12 16:23:37 23000 --a------ C:\WINDOWS\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver; 1.4.x; 2.0.0>
    2007-04-12 16:23:37 20480 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver; 5.1.2600.1106; 1.2>
    2007-04-12 16:23:37 7680 --a------ C:\WINDOWS\system32\btinstall.dll <Not Verified; IVT Corporation; BlueSoleil; 1, 4, 9, 0; 1, 0, 1, 1>
    2007-04-12 16:23:37 49152 --a------ C:\WINDOWS\system32\btfunc.dll <Not Verified; IVT Corporation; BlueSoleil; 1, 6, 0, 0; 1, 2, 0, 0>
    2007-04-11 05:47:37 0 d-------- C:\WINDOWS\Drivers
    2007-04-06 16:22:59 424 --a------ C:\delete.bat
    2007-04-06 10:00:44 0 d-------- C:\Documents and Settings\All Users\Application Data\plus burn bind second
    2007-04-06 10:00:33 0 d-------- C:\Program Files\Option dead
    2007-04-05 20:25:36 44239 --a------ C:\sound32.dll
    2007-04-05 20:24:34 984 --a------ C:\WINDOWS\ssconf2.bin
    2007-04-05 20:24:34 3463656 --a------ C:\WINDOWS\SimAQUARIUM2 Tank-1.scr <Not Verified; Digital Illusions Software; d3Demo Maker; 2, 0, 0, 1; 2, 0, 0, 1>
    2007-04-05 20:24:32 0 d-------- C:\Program Files\SimAQUARIUM2
    2007-04-05 20:10:09 2759082 --a------ C:\WINDOWS\Sim AQUARIUM 2.scr <Not Verified; Digital Illusions Software - ss3d.com; SimAQUARIUM; 1, 0, 0, 1; 2, 0, 0, 1>
    2007-04-05 20:10:06 0 d-------- C:\Program Files\Sim AQUARIUM 2
    2007-04-04 11:45:54 0 d-------- C:\temp
    2007-04-04 11:30:25 0 d-------- C:\Program Files\THQ
    2007-04-03 20:57:04 0 d-------- C:\Documents and Settings\Paula\Application Data\Nokia Multimedia Player
    2007-04-03 20:49:26 0 d-------- C:\Program Files\Common Files\PCSuite
    2007-04-03 20:49:10 0 d-------- C:\Program Files\PC Connectivity Solution
    2007-04-03 20:44:08 12800 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys <Verified; Nokia; ; ; 6.82.3.0>
    2007-04-03 20:44:07 4608 --a------ C:\WINDOWS\system32\nmwcdlog.dll <Verified; Nokia; ; ; 6.82.3.0>
    2007-04-03 20:44:07 30720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll <Verified; Nokia; ; ; 6.82.3.0>
    2007-04-03 20:44:07 9216 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys <Verified; Nokia; ; ; 6.82.3.0>
    2007-04-03 20:44:07 138240 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys <Verified; Nokia; ; ; 6.82.3.0>
    2007-04-01 18:25:03 0 dr-h----- C:\Documents and Settings\Administrator.PAULA-0BFEEFF0A\Recent
    2007-03-30 18:14:58 0 d-------- C:\Program Files\NoAdware5.0
    2007-03-30 15:16:28 0 d-------- C:\WINDOWS\Paltalk Messenger
    2007-03-28 09:09:30 0 d-------- C:\Documents and Settings\Administrator.PAULA-0BFEEFF0A\Application Data\Google
    2007-03-28 09:07:51 0 d-------- C:\Documents and Settings\Administrator.PAULA-0BFEEFF0A\Contacts
    2007-03-27 1209 48776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL <Verified; Symantec Corporation; SYMEVENT; 12.3.0.15; 12.3.0.15>
    2007-03-27 1209 115000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS <Verified; Symantec Corporation; SYMEVENT; 12.3.0.14; 12.3.0.14>
    2007-03-27 12:16:40 0 d-------- C:\Program Files\Symantec
    2007-03-26 16:45:48 118832 --a------ C:\WINDOWS\system32\SHW32.DLL <Not Verified; MicroQuill Software Publishing, Inc.; SmartHeap; 6.02; 6.02.38>


    -- Find3M Report ---------------------------------------------------------------

    2007-04-26 15:10:52 0 d-------- C:\Program Files\Common Files\Symantec Shared
    2007-04-25 16:46:04 0 d-------- C:\Program Files\DC++
    2007-04-25 14:43:32 0 d-------- C:\Documents and Settings\Paula\Application Data\uTorrent
    2007-04-15 18:18:39 0 d-------- C:\Program Files\Common Files\Scanner
    2007-04-13 21:10:01 0 d--h----- C:\Program Files\InstallShield Installation Information
    2007-04-12 20:12:42 0 d-------- C:\Program Files\EA GAMES
    2007-04-12 15:23:00 0 d-------- C:\Program Files\MSN Messenger
    2007-04-11 14:37:40 0 d-------- C:\Program Files\Common Files\Motive
    2007-04-11 06:09:40 0 d-------- C:\Program Files\BT Home Hub
    2007-04-11 05:47:34 0 d-------- C:\Program Files\BT Broadband 2091
    2007-04-10 20:55:18 0 d-------- C:\Documents and Settings\Paula\Application Data\Yahoo!
    2007-04-07 14:42:42 0 d-------- C:\Program Files\QuickTime
    2007-04-07 14:42:06 0 d-------- C:\Program Files\Apple Software Update
    2007-04-06 16:33:53 0 d-------- C:\Program Files\XoftSpy
    2007-04-06 16:16:10 0 d-------- C:\Program Files\Java
    2007-04-06 12:45:30 0 d-------- C:\Documents and Settings\Paula\Application Data\Adobe
    2007-04-06 10:00:51 0 d-------- C:\Documents and Settings\Paula\Application Data\Option dead
    2007-04-03 22:33:51 0 d-------- C:\Program Files\CloneDVD
    2007-04-03 20:49:26 0 d-------- C:\Program Files\Nokia
    2007-04-03 20:49:26 0 d-------- C:\Program Files\Common Files\Nokia
    2007-04-02 14:44:34 0 d-------- C:\Program Files\Common Files\Ahead
    2007-04-02 12:27:28 0 d-------- C:\Program Files\Paltalk Messenger
    2007-03-31 22:54:39 0 d-------- C:\Documents and Settings\Paula\Application Data\Screenshot Sender
    2007-03-25 20:50:59 0 d-------- C:\Documents and Settings\Paula\Application Data\AVG7
    2007-03-23 16:38:04 0 d-------- C:\Program Files\IrfanView
    2007-03-22 10:42:05 0 d-------- C:\Program Files\CCleaner
    2007-03-20 18:41:01 0 d-------- C:\Program Files\Macrogaming
    2007-03-14 12:03:32 0 d-------- C:\Program Files\BT Voyager
    2007-03-12 13:34:23 0 d-------- C:\Program Files\Common Files\System32
    2007-03-11 16:25:43 0 d-------- C:\Program Files\Google
    2007-03-09 14:58:45 0 d-------- C:\Documents and Settings\Paula\Application Data\STOPzilla!
    2007-03-09 14:38:15 0 d-------- C:\Program Files\Disk and Registry Alert Trial
    2007-03-09 14:31:22 0 d-------- C:\Documents and Settings\Paula\Application Data\Uniblue
    2007-03-09 14:23:17 0 d-------- C:\Program Files\Yahoo!
    2007-02-27 23:34:59 0 d-------- C:\Documents and Settings\Paula\Application Data\vlc
    2007-02-27 23:29:56 0 d-------- C:\Program Files\VideoLAN
    2007-02-27 23:14:59 0 d-------- C:\Program Files\VCDEasy
    2007-02-27 23:12:27 0 d-------- C:\Documents and Settings\Paula\Application Data\Audio2VCD
    2007-02-27 23:12:02 0 d-------- C:\Program Files\Audio2VCD
    2007-02-27 23:03:25 0 d-------- C:\Program Files\Quick CD DVD Burner
    2007-02-12 17:22:48 538256 --a------ C:\WINDOWS\system32\SymNeti.dll <Verified; Symantec Corporation; Symantec Security Drivers; 6.0; 6.0.5.506>
    2007-02-12 17:22:46 161424 --a------ C:\WINDOWS\system32\SymRedir.dll <Verified; Symantec Corporation; Symantec Security Drivers; 6.0; 6.0.5.506>


    -- Registry Dump ---------------------------------------------------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
    {02478D38-C3F9-4EFB-9B51-7695ECA05670} C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    {9ECB9560-04F9-4bbc-943D-298DDF1699E1} C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} C:\Program Files\Yahoo!\NAV\NavShExt.dll
    {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar1.dll
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\sw g.dll
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} C:\Program Files\Windows Live Toolbar\msntb.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
    "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
    "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.ex e"
    "NWEReboot"=""
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "EPSON Stylus Photo R300 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W3 2X86\\3\\E_S4I0F2.EXE /P30 \"EPSON Stylus Photo R300 Series\" /O6 \"USB001\" /M \"Stylus Photo R300\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
    "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
    "PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run]
    "Yahoo! Pager"="~C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\ypager.ex e -quiet"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.ex e"
    "Steam"="C:\\Program Files\\Valve\\Steam\\\\Steam.exe -silent"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolba rNotifier.exe"
    "SweetIM"="C:\\Program Files\\Macrogaming\\SweetIM\\SweetIM.exe"
    "Cdrom wait"="C:\\DOCUME~1\\Paula\\APPLIC~1\\OPTION~1\\WA RN ENC.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runservices]
    "DJSNetCN"="C:\\Program Files\\Common Files\\Symantec Shared\\DJSNETCN.exe"

    [HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run]
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.ex e"
    "DWQueuedReporting"="\"C:\\PROGRA~1\\COMMON~1\ \MIC ROS~1\\DW\\dwtrig20.exe\" -t"
    "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
    "DisableRegistryTools"=dword:00000000

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Google Updater.lnk"
    "backup"="C:\\WINDOWS\\pss\\Google Updater.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\Google\\GOEAD5~1\\GOO GLE~ 1.EXE -systray -startup"
    "item"="Google Updater"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="CFD"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="DVDLauncher"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eyeBeam SIP Client]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="BTSoftphone"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\BT Broadband Talk Softphone\\BTSoftphone.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="BTHelpNotifier"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\BTHOME~1\\Help\\SMART B~1\ \BTHelpNotifier.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\NeroCheck.ex e"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="LaunchApplication"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="GoogleToolbarNotifier"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.546 2\\GoogleToolbarNotifier.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YBrowser]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="ybrwicon"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\Yahoo!\\browser\\ybrw icon .exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YOP]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVe rsio n\\Run"
    "item"="yop"
    "hkey"="HKLM"
    "command"="C:\\PROGRA~1\\Yahoo!\\YOP\\yop.exe /autostart"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnph ost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    bthsvcs REG_MULTI_SZ BthServ\0\0



    -- End of Deckard's System Scanner: finished at 2007-04-26 at 1534 ---------

    Thx

  3. 29-04-2007  #2
    VopThis
    VopThis is offline Senior Member (Canada)
    Save 20% on AVG Internet Security 2012 Suite!
    Please do not continue to start new topic threads for an ongoing problem. Also note that few , if any, posts go unanswered in these forums. Unforunately, I have had to be away for the last few days - hence my lack of recent responses. Other helpers, here, have yhad to be away for extended absences or can only post here occasionally.


    CiD and popup problems are often found present with the use of P2P (peer-to-peer) applications such as uTorrent. A previously fixed entry in the HijackThis log has returned and seemingly been reinstated by some associated continuing process.



    Additionally, there is no information available on the suspect application:
    O4 - HKCU\..\Run: [Cdrom wait] C:\DOCUME~1\Paula\APPLIC~1\OPTION~1\WARN ENC.exe
    HIDDEN FILES: To make sure you can see any and all hidden files, please follow the directions here



    Submit the following file(s) to VirusTotal for their immediate evaluation and feedback. Use any of the following methods, as appropriate:
    • Locate FULL FILE PATH if not apparent. Use Start (BUTTON)>Search, [WINDOWS+F] keys, or F3 key.
    • Copy & Paste the FULL FILE PATH in the input BOX
      -- OR --
    • Navigate to the file in question.

    Post those results in your next reply (if malware findings were indicated) for:

    C:\DOCUME~1\Paula\APPLIC~1\OPTION~1\WARN ENC.exe





    Additionally, remove the suspect line in HijackThis as previously done and its related FOLDER. That should clearly establish if that item is indeed continuing to cause the CiD popup issues.
+ Reply to Thread
« "Qurantine" or "Delete"? | cant see script on pages »