1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Error in installing Visual Studio 2005

Discussion in 'Software Development' started by anil_lami, May 11, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. anil_lami

    anil_lami Thread Starter

    Joined:
    May 11, 2007
    Messages:
    8
    Hi,
    I am trying to install Visual studio 2005 in my PC which contains Windows XP OS, but the installation is failing. An error message box is displayed which contains "dwwin.exe" as the title. The contents of error mesage are:

    "C:\Windows\System32\Xlibgfl254.dll is not a valid windows image. Check the installation diskette."

    Can you please help me out in resolving this error ?

    Regards,
    Anil.
     
  2. CrazyComputerMan

    CrazyComputerMan

    Joined:
    Apr 16, 2007
    Messages:
    13,805
    First Name:
    Robert
    Welcome to TSG,

    Check the installation DIsk
     
  3. anil_lami

    anil_lami Thread Starter

    Joined:
    May 11, 2007
    Messages:
    8
    Hi,
    I didn't get which disk/CD you meant. I have copied the visual studio installer into the hard disk and from there only, I am running the installation.
     
  4. Frank4d

    Frank4d Retired Trusted Advisor

    Joined:
    Sep 10, 2006
    Messages:
    9,126
  5. CrazyComputerMan

    CrazyComputerMan

    Joined:
    Apr 16, 2007
    Messages:
    13,805
    First Name:
    Robert
    That vwhat i think :)
     
  6. anil_lami

    anil_lami Thread Starter

    Joined:
    May 11, 2007
    Messages:
    8
    Hi, Thanks for your reply. I ran ComboScan tool and got the following results:

    HijackThis.txt
    ..........................................................

    Logfile of HijackThis v1.99.1
    Scan saved at 11:34:56 PM, on 5/13/2007
    Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    F:\webserver\bin\win32\matlabserver.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Prevx1\PXAgent.exe
    f:\bin\win32\matlab.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Prevx1\PXConsole.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\WordWeb\wweb32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\abc\Desktop\dss.exe
    C:\Documents and Settings\abc\Desktop\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - (no file)
    R3 - URLSearchHook: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
    R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\dapbho.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - Startup: TotalAntiSpyware.lnk = C:\Program Files\Spinach AntiSpyware\AntiSpyware.exe
    O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
    O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/269fef5a65b3b26b2719/netzip/RdxIE601.cab
    O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1466
    O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/e/us29/e.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4E7F57C3-DD7C-4C5C-A103-816A89154C47}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5E293044-AC1D-4999-B312-C200D8D24CC4}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6BD7967F-9EC6-4EBF-A924-3090A9FF64BD}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: ANSYS FLEXlm license manager - Unknown owner - C:\Documents and Settings\abc\Desktop\ansys_8\Crack\ansys.exe (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner - F:\\webserver\bin\win32\matlabserver.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


    ComboScan.txt
    .......................................................

    Deckard's System Scanner v20070426.43
    Run by abc on 2007-05-13 at 23:23:52
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    16: 2007-05-13 17:54:00 UTC - RP227 - Deckard's System Scanner Restore Point
    15: 2007-05-13 08:21:57 UTC - RP226 - Removed BlueSoleil
    14: 2007-05-13 08:20:21 UTC - RP225 - Google Desktop Search 072105-155108 U
    13: 2007-05-12 16:48:00 UTC - RP224 - System Checkpoint
    12: 2007-05-10 18:49:49 UTC - RP223 - System Checkpoint


    -- First Restore Point --
    1: 2007-04-30 09:42:50 UTC - RP212 - System Checkpoint


    Backed up registry hives.

    Performed disk cleanup.


    -- HijackThis (run as abc.exe) -------------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 11:36:34 PM, on 5/13/2007
    Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    F:\webserver\bin\win32\matlabserver.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Prevx1\PXAgent.exe
    f:\bin\win32\matlab.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Prevx1\PXConsole.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\WordWeb\wweb32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\abc\Desktop\dss.exe
    C:\DOCUME~1\abc\Desktop\HIJACK~1\abc.exe
    C:\WINDOWS\system32\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - (no file)
    R3 - URLSearchHook: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
    R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\dapbho.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - Startup: TotalAntiSpyware.lnk = C:\Program Files\Spinach AntiSpyware\AntiSpyware.exe
    O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
    O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/269fef5a65b3b26b2719/netzip/RdxIE601.cab
    O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1466
    O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/e/us29/e.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4E7F57C3-DD7C-4C5C-A103-816A89154C47}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5E293044-AC1D-4999-B312-C200D8D24CC4}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6BD7967F-9EC6-4EBF-A924-3090A9FF64BD}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: ANSYS FLEXlm license manager - Unknown owner - C:\Documents and Settings\abc\Desktop\ansys_8\Crack\ansys.exe (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner - F:\\webserver\bin\win32\matlabserver.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
    R1 PXRDDriver (PREVX Rootkitscan driver) - c:\windows\system32\drivers\pxrd.sys
    R3 SMBios (Intel (R) System Management BIOS Service) - c:\windows\system32\drivers\smbios.sys <Not Verified; Intel Corporation; Intel (R) System Management BIOS Driver>

    S2 DS1410D - c:\windows\system32\drivers\ds1410d.sys (file missing)
    S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
    S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
    S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
    S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
    S3 FileObjInfo (STFileDriver) - c:\documents and settings\all users\application data\spyware terminator\fileobjinfo.sys (file missing)
    S3 usbsermpt (Motorola USB Modem Driver for MPT) - c:\windows\system32\drivers\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
    S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 matlabserver (MATLAB Server) - f:\\webserver\bin\win32\matlabserver.exe
    R2 PREVXAgent (Prevx Agent) - "c:\program files\prevx1\pxagent.exe" -f <Not Verified; Prevx; Prevx-1>

    S2 ANSYS FLEXlm license manager - c:\documents and settings\abc\desktop\ansys_8\crack\ansys.exe (file missing)


    -- Scheduled Tasks -------------------------------------------------------------

    2007-02-18 02:00:18 412 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job


    -- Files created between 2007-04-13 and 2007-05-13 -----------------------------

    2007-05-13 11:32:14 0 d--hs---- C:\FOUND.000
    2007-05-13 11:20:42 0 d-------- C:\Documents and Settings\abc\Application Data\Prevx
    2007-05-13 11:19:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Prevx
    2007-05-12 21:48:35 13824 --a------ C:\WINDOWS\system32\xlibgfl254.dll
    2007-05-12 01:07:10 77312 --a------ C:\WINDOWS\ua2.dll
    2007-05-11 11:27:57 0 d-------- C:\Documents and Settings\LocalService\Application Data\Spyware Terminator
    2007-05-04 22:37:18 0 d-------- C:\Program Files\Arcade Race
    2007-05-04 00:35:44 0 d-------- C:\Documents and Settings\abc\Application Data\Nokia Multimedia Player


    -- Find3M Report ---------------------------------------------------------------

    2007-04-01 02:05:38 0 d-------- C:\Documents and Settings\abc\Application Data\CyberLink
    2007-04-01 02:02:44 0 d-------- C:\Program Files\CyberLink
    2007-04-01 02:01:28 0 d-------- C:\Program Files\Google
    2007-04-01 02:01:12 0 d-------- C:\Program Files\DivX
    2007-03-25 00:30:38 0 d-------- C:\Program Files\Common Files\PC Tools
    2007-03-20 22:08:54 0 d-------- C:\Documents and Settings\abc\Application Data\DataLayer
    2007-03-20 22:06:38 0 d-------- C:\Documents and Settings\abc\Application Data\Nokia
    2007-03-20 22:04:54 0 d-------- C:\Documents and Settings\abc\Application Data\PC Suite
    2007-03-20 22:04:36 0 d-------- C:\Program Files\Common Files\Nokia
    2007-03-20 22:04:34 0 d-------- C:\Program Files\Nokia
    2007-03-20 22:04:34 0 d-------- C:\Program Files\Common Files\PCSuite
    2007-02-25 16:24:56 475770 --a------ C:\WINDOWS\system32\mi1.exe


    -- Registry Dump ---------------------------------------------------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {0000CC75-ACF3-4cac-A0A9-DD3868E06852} C:\Program Files\DAP\dapbho.dll [x]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
    {BDF3E430-B101-42AD-A544-FADC6B084872} C:\Program Files\Norton AntiVirus\NavShExt.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
    "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe"
    "RTHDCPL"="RTHDCPL.EXE"
    "Alcmtr"="ALCMTR.EXE"
    "ccApp"="C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"
    "ccRegVfy"="C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe"
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
    "PrevxOne"="\"C:\\Program Files\\Prevx1\\PXConsole.exe\""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
    "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "Wallpaper"=""
    "DisableRegistryTools"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoActiveDesktop"=dword:00000000
    "ForceActiveDesktopOn"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{aed6f6a3-183c-488d-9f90-23db99f56e7f}"="apathies"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "system"="kdveh.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, xlibgfl254.dll"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\BlueSoleil.lnk"
    "backup"="C:\\WINDOWS\\pss\\BlueSoleil.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\IVTCOR~1\\BLUESO~1\\BLUESO~1.EXE "
    "item"="BlueSoleil"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="DAP"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\DAP\\DAP.EXE\" /STARTUP"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="googletalk"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Google\\Google Talk\\googletalk.exe\" /autostart"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="YahooMessenger"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0



    -- End of Deckard's System Scanner: finished at 2007-05-13 at 23:37:25 ---------


    Supplementary.txt
    ...........................................................

    Deckard's System Scanner v20070426.43
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Professional (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
    CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
    Percentage of Memory in Use: 66%
    Physical Memory (total/avail): 484.26 MiB / 161.65 MiB
    Pagefile Memory (total/avail): 1160.82 MiB / 800.68 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1973.13 MiB

    A: is Removable (No Media)
    C: is Fixed (FAT32) - 19.52 GiB total, 3.41 GiB free.
    D: is Fixed (FAT32) - 19.52 GiB total, 0.26 GiB free.
    E: is Fixed (FAT32) - 19.52 GiB total, 14.66 GiB free.
    F: is Fixed (FAT32) - 15.91 GiB total, 5.12 GiB free.
    G: is CDROM (No Media)
    H: is Removable (FAT)


    -- Security Center -------------------------------------------------------------

    AUOptions is disabled.
    Windows Internal Firewall is enabled.


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\abc\Application Data
    CADOE_DOCDIR80=C:\Program Files\Ansys Inc\v80\CommonFiles\help\en-us\solviewer
    CADOE_LIBDIR80=C:\Program Files\Ansys Inc\v80\CommonFiles\Language\en-us
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=ABC-5F179C936B6
    ComSpec=C:\WINDOWS\system32\cmd.exe
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\abc
    LOGONSERVER=\\ABC-5F179C936B6
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;f:\\bin\win32;C:\PROGRAM FILES\ANSYS INC\V80\ANSYS\bin\intel
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0401
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    P_SCHEMA=C:\Program Files\Ansys Inc\v80\ANSYS\ac4\schema
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\abc\LOCALS~1\Temp
    TMP=C:\DOCUME~1\abc\LOCALS~1\Temp
    USERDOMAIN=ABC-5F179C936B6
    USERNAME=abc
    USERPROFILE=C:\Documents and Settings\abc
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    abc (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
    Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
    ADSL USB Driver 2.0.1 --> "C:\Program Files\ADSL Router\unins000.exe"
    ANSYS 8.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ansys Inc\v80\ANSYS\DeIsL2.isu"
    BearShare MediaBar --> C:\Program Files\BearShare applications\BearShare MediaBar\Uninstall.exe
    Dassault Systemes Software B10 --> "C:\Program Files\Dassault Systemes\B10\intel_a\code\bin\Uninstall.exe" "C:\Program Files\Dassault Systemes\B10" "CODE" "IS" "C:\WINDOWS\ISUNINST.EXE" "C:\Program Files\Dassault Systemes\B10\intel_a\Uninst.isu" "B10" "0"
    High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 1.99.1 --> C:\Documents and Settings\abc\Desktop\hijackthis\HijackThis.exe /uninstall
    Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
    Intel(R) PRO Network Adapters and Drivers --> Prounstl.exe
    Internet Explorer Security Plugin 2006 --> "C:\Program Files\Video Access ActiveX Object\iesuninst.exe"
    Internet Security Add-On --> "C:\Program Files\Video Access ActiveX Object\isunst.exe"
    LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
    MATLAB 6.5 --> F:\\uninstall\uninstall.exe F:\
    Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
    Microsoft Web Publishing Wizard 1.53 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
    Mozilla Firefox (2.0.0.3) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    Nokia Connectivity Cable Driver --> MsiExec.exe /X{B7757137-0A71-4A9F-8A82-1AE4A1B73420}
    Nokia PC Suite --> MsiExec.exe /I{FF059F2A-62A7-4E6A-B305-559591D2769E}
    Norton AntiVirus 2003 Professional Edition --> MsiExec.exe /I{F4C9398F-B6C6-4A4B-8B6D-795CD86F915D}
    Prevx1 --> "C:\Documents and Settings\All Users\Application Data\Prevx\PXSetup.exe" ACTION=UNINSTALL -V -REBOOT -APP
    Public Messenger ver 2.03 --> "C:\Program Files\Video Access ActiveX Object\pmunst.exe"
    RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
    Rediff Bol --> C:\Program Files\Rediff Bol\uninstall.exe
    RelevantKnowledge --> C:\windows\system32\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
    System Alert Popup --> C:\DOCUME~1\abc\LOCALS~1\Temp\laf13.tmp /del
    Ultra soft --> C:\Documents and Settings\abc\Application Data\ultra\uninstall.bat
    VideoLAN VLC media player 0.8.0 --> F:\VLC\uninstall.exe
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    WordWeb --> C:\Program Files\WordWeb\uninst.exe
    XMLinst --> MsiExec.exe /I{EA23971F-2CEE-48FC-B64D-7F74A6EF90F0}
    Yahoo! Messenger --> C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG


    -- End of Deckard's System Scanner: finished at 2007-05-13 at 23:37:25 ---------



    Please check the log messages and instruct me next to do away with Xlibgfl254.dll which is causing problems while installing Visual studio 2005.

    Regards,
    Anil.
     
  7. anil_lami

    anil_lami Thread Starter

    Joined:
    May 11, 2007
    Messages:
    8
    Hi, Thanks for your reply. I ran ComboScan tool and got the following results:

    HijackThis.txt
    ..........................................................

    Logfile of HijackThis v1.99.1
    Scan saved at 11:34:56 PM, on 5/13/2007
    Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    F:\webserver\bin\win32\matlabserver.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Prevx1\PXAgent.exe
    f:\bin\win32\matlab.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Prevx1\PXConsole.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\WordWeb\wweb32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\abc\Desktop\dss.exe
    C:\Documents and Settings\abc\Desktop\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - (no file)
    R3 - URLSearchHook: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
    R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\dapbho.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - Startup: TotalAntiSpyware.lnk = C:\Program Files\Spinach AntiSpyware\AntiSpyware.exe
    O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
    O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/269fef5a65b3b26b2719/netzip/RdxIE601.cab
    O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1466
    O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/e/us29/e.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4E7F57C3-DD7C-4C5C-A103-816A89154C47}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5E293044-AC1D-4999-B312-C200D8D24CC4}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6BD7967F-9EC6-4EBF-A924-3090A9FF64BD}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: ANSYS FLEXlm license manager - Unknown owner - C:\Documents and Settings\abc\Desktop\ansys_8\Crack\ansys.exe (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner - F:\\webserver\bin\win32\matlabserver.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


    ComboScan.txt
    .......................................................

    Deckard's System Scanner v20070426.43
    Run by abc on 2007-05-13 at 23:23:52
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    16: 2007-05-13 17:54:00 UTC - RP227 - Deckard's System Scanner Restore Point
    15: 2007-05-13 08:21:57 UTC - RP226 - Removed BlueSoleil
    14: 2007-05-13 08:20:21 UTC - RP225 - Google Desktop Search 072105-155108 U
    13: 2007-05-12 16:48:00 UTC - RP224 - System Checkpoint
    12: 2007-05-10 18:49:49 UTC - RP223 - System Checkpoint


    -- First Restore Point --
    1: 2007-04-30 09:42:50 UTC - RP212 - System Checkpoint


    Backed up registry hives.

    Performed disk cleanup.


    -- HijackThis (run as abc.exe) -------------------------------------------------

    Logfile of HijackThis v1.99.1
    Scan saved at 11:36:34 PM, on 5/13/2007
    Platform: Windows XP SP2, v.2096 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2096)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    F:\webserver\bin\win32\matlabserver.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Prevx1\PXAgent.exe
    f:\bin\win32\matlab.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Prevx1\PXConsole.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\WordWeb\wweb32.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\abc\Desktop\dss.exe
    C:\DOCUME~1\abc\Desktop\HIJACK~1\abc.exe
    C:\WINDOWS\system32\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - (no file)
    R3 - URLSearchHook: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
    R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll (file missing)
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\dapbho.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - Startup: TotalAntiSpyware.lnk = C:\Program Files\Spinach AntiSpyware\AntiSpyware.exe
    O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
    O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/269fef5a65b3b26b2719/netzip/RdxIE601.cab
    O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1466
    O16 - DPF: {E53458D2-5A83-4BD1-8DE2-EEEBE73BAB77} - http://dinet.info/e/us29/e.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4E7F57C3-DD7C-4C5C-A103-816A89154C47}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5E293044-AC1D-4999-B312-C200D8D24CC4}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6BD7967F-9EC6-4EBF-A924-3090A9FF64BD}: NameServer = 85.255.116.20,85.255.112.215
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.20 85.255.112.215
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: ANSYS FLEXlm license manager - Unknown owner - C:\Documents and Settings\abc\Desktop\ansys_8\Crack\ansys.exe (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner - F:\\webserver\bin\win32\matlabserver.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe


    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil(c)>
    R1 PXRDDriver (PREVX Rootkitscan driver) - c:\windows\system32\drivers\pxrd.sys
    R3 SMBios (Intel (R) System Management BIOS Service) - c:\windows\system32\drivers\smbios.sys <Not Verified; Intel Corporation; Intel (R) System Management BIOS Driver>

    S2 DS1410D - c:\windows\system32\drivers\ds1410d.sys (file missing)
    S3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows (R) 2000 DDK driver>
    S3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
    S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
    S3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
    S3 FileObjInfo (STFileDriver) - c:\documents and settings\all users\application data\spyware terminator\fileobjinfo.sys (file missing)
    S3 usbsermpt (Motorola USB Modem Driver for MPT) - c:\windows\system32\drivers\usbsermpt.sys <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
    S3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
    S3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 matlabserver (MATLAB Server) - f:\\webserver\bin\win32\matlabserver.exe
    R2 PREVXAgent (Prevx Agent) - "c:\program files\prevx1\pxagent.exe" -f <Not Verified; Prevx; Prevx-1>

    S2 ANSYS FLEXlm license manager - c:\documents and settings\abc\desktop\ansys_8\crack\ansys.exe (file missing)


    -- Scheduled Tasks -------------------------------------------------------------

    2007-02-18 02:00:18 412 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job


    -- Files created between 2007-04-13 and 2007-05-13 -----------------------------

    2007-05-13 11:32:14 0 d--hs---- C:\FOUND.000
    2007-05-13 11:20:42 0 d-------- C:\Documents and Settings\abc\Application Data\Prevx
    2007-05-13 11:19:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Prevx
    2007-05-12 21:48:35 13824 --a------ C:\WINDOWS\system32\xlibgfl254.dll
    2007-05-12 01:07:10 77312 --a------ C:\WINDOWS\ua2.dll
    2007-05-11 11:27:57 0 d-------- C:\Documents and Settings\LocalService\Application Data\Spyware Terminator
    2007-05-04 22:37:18 0 d-------- C:\Program Files\Arcade Race
    2007-05-04 00:35:44 0 d-------- C:\Documents and Settings\abc\Application Data\Nokia Multimedia Player


    -- Find3M Report ---------------------------------------------------------------

    2007-04-01 02:05:38 0 d-------- C:\Documents and Settings\abc\Application Data\CyberLink
    2007-04-01 02:02:44 0 d-------- C:\Program Files\CyberLink
    2007-04-01 02:01:28 0 d-------- C:\Program Files\Google
    2007-04-01 02:01:12 0 d-------- C:\Program Files\DivX
    2007-03-25 00:30:38 0 d-------- C:\Program Files\Common Files\PC Tools
    2007-03-20 22:08:54 0 d-------- C:\Documents and Settings\abc\Application Data\DataLayer
    2007-03-20 22:06:38 0 d-------- C:\Documents and Settings\abc\Application Data\Nokia
    2007-03-20 22:04:54 0 d-------- C:\Documents and Settings\abc\Application Data\PC Suite
    2007-03-20 22:04:36 0 d-------- C:\Program Files\Common Files\Nokia
    2007-03-20 22:04:34 0 d-------- C:\Program Files\Nokia
    2007-03-20 22:04:34 0 d-------- C:\Program Files\Common Files\PCSuite
    2007-02-25 16:24:56 475770 --a------ C:\WINDOWS\system32\mi1.exe


    -- Registry Dump ---------------------------------------------------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {0000CC75-ACF3-4cac-A0A9-DD3868E06852} C:\Program Files\DAP\dapbho.dll [x]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
    {BDF3E430-B101-42AD-A544-FADC6B084872} C:\Program Files\Norton AntiVirus\NavShExt.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
    "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe"
    "RTHDCPL"="RTHDCPL.EXE"
    "Alcmtr"="ALCMTR.EXE"
    "ccApp"="C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"
    "ccRegVfy"="C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe"
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
    "PrevxOne"="\"C:\\Program Files\\Prevx1\\PXConsole.exe\""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
    "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "Wallpaper"=""
    "DisableRegistryTools"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoActiveDesktop"=dword:00000000
    "ForceActiveDesktopOn"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{aed6f6a3-183c-488d-9f90-23db99f56e7f}"="apathies"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "system"="kdveh.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, xlibgfl254.dll"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
    Authentication Packages REG_MULTI_SZ msv1_0\0\0
    Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
    Notification Packages REG_MULTI_SZ scecli\0\0


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\BlueSoleil.lnk"
    "backup"="C:\\WINDOWS\\pss\\BlueSoleil.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\IVTCOR~1\\BLUESO~1\\BLUESO~1.EXE "
    "item"="BlueSoleil"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="DAP"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\DAP\\DAP.EXE\" /STARTUP"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="googletalk"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Google\\Google Talk\\googletalk.exe\" /autostart"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="YahooMessenger"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0



    -- End of Deckard's System Scanner: finished at 2007-05-13 at 23:37:25 ---------


    Please check the log messages and instruct me next to do away with Xlibgfl254.dll which is causing problems while installing Visual studio 2005.

    Regards,
    Anil.
     
  8. anil_lami

    anil_lami Thread Starter

    Joined:
    May 11, 2007
    Messages:
    8
    The log messaages of Supplementary.txt are as follows:

    Supplementary.txt
    ...........................................................

    Deckard's System Scanner v20070426.43
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Professional (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
    CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
    Percentage of Memory in Use: 66%
    Physical Memory (total/avail): 484.26 MiB / 161.65 MiB
    Pagefile Memory (total/avail): 1160.82 MiB / 800.68 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1973.13 MiB

    A: is Removable (No Media)
    C: is Fixed (FAT32) - 19.52 GiB total, 3.41 GiB free.
    D: is Fixed (FAT32) - 19.52 GiB total, 0.26 GiB free.
    E: is Fixed (FAT32) - 19.52 GiB total, 14.66 GiB free.
    F: is Fixed (FAT32) - 15.91 GiB total, 5.12 GiB free.
    G: is CDROM (No Media)
    H: is Removable (FAT)


    -- Security Center -------------------------------------------------------------

    AUOptions is disabled.
    Windows Internal Firewall is enabled.


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\abc\Application Data
    CADOE_DOCDIR80=C:\Program Files\Ansys Inc\v80\CommonFiles\help\en-us\solviewer
    CADOE_LIBDIR80=C:\Program Files\Ansys Inc\v80\CommonFiles\Language\en-us
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=ABC-5F179C936B6
    ComSpec=C:\WINDOWS\system32\cmd.exe
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\abc
    LOGONSERVER=\\ABC-5F179C936B6
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;f:\\bin\win32;C:\PROGRAM FILES\ANSYS INC\V80\ANSYS\bin\intel
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0401
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    P_SCHEMA=C:\Program Files\Ansys Inc\v80\ANSYS\ac4\schema
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\abc\LOCALS~1\Temp
    TMP=C:\DOCUME~1\abc\LOCALS~1\Temp
    USERDOMAIN=ABC-5F179C936B6
    USERNAME=abc
    USERPROFILE=C:\Documents and Settings\abc
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    abc (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
    Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
    ADSL USB Driver 2.0.1 --> "C:\Program Files\ADSL Router\unins000.exe"
    ANSYS 8.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ansys Inc\v80\ANSYS\DeIsL2.isu"
    BearShare MediaBar --> C:\Program Files\BearShare applications\BearShare MediaBar\Uninstall.exe
    Dassault Systemes Software B10 --> "C:\Program Files\Dassault Systemes\B10\intel_a\code\bin\Uninstall.exe" "C:\Program Files\Dassault Systemes\B10" "CODE" "IS" "C:\WINDOWS\ISUNINST.EXE" "C:\Program Files\Dassault Systemes\B10\intel_a\Uninst.isu" "B10" "0"
    High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 1.99.1 --> C:\Documents and Settings\abc\Desktop\hijackthis\HijackThis.exe /uninstall
    Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
    Intel(R) PRO Network Adapters and Drivers --> Prounstl.exe
    Internet Explorer Security Plugin 2006 --> "C:\Program Files\Video Access ActiveX Object\iesuninst.exe"
    Internet Security Add-On --> "C:\Program Files\Video Access ActiveX Object\isunst.exe"
    LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
    MATLAB 6.5 --> F:\\uninstall\uninstall.exe F:\
    Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
    Microsoft Web Publishing Wizard 1.53 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
    Mozilla Firefox (2.0.0.3) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
    Nokia Connectivity Cable Driver --> MsiExec.exe /X{B7757137-0A71-4A9F-8A82-1AE4A1B73420}
    Nokia PC Suite --> MsiExec.exe /I{FF059F2A-62A7-4E6A-B305-559591D2769E}
    Norton AntiVirus 2003 Professional Edition --> MsiExec.exe /I{F4C9398F-B6C6-4A4B-8B6D-795CD86F915D}
    Prevx1 --> "C:\Documents and Settings\All Users\Application Data\Prevx\PXSetup.exe" ACTION=UNINSTALL -V -REBOOT -APP
    Public Messenger ver 2.03 --> "C:\Program Files\Video Access ActiveX Object\pmunst.exe"
    RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
    Rediff Bol --> C:\Program Files\Rediff Bol\uninstall.exe
    RelevantKnowledge --> C:\windows\system32\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
    System Alert Popup --> C:\DOCUME~1\abc\LOCALS~1\Temp\laf13.tmp /del
    Ultra soft --> C:\Documents and Settings\abc\Application Data\ultra\uninstall.bat
    VideoLAN VLC media player 0.8.0 --> F:\VLC\uninstall.exe
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    WordWeb --> C:\Program Files\WordWeb\uninst.exe
    XMLinst --> MsiExec.exe /I{EA23971F-2CEE-48FC-B64D-7F74A6EF90F0}
    Yahoo! Messenger --> C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG


    -- End of Deckard's System Scanner: finished at 2007-05-13 at 23:37:25 ---------
     
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/572122

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice