1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Internet running at 1/4 speed, ISP says my fault

Discussion in 'Virus & Other Malware Removal' started by brett38655, Sep 11, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. brett38655

    brett38655 Thread Starter

    Joined:
    Sep 11, 2007
    Messages:
    12
    For the last month, my internet speed is down to as low as 20K/sec. I am supposed to be getting 6M/sec. I have had my cable company come look at my connection 3 times and they say there is nothing wrong with the signal and that it has to be my fault. I have run BitDefneder and cleaned out a few problems but speeds are still slow around 200K. I have problems when I get online and my processor usage is running unusually high lately, 100%. Any thoughts?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:08:02 AM, on 9/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\WINDOWS\system32\nvraidservice.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
    O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [winmatrix.exe] "C:\Program Files\WinMatrix XP\WinMatrixXP.exe"
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/wuweb_site.cab?1188188515812
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1188188506703
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C8B5F1E8-F03E-457C-8978-0A4D49E81A07}: NameServer = 65.83.241.181,67.32.118.46
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 8836 bytes
     
  2. racenutalways

    racenutalways

    Joined:
    Mar 10, 2005
    Messages:
    313
    Hello Brett and welcome to TSG. Gotta love Bell, they blame everyone else but themselves.
    That log looks good, let's dig in a little deeper.

    Please download Deckard's System Scanner (DSS) and save it to your Desktop.
    • Close all other windows before proceeding.
    • Double-click on dss.exe and follow the prompts.
    • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
     
  3. brett38655

    brett38655 Thread Starter

    Joined:
    Sep 11, 2007
    Messages:
    12
    Deckard's System Scanner v20070905.67
    Run by Brett on 2007-09-16 21:44:50
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    7: 2007-09-17 02:44:52 UTC - RP7 - Deckard's System Scanner Restore Point
    6: 2007-09-16 17:05:36 UTC - RP6 - System Checkpoint
    5: 2007-09-15 16:21:24 UTC - RP5 - System Checkpoint
    4: 2007-09-14 16:07:35 UTC - RP4 - System Checkpoint
    3: 2007-09-13 15:28:07 UTC - RP3 - System Checkpoint


    -- First Restore Point --
    1: 2007-09-11 14:59:19 UTC - RP1 - System Checkpoint


    Backed up registry hives.
    Performed disk cleanup.



    -- HijackThis (run as Brett.exe) -----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:45:36 PM, on 9/16/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\system32\nvraidservice.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Documents and Settings\Brett\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\Brett.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
    O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [winmatrix.exe] "C:\Program Files\WinMatrix XP\WinMatrixXP.exe"
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/wuweb_site.cab?1188188515812
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1188188506703
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 8908 bytes

    -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

    backup-20070915-090817-373 O17 - HKLM\System\CCS\Services\Tcpip\..\{C8B5F1E8-F03E-457C-8978-0A4D49E81A07}: NameServer = 65.83.241.181,67.32.118.46

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 SI3112r (Silicon Image SiI 3512 SATARaid Controller) - c:\windows\system32\drivers\si3112r.sys <Not Verified; Silicon Image, Inc; Medley>
    R0 SiFilter (SATALink driver accelerator) - c:\windows\system32\drivers\siwinacc.sys <Not Verified; Silicon Image, Inc.; SATALink Windows Accelerator>
    R1 bdftdif - c:\program files\common files\bitdefender\bitdefender firewall\bdftdif.sys <Not Verified; BitDefender SRL; BitDefender 11>
    R3 BDSelfPr - c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys <Not Verified; SOFTWIN srl.; BitDefender>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>


    -- Device Manager: Disabled ----------------------------------------------------

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45
    Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_E0001458&REV_13\4&3191A3E6&0&5870
    Manufacturer: Marvell
    Name: Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45
    PNP Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_E0001458&REV_13\4&3191A3E6&0&5870
    Service: yukonwxp


    -- Files created between 2007-08-16 and 2007-09-16 -----------------------------

    2007-09-15 10:15:44 0 d--hs---- C:\found.001
    2007-09-10 08:07:50 0 d-------- C:\Program Files\Trend Micro
    2007-09-09 22:32:30 0 d-------- C:\WINDOWS\nview
    2007-09-09 22:02:07 0 d-------- C:\NV20922216.TMP
    2007-09-09 22:01:28 0 d-------- C:\NV6202496.TMP
    2007-09-09 21:36:52 0 d-------- C:\Documents and Settings\Brett\Application Data\VersionTracker Pro
    2007-09-09 19:29:06 0 d-------- C:\KAV
    2007-09-09 17:17:39 81984 --a------ C:\WINDOWS\system32\bdod.bin
    2007-09-09 17:17:13 0 d-------- C:\Documents and Settings\Brett\Application Data\Bitdefender
    2007-09-09 17:16:58 0 d-------- C:\Program Files\BitDefender
    2007-09-09 17:16:58 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
    2007-09-09 17:16:32 0 d-------- C:\Program Files\Common Files\BitDefender
    2007-09-09 16:13:07 0 d-------- C:\WINDOWS\system32\ActiveScan
    2007-09-08 11:24:10 0 d--hs---- C:\found.000
    2007-09-06 18:02:25 0 d-------- C:\Documents and Settings\Brett\.housecall6.6
    2007-09-06 14:14:28 0 d-------- C:\Program Files\iPod
    2007-09-06 14:14:15 0 d-------- C:\Program Files\iTunes
    2007-09-05 19:52:12 0 d-------- C:\Documents and Settings\Brett\WINDOWS
    2007-09-05 19:48:11 133120 --a------ C:\WINDOWS\sprof32.dll <Not Verified; Eastman Kodak Company; KODAK DIGITAL SCIENCE ICC Profile API>
    2007-09-05 19:48:11 58368 --a------ C:\WINDOWS\pfpick.dll <Not Verified; Eastman Kodak Company; Kodak Digital Science Profile Picker>
    2007-09-05 19:48:11 37376 --a------ C:\WINDOWS\kpsys32.dll <Not Verified; Eastman Kodak Company; KCMS System Interface Library>
    2007-09-05 19:48:11 196608 --a------ C:\WINDOWS\kpcp32.dll <Not Verified; Eastman Kodak Company; KODAK DIGITAL SCIENCE Professional Color Processor (Win32)>
    2007-09-05 19:48:11 40129 --a------ C:\WINDOWS\iccsigs.dat
    2007-09-05 19:48:11 20992 --a------ C:\WINDOWS\icccodes.dll <Not Verified; Eastman Kodak Company; KCMS ICCCODES>
    2007-09-05 19:48:03 210944 --a------ C:\WINDOWS\system32\MSVCRT10.DLL
    2007-09-05 19:47:57 0 d-------- C:\KPCMS
    2007-09-05 16:26:35 0 d-------- C:\Temp
    2007-09-05 16:26:35 0 d-------- C:\CanoScan_N650U_N656U_CSUv571a
    2007-09-03 22:41:42 0 d-------- C:\WINDOWS\NV4092200.TMP
    2007-09-03 15:59:27 0 d-------- C:\WINDOWS\NV13601896.TMP
    2007-09-03 10:51:43 0 d-------- C:\Documents and Settings\Brett\Application Data\Sony Corporation
    2007-09-03 10:46:27 0 d-------- C:\Program Files\Sony
    2007-08-30 17:53:19 0 d-------- C:\Documents and Settings\All Users\Application Data\HP
    2007-08-30 17:53:05 0 d-------- C:\Program Files\Common Files\HP
    2007-08-30 17:51:04 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
    2007-08-30 17:43:24 57344 --a------ C:\WINDOWS\system32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows>
    2007-08-30 17:43:24 94208 --a------ C:\WINDOWS\system32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows>
    2007-08-30 17:43:24 204800 --a------ C:\WINDOWS\system32\HPZipr12.dll <Not Verified; HP; HP PmlRtl>
    2007-08-30 17:43:24 69632 --a------ C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
    2007-08-30 17:43:24 61440 --a------ C:\WINDOWS\system32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows>
    2007-08-30 17:43:24 278584 --a------ C:\WINDOWS\system32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl>
    2007-08-30 17:41:15 0 d-------- C:\Documents and Settings\Brett\Application Data\HP
    2007-08-26 23:48:56 0 d--h----- C:\WINDOWS\msdownld.tmp
    2007-08-26 23:05:15 0 d-------- C:\Program Files\SystemRequirementsLab
    2007-08-26 23:04:58 0 d-------- C:\Documents and Settings\Brett\Application Data\SystemRequirementsLab
    2007-08-24 15:45:13 0 d-------- C:\Documents and Settings\Brett\Application Data\Bioshock
    2007-08-24 15:29:55 0 d-------- C:\Program Files\2K Games
    2007-08-24 15:29:43 0 d-------- C:\Documents and Settings\Brett\Application Data\InstallShield
    2007-08-23 15:48:31 0 d-------- C:\Program Files\MagicISO
    2007-08-23 15:39:53 0 d-------- C:\Program Files\Ahead
    2007-08-23 15:34:34 0 d-------- C:\Documents and Settings\All Users\Application Data\WinZip


    -- Find3M Report ---------------------------------------------------------------

    2007-09-09 17:16:32 0 d-------- C:\Program Files\Common Files
    2007-09-09 16:36:03 0 d-------- C:\Program Files\WinMatrix XP
    2007-09-09 16:34:56 0 d-------- C:\Program Files\MSN Messenger
    2007-09-07 14:42:37 164 --a------ C:\install.dat
    2007-09-06 19:24:53 0 d-------- C:\Program Files\Hewlett-Packard
    2007-09-06 19:24:40 0 d-------- C:\Program Files\HP
    2007-09-06 19:10:47 0 d-------- C:\Documents and Settings\Brett\Application Data\Mozilla
    2007-09-06 19:10:39 9607 --a------ C:\WINDOWS\mozver.dat
    2007-09-06 19:10:35 118784 --a------ C:\WINDOWS\GREUninstall.exe
    2007-09-05 19:47:57 0 d-------- C:\Program Files\Common Files\Adobe
    2007-09-03 10:47:43 0 d--h----- C:\Program Files\InstallShield Installation Information
    2007-08-30 18:07:54 2065 --a------ C:\Documents and Settings\Brett\Application Data\HPSU_48BitScanUpdate.log
    2007-08-30 18:06:06 40331 --a------ C:\Documents and Settings\Brett\Application Data\Update_HP_RedboxHprblog_HPSU.log
    2007-08-30 18:05:55 139264 --a------ C:\WINDOWS\system32\hpzjrd01.dll <Not Verified; Hewlett Packard; Hewlett Packard Rediscovery Library>
    2007-08-30 14:33:26 0 d-------- C:\Program Files\Guild Wars
    2007-08-26 23:43:48 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
    2007-08-21 20:05:15 0 d-------- C:\Program Files\Java
    2007-08-10 18:34:56 0 d-------- C:\Program Files\Picasa2
    2007-08-09 15:27:52 0 d-------- C:\Program Files\QuickTime
    2007-08-09 15:26:35 0 d-------- C:\Program Files\Common Files\Apple
    2007-08-06 15:45:18 0 d-------- C:\Program Files\Mozilla Thunderbird
    2007-07-26 13:03:10 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
    2007-07-22 22:14:58 0 d-------- C:\Program Files\NVIDIA Corporation
    2007-07-22 22:14:58 0 d-------- C:\Program Files\Common Files\NVIDIA Shared
    2007-07-21 23:20:12 0 d-------- C:\Program Files\DriverCleanerDotNET
    2007-07-20 15:54:30 77824 --a------ C:\WINDOWS\system32\xcomm.dll <Not Verified; Softwin; Softwin BitDefender Communicator>
    2007-07-17 21:52:26 0 d-------- C:\Program Files\Yahoo!
    2007-07-12 02:06:26 81920 --a------ C:\WINDOWS\system32\frapsvid.dll <Not Verified; Beepa P/L; FRAPS>
    2007-06-29 00:43:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
    2007-06-29 00:43:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
    2007-06-29 00:43:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
    2007-06-29 00:43:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
    2007-06-29 00:43:00 1474560 --a------ C:\WINDOWS\system32\nview.dll
    2007-06-29 00:43:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
    2007-06-29 00:43:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
    2007-06-29 00:43:00 425984 --a------ C:\WINDOWS\system32\keystone.exe


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [07/19/2005 05:32 PM]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [06/08/2005 03:24 PM]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [06/08/2005 03:14 PM]
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [05/12/2004 03:18 PM]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [03/07/2005 11:42 PM]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]
    "RegistryMechanic"="" []
    "NVRaidService"="C:\WINDOWS\system32\nvraidservice.exe" [01/12/2004 11:36 PM]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
    "NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [06/03/2004 08:51 PM]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 06:24 AM]
    "NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [07/09/2001 05:50 AM]
    "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [09/05/2007 06:03 PM]
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [09/09/2007 05:22 PM]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/29/2007 12:43 AM]
    "nwiz"="nwiz.exe" [06/29/2007 12:43 AM C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [06/29/2007 12:43 AM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
    "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [06/08/2005 02:44 PM]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/28/2006 07:00 AM]
    "winmatrix.exe"="C:\Program Files\WinMatrix XP\WinMatrixXP.exe" [04/13/2006 11:54 PM]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [9/5/2007 7:48:17 PM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx scan


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e5c7101-f7f6-11db-852a-806d6172696f}]
    AutoRun\command- D:\setup.exe




    -- End of Deckard's System Scanner: finished at 2007-09-16 21:47:34 ------------
     
  4. brett38655

    brett38655 Thread Starter

    Joined:
    Sep 11, 2007
    Messages:
    12
    Deckard's System Scanner v20070905.67
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Home Edition (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: AMD Athlon(tm) 64 Processor 3000+
    Percentage of Memory in Use: 26%
    Physical Memory (total/avail): 1535.48 MiB / 1135.79 MiB
    Pagefile Memory (total/avail): 2921.71 MiB / 2610.57 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1966.86 MiB

    A: is Removable (No Media)
    C: is Fixed (NTFS) - 149.04 GiB total, 88.01 GiB free.
    D: is CDROM (UDF)
    F: is Fixed (NTFS) - 55.89 GiB total, 25.32 GiB free.

    \\.\PHYSICALDRIVE1 - MAXTOR STM3160812AS - 149.05 GiB - 1 partition
    \PARTITION0 (bootable) - Installable File System - 149.04 GiB - C:

    \\.\PHYSICALDRIVE0 - WDC WD600BB-00CAA1 - 55.9 GiB - 1 partition
    \PARTITION0 (bootable) - Installable File System - 55.89 GiB - F:



    -- Security Center -------------------------------------------------------------

    AUOptions is disabled.
    Windows Internal Firewall is disabled.

    FirstRunDisabled is set.
    AntiVirusDisableNotify is set.
    FirewallDisableNotify is set.
    UpdatesDisableNotify is set.

    AV: Bitdefender Antivirus v8.0 (BitDefender)

    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Turbine\\The Lord of the Rings Online\\lotroclient.exe"="C:\\Program Files\\Turbine\\The Lord of the Rings Online\\lotroclient.exe:*:Enabled:lotroclient.exe"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Brett\Application Data
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
    CLIENTNAME=Console
    COLLECTIONID=COL7299
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=ATHLON3000
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HMSERVER=https://wwss1proa.cce.hp.com/wuss/servlet/WUSSServlet
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Brett
    ITEMID=oj-21918-1
    LANG=1033
    LOGONSERVER=\\ATHLON3000
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    OSVER=winXPH
    Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0c00
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
    SESSIONID=1180769970743htx605613d58a1:112eb5fddf8:-63fa
    SESSIONNAME=Console
    SWUTVER=1.0.18.30716
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\Brett\LOCALS~1\Temp
    TIMEOUT=0
    TMP=C:\DOCUME~1\Brett\LOCALS~1\Temp
    TOOLPATH=/C:/Program%20Files/Hewlett-Packard/HP%20Software%20Update/install.htm
    UPDATEDIR=C:\DOCUME~1\Brett\LOCALS~1\Temp\rad291B1.tmp
    USERDOMAIN=ATHLON3000
    USERNAME=Brett
    USERPROFILE=C:\Documents and Settings\Brett
    VERSION=2.1.5
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    Brett (admin)
    Administrator (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\ITE Raid Driver Setup\Uninst.isu"
    --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Silicon Image Raid\Uninst.isu"
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x9 -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x9 /cont -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x9 -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x9 -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x9 -removeonly
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Photoshop 5.5 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 5.5\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 5.5\Uninst.dll"
    Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
    AI RoboForm (All Users) --> "C:\Program Files\Siber Systems\AI RoboForm\rfwipeout.exe"
    Apple Mobile Device Support --> MsiExec.exe /I{373CDFEC-F0DE-4C40-81AB-EF64F6F2F948}
    Audible Download Manager --> C:\Program Files\Audible\Bin\AudibleDM_iTunesSetup.exe /Uninstall
    BigOven --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0267007-A6FD-4304-8131-346D1CEA6F82}\Setup.exe" -l0x9
    BioShock --> C:\Program Files\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\Setup.exe -runfromtemp -l0x0009 -removeonly
    BitDefender Antivirus 2008 --> MsiExec.exe /I{0DE20CB1-3E10-411F-A7ED-75C9E11D4CC8}
    Command & Conquer 3 --> MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
    DH Driver Cleaner.NET --> C:\Program Files\DriverCleanerDotNET\Uninstall.exe
    Enable S3 for USB Device --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Enable S3 for USB Device\Uninst.isu"
    EZ Outlook Backup Premium --> C:\WINDOWS\rapidui.exe -ui ezoutlookbackuppremium.exe
    Guild Wars --> "C:\Program Files\Guild Wars\Gw.exe" -uninstall
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    hp deskjet 5600 --> msiexec /x{DB5518BE-F40F-407A-B451-012625D4497B}
    HP Image Zone Express --> MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
    iTunes --> MsiExec.exe /I{8610BEA1-FD76-4340-8326-7946DDC2EE7B}
    Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
    Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
    Logitech QuickCam Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9
    Logitech® Camera Driver --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mozilla Firefox (2.0.0.5) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Mozilla Firefox (2.0.0.6) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.6) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
    Nero - Burning Rom --> MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
    NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
    NvMixer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D7A6C517-11F2-419F-B5BB-27772B939698}\Setup.exe" -uninstall
    overland --> MsiExec.exe /I{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}
    Palm Desktop --> MsiExec.exe /X{E89D78B8-28F7-412F-8B26-C684739CBBDC}
    Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
    Personal Ancestral File 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D94A8E22-DF2B-4107-9E51-608A60A7671D}\Setup.exe"
    Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
    Picture Package Music Transfer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe" -l0x9 -removeonly
    Quicken 2007 --> MsiExec.exe /X{0D2E80C8-0875-43EB-9623-47118E2DFBCA}
    QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
    Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
    Registry Mechanic 6.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Shutterfly Plugin --> C:\PROGRA~1\SHUTTE~1\UNWISE.EXE C:\PROGRA~1\SHUTTE~1\INSTALL.LOG
    Sony Picture Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
    Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
    System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
    The Lord of the Rings Online™: Shadows of Angmar™ v07.12.30.54 --> "C:\Program Files\Turbine\The Lord of the Rings Online\unins000.exe"
    Tracks Eraser Pro v6.1 --> "C:\Program Files\Acesoft\Tracks Eraser Pro\unins000.exe"
    Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    WinMatrix XP 2.35 --> "C:\Program Files\WinMatrix XP\unins000.exe"
    WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
    Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
    Yahoo! Widgets --> C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe


    -- Application Event Log -------------------------------------------------------

    Event Record #/Type1585 / Success
    Event Submitted/Written: 09/16/2007 01:02:03 PM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type1581 / Warning
    Event Submitted/Written: 09/16/2007 07:02:20 AM
    Event ID/Source: 32068 / Microsoft Fax
    Event Description:
    The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
    Country/region code: '*'
    Area code: '*'

    Event Record #/Type1580 / Warning
    Event Submitted/Written: 09/16/2007 07:02:20 AM
    Event ID/Source: 32026 / Microsoft Fax
    Event Description:
    Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
    No faxes can be sent or received until a fax device is installed.

    Event Record #/Type1576 / Warning
    Event Submitted/Written: 09/15/2007 11:52:15 AM
    Event ID/Source: 32068 / Microsoft Fax
    Event Description:
    The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
    Country/region code: '*'
    Area code: '*'

    Event Record #/Type1575 / Warning
    Event Submitted/Written: 09/15/2007 11:52:15 AM
    Event ID/Source: 32026 / Microsoft Fax
    Event Description:
    Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
    No faxes can be sent or received until a fax device is installed.



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type9447 / Warning
    Event Submitted/Written: 09/16/2007 08:41:27 PM
    Event ID/Source: 36 / W32Time
    Event Description:
    The time service has not been able to synchronize the system time
    for 49152 seconds because none of the time providers has been able to
    provide a usable time stamp. The system clock is unsynchronized.

    Event Record #/Type9430 / Error
    Event Submitted/Written: 09/16/2007 07:02:28 AM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    The SSDP Discovery Service service failed to start due to the following error:
    %%1079

    Event Record #/Type9417 / Warning
    Event Submitted/Written: 09/15/2007 02:39:10 PM
    Event ID/Source: 4226 / Tcpip
    Event Description:
    TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

    Event Record #/Type9405 / Error
    Event Submitted/Written: 09/15/2007 11:52:27 AM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    The SSDP Discovery Service service failed to start due to the following error:
    %%1079

    Event Record #/Type9387 / Error
    Event Submitted/Written: 09/15/2007 10:24:02 AM
    Event ID/Source: 55 / Ntfs
    Event Description:
    The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume C:.



    -- End of Deckard's System Scanner: finished at 2007-09-16 21:47:34 ------------
     
  5. racenutalways

    racenutalways

    Joined:
    Mar 10, 2005
    Messages:
    313
    Java(TM) SE Runtime Environment 6 Update 1 < Remove that entry in your Add or Remove Programs, poses a security vulnerability.
    I don't see anything malicious. Let's run an online scanner to get a 2nd opinion, first we will clean out your Temp files and cookies, scan will take less time.

    Please download ATF Cleaner by Atribune.
    This program is for XP and Windows 2000 only

    • Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.
    If you use Firefox browser
    • Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browser
    • Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.
    For Technical Support, double-click the e-mail address located at the bottom of each menu.

    Please go HERE to run Panda's ActiveScan
    • Once you are on the Panda site click the Scan your PC button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    • If it wants to install an ActiveX component allow it
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • When download is complete, click on My Computer to start the scan
    • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
     
  6. brett38655

    brett38655 Thread Starter

    Joined:
    Sep 11, 2007
    Messages:
    12
    Incident Status Location

    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Brett\Application Data\Mozilla\Profiles\default\1f4r4sn2.slt\cookies.txt[.atdmt.com/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Brett\Application Data\Mozilla\Profiles\default\1f4r4sn2.slt\cookies.txt[.zedo.com/]
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/622508

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice