Multiple Problems, don't think they are related

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

nburnett

Thread Starter
Joined
Jan 21, 2005
Messages
34
Ok this might be a little long, my apologies for that. Over the past few weeks I have experienced a few unrelated problems (I think).

My laptop is an HP pavilion zd7000. Seemingly out of nowhere all the buttons (not the keyboard or the power button, but the volume, quick launch, touchpad disable buttons) stopped working. This has been a huge problem for me because one of these buttons enables/disables my wireless card. When I start my computer it alternates between enabled and disabled, so whenever I turn on my computer my wireless is disabled so I have to restart. Then it works. I use all the other buttons a lot as well, so this is a big problem to me. Is this software related? There are processes running that seem to control these buttons, but I cannot find any options that seem related to this problem.

Problem 2, not as big. When I was looking through my running processes I found a process simply called "System". When I searched it on processlibrary.com it came up as Trojan.Mitglieder.B. I am not sure if this is an exact match. Should I get rid of it? It has always run at 220k, never changing.

Problem 3. About a week or two ago I downloaded updates for the microsoft spyware beta. The restart took atleast 3 times as long as normal and this did not change on subsequent startups. Also everything seemed to take longer, programs open slower and my iTunes skips when playing music (which it never did, ever). I uninstalled the microsft spyware beta program and things seem to be a little bit better, but still about twice as slow as before. Any ideas? I have 1gig of memory and rarely go over 40% usage, most of the time running at about 5%-10% CPU usage.

Thanks in advance for your help.
 

cybertech

Retired Moderator
Joined
Apr 16, 2002
Messages
72,115
You should post a log for us to review.
Click on this link: http://www.thespykiller.co.uk/files/HJTsetup.exe Double click on the file and it will install to C:\program files\hijackthis and create an entry in the start menu and an optional shortcut on desktop.

Close out any open browsers and launch the program.
Click on "Do a system scan and save a logfile.
The log will open in Notepad
Go to Edit,Select All, Edit, Copy
Come back to this thread
And press Ctrl+V to paste the log into the thread.
 

nburnett

Thread Starter
Joined
Jan 21, 2005
Messages
34
Here you go:

Logfile of HijackThis v1.99.1
Scan saved at 12:16:27 PM, on 7/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SafeTPKeyCheck] C:\WINDOWS\SafeTP\STPMGR.EXE /CHECKSEED
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [BackupNotify] C:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=laptop
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

cybertech

Retired Moderator
Joined
Apr 16, 2002
Messages
72,115
You have two antiviruses running, which is a recipe for trouble. Use NAV to scan in the background, but configure AVG to scan on demand only!

What is the location of the Trojan.Mitglieder.B?
 

nburnett

Thread Starter
Joined
Jan 21, 2005
Messages
34
I was thinking of getting rid of NAV all together and just using AVG because I don't have a Norton Subscription anymore to get updates. Would that be a viable solution as well? Then I would just have my Zone Alarm and AVG running.

I'm not sure I have this Trojan.Mitglieder.B. But it came up when I search for "System" at processlibrary.com. It does not come up when I run a virus scan. I was just wondering if this "System" process is something I need to worry about and if it really has something to do with the trojan like processlibrary.com says. Didn't seem to be a perfect match when I searched, but I couldn't find any other info on a "System" process.
 

cybertech

Retired Moderator
Joined
Apr 16, 2002
Messages
72,115
Would that be a viable solution as well?
Yes, if it's not updating anymore it's not of any value.

Based on your findings at processlibrary.com I would not do anything with the system process.
 

nburnett

Thread Starter
Joined
Jan 21, 2005
Messages
34
Ok, then I'm going to remove norton from my computer. In addition to Norton Antivirus, there are a few other "symantic corporation" programs, LiveReg and LiveUpdate as well as a Norton WMI Update. These are all related to NAV correct? I should remove these as well? Just making sure.
 

cybertech

Retired Moderator
Joined
Apr 16, 2002
Messages
72,115
Can you define disabled a little better for me? Do they appear with red lines through them or are they greyed out, etc...
 

nburnett

Thread Starter
Joined
Jan 21, 2005
Messages
34
They are the quick access or quick launch buttons located on the laptop. They control volume, touchpad enable/disable, program shortcuts, and most importantly my wireless card enable/disable. See the attachment. My question to you is whether this is a software issue since there are processes running that control these buttons or if it is a hardware thing and I should just call HP.
 

Attachments

nburnett

Thread Starter
Joined
Jan 21, 2005
Messages
34
The device manager does not show any errors or anything not working properly, that's why I thought it might be a software problem.
 

cybertech

Retired Moderator
Joined
Apr 16, 2002
Messages
72,115
I'm sorry that I don't know anything about HP laptops. Let me see if I can get someone to help.
 

nburnett

Thread Starter
Joined
Jan 21, 2005
Messages
34
I am very greatful for your help cybertech, I just thought you weren't here anymore. Thanks!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top