Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Somethings eating up my processing time... help please!


  • This topic is locked This topic is locked
2 replies to this topic

#1 DaveHouser1

DaveHouser1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:26 AM

Posted 13 September 2010 - 08:45 AM

Hello All

Befor i continue, yes i have tryed everything on your sites "befor you post" post, which was very helpful

Problem: my computers processor is spiked for menial tasks, its not 100% all the time, but its obvious that its being over used by something. When checking task manager AND Procexp, theres no source to the problem, memorry isn't being over utilized by anything, it just seems like my processor got slower, and all tasks drain it.

What i did last before this happened: Installed a PCI USB card reader, edited a host file (this was to use Windows essentials with out WGA , iv done it befor its never caused problems)

What iv tryed:

1) resstarted 2) took out the card 3) changed host file back 4) msconfig'ed and truned off all non microsoft services / start up services 4) performed MULTIPLE virus scans, which found some malishious files, removed them. this helped alittle but its still an obvious problem 5) booted to safe mode, this dosn't seem to fix the problem much either, but i cant tell. 6) performed Sans with Hijackthis, and DDS.. they are below

i really DONT want to reformat, since i did it 2 weeks ago.

below is the DDS scan attached is the DDS scan, Attach.txt, and i did a hijack this scan if you want that too

IM REALLY sorry but im at work and didn't know your site liked to use GMER Logs, i forgot to get this so if you need it tell me, this is the best of what i have now.




DDS (Ver_10-03-17.01) - NTFSx86
Run by Diggity Dave! at 1:27:22.70 on Mon 09/13/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1352 [GMT 1:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\SetPointP\LBTWiz.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Robust IT\Taskix\Taskix32.exe
C:\Program Files\DisplayFusion\DisplayFusion.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Desktop\dds.scr

============== Pseudo HJT Report ===============

uWindow Title = Service Pack 3 Internet Explorer
mWinlogon: Shell=Explorer2.exe
mWinlogon: SfcDisable=-99 (0xffffff9d)
mWinlogon: UIHost=c:\documents and settings\all users\application data\tuneup software\tuneup utilities\winstyler\tu_logonui.exe
uWinlogon: Shell=explorer2.exe
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Google Update] "c:\documents and settings\diggity dave!\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Taskix] "c:\program files\robust it\taskix\Taskix32.exe" start
uRun: [DisplayFusion] "c:\program files\displayfusion\DisplayFusion.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [BCWipeTM Startup] "c:\program files\jetico\bcwipe\BCWipeTM.exe" startup
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
dRun: [msnsc] c:\windows\system32\msnsc.exe
dRunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\docume~1\diggit~1\startm~1\programs\startup\3monit~1.lnk - c:\documents and settings\diggity dave!\application data\realtime soft\ultramon\3.0.0\profiles\3 Monitors .umprofile
StartupFolder: c:\docume~1\diggit~1\startm~1\programs\startup\random~1.lnk - c:\program files\logonui changer\RandomWallpaper.exe
StartupFolder: c:\docume~1\diggit~1\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\diggit~1\applic~1\mozilla\firefox\profiles\ykaof461.x\
FF - plugin: c:\documents and settings\diggity dave!\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-9-12 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-9-12 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-12 40384]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2010-9-4 10448]
R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\common files\realtime soft\ultramonmirrordrv\x32\UltraMonUtility.sys [2006-9-24 11776]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-12 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-9-12 40384]
R3 UltraMonMirror;UltraMonMirror;c:\windows\system32\drivers\UltraMonMirror.sys [2006-9-24 3584]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-24 10064]
S4 BCSWAP;BCSWAP;c:\windows\system32\drivers\bcswap.sys [2007-1-25 91496]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-8-27 1051968]

=============== Created Last 30 ================

2010-09-13 00:25:16 0 d-----w- c:\program files\Trend Micro
2010-09-12 22:37:42 24832 ----a-w- c:\windows\system32\drivers\lgusbmodem.sys
2010-09-12 22:37:42 13056 ----a-w- c:\windows\system32\drivers\lgusbbus.sys
2010-09-12 22:37:42 0 d-----w- c:\program files\LG Electronics
2010-09-12 22:26:18 0 d-----w- c:\program files\BitPim
2010-09-12 21:33:13 0 d-----w- c:\program files\Rasterbator Standalone
2010-09-12 18:49:02 0 d-sh--w- c:\documents and settings\diggity dave!\PrivacIE
2010-09-12 15:25:31 38848 ----a-w- c:\windows\avastSS.scr
2010-09-12 15:25:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-09-12 14:22:26 0 d-----w- C:\ATI
2010-09-12 12:41:51 0 d-----w- c:\docume~1\alluse~1\applic~1\regid.1986-12.com.adobe
2010-09-09 22:38:12 107520 --sha-r- c:\windows\system32\dsquery3.dll
2010-09-09 22:37:44 0 d-----w- c:\program files\MagicISO
2010-09-09 22:36:47 0 d-----w- c:\program files\PowerISO
2010-09-07 04:04:31 0 d-----w- c:\docume~1\diggit~1\applic~1\DAEMON Tools Pro
2010-09-07 04:04:31 0 d-----w- c:\docume~1\alluse~1\applic~1\DAEMON Tools Pro
2010-09-04 23:02:13 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-09-04 22:55:47 0 d-----w- c:\program files\ConvertHelper
2010-09-04 22:54:40 0 d-----w- c:\documents and settings\diggity dave!\dwhelper
2010-09-04 22:49:53 0 d-----w- c:\program files\Microsoft Visual Studio 8
2010-09-04 22:05:31 2286080 ----a-w- c:\windows\system32\TUKernel.exe
2010-09-04 22:02:15 0 d-----w- c:\docume~1\diggit~1\applic~1\IconTweaker
2010-09-04 22:02:15 0 d-----w- c:\docume~1\alluse~1\applic~1\IconTweaker
2010-09-04 22:02:13 0 d-----w- c:\program files\IconTweaker
2010-09-04 21:17:37 0 d-----w- c:\program files\Winamp Detect
2010-09-04 05:03:19 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-09-04 05:03:19 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-09-04 05:03:12 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-09-04 05:01:45 10448 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2010-09-04 05:00:09 0 d-----w- c:\docume~1\diggit~1\applic~1\Logishrd
2010-09-03 22:55:28 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-03 22:55:28 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-09-03 22:55:12 0 d-----w- c:\docume~1\diggit~1\applic~1\TuneUp Software
2010-09-03 22:55:02 0 d-----w- c:\program files\TuneUp Utilities 2010
2010-09-03 22:54:17 0 d-----w- c:\docume~1\alluse~1\applic~1\TuneUp Software
2010-09-03 22:44:56 1033216 ----a-w- c:\windows\explorer2.exe
2010-09-03 20:53:56 0 d-----w- c:\docume~1\diggit~1\applic~1\DisplayFusion
2010-09-03 20:43:55 0 d-----w- c:\program files\DisplayFusion
2010-09-01 19:48:11 0 d-----w- c:\program files\Logon Loader
2010-09-01 00:22:19 0 d-----w- c:\windows\system32\wbem\snmp
2010-09-01 00:22:18 0 d-----w- c:\program files\common files\speechengines
2010-09-01 00:22:17 0 d-----w- c:\windows\system32\xircom
2010-09-01 00:22:16 0 d-----w- c:\program files\msn gaming zone
2010-08-31 06:51:07 0 d-----w- c:\program files\Messenger
2010-08-31 06:50:48 0 d-----w- c:\windows\system32\scripting
2010-08-31 06:50:48 0 d-----w- c:\windows\l2schemas
2010-08-31 06:50:47 0 d-----w- c:\windows\system32\en
2010-08-31 06:50:47 0 d-----w- c:\windows\system32\bits
2010-08-31 06:49:10 0 d-----w- c:\windows\ServicePackFiles
2010-08-31 06:47:21 0 d-----w- c:\windows\network diagnostic
2010-08-29 12:18:15 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-08-29 10:58:54 0 d-----w- c:\program files\AIDA32 - Enterprise System Information
2010-08-29 10:33:44 0 d-----w- c:\docume~1\diggit~1\applic~1\Mp3tag
2010-08-29 10:32:28 600 ----a-w- c:\documents and settings\diggity dave!\winscp.RND
2010-08-29 10:32:26 0 d-----w- c:\program files\WinSCP3
2010-08-29 10:27:02 0 d-----w- c:\program files\Jetico
2010-08-29 10:12:42 0 d-----w- c:\docume~1\diggit~1\applic~1\Red Kawa
2010-08-29 10:07:20 0 d-----w- c:\program files\Yahoo!
2010-08-29 10:06:28 0 d-----w- c:\program files\AviSynth 2.5
2010-08-29 10:06:21 0 d-----w- c:\program files\Red Kawa
2010-08-29 10:02:08 0 d-----w- c:\program files\Mp3tag
2010-08-29 09:38:52 0 d-----w- c:\program files\AutoHotkey
2010-08-29 09:33:04 0 d-----w- c:\program files\Robust IT
2010-08-28 19:39:26 1089593 ------w- c:\windows\system32\dllcache\ntprint.cat
2010-08-28 10:30:13 0 d-----w- c:\docume~1\diggit~1\applic~1\Resource Tuner
2010-08-28 10:30:11 0 d-----w- c:\program files\Resource Tuner
2010-08-28 10:22:53 0 d-----w- c:\docume~1\diggit~1\applic~1\Mahdi Yousefi
2010-08-28 10:21:16 0 d-----w- c:\windows\system32\LogonUI
2010-08-28 10:21:13 0 d-----w- c:\program files\LogonUI Changer
2010-08-28 02:29:41 0 d-sh--w- c:\documents and settings\diggity dave!\IETldCache
2010-08-28 02:26:12 0 d-----w- c:\windows\pss
2010-08-28 02:03:09 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
2010-08-28 02:03:09 1291776 ------w- c:\windows\system32\dllcache\quartz.dll
2010-08-28 01:59:53 0 d-----w- c:\docume~1\diggit~1\applic~1\Realtime Soft
2010-08-28 01:59:22 0 d-----w- c:\program files\common files\Realtime Soft
2010-08-28 01:59:21 0 d-----w- c:\program files\UltraMon
2010-08-28 01:59:21 0 d-----w- c:\docume~1\alluse~1\applic~1\Realtime Soft
2010-08-28 01:41:27 0 d-----w- c:\windows\system32\KB905474
2010-08-28 01:37:55 0 d-----w- c:\windows\ie8updates
2010-08-28 01:37:34 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-08-28 01:37:33 599040 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-08-28 01:37:33 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-08-28 01:37:33 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-08-28 01:37:33 1986560 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-08-28 01:37:31 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-08-28 01:37:31 11077120 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-08-28 01:33:36 0 dc-h--w- c:\windows\ie8
2010-08-28 01:04:53 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-08-28 00:55:42 0 d-----w- c:\program files\MSXML 4.0
2010-08-28 00:47:43 1984 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-28 00:45:12 0 d-----w- c:\windows\system32\XPSViewer
2010-08-28 00:44:40 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-08-28 00:44:40 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-08-28 00:44:40 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-08-28 00:44:40 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-08-28 00:44:40 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-08-28 00:44:40 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-08-28 00:44:40 117760 ------w- c:\windows\system32\prntvpt.dll
2010-08-28 00:44:39 0 d-----w- c:\program files\40c2f0fe62114b3694
2010-08-28 00:43:16 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-08-28 00:43:11 0 d-----w- c:\program files\MSXML 6.0
2010-08-28 00:41:40 0 d-----w- c:\program files\VideoLAN
2010-08-28 00:40:35 0 d-----w- c:\program files\Foxit Software
2010-08-28 00:40:23 0 d-----w- c:\program files\uTorrent
2010-08-28 00:40:23 0 d-----w- c:\docume~1\diggit~1\applic~1\uTorrent
2010-08-28 00:40:12 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-08-28 00:40:12 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-28 00:34:46 0 d-----w- c:\docume~1\diggit~1\applic~1\Office Genuine Advantage
2010-08-28 00:27:16 0 d-----w- c:\windows\system32\appmgmt
2010-08-28 00:03:55 0 d-sh--w- c:\documents and settings\diggity dave!\UserData
2010-08-27 23:45:20 0 d-----w- c:\program files\ATI 2
2010-08-27 23:43:21 0 d-----w- c:\program files\common files\ODBC
2010-08-27 23:42:43 0 d-----r- c:\documents and settings\all users\Documents
2010-08-27 23:34:57 0 d-----w- c:\program files\ATI Technologies
2010-08-27 23:32:02 0 d-----w- c:\program files\ATI
2010-08-27 22:59:27 0 d-----w- c:\program files\QuickTime Alternative
2010-08-27 22:56:53 0 d-sh--w- c:\documents and settings\all users\DRM
2010-08-27 22:56:31 0 d--h--w- c:\program files\WindowsUpdate
2010-08-27 22:56:28 0 d-----w- c:\program files\Online Services
2010-08-27 22:55:21 0 d-----w- c:\program files\common files\MSSoap
2010-08-27 22:53:45 0 d-----w- c:\program files\Unlocker
2010-08-27 22:49:39 0 d-----w- c:\program files\MSN Messenger
2010-08-27 22:49:10 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2010-09-03 22:07:10 514560 ----a-w- c:\windows\system32\logonui.exe.tmp
2010-08-27 22:59:18 2806 ----a-w- c:\windows\mozver.dat
2010-08-27 22:59:18 107132 ----a-w- c:\windows\UninstallFirefox.exe
2010-08-27 22:54:14 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-27 06:30:35 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-30 12:31:35 149504 ------w- c:\windows\system32\dllcache\schannel.dll
2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:22:03 916480 ------w- c:\windows\system32\dllcache\wininet.dll
2010-06-24 12:22:02 1210368 ------w- c:\windows\system32\dllcache\urlmon.dll
2010-06-24 12:22:01 611840 ------w- c:\windows\system32\dllcache\mstime.dll
2010-06-24 12:22:01 5951488 ------w- c:\windows\system32\dllcache\mshtml.dll
2010-06-24 12:22:01 206848 ------w- c:\windows\system32\dllcache\occache.dll
2010-06-24 12:21:59 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2010-06-24 12:21:58 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
2010-06-24 12:21:55 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 13:44:04 1851904 ------w- c:\windows\system32\dllcache\win32k.sys
2010-06-23 12:08:09 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2010-06-21 15:27:11 354304 ------w- c:\windows\system32\dllcache\srv.sys
2010-06-18 13:36:12 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll

============= FINISH: 1:27:48.15 ===============


ATTACH.TXT



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 8/28/2010 12:00:01 AM
System Uptime: 9/13/2010 1:20:02 AM (0 hours ago)

Motherboard: ASUSTeK Computer Inc. | | P4C800-E
Processor: Intel® Pentium® 4 CPU 3.20GHz | CPU 1 | 3198/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 131.745 GiB free.
D: is FIXED (NTFS) - 279 GiB total, 46.836 GiB free.
E: is FIXED (FAT32) - 466 GiB total, 141.624 GiB free.
F: is CDROM ()
G: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Audio Controller
Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_80F31043&REV_02\3&267A616A&0&FD
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_80F31043&REV_02\3&267A616A&0&FD
Service:

==== System Restore Points ===================

RP1: 9/9/2010 11:48:47 PM - System Checkpoint
RP2: 9/10/2010 2:35:45 AM - Software Distribution Service 3.0
RP3: 9/11/2010 9:12:33 AM - System Checkpoint
RP4: 9/12/2010 3:27:03 PM - Software Distribution Service 3.0
RP5: 9/12/2010 11:37:42 PM - Installed LG USB Modem driver
RP6: 9/13/2010 1:25:10 AM - Installed HiJackThis

==== Installed Programs ======================

Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS5
AIDA32 v3.90
ATI - Software Uninstall Utility
ATI Display Driver
AutoHotkey 1.0.47.05
avast! Free Antivirus
AviSynth 2.5
BCWipe 3.0
BitPim 1.0.7
ConvertHelper 2.2
DisplayFusion 3.1.10
eReg
Foxit Reader
Google Chrome
Google Earth
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
IconTweaker 1.12
Intel® PRO Network Connections Drivers
Java Auto Updater
Java™ 6 Update 21
LG USB Modem driver
Logitech SetPoint 6.15
Logon Loader 3.0
LogonUI Changer 1.6.134.2
Magic ISO Maker v5.5 (build 0272)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.9)
Mozilla Thunderbird (3.1.2)
Mp3tag v2.45a
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Notepad++
OGA Notifier 2.0.0048.0
PDF Settings CS5
PowerISO
PuTTY version 0.60
QuickTime Alternative 1.67
Resource Tuner 1.99 R6
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Software Update for Web Folders
Taskix 2.1
TuneUp Utilities
TuneUp Utilities Language Pack (en-US)
UltraMon
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb2279264)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Videora LG enV Touch Converter 5.04
VLC media player 1.0.1
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Defender
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows XP Service Pack 3
WinRAR archiver
WinSCP 3.8.2
Yahoo! Install Manager
Yahoo! Widgets

==== Event Viewer Messages From Past Week ========

9/9/2010 11:39:02 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
9/13/2010 12:52:00 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {FCA02D56-BF9D-4591-AD41-E59AF763C64A}
9/12/2010 7:58:42 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 aswSP aswTdi Fips intelppm SCDEmu
9/12/2010 4:25:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
9/12/2010 4:21:30 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm SCDEmu
9/12/2010 4:14:18 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SCDEmu Tcpip
9/12/2010 4:14:18 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
9/12/2010 4:14:18 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/12/2010 4:14:18 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/12/2010 4:14:18 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
9/12/2010 4:14:02 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/12/2010 4:14:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
9/12/2010 4:02:45 PM, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
9/12/2010 3:47:16 PM, error: Service Control Manager [7034] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 3 time(s).
9/12/2010 3:46:39 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
9/12/2010 3:34:35 PM, error: ati2mtag [52233] - CPLIB :: General - Failed to authenticate output protection
9/12/2010 3:33:16 PM, warning: Windows File Protection [64008] - The protected system file c:\windows\system32\drivers\ati2mtag.sys could not be verified as valid because Windows File Protection is terminating. Use the SFC utility to verify the integrity of the file at a later time.
9/12/2010 3:33:16 PM, information: Windows File Protection [64035] - Windows File Protection could not restore the system catalog file C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT. This file is necessary to maintain system stability. The specific error code is 0x00000005 [Access is denied. ].
9/12/2010 1:41:49 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/10/2010 11:50:10 PM, error: ati2mtag [43015] -

==== End Of File ===========================

Hijackthis.TXT scan



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:26:07 AM, on 9/13/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\SetPointP\LBTWiz.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Robust IT\Taskix\Taskix32.exe
C:\Program Files\DisplayFusion\DisplayFusion.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Service Pack 3 Internet Explorer
F2 - REG:system.ini: Shell=Explorer2.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCWipeTM Startup] "C:\Program Files\Jetico\BCWipe\BCWipeTM.exe" startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Diggity Dave!\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Taskix] "C:\Program Files\Robust IT\Taskix\Taskix32.exe" start
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Startup: 3 Monitors .lnk = ?
O4 - Startup: RandomWallpaper.lnk = C:\Program Files\LogonUI Changer\RandomWallpaper.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7337 bytes

Attached Files



BC AdBot (Login to Remove)

 


#2 DaveHouser1

DaveHouser1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:26 AM

Posted 14 September 2010 - 08:46 AM

fixed the problem.......... reformated dry.gif

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:26 AM

Posted 14 September 2010 - 04:25 PM

As this issue appears to be resolved I am closing the topic. Please send me (or any other Moderator) a Personal Message (PM) if you would like the topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users