Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » logs for vista memory problem

[Fixed] Hijackthis! Logs - logs for vista memory problem posted in the Security & Safety forums; ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:01:31 PM, on 13/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 03-14-2008
moose's Avatar
Bronze Member
  
Join Date: Sep 2006
Posts: 24
moose - See this Members User comments on their Profile page
Default logs for vista memory problem
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:01:31 PM, on 13/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = myAOL | Compaq
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = myAOL | Compaq
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - IE Anti-Spyware (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - IE Anti-Spyware (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1204941357632
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9925 bytes


ComboFix 08-03-13.4 - fathers 2008-03-13 18:07:19.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1134 [GMT -5:00]
Running from: C:\Users\fathers\AppData\Local\Microsoft\Windows\T emporary Internet Files\Content.IE5\1OU8EPKL\ComboFix[1].exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Users\fathers\AppData\Roaming\inst.exe
C:\Windows\system32\AutoRun.inf
C:\Windows\system32\install.exe
C:\Windows\system32\x64
.
((((((((((((((((((((((((( Files Created from 2008-02-13 to 2008-03-13 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-03-13 22:01 --------- d-----w C:\Users\fathers\AppData\Roaming\uTorrent
2008-03-13 22:01 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-03-13 22:01 --------- d-----w C:\Program Files\Trend Micro
2008-03-13 22:01 --------- d-----w C:\Program Files\Essentials Codec Pack
2008-03-13 03:18 --------- d-----w C:\Program Files\Yahoo!
2008-03-13 03:18 --------- d-----w C:\Program Files\CCleaner
2008-03-13 03:17 --------- d-----w C:\Users\fathers\AppData\Roaming\SUPERAntiSpyware. com
2008-03-13 03:17 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2008-03-13 03:17 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-03-13 03:16 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-12 14:40 68,616 ----a-w C:\Windows\system32\drivers\avgwfpx.sys
2008-03-12 14:40 12,424 ----a-w C:\Windows\system32\drivers\avgrkx86.sys
2008-03-12 14:40 10,520 ----a-w C:\Windows\System32\avgrsstx.dll
2008-03-12 08:02 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-12 02:04 --------- d-----w C:\Program Files\RegCure
2008-03-12 01:47 --------- d-----w C:\Program Files\Windows Mail
2008-03-12 00:10 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-11 01:18 --------- d-----w C:\Program Files\Activision Value
2008-03-10 21:54 --------- d---a-w C:\ProgramData\TEMP
2008-03-10 21:52 --------- d-----w C:\Program Files\Trojan Remover
2008-03-08 12:18 --------- d-----w C:\Users\fathers\AppData\Roaming\Vso
2008-03-08 04:20 --------- d-----w C:\Program Files\Windows Live
2008-03-04 18:33 7,680 ----a-w C:\Windows\System32\ff_vfw.dll
2008-03-04 02:37 --------- d-----w C:\Users\fathers\AppData\Roaming\Roxio
2008-03-04 02:28 --------- d-----w C:\Program Files\Advanced MP3 Converter
2008-03-04 01:03 --------- d-----w C:\Program Files\ImgBurn
2008-03-04 00:39 --------- d-----w C:\ProgramData\DVD Shrink
2008-03-04 00:39 --------- d-----w C:\Program Files\DVD Shrink
2008-03-01 23:51 --------- d-----w C:\Program Files\GSC
2008-03-01 23:45 --------- d-----w C:\Users\fathers\AppData\Roaming\GSC
2008-03-01 23:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-01 12:00 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-02-26 22:52 --------- d--h--w C:\ProgramData\yahoo!
2008-02-26 00:28 96,520 ----a-w C:\Windows\system32\drivers\avgldx86.sys
2008-02-26 00:28 --------- d-----w C:\ProgramData\avg8
2008-02-26 00:28 --------- d-----w C:\Program Files\AVG
2008-02-26 00:26 --------- d-----w C:\ProgramData\Symantec
2008-02-26 00:26 --------- d-----w C:\Program Files\Symantec
2008-02-26 00:26 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-02-25 04:23 --------- d-----w C:\Users\fathers\AppData\Roaming\Simply Super Software
2008-02-25 04:23 --------- d-----w C:\ProgramData\Simply Super Software
2008-02-25 01:34 --------- d-----w C:\Program Files\Full Speed
2008-02-24 18:05 --------- d-----w C:\Program Files\UrbanTerror
2008-02-23 22:36 --------- d-----w C:\Program Files\Lavasoft
2008-02-23 22:08 --------- d-----w C:\Program Files\ffdshow
2008-02-23 22:07 --------- d-----w C:\Program Files\Common Files\muvee Technologies
2008-02-23 21:59 --------- d-----w C:\Users\fathers\AppData\Roaming\Snapfish
2008-02-23 21:58 47,360 ----a-w C:\Users\fathers\AppData\Roaming\pcouffin.sys
2008-02-23 21:58 --------- d-----w C:\Program Files\LG Software Innovations
2008-02-23 00:52 --------- d-----w C:\Program Files\NetProject
2008-02-21 20:45 --------- d-----w C:\Program Files\Spyware Doctor
2008-02-21 20:43 83,536 ----a-w C:\Windows\system32\drivers\iksyssec.sys
2008-02-21 20:43 59,984 ----a-w C:\Windows\system32\drivers\iksysflt.sys
2008-02-21 20:42 52,304 ----a-w C:\Windows\system32\drivers\ikfilesec.sys
2008-02-21 20:42 39,248 ----a-w C:\Windows\system32\drivers\ikfileflt.sys
2008-02-21 20:42 26,064 ----a-w C:\Windows\system32\drivers\kcom.sys
2008-02-21 06:06 --------- d-----w C:\Program Files\Total Video Converter
2008-02-20 04:20 --------- d-----w C:\Users\fathers\AppData\Roaming\Ashampoo
2008-02-20 04:16 --------- d-----w C:\ProgramData\ashampoo
2008-02-20 04:16 --------- d-----w C:\Program Files\Ashampoo
2008-02-20 02:55 170,609,812 ----a-w C:\Windows\System32\moose.reg
2008-02-20 01:16 --------- d-----w C:\Program Files\VSO
2008-02-20 00:54 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-19 02:38 47,360 ----a-w C:\Windows\system32\drivers\pcouffin.sys
2008-02-19 02:16 --------- d-----w C:\Program Files\Error Repair Professional
2008-02-19 00:43 87,608 ----a-w C:\Users\fathers\AppData\Roaming\ezpinst.exe
2008-02-18 22:33 --------- d-----w C:\ProgramData\SlySoft
2008-02-18 22:24 --------- d-----w C:\Program Files\SlySoft
2008-02-18 22:17 --------- d-----w C:\Users\fathers\AppData\Roaming\Nero
2008-02-18 22:17 --------- d-----w C:\ProgramData\LightScribe
2008-02-18 20:36 212 ---ha-w C:\aaw7boot.cmd
2008-02-17 16:56 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-17 16:51 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-02-17 16:20 --------- d-----w C:\Program Files\inKline Global
2008-02-17 07:16 --------- d-----w C:\Program Files\DAEMON Tools Pro
2008-02-17 00:03 --------- d-----w C:\Program Files\The Rosetta Stone
2008-02-16 22:53 --------- d-----w C:\Program Files\Google
2008-02-16 04:14 --------- d-----w C:\Program Files\Instant Spanish Level 1
2008-02-16 02:25 43,520 ----a-w C:\Windows\System32\CmdLineExt03.dll
2008-02-15 23:12 --------- d-----w C:\Program Files\uTorrent
2008-02-15 23:10 --------- d-----w C:\Program Files\Azureus
2008-02-14 03:43 --------- d-----w C:\Users\fathers\AppData\Roaming\Azureus
2008-02-14 03:14 --------- d-----w C:\Program Files\Sierra
2008-02-13 09:16 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 09:16 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 09:09 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 09:09 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 09:09 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 09:09 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 09:09 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-13 09:09 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 09:09 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 09:08 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 09:08 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 09:08 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 09:08 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 09:08 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 07:35 125440]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [2008-02-16 17:53 171448]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 07:36 201728]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 10:01 65536]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 06:06 4669440 C:\Windows\RtHDVCpl.exe]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 01:11 49152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SunJavaUpdateReg"="C:\Windows\system32\jureg. exe" [2007-04-07 04:56 54936]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-03-12 09:40 1172760]
"Media Codec Update Service"="C:\Program Files\Essentials Codec Pack\update.exe" [2007-04-08 11:44 303104]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 06:59 118784]
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 15:13 71176]
"WPCUMI"="C:\Windows\system32\WpcUmi.exe" [2006-11-02 07:35 176128]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-01-02 18:07 141848]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 04:45 222208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [2008-02-16 17:53 171448]
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
--a------ 2007-09-06 08:08 136136 C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2008-01-02 18:06 166424 C:\Windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-12-11 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"WPCUMI"=C:\Windows\system32\WpcUmi.exe
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{69A4CAF0-56EB-4036-AB37-9F933CD287BD}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0EDB530C-DEDF-4F9C-8137-240C421F334D}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{5A755C33-CC63-4EFA-9DC7-B5D6FC468732}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{77BE16C8-A4AA-4100-98B6-25F13086A331}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0A233D88-E7C2-406B-A097-176627D08E1B}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{D88B1DE6-CA39-4A27-8E5E-29B34546A156}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{A7C73295-2EEB-434C-A822-FA334EE639CB}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"TCP Query User{69B92870-9E44-42F0-9799-EB8B5795ACED}C:\program files\activision\call of duty 2\cod2mp_s.exe"= UDP:C:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s|Desc=CoD2MP_s
"UDP Query User{03965604-4D08-411D-A70B-4D2CC6D460D5}C:\program files\activision\call of duty 2\cod2mp_s.exe"= TCP:C:\program files\activision\call of duty 2\cod2mp_s.exe:CoD2MP_s|Desc=CoD2MP_s
"TCP Query User{46A9466B-910D-448D-9417-CAEB0CB89A08}C:\program files\azureus\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus
"UDP Query User{E232FBC1-5A12-4D28-945F-4FF7C5FD1E23}C:\program files\azureus\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus|Desc=Azureus
"{18BB7526-DA33-4441-85DF-5FA6B49ECC4A}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{20529A5C-0CA9-4253-B58C-0B59D345E3AC}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{DBD13512-9E97-42FF-A4E2-25894D4981CF}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{63C725D3-C0D4-4F28-BD5C-65F499D3EE87}"= UDP:C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"{290F52FA-8039-49FF-8E8E-EB2764BFCE9C}"= TCP:C:\Program Files\Unreal Tournament 3\Binaries\UT3.exe:Unreal Tournament 3
"{6F2F6BD4-AAD9-461D-A37F-B36CE26A7A4B}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{B20C5B31-1352-4E8C-9687-23FCEC1AE8A4}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{986490FA-FA4B-43F1-BDF1-E069F70CEEAB}C:\program files\sierra\fearcombat\fpupdate.exe"= UDP:C:\program files\sierra\fearcombat\fpupdate.exe:fpupdate|Desc =fpupdate
"UDP Query User{B6786571-9515-4D38-99CF-A4152FF28FF1}C:\program files\sierra\fearcombat\fpupdate.exe"= TCP:C:\program files\sierra\fearcombat\fpupdate.exe:fpupdate|Desc =fpupdate
"TCP Query User{A34FFE63-A79F-4731-8443-0A3C0AFD7388}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{9CD3EC01-4253-40E2-A48E-9A4EAD7D1AC9}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"TCP Query User{CE0A5648-B9AF-4D87-ADFF-27F34E29E574}C:\program files\itunes\itunes.exe"= UDP:C:\program files\itunes\itunes.exe:iTunes|Desc=iTunes
"UDP Query User{C92D8A60-5F73-4139-8DD0-3FED815F2960}C:\program files\itunes\itunes.exe"= TCP:C:\program files\itunes\itunes.exe:iTunes|Desc=iTunes
"{DDA4BF58-6D64-40E9-80CE-85FAAE61551D}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{4B2ABE52-1B34-409C-9DD1-3D74D4351FC1}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"TCP Query User{0EE214B4-9031-4460-A20F-63DB72E3AA78}C:\program files\urbanterror\iourbanterror.exe"= UDP:C:\program files\urbanterror\iourbanterror.exe:ioUrbanTerror| Desc=ioUrbanTerror
"UDP Query User{5F38BAFF-76E3-489B-91B8-E5B8F8D50441}C:\program files\urbanterror\iourbanterror.exe"= TCP:C:\program files\urbanterror\iourbanterror.exe:ioUrbanTerror| Desc=ioUrbanTerror
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\ avgrkx86.sys [2008-03-12 09:40]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-02-25 19:28]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-03-12 09:40]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-03-12 09:40]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2006-11-02 04:45]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.s ys [2006-11-28 11:44]
R3 AvgWfpX;AVG8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-03-12 09:40]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 17:48]
S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-08 01:25]
S3 TAPBIND;TAPBIND;C:\temp\Release\TAPBIND1.SYS [2003-09-12 05:03]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.ex e [2008-01-11 22:55]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-02-29 23:19:47 C:\Windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-01-11 02:57:39 C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-03-13 22:43:58 C:\Windows\Tasks\RegCure Program Check.job"
- J:\RegCure\RegCure.exe
"2008-03-12 01:49:15 C:\Windows\Tasks\RegCure.job"
- J:\RegCure\RegCure.exe
.
************************************************** ************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-13 18:11:38
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
Completion time: 2008-03-13 18:12:36
ComboFix-quarantined-files.txt 2008-03-13 23:12:34
.
2008-03-12 08:02:45 --- E O F ---
  #2  
Old 03-15-2008
dahli's Avatar
Senior Security Analyst
  
Join Date: Dec 2006
Location: In a van, down by the river
Posts: 548
PC Experience: Experienced
dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page
Default Re: logs for vista memory problem
Hello,

What is the problem?


__________________
Steve
  #3  
Old 03-15-2008
moose's Avatar
Bronze Member
  
Join Date: Sep 2006
Posts: 24
moose - See this Members User comments on their Profile page
Default Re: logs for vista memory problem
Morning,i originally had 1 gig of memory and added a second with no results.It is there but my pc just used the remaining up.It's like i never added any.
Some applications(like opening photos)need more memory to open,as where before they opened fine.
I tried system restore and have run several antivirus and adware programs.So i followed all prework and posted the logs.Thanks in advance for your help.
BB
  #4  
Old 03-15-2008
dahli's Avatar
Senior Security Analyst
  
Join Date: Dec 2006
Location: In a van, down by the river
Posts: 548
PC Experience: Experienced
dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page
Default Re: logs for vista memory problem
You did not get all the logs posted from the prework thread. Please post rest of the logs so I can review them.

Thanks.


__________________
Steve
  #5  
Old 03-16-2008
moose's Avatar
Bronze Member
  
Join Date: Sep 2006
Posts: 24
moose - See this Members User comments on their Profile page
Default Re: logs for vista memory problem
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!
Generated 03/13/2008 at 06:41 AM
Application Version : 4.0.1154
Core Rules Database Version : 3418
Trace Rules Database Version: 1410
Scan type : Quick Scan
Total Scan Time : 00:39:53
Memory items scanned : 234
Memory threats detected : 0
Registry items scanned : 476
Registry threats detected : 1
File items scanned : 20349
File threats detected : 3
Trojan.Smitfraud Variant/IE Anti-Spyware
HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E}
Adware.E404 Helper
C:\Program Files\SOTFONE
Adware.Tracking Cookie
C:\Users\cole and carlie\AppData\Roaming\Microsoft\Windows\Cookies\L ow\cole_and_carlie@imrworldwide[2].txt
C:\Users\cole and carlie\AppData\Roaming\Microsoft\Windows\Cookies\L ow\cole_and_carlie@doubleclick[2].txt

Here is the spy log.I,m still trying to get the avg log,there is no log to be found in settings except scan log and virus vault(will not let me copy)
  #6  
Old 03-17-2008
moose's Avatar
Bronze Member
  
Join Date: Sep 2006
Posts: 24
moose - See this Members User comments on their Profile page
Default Re: logs for vista memory problem
is anyone out there?

Reply
New! Norton Internet Security 2008 – Download Now Click Here
Page 1 of 2 1 2 >

Bookmarks

« prework logs | IE and FF opening ad windows; programs shut down when ad windows are closed! »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Basic's On OverClocking merlin Overclocking 3 12-27-2007 02:51 AM
usb memory stick formatting problem conork1 Peripherals 4 10-27-2006 02:44 AM
Memory Problem ross1979 Windows XP/2000 5 09-29-2006 09:34 PM
[Fixed] Strange problem with adding new memory ahoussin Memory 9 04-17-2006 11:17 PM
[Resolved]Windows XP Pro Reload Problem aallpphh Windows XP/2000 6 03-14-2006 03:43 PM

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 11:06 PM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top