Member Panel

PeeGee

Hi,
These are the logs from the DSS scan. Can you info me on how things look please?

Thx,

PeeGee.

Main txt

Deckard's System Scanner v20071014.68
Run by Paul on 2008-06-29 19:05:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
System Restore is disabled; attempting to re-enable...success.

-- Last 1 Restore Point(s) --
1: 2008-06-29 09:05:03 UTC - RP1 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Paul.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:06:11 PM, on 6/29/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cakewalk\SONAR 7 Producer Edition\SONARPDR.exe
C:\Documents and Settings\Paul\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Paul.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\s wg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD42/JS...ws-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. Antivirus software - BitDefender - The future of security now! - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
--
End of file - 6962 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080629-184426-287 R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
backup-20080629-184426-901 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
backup-20080629-184525-820 O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
backup-20080629-184630-864 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
backup-20080629-184649-287 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
backup-20080629-184709-262 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing)
backup-20080629-184718-798 O3 - Toolbar: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R2 Nsynas32 - c:\windows\system32\drivers\nsynas32.sys <Not Verified; Syncrosoft Hard- und Software GmbH; Internet Protection Hardware Driver>
R2 sbbotdi - c:\program files\speedbit video accelerator\sbbotdi.sys <Not Verified; SpeedBit Ltd.; Speedbit TDI Driver>
R2 SVKP - c:\windows\system32\svkp.sys <Not Verified; AntiCracking; SVKP driver for NT>
R3 BDSelfPr - c:\program files\bitdefender\bitdefender 2009\bdselfpr.sys <Not Verified; BitDefender S.R.L.; BitDefender>
R3 RD1039 (EDIROL PCR-A MIDI) - c:\windows\system32\drivers\rdwm1039.sys <Not Verified; Roland Corporation; >
R3 RDID1038 (EDIROL PCR-A WAVE) - c:\windows\system32\drivers\rdwm1038.sys <Not Verified; Roland Corporation; >
S3 gdrv - c:\windows\gdrv.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
S3 SynasUSB - c:\windows\system32\drivers\synasusb.sys <Not Verified; SIA Syncrosoft; USB protection device>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Arrakis3 (BitDefender Arrakis Server) - "c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe" <Not Verified; BitDefender S.R.L. Antivirus software - BitDefender - The future of security now!; BitDefender Products>
R2 Diskeeper - "c:\program files\executive software\diskeeper\dkservice.exe" <Not Verified; Executive Software International, Inc.; Diskeeper (TM) Disk Defragmenter>

-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------
2008-06-29 18:37:01 252 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job

-- Files created between 2008-05-29 and 2008-06-29 -----------------------------
2008-06-29 18:42:19 0 d-------- C:\Program Files\Trend Micro
2008-06-25 19:13:01 0 d-------- C:\Program Files\MSXML 4.0
2008-06-23 16:01:21 0 d-------- C:\Documents and Settings\Gina\Application Data\WinRAR
2008-06-22 16:32:17 0 d-------- C:\Program Files\FXpansion
2008-06-22 16:32:15 0 d-------- C:\Program Files\Toontrack
2008-06-22 16:32:10 0 d-------- C:\Program Files\Groove Monkee
2008-06-22 16:30:22 0 d-------- C:\Program Files\speed-bit
2008-06-22 16:27:50 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-22 16:27:42 0 d-------- C:\Program Files\SpeedBit Video Accelerator
2008-06-22 16:27:39 50688 --a------ C:\WINDOWS\system32\wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines>
2008-06-22 16:27:38 0 d-------- C:\Program Files\DAP
2008-06-22 13:08:16 0 d-------- C:\Documents and Settings\Gina\Application Data\BitDefender
2008-06-21 15:40:12 0 d-------- C:\temp
2008-06-21 15:33:03 0 d-------- C:\Documents and Settings\Paul\Application Data\BitDefender
2008-06-21 15:32:04 0 d-------- C:\Program Files\BitDefender
2008-06-21 15:32:04 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-06-21 15:30:55 0 d-------- C:\WINDOWS\system32\URTTemp
2008-06-21 15:30:12 0 d-------- C:\Program Files\Common Files\BitDefender
2008-06-17 19:04:51 0 d-------- C:\Program Files\Pianoteq 2.2 Trial
2008-06-17 12:29:02 0 d-------- C:\Documents and Settings\Gina\Application Data\Sun
2008-06-17 10:45:15 0 d-------- C:\Documents and Settings\Gina\Contacts
2008-06-16 23:31:42 0 d-------- C:\Documents and Settings\Gina\Application Data\Macromedia
2008-06-16 23:30:47 0 d-------- C:\Documents and Settings\Gina\Application Data\Adobe
2008-06-16 23:30:28 0 d-------- C:\Documents and Settings\Gina\Application Data\Google
2008-06-16 23:11:35 0 d-------- C:\Documents and Settings\Gina\Application Data\Identities
2008-06-16 23:11:30 0 d--h----- C:\Documents and Settings\Gina\Templates
2008-06-16 23:11:30 0 dr------- C:\Documents and Settings\Gina\Start Menu
2008-06-16 23:11:30 0 dr-h----- C:\Documents and Settings\Gina\SendTo
2008-06-16 23:11:30 0 dr-h----- C:\Documents and Settings\Gina\Recent
2008-06-16 23:11:30 0 d--h----- C:\Documents and Settings\Gina\PrintHood
2008-06-16 23:11:30 0 d--h----- C:\Documents and Settings\Gina\NetHood
2008-06-16 23:11:30 0 dr------- C:\Documents and Settings\Gina\My Documents
2008-06-16 23:11:30 0 d--h----- C:\Documents and Settings\Gina\Local Settings
2008-06-16 23:11:30 0 dr------- C:\Documents and Settings\Gina\Favorites
2008-06-16 23:11:30 0 d-------- C:\Documents and Settings\Gina\Desktop
2008-06-16 23:11:30 0 d--hs---- C:\Documents and Settings\Gina\Cookies
2008-06-16 23:11:30 0 dr-h----- C:\Documents and Settings\Gina\Application Data
2008-06-16 23:11:30 0 d---s---- C:\Documents and Settings\Gina\Application Data\Microsoft
2008-06-16 23:11:29 1572864 --ah----- C:\Documents and Settings\Gina\NTUSER.DAT
2008-06-15 15:40:41 49152 -r------- C:\WINDOWS\system32\ChCfg.exe
2008-06-15 15:39:58 0 d-------- C:\Program Files\Realtek
2008-06-15 15:39:52 520192 -r------- C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-06-15 15:39:12 4716 --a------ C:\WINDOWS\gdrv.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2008-06-12 20:12:45 18648 --a------ C:\Documents and Settings\Paul\Application Data\GDIPFONTCACHEV1.DAT
2008-06-10 22:28:20 0 d-------- C:\Documents and Settings\Paul\.realobjects
2008-06-10 15:57:42 0 d-------- C:\Program Files\XLN Audio
2008-06-09 15:51:09 0 d-------- C:\Documents and Settings\Paul\Application Data\WinRAR
2008-06-08 20:53:49 233472 --a------ C:\WINDOWS\system32\REX Shared Library.dll <Not Verified; Propellerhead Software AB; REX>
2008-06-08 20:53:47 368640 --a------ C:\WINDOWS\system32\ReWire.dll <Not Verified; Propellerhead Software AB; ReWire>
2008-06-08 20:53:09 0 d-------- C:\Program Files\Cakewalk
2008-06-08 20:46:07 17784 --a------ C:\WINDOWS\system32\drivers\NSynas32.sys <Not Verified; Syncrosoft Hard- und Software GmbH; Internet Protection Hardware Driver>
2008-06-08 20:46:07 0 d-------- C:\Program Files\Syncrosoft
2008-06-08 20:45:36 0 d-------- C:\Program Files\Steinberg
2008-06-08 20:18:59 0 dr-h----- C:\Documents and Settings\Paul\Recent
2008-06-08 19:56:35 0 d-------- C:\WINDOWS\pss
2008-06-08 17:02:14 118784 --a------ C:\WINDOWS\dsdxirmv.exe
2008-06-08 00:00:15 0 d-------- C:\Program Files\VSTPlugIns
2008-06-07 23:39:23 0 d-------- C:\Program Files\Yahoo!
2008-06-07 23:39:17 0 d-------- C:\Program Files\CCleaner
2008-06-05 14:02:11 0 d-------- C:\Documents and Settings\Paul\Contacts
2008-06-05 14:01:53 0 d-------- C:\Program Files\Windows Live Toolbar
2008-06-05 14:01:52 0 d-------- C:\Program Files\Windows Live Favorites
2008-06-05 14:01:10 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-05 13:58:50 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-05 13:58:43 0 d-------- C:\Program Files\Windows Live
2008-06-05 13:58:38 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-29 00:32:33 0 d-------- C:\WINDOWS\system32\PreInstall

-- Find3M Report ---------------------------------------------------------------
2008-06-22 10:13:42 0 d-------- C:\Program Files\Common Files
2008-06-21 23:23:23 0 -r-hs---- C:\config.sys
2008-06-15 20:38:34 0 d-------- C:\Documents and Settings\Paul\Application Data\Cakewalk
2008-06-15 15:39:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-09 09:58:08 0 d-------- C:\Program Files\Java
2008-06-08 16:41:50 0 d-------- C:\Program Files\Ableton
2008-05-26 22:43:53 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-05-25 20:52:05 0 d-------- C:\Documents and Settings\Paul\Application Data\Steinberg
2008-05-24 20:46:03 0 d-------- C:\Documents and Settings\Paul\Application Data\Ableton
2008-05-24 20:27:21 0 d-------- C:\Documents and Settings\Paul\Application Data\REAPER
2008-05-24 20:13:54 0 d-------- C:\Program Files\REAPER
2008-05-24 01:38:17 0 d-------- C:\Program Files\Igowin
2008-05-24 01:38:05 0 d-------- C:\Documents and Settings\Paul\Application Data\Help
2008-05-21 23:10:15 0 d-------- C:\Program Files\Lavasoft
2008-05-21 23:04:59 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-21 18:32:43 0 d-------- C:\Documents and Settings\Paul\Application Data\Adobe
2008-05-21 18:32:42 0 d-------- C:\Documents and Settings\Paul\Application Data\Macromedia
2008-05-19 23:34:46 2892 --a------ C:\WINDOWS\system32\audcon.sys
2008-05-17 22:05:02 0 d-------- C:\Program Files\Native Instruments
2008-05-17 17:25:05 0 d-------- C:\Program Files\Registry Medic 5
2008-05-13 21:50:30 0 d-------- C:\Documents and Settings\Paul\Application Data\Media Player Classic
2008-05-13 21:45:44 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-05-13 16:53:44 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-12 21:17:05 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-10 12:25:29 0 d-------- C:\Program Files\Paragon Software
2008-05-10 12:24:54 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-10 11:20:06 0 d-------- C:\Program Files\Online Services
2008-05-08 00:20:32 0 d-------- C:\Documents and Settings\Paul\Application Data\Leadertech
2008-05-08 00:20:23 0 d-------- C:\Program Files\Executive Software
2008-05-08 00:18:53 2368 -----n--- C:\WINDOWS\system32\SVKP.sys <Not Verified; AntiCracking; SVKP driver for NT>
2008-05-06 20:48:01 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-06 20:47:58 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-06 20:47:38 62 ---hs---- C:\Documents and Settings\Paul\Application Data\desktop.ini
2008-05-06 17:29:35 0 d-------- C:\Documents and Settings\Paul\Application Data\Google
2008-05-06 17:29:27 0 d-------- C:\Documents and Settings\Paul\Application Data\Sun
2008-05-06 17:28:08 0 d-------- C:\Program Files\Common Files\Java
2008-05-06 17:10:33 0 d-------- C:\Documents and Settings\Paul\Application Data\AVGTOOLBAR
2008-05-06 17:10:30 0 d-------- C:\Program Files\AVG
2008-05-06 13:22:13 0 d-------- C:\Program Files\Messenger
2008-05-06 13:22:05 0 d-------- C:\Program Files\Movie Maker
2008-05-06 13:21:10 0 d-------- C:\Program Files\Windows NT
2008-05-06 11:05:43 0 d-------- C:\Documents and Settings\Paul\Application Data\InstallShield
2008-05-06 11:03:43 315392 -----n--- C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-06 11:01:28 0 d-------- C:\Program Files\Intel
2008-05-06 10:59:56 0 d-------- C:\Documents and Settings\Paul\Application Data\Identities
2008-05-06 10:55:48 0 d-------- C:\Program Files\microsoft frontpage
2008-05-06 10:55:43 0 -r-hs---- C:\MSDOS.SYS
2008-05-06 10:55:43 0 -r-hs---- C:\IO.SYS
2008-05-06 10:55:43 0 -----n--- C:\AUTOEXEC.BAT
2008-05-06 10:54:50 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-06 10:54:05 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-06 10:53:28 21640 -----n--- C:\WINDOWS\system32\emptyregdb.dat
2008-05-06 10:52:49 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-06 10:47:07 0 d-------- C:\Program Files\Google
2008-04-23 18:34:48 176128 --a------ C:\WINDOWS\system32\txmlutil.dll <Not Verified; ; tinyxmlx Dynamic Link Library>

-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/28/2005 03:55 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/28/2005 03:52 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/28/2005 03:55 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]
"DiskeeperSystray"="C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" [07/26/2005 05:52 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"RTHDCPL"="RTHDCPL.EXE" [07/05/2007 06:08 PM C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [06/15/2007 06:45 PM C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 08:43 PM C:\WINDOWS\Alcmtr.exe]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe" [05/23/2008 02:11 PM]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe" [05/23/2008 02:10 PM]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [06/22/2008 04:27 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 05:42 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [05/06/2008 10:47 AM]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 11:34 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 1:01:04 AM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
bdx scan
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
*Newly Created Service* - 4F02E1F1
*Newly Created Service* - EC35566D

-- End of Deckard's System Scanner: finished at 2008-06-29 19:08:37 ------------
extra txt

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz
Percentage of Memory in Use: 32%
Physical Memory (total/avail): 2039.48 MiB / 1377.18 MiB
Pagefile Memory (total/avail): 3932.73 MiB / 3351.78 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1827.25 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 35.45 GiB total, 23.25 GiB free.
E: is Fixed (NTFS) - 298.09 GiB total, 259.27 GiB free.
F: is CDROM (No Media)
\\.\PHYSICALDRIVE1 - ST3320620A - 298.09 GiB - 1 partition
\PARTITION0 - Installable File System - 298.09 GiB - E:
\\.\PHYSICALDRIVE0 - ST380815AS - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 35.45 GiB - C:

-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.

-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Paul\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PAUL-PC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Paul
LOGONSERVER=\\PAUL-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\Program Files\Executive Software\Diskeeper\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Paul\LOCALS~1\Temp
TMP=C:\DOCUME~1\Paul\LOCALS~1\Temp
USERDOMAIN=PAUL-PC
USERNAME=Paul
USERPROFILE=C:\Documents and Settings\Paul
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------
Paul (admin)
Gina (admin)

-- Add/Remove Programs ---------------------------------------------------------
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
BitDefender Total Security 2009 - BETA --> MsiExec.exe /X{5B8205AC-97A3-4E2E-9D5E-CA274ACE185B}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CGoban 3 --> C:\WINDOWS\system32\javaws.exe -uninstall -prompt "CGoban 3"
Diskeeper Home Edition --> MsiExec.exe /X{F33552CB-4B12-4B27-8211-384F623E79EA}
Download Accelerator Plus (DAP) --> C:\PROGRA~1\DAP\DAPREMOVE.EXE
DreamStation DXi2 --> C:\WINDOWS\DSDXIRMV.EXE C:\PROGRAM FILES\CAKEWALK\SHARED DXI\AUDIO SIMULATION\DREAMSTATION DXI2
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Groove Monkee Sample Pack --> "C:\Program Files\Groove Monkee\UninstallSamples.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\s puninst.exe"
Highlight Viewer (Windows Live Toolbar) --> MsiExec.exe /X{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel(R) Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2I D PCI\VEN_8086&DEV_2776 PCI\VEN_8086&DEV_2772
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
K-Lite Codec Pack 3.9.0 Standard --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Map Button (Windows Live Toolbar) --> MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spu ninst.exe"
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Standard --> MsiExec.exe /I{90120409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spunin st.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Paragon Partition Manager 9.0 Professional Trial --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C887C75D-2636-41F6-BB7B-FD4B0314C1E1}\Setup.exe" -l0x9
Pianoteq Trial v2.2.2 --> "C:\Program Files\Pianoteq 2.2 Trial\uninstall.exe"
REALTEK GbE & FE Ethernet PCI-E NIC Driver --> C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Registry Medic 5.0 --> "C:\Program Files\Registry Medic 5\unins000.exe"
Smart Menus (Windows Live Toolbar) --> MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
SONAR 7 Producer Edition --> "C:\Program Files\Cakewalk\SONAR 7 Producer Edition\unins000.exe"
speed-bit Toolbar --> C:\PROGRA~1\SPEED-~1\UNWISE.EXE C:\PROGRA~1\SPEED-~1\INSTALL.LOG
SpeedBit Video Accelerator --> C:\PROGRA~1\SPEEDB~1\UNWISE.EXE C:\PROGRA~1\SPEEDB~1\INSTALL.LOG
Steinberg Cubase SE --> C:\PROGRA~1\STEINB~1\CUBASE~1\UNINST~1.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\Install.log
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Live Favorites for Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar --> MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar Extension (Windows Live Toolbar) --> MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spunin st.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spun inst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

-- Application Event Log -------------------------------------------------------
Event Record #/Type5434 / Warning
Event Submitted/Written: 06/26/2008 00:00:03 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type5397 / Warning
Event Submitted/Written: 06/24/2008 05:56:48 PM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{90120409-6000-11D3-8CFE-0050048383C9}', feature 'PowerPointUserData', component '{CC003262-2D54-4436-A4D4-A15B1C7D0232}' failed. The resource 'HKEY_CURRENT_USER\Software\Microsoft\Multimedia\m sacm.imaadpcm\MaxRTEncodeSetting' does not exist.
Event Record #/Type5383 / Warning
Event Submitted/Written: 06/23/2008 10:38:52 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.
Event Record #/Type5359 / Success
Event Submitted/Written: 06/23/2008 04:46:40 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type5348 / Success
Event Submitted/Written: 06/23/2008 10:32:39 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------
Event Record #/Type8423 / Error
Event Submitted/Written: 06/29/2008 06:10:22 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058
Event Record #/Type8402 / Error
Event Submitted/Written: 06/29/2008 04:06:47 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058
Event Record #/Type8378 / Error
Event Submitted/Written: 06/29/2008 10:38:23 AM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058
Event Record #/Type8349 / Error
Event Submitted/Written: 06/28/2008 01:30:06 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058
Event Record #/Type8326 / Error
Event Submitted/Written: 06/28/2008 10:14:08 AM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The Windows Media Player Network Sharing Service service depends on the Universal Plug and Play Device Host service which failed to start because of the following error:
%%1058

-- End of Deckard's System Scanner: finished at 2008-06-29 19:08:37 ------------

ih8bills

Hi... Welcome to PCHF.

Forum Rules require that HJT logs must be analyzed by experienced Security Team Analysts. This is for your protection... and to give you our best service.

Our Security Team is always very busy-- and as we live all over the Earth...
Time-Zones are also an important factor.

Your patience is greatly appreciated.

Thank You

Pancake

I dont see any problems.It all looks fine.

PeeGee

Thanks Pancake.

I like the service - fast!!

PeeGee.

Pancake

Your welcome.

Member Panel

Sponsors and Ads

Noticeboard