Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Pending] HJT Logs » Pc not running as it should

[Pending] HJT Logs - Pc not running as it should posted in the Security & Safety forums; Basically, my PCs specs are pretty good, got an AMD 2.4ghz duel core processor, 80gb hard drive, 1gb RAM , inno3d Gforce 8500 512mb graphics card, and basically my pc ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 06-15-2008
New Poster
  
Join Date: Jun 2008
Posts: 1
PC Experience: PC Illiterate
maxyboxparadox - See this Members User comments on their Profile page
Default Pc not running as it should
Basically, my PCs specs are pretty good, got an AMD 2.4ghz duel core processor, 80gb hard drive, 1gb RAM, inno3d Gforce 8500 512mb graphics card, and basically my pc runs a lot slower than it should do. Ive had several problems before so am getting a bit worried, and any help would be useful. These are the logs i was told to submit -

Deckard's System Scanner v20071014.68
Run by Maxybox on 2008-06-15 02:30:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
19: 2008-06-15 01:30:27 UTC - RP137 - Deckard's System Scanner Restore Point
18: 2008-06-14 22:37:51 UTC - RP136 - Installed Philips SPC315NC Webcam
17: 2008-06-13 01:26:55 UTC - RP135 - Software Distribution Service 3.0
16: 2008-06-12 13:54:41 UTC - RP134 - Installed Windows XP KB922120.
15: 2008-06-12 02:00:33 UTC - RP133 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-05-27 11:27:48 UTC - RP119 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

System Drive C: has 7.23 GiB (less than 15%) free.


-- HijackThis (run as Maxybox.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:32:08, on 15/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\PowerArchiver\PASTARTER.EXE
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Documents and Settings\Maxybox\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Maxybox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE %;USB\VID_0AC8&PID_0302.DeviceDesc%
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Program Files\PowerArchiver\PASTARTER.EXE
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: TrayMin315.exe.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7604 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 giveio - c:\windows\system32\giveio.sys
R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R1 BIOS - c:\windows\system32\drivers\bios.sys <Not Verified; BIOSTAR Group; BIOSTAR I/O driver fle>
R1 BS_I2cIo - c:\windows\system32\drivers\bs_i2cio.sys <Not Verified; BIOSTAR Group; BIOSTAR I/O driver fle>
R1 BUFADPT - c:\windows\system32\bufadpt.sys <Not Verified; BUFFALO INC.; BUFFALO Wireless LAN>
R3 AmdTools (AMD Special Tools Driver) - c:\windows\system32\drivers\amdtools.sys <Not Verified; AMD, Inc.; Special Tools Driver>
R3 mcdbus (Driver for MagicISO SCSI Host Controller) - c:\windows\system32\drivers\mcdbus.sys <Not Verified; MagicISO, Inc.; MagicISO SCSI Host Controller>
R3 u2kg54l (BUFFALO WLI-U2-KG54L Wireless LAN Driver) - c:\windows\system32\drivers\u2kg54l.sys <Not Verified; ZyDAS Technology Corporation; ZD1211B 802.11 b+g USB LAN Adapter>

S3 AMDPCI - c:\docume~1\maxybox\locals~1\temp\amdpci.sys (file missing)
S3 dump_wmimmc - c:\program files\9dragons\gameguard\dump_wmimmc.sys (file missing)
S3 NPPTNT2 - c:\windows\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-15 02:11:49 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job


-- Files created between 2008-05-15 and 2008-06-15 -----------------------------

2008-06-15 02:22:52 0 d-------- C:\Program Files\Trend Micro
2008-06-14 23:37:52 0 d-------- C:\Program Files\Philips
2008-06-12 19:40:49 0 d-------- C:\Program Files\Common Files\SourceTec
2008-06-12 19:40:45 135168 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-12 19:40:45 413760 --a------ C:\WINDOWS\system32\MPG4c32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec>
2008-06-12 19:40:44 761856 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-12 19:40:43 0 d-------- C:\Program Files\SourceTec
2008-06-12 17:54:27 0 d-------- C:\Documents and Settings\Maxybox\Application Data\Flock
2008-06-12 17:51:23 0 d-------- C:\Program Files\Flock
2008-06-12 15:02:26 0 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-06-12 14:20:17 1726 --a------ C:\WINDOWS\ndinst.exe
2008-06-09 01:40:09 0 d-------- C:\Documents and Settings\Maxybox\Application Data\acccore
2008-06-09 01:38:28 0 d-------- C:\Program Files\AIMTunes
2008-06-09 01:36:49 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-06-09 01:35:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-06-09 01:35:20 0 d-------- C:\Program Files\Viewpoint
2008-06-09 01:35:00 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2008-06-09 01:35:00 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-06-09 01:34:30 0 d-------- C:\Program Files\Common Files\AOL
2008-06-09 01:31:40 0 d-------- C:\Program Files\AIM6
2008-06-08 19:31:55 0 d-------- C:\My Music
2008-06-05 17:46:57 0 d-------- C:\UnrealTournament
2008-06-01 01:28:48 0 d-------- C:\Program Files\PC Doc Pro
2008-06-01 01:20:42 0 d-------- C:\Documents and Settings\All Users\Application Data\PCPitstop
2008-06-01 01:05:44 0 d-------- C:\Program Files\MeadCo Neptune
2008-06-01 01:01:02 0 d-------- C:\Program Files\PCPitstop
2008-05-29 00:27:50 0 d-------- C:\Program Files\AudioConverter Studio
2008-05-28 04:14:10 0 d-------- C:\Documents and Settings\Maxybox\Application Data\InstallShield Installation Information
2008-05-28 03:46:30 0 d-------- C:\Program Files\Unreal Tournament 3
2008-05-27 21:33:14 0 d-------- C:\WINDOWS\system32\AGEIA
2008-05-27 21:33:14 0 d-------- C:\Program Files\AGEIA Technologies
2008-05-27 19:29:19 0 d-------- C:\ZSNES
2008-05-27 11:37:23 0 d-------- C:\unreal III
2008-05-26 23:33:49 0 d-------- C:\Program Files\ITTerritory
2008-05-26 19:12:01 0 d-------- C:\Documents and Settings\Maxybox\Application Data\IGN_DLM
2008-05-26 19:11:41 0 d-------- C:\Program Files\Download Manager
2008-05-23 23:39:06 0 d-------- C:\Program Files\Windows Defender
2008-05-21 01:24:35 0 d-------- C:\Documents and Settings\Maxybox\Application Data\TrojanHunter
2008-05-21 00:06:16 0 d-------- C:\Program Files\TrojanHunter 5.0
2008-05-20 21:19:38 0 d-------- C:\Program Files\CamStudio
2008-05-19 00:34:57 0 d-------- C:\Program Files\Electronic Arts
2008-05-18 22:03:43 0 d-------- C:\DUKE3D
2008-05-18 21:38:17 0 d-------- C:\Program Files\GameSpot
2008-05-18 21:38:17 0 d-------- C:\Documents and Settings\All Users\temp
2008-05-18 21:38:17 0 d-------- C:\Documents and Settings\All Users\Gamespot
2008-05-18 21:24:47 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-05-18 21:24:47 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-05-18 21:23:50 189472 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-05-18 21:23:50 6381344 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-05-18 21:23:49 0 d-------- C:\Program Files\Kaspersky Lab
2008-05-18 21:23:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-18 21:21:51 0 d-------- C:\kav
2008-05-18 21:04:46 0 d-a------ C:\WINDOWS\zts2.exe
2008-05-18 21:04:46 0 d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-05-18 21:04:46 0 d-a------ C:\WINDOWS\system32\systems.txt
2008-05-18 21:04:46 0 d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-05-18 21:04:46 0 d-a------ C:\WINDOWS\rundll16.exe
2008-05-18 21:04:46 0 d-a------ C:\WINDOWS\rundl132.dll
2008-05-18 21:04:46 0 d-a------ C:\WINDOWS\logo1_.exe
2008-05-18 21:02:07 0 d-------- C:\WINDOWS\nvidia icons
2008-05-18 18:50:24 0 d-------- C:\Program Files\MagicISO
2008-05-17 23:14:20 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-17 23:12:37 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-17 23:11:19 0 d-------- C:\Program Files\Disc2Phone
2008-05-17 23:05:54 0 d-------- C:\WINDOWS\system32\URTTemp


-- Find3M Report ---------------------------------------------------------------

2008-06-15 02:10:35 0 d-------- C:\Program Files\Steam
2008-06-14 23:37:51 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-12 19:40:49 0 d-------- C:\Program Files\Common Files
2008-06-12 19:40:11 0 d-------- C:\Program Files\PowerArchiver
2008-06-01 21:04:44 2502 --a------ C:\WINDOWS\mozver.dat
2008-06-01 01:19:50 0 d-------- C:\Program Files\Last.fm
2008-06-01 01:19:50 0 d-------- C:\Program Files\9Dragons
2008-06-01 01:19:50 0 d-------- C:\Documents and Settings\Maxybox\Application Data\Azureus
2008-05-27 21:33:02 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-18 21:38:18 6093 --a------ C:\Program Files\install.log
2008-05-17 23:10:53 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-17 23:05:27 0 d-------- C:\Program Files\Clive Barker's Undying
2008-05-08 00:45:23 0 d-------- C:\Documents and Settings\Maxybox\Application Data\Bioshock
2008-05-06 02:38:17 0 d-------- C:\Program Files\DivX
2008-05-05 17:59:12 0 d-------- C:\Program Files\AMD
2008-05-02 22:46:00 1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-02 22:46:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-02 22:46:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-02 22:46:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-02 22:46:00 1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-02 22:46:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-02 22:46:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-02 22:46:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2008-04-28 00:51:00 0 d-------- C:\Documents and Settings\Maxybox\Application Data\uTorrent
2008-04-28 00:48:47 0 d-------- C:\Program Files\Ace Utilities
2008-04-27 21:17:45 0 dr-h----- C:\Documents and Settings\Maxybox\Application Data\SecuROM
2008-04-27 00:44:08 0 d-------- C:\Program Files\RADVideo
2008-04-25 01:15:41 0 d-------- C:\Documents and Settings\Maxybox\Application Data\Google
2008-04-25 01:14:34 0 d-------- C:\Program Files\Google
2008-04-25 00:01:15 0 d-------- C:\Program Files\GameSpy Arcade
2008-04-24 17:06:58 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-04-20 01:15:45 0 d-------- C:\Documents and Settings\Maxybox\Application Data\Move Networks
2008-04-19 00:27:10 0 d-------- C:\Documents and Settings\Maxybox\Application Data\Adobe
2008-04-19 00:22:43 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-18 22:20:18 0 d-------- C:\Program Files\Ubi Soft
2008-04-18 22:02:30 0 d-------- C:\Program Files\Liquid Entertainment
2008-04-15 23:39:20 0 d-------- C:\Documents and Settings\Maxybox\Application Data\mIRC
2008-04-15 23:37:56 0 d-------- C:\Program Files\mIRC
2008-04-15 23:33:27 13132 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-04-15 22:59:31 0 d-------- C:\Program Files\Azureus
2008-04-06 19:50:03 571 --a------ C:\WINDOWS\eReg.dat
2008-04-03 22:59:13 0 --a------ C:\WINDOWS\PowerReg.dat
2008-04-03 21:01:26 54 --a------ C:\smp.bat
2008-04-03 06:08:07 62 --ahs---- C:\Documents and Settings\Maxybox\Application Data\desktop.ini
2008-04-03 00:00:34 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-02 23:10:04 315392 --a------ C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-04-02 22:30:21 0 -rahs---- C:\MSDOS.SYS
2008-04-02 22:30:21 0 -rahs---- C:\IO.SYS
2008-04-02 22:30:21 0 --a------ C:\CONFIG.SYS
2008-04-02 22:30:21 0 --a------ C:\AUTOEXEC.BAT
2008-04-02 22:28:10 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-19 10:47:00 1845248 --a------ C:\WINDOWS\system32\win32k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
19/03/2008 23:36 1267040 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [19/03/2008 23:36 1267040]

[-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [16/10/2007 18:30 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [11/10/2007 11:04 C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [03/05/2005 18:43 C:\WINDOWS\Alcmtr.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [01/04/2008 19:49]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [03/04/2008 14:06]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [02/05/2008 22:46]
"nwiz"="nwiz.exe" [02/05/2008 22:46 C:\WINDOWS\system32\nwiz.exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [02/05/2008 22:46]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [03/11/2006 19:20]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [08/02/2008 18:36]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [09/06/2004 15:37]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56]
"PowerArchiver Tray"="C:\Program Files\PowerArchiver\PASTARTER.EXE" [30/11/2007 16:08]
"Steam"="C:\Program Files\Steam\Steam.exe" [08/05/2008 23:07]
"igndlm.exe"="C:\Program Files\Download Manager\DLM.exe" [05/03/2007 22:57]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [25/03/2008 21:21]

C:\Documents and Settings\Maxybox\Start Menu\Programs\Startup\
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [03/04/2008 22:17:03]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
TrayMin315.exe.lnk - C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe [14/06/2008 23:37:53]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [03/04/2008 11:20:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adi alhk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
"<NO NAME>"=
"Aim6"="C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"SpyHunter Security Suite"=C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
"THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc




-- End of Deckard's System Scanner: finished at 2008-06-15 02:34:36 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
CPU 1: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
Percentage of Memory in Use: 42%
Physical Memory (total/avail): 1022.48 MiB / 584.88 MiB
Pagefile Memory (total/avail): 2458.97 MiB / 2026.85 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1919.76 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 72.71 GiB total, 7.23 GiB free.
D: is CDROM (CDFS)
E: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - ST380012A - 72.72 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 72.71 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: Kaspersky Internet Security v7.0.1.325 (Kaspersky Lab)
AV: Kaspersky Internet Security v7.0.1.325 (Kaspersky Lab) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Documents and Settings\\Maxybox\\Desktop\\Windows Live Installer.exe"="C:\\Documents and Settings\\Maxybox\\Desktop\\Windows Live Installer.exe:*:Enabled:Windows Live Installer"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\kav\\kav7.0\\english\\setup.exe"="C:\\kav\\ka v7.0\\english\\setup.exe:*:Enabled:Kaspersky Anti-Virus 7.0 Setup"
"C:\\WoW-2.0.0-enUS-Installer-downloader.exe"="C:\\WoW-2.0.0-enUS-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Gore\\Gore.exe"="C:\\Program Files\\Gore\\Gore.exe:*isabled:Gore"
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"="C:\\Program Files\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Valvesoftware\\The Orange Box\\team fortress 2\\hl2.exe"="C:\\Program Files\\Valvesoftware\\The Orange Box\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\kav\\kis7.0\\english\\setup.exe"="C:\\kav\\ki s7.0\\english\\setup.exe:*:Enabled:Kaspersky Internet Security 7.0 Setup"
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe:*:Enabled:Crysis_32_sp_dem o"
"C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"="C:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Maxybox\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MAX
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Maxybox
LOGONSERVER=\\MAX
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Flock\flock;C:\WINDOWS\system32;C:\WINDOWS;C :\WINDOWS\System32\Wbem;C:\PROGRA~1\GORETO~1
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6b01
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
starttime=1213492568
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Maxybox\LOCALS~1\Temp
TMP=C:\DOCUME~1\Maxybox\LOCALS~1\Temp
USERDOMAIN=MAX
USERNAME=Maxybox
USERPROFILE=C:\Documents and Settings\Maxybox
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Maxybox (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
--> MsiExec.exe /I{9AA761E6-CA51-4FF2-A552-D51638BF0595}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 4.57 --> "C:\Program Files\7-Zip\Uninstall.exe"
9Dragons --> MsiExec.exe /I{EB0508A0-162A-4996-85A1-00C07D33445A}
Ace Utilities --> "C:\Program Files\Ace Utilities\uninstall.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\System32\Macromed\Flash\uninstall_plugi n.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AIMTunes --> C:\Program Files\AIMTunes\Uninstall.exe
AMD CPUInfo --> MsiExec.exe /X{9A27B530-AC8F-4C21-AA59-271FBFD9FE1F}
AMD Processor Driver --> C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly
AudioConverter Studio 5.9 --> "C:\Program Files\AudioConverter Studio\unins000.exe"
Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
Bink and Smacker --> C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
Cablenut 4.08 --> C:\Program Files\Cablenut\uninst-cablenut.exe
CamStudio --> C:\Program Files\CamStudio\uninstall.exe
Crysis(R) SP Demo --> MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Dedicated Server --> "C:\Program Files\Steam\steam.exe" steam://uninstall/5
Disc2Phone --> MsiExec.exe /I{6E65247F-58F9-41CA-BE69-0316F7907170}
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Download Manager 2.3.6 --> C:\Program Files\Download Manager\uninst.exe
Dual-Core Optimizer --> MsiExec.exe /X{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}
EVEREST Ultimate Edition v4.50 --> "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Flock 1.2 --> C:\Program Files\Flock\uninst.exe
GameSpot Download Manager --> "C:\Program Files\GameSpot\uninstall.exe"
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
getPlus(R)_dll --> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSd.INF, DefaultUninstall
Google Earth --> MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Gore Tools --> C:\PROGRA~1\GORETO~1\UNWISE.EXE C:\PROGRA~1\GORETO~1\INSTALL.LOG
Half-Life 2: Deathmatch --> "C:\Program Files\Steam\steam.exe" steam://uninstall/320
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spun inst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunins t.exe"
HW Monitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEA20FED-A903-46A2-B197-789B4456B508}\setup.exe"
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Last.fm 1.5.1.29527 --> "C:\Program Files\Last.fm\unins000.exe"
LastChaos --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0AF3FEAE-B651-4421-97EF-4808A588B4E5}\Setup.exe" -l0x9
Magic ISO Maker v5.3 (build 0221) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
MagicDisc 2.6.93 --> C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spu ninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spunin st.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 --> MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oblivion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9 -removeonly
PC Pitstop Disk MD 2.0 --> "C:\Program Files\PCPitstop\Disk MD\unins000.exe"
PC Pitstop Erase 1.1 --> "C:\Program Files\PCPitstop\Erase\unins000.exe"
PC Pitstop Optimize2 2.0 --> "C:\Program Files\PCPitstop\Optimize2\unins000.exe"
Philips SPC315NC Webcam --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D95F0670-EBA8-46B2-8ABE-9DDA2BC3DC7E}\Setup.exe" -l0x9
PowerArchiver 2007 --> MsiExec.exe /I{B6826FA8-04C8-4147-AA3C-5B900AB887A1}
Project64 1.6 --> MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Sothink FLV Player --> "C:\Program Files\Common Files\SourceTec\Sothink FLV Player\unins000.exe"
Sothink SWF Converter --> "C:\Program Files\SourceTec\Sothink FLV Converter\unins000.exe"
SpeedFan (remove only) --> "C:\Program Files\SpeedFan\uninstall.exe"
SpyHunter --> "C:\Program Files\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Program Files\Enigma Software Group\SpyHunter\install.log" -u
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
TrojanHunter 5.0 --> "C:\Program Files\TrojanHunter 5.0\unins000.exe"
Unreal II --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{626F32D6-007C-41D5-8157-9509AB1428BE}\Setup.exe" -l0x9
Unreal Tournament 3 --> "C:\Documents and Settings\Maxybox\Application Data\InstallShield Installation Information\{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}\SetupUT3.exe" -runfromtemp -l0x0409 -removeonly
Unreal Tournament 3 --> MsiExec.exe /X{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
Unreal Tournament G.O.T.Y. Edition --> C:\UnrealTournament\System\Setup.exe uninstall "UnrealTournament"
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Winamp Toolbar for Firefox --> "C:\Documents and Settings\Maxybox\Application Data\Mozilla\Firefox\Profiles\nd6jcy8m.default\ext ensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"
Winamp Toolbar for Internet Explorer --> "C:\Program Files\Winamp Toolbar\uninstall.exe"
WinCleaner OneClick Professional Clean Version 11 Trial Edition --> "C:\Program Files\Business Logic Corporation\WinCleaner\unins000.exe"
Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6 A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03B C354BB5DC973CCF768D5A7194\amdk8.inf
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spunin st.exe"
WinZip 11.2 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}


-- Application Event Log -------------------------------------------------------

Event Record #/Type110648 / Success
Event Submitted/Written: 06/14/2008 11:45:34 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type110647 / Error
Event Submitted/Written: 06/14/2008 11:44:01 PM
Event ID/Source: 1000 / Windows Live Messenger
Event Description:
msnmsgr.exe8.5.1302.10184717a53bvm31bprp.ax1.3.1.0 44cebf180000014a8

Event Record #/Type110642 / Warning
Event Submitted/Written: 06/14/2008 11:39:44 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type110639 / Success
Event Submitted/Written: 06/14/2008 09:41:07 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type110635 / Error
Event Submitted/Written: 06/14/2008 04:25:32 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type6256 / Warning
Event Submitted/Written: 06/15/2008 02:32:16 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MAX27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MAX27 can't undo changes that you allow.

For more information please see the following:
%MAX275

Scan ID: {EF18BBAA-7FB7-4987-9CEF-0678C41071B4}

User: MAX\Maxybox

Name: %MAX271

ID: %MAX272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %MAX276

Alert Type: %MAX278

Detection Type: 1.1.1593.02

Event Record #/Type6255 / Warning
Event Submitted/Written: 06/15/2008 02:32:16 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MAX27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MAX27 can't undo changes that you allow.

For more information please see the following:
%MAX275

Scan ID: {120648F3-B0A6-4E4E-961D-12622EB49AF8}

User: MAX\Maxybox

Name: %MAX271

ID: %MAX272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %MAX276

Alert Type: %MAX278

Detection Type: 1.1.1593.02

Event Record #/Type6250 / Warning
Event Submitted/Written: 06/15/2008 02:09:02 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%MAX27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %MAX27 can't undo changes that you allow.

For more information please see the following:
%MAX275

Scan ID: {902BA294-570C-4E45-8898-849216EC0023}

User: MAX\Maxybox

Name: %MAX271

ID: %MAX272

Severity: 1.1.1593.05

Category: 1.1.1593.06

Path Found: %MAX276

Alert Type: %MAX278

Detection Type: 1.1.1593.02

Event Record #/Type6239 / Error
Event Submitted/Written: 06/15/2008 02:08:57 AM
Event ID/Source: 10016 / DCOM
Event Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{D851F103-8C90-4321-AFF0-58BA5BD421C2}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

Event Record #/Type6238 / Error
Event Submitted/Written: 06/15/2008 02:08:57 AM
Event ID/Source: 10016 / DCOM
Event Description:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{D851F103-8C90-4321-AFF0-58BA5BD421C2}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.



-- End of Deckard's System Scanner: finished at 2008-06-15 02:34:36 ------------
  #2  
Old 06-15-2008
Pancake's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 3,087
PC Experience: Elite PC Guru
Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page Pancake - See this Members User comments on their Profile page
Default Re: Pc not running as it should
You have got a bit of malware that needs to be killed.
  • Download The Avenger by Swandog46 from here.
  • Unzip/extract it to a folder on your desktop
    .
  • Double click on avenger.exe to run The Avenger.
  • Click OK.
  • Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick in it.
  • Copy all of the text in the below textbox to the clipboard by highlighting it and then pressing Ctrl+C.

    Code:
    Files to delete:
C:\WINDOWS\zts2.exe
C:\WINDOWS\system32\vcmgcd32.dll
C:\WINDOWS\system32\systems.txt
C:\WINDOWS\system32\iifgfgf.dll
C:\WINDOWS\rundll16.exe
C:\WINDOWS\rundl132.dll
C:\WINDOWS\logo1_.exe
  • In the avenger window, click the Paste Script from Clipboard, button.
  • Click the Execute button.
  • You will be asked Are you sure you want to execute the current script?.
  • Click Yes.
  • You will now be asked First step completed --- The Avenger has been successfully set up to run on next boot. Reboot now?.
  • Click Yes.
  • Your PC will now be rebooted.
  • Note: If the above script contains Drivers to delete: or Drivers to disable:, then The Avenger will require two reboots to complete its operation.
  • If that is the case, it will force a shutdown. This is normal & expected behaviour.
  • After your PC has completed the necessary reboots, a log should automatically open. If it does not automatically open, then the log can be found at %systemdrive%\avenger.txt (typically C:\avenger.txt).
  • Please post this log, along with a new Post the report in your next reply.


__________________
  • An Australian Member of
  • and
My real name is Eddy

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!

Bookmarks

Tags
running

« Content advisor Problem!! | URGENT! Virus help! »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 07:25 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
Compare
Compare current accounts with moneyextra.

Mortgage Calculator
Calculate your mortgage from moneyextra.

News
Workwide news from the UK paper - the mirror.