Inactive AndyF's PC Scan I

[Inactive] AndyF's PC Scan I

Hi Guys!

I really appreciate your helping me establish the state of my system.

Here is my DDS.txt result, I'll put the rest on the next thread.

DDS (Ver_09-12-01.01) - NTFSx86
Run by Administrator at 15:15:46.85 on Sun 03/14/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1143 [GMT -4:00]

AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PDF Complete\pdfsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\PDF Complete\pdfsty.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
J:\spybot\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\mspaint.exe
J:\downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ca/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common

files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - j:\spybot\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] j:\spybot\spybot - search & destroy\TeaTimer.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [PDF Complete] "c:\program files\pdf complete\pdfsty.exe "
mRun: [SetRefresh] c:\program files\compaq\setrefresh\SetRefresh.exe
mRun: [Recguard] c:\windows\sminst\Recguard.exe
mRun: [Reminder] c:\windows\creator\Remind_XP.exe
mRun: [Scheduler] c:\windows\sminst\Scheduler.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital

imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft

office\office\OSA9.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - j:\spybot\spybot~1\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -

hxxp://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1234905084779&h=e84d729927db29007d437

d7b9ee10b08/&filename=jinstall-6u12-windows-i586-jc.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
TCP: {CDE10DD9-8F79-4A17-9CDE-B1E1B7DF94A2} = 207.164.234.193 207.164.234.129
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\koagocxe.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} -

c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-11-16 108792]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-11-16 735960]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2008-5-6 540184]
S1 oxmf;OXPCI Bus enumerator;c:\windows\system32\drivers\oxmf.sys [2007-1-24 15779]
S1 oxpar;OX16PCI954 Parallel port driver;c:\windows\system32\drivers\oxpar.sys [2007-1-24 76800]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 Oxmfuf;Filter driver for OX16PCI95x ports;c:\windows\system32\drivers\oxmfuf.sys [2007-1-24 5111]
S3 oxser;OX16C95x Serial port driver;c:\windows\system32\drivers\oxser.sys [2007-1-24 51269]
S3 VirtDisk;XSS Virtual Disk Driver;c:\windows\sminst\virtdisk.sys [2008-5-6 57344]

=============== Created Last 30 ================

2010-03-11 17:33:10 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-09 19:09:01 0 d-sh--w- c:\documents and settings\administrator\PrivacIE
2010-03-09 19:01:35 0 d-sh--w- c:\documents and settings\administrator\IETldCache
2010-03-09 18:58:40 0 d-----w- c:\windows\ie8updates
2010-03-09 18:56:15 0 dc-h--w- c:\windows\ie8
2010-03-09 18:19:05 69120 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-03-09 18:17:05 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-03-09 18:17:04 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-18 17:11:44 0 d-----w- c:\program files\ESET
2010-02-15 23:54:24 52736 ----a-w- C:\Resume(summary).doc

==================== Find3M ====================

2010-02-02 00:41:00 75272 ----a-w- c:\windows\fonts\Genzsch Initials.ttf
2010-01-05 10:00:21 133120 ------w- c:\windows\system32\dllcache\extmgr.dll
2009-12-31 16:50:03 353792 ------w- c:\windows\system32\dllcache\srv.sys
2009-12-31 15:33:06 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-21 19:14:05 916480 ------w- c:\windows\system32\dllcache\wininet.dll
2009-12-21 19:14:05 1208832 ------w- c:\windows\system32\dllcache\urlmon.dll
2009-12-21 19:14:04 5942784 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-12-21 19:14:04 206848 ------w- c:\windows\system32\dllcache\occache.dll
2009-12-21 19:14:03 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-21 19:14:03 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-21 19:14:03 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2009-12-21 19:14:03 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2009-12-21 19:14:03 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
2009-12-21 19:14:02 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll
2009-12-21 19:14:01 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2009-12-21 13:19:18 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe
2009-04-08 20:54:54 32768 --sha-w- c:\windows\system32\config\systemprofile\local

settings\history\history.ie5\mshist012009040820090409\index.dat

============= FINISH: 15:16:12.50 ===============


Thanks,
Andy

 

AndyF's PC Scan II

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/17/2009 2:45:53 PM
System Uptime: 3/14/2010 8:09:37 AM (7 hours ago)

Motherboard: ASUSTek Computer INC. | | 2A72
Processor: AMD Athlon(tm) Dual Core Processor 4450B | Socket AM2 | 2310/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 65 GiB total, 51.136 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.328 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 149 GiB total, 146.872 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP143: 12/25/2009 11:13:38 AM - System Checkpoint
RP144: 12/27/2009 6:03:58 PM - System Checkpoint
RP145: 12/30/2009 5:32:03 PM - System Checkpoint
RP146: 1/6/2010 7:43:01 PM - System Checkpoint
RP147: 1/8/2010 2:42:28 PM - System Checkpoint
RP148: 1/12/2010 11:29:42 AM - System Checkpoint
RP149: 1/12/2010 4:31:38 PM - Software Distribution Service 3.0
RP150: 1/13/2010 11:56:25 AM - Software Distribution Service 3.0
RP151: 1/15/2010 11:31:16 AM - System Checkpoint
RP152: 1/17/2010 12:44:18 PM - System Checkpoint
RP153: 1/20/2010 1:45:03 PM - System Checkpoint
RP154: 1/21/2010 1:16:31 PM - Paint.NET v3.5.2
RP155: 1/23/2010 8:17:56 AM - Software Distribution Service 3.0
RP156: 1/25/2010 1:06:18 PM - System Checkpoint
RP157: 1/26/2010 2:18:27 PM - System Checkpoint
RP158: 1/28/2010 12:23:25 PM - System Checkpoint
RP159: 1/29/2010 3:11:57 PM - System Checkpoint
RP160: 2/1/2010 10:34:43 AM - System Checkpoint
RP161: 2/2/2010 9:00:56 PM - System Checkpoint
RP162: 2/4/2010 12:34:40 PM - System Checkpoint
RP163: 2/5/2010 4:25:28 PM - System Checkpoint
RP164: 2/7/2010 2:52:26 PM - System Checkpoint
RP165: 2/8/2010 7:48:00 PM - System Checkpoint
RP166: 2/11/2010 1:01:12 AM - Software Distribution Service 3.0
RP167: 2/11/2010 11:05:15 PM - Software Distribution Service 3.0
RP168: 2/14/2010 1:49:01 PM - System Checkpoint
RP169: 2/15/2010 1:59:57 PM - System Checkpoint
RP170: 2/18/2010 7:07:53 AM - System Checkpoint
RP171: 2/18/2010 9:14:00 AM - Removed ESET Smart Security
RP172: 2/18/2010 12:11:42 PM - Installed ESET Smart Security
RP173: 2/19/2010 2:16:11 PM - System Checkpoint
RP174: 2/20/2010 5:10:22 PM - System Checkpoint
RP175: 2/22/2010 7:28:18 PM - System Checkpoint
RP176: 2/24/2010 8:12:44 PM - System Checkpoint
RP177: 2/25/2010 9:19:40 AM - Software Distribution Service 3.0
RP178: 2/28/2010 2:19:21 PM - System Checkpoint
RP179: 3/3/2010 8:41:49 AM - System Checkpoint
RP180: 3/8/2010 9:26:15 PM - System Checkpoint
RP181: 3/9/2010 8:35:18 AM - Software Distribution Service 3.0
RP182: 3/9/2010 1:57:20 PM - Installed Windows Internet Explorer 8.
RP183: 3/9/2010 1:58:10 PM - Software Distribution Service 3.0
RP184: 3/10/2010 11:07:14 AM - Software Distribution Service 3.0
RP185: 3/10/2010 8:24:32 PM - Software Distribution Service 3.0
RP186: 3/11/2010 3:30:45 PM - Software Distribution Service 3.0
RP187: 3/13/2010 8:45:34 AM - System Checkpoint
RP188: 3/14/2010 9:21:37 AM - Advanced Registry Optimizer 2010 - Before Installation
RP189: 3/14/2010 9:22:49 AM - ADVANCED REGISTRY OPTIMIZER 2010- FIRST RUN
RP190: 3/14/2010 9:26:26 AM - Advanced Registry Optimizer 2010 Sun, Mar 14, 10 09:26

==== Installed Programs ======================


1st Page 2000 2.00 Free
Adobe Flash Player 10 Plugin
Adobe Reader 9
AMD Processor Driver
AOpen FM56-PX Controllerless PCI Modem
ArcSoft PhotoImpression 4
BufferChm
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
D2300
D2300_Help
DeviceManagementQFolder
Dual-Core Optimizer
ESET Smart Security
eSupportQFolder
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Backup and Recovery Manager
HP Customer Participation Program 7.0
HP Help and Support
HP Imaging Device Functions 7.0
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Essential
HP Software Update
HP Solution Center 7.0
hph_ProductContext
hph_readme
hph_software
hph_software_req
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
InterVideo Register Manager
InterVideo WinDVD
Java(TM) 6 Update 12
Java(TM) 6 Update 2
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Small Business
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Small Business Connectivity Components
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.5)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
MyDSC2
NVIDIA Drivers
Paint.NET v3.5.2
PDF Complete
Realtek High Definition Audio Driver
Samsung CLP-300 Series
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
SolutionCenter
Spybot - Search & Destroy
Status
SureThing Ticket Maker
Toolbox
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows XP (KB943729)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WampServer 2.0
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

3/9/2010 8:42:20 AM, error: Windows Update Agent [20] - Installation Failure: Windows

failed to install the following update with error 0x80070643: Internet Explorer 8 for

Windows XP.
3/9/2010 2:01:37 PM, error: Service Control Manager [7000] - The SSPORT service failed

to start due to the following error: The system cannot find the file specified.
3/9/2010 2:01:37 PM, error: Service Control Manager [7000] - The DgiVecp service failed

to start due to the following error: The system cannot find the device specified.

==== End Of File ===========================

Malwarescan

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/14/2010 8:47:51 PM
mbam-log-2010-03-14 (20-47-51).txt

Scan type: Full Scan (C:\|D:\|J:\|)
Objects scanned: 179347
Time elapsed: 23 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

------------------------------------------------------------------

hijackthis

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 9:19:02 PM, on 3/14/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PDF Complete\pdfsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\PDF Complete\pdfsty.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
J:\spybot\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
J:\hijackthis\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - J:\spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe "
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] J:\spybot\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\spybot\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\spybot\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JS...8/&filename=jinstall-6u12-windows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CDE10DD9-8F79-4A17-9CDE-B1E1B7DF94A2}: NameServer = 207.164.234.193 207.164.234.129
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: wampapache - Apache Software Foundation - J:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - J:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe

--
End of file - 6659 bytes
-----------------------------------------------------------------

FWIW: after downloading the Malware update, and before executing the program, I rec'd a Malware error code 732(0,0). I print screened the error but this forum doesn't seem to have an attach feature.

Thanks all for all the work.

Andy

 

!!!!????

This is a carry over from an ongoing discussion and final suggestion from the Security thread. The split posting is in reference to Arie's suggestion, and in conformance to rule:

"You may required to split the logs into 2 or more posts due to their size. "

and I thought I was doing the forum a favor by doing so.

AndyF

 

You split the logs over two threads instead of two posts.

Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Download the update from here if you have problems.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Make sure that you restart the computer.

=================

Download HijackThis Executable from here. Save it to your desktop.
Start HJT & press the "Do a system scan and save a log file" button. When the scan is finished a window will pop up giving you the option of where to save it. Save it to desktop where it is easy to access. Open the log file and then go to the format Tab and make sure that wordwrap is unchecked. Copy the entire contents of the file & paste it into the body of your post. DO NOT FIX ANYTHING YET. Most of what is there is necessary for the running of your system.