Author Topic: Hijackthis (Read 2057 times)

OVERKILL · « **on:** November 18, 2007, 04:59:04 PM »

I am having a little problem with my comp for a while. I was told to give hijackthis a try & you people might be able to give me a little help. I am not totally sure if my comp has any spyware or malware in it but it sure does seem that something is slowing it down. I did keep the log & I sure do hope i am posting in the right spot. I did read the rules & followed all the links in the forum. so here goes..

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\MYCOMP~1\FREEAV~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\MYCOMP~1\FREEAV~1\avgamsvr.exe
C:\MYCOMP~1\FREEAV~1\avgupsvc.exe
C:\MYCOMP~1\FREEAV~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\MYCOMP~1\SPYBOT\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\MYCOMP~1\FREEAV~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1194131884818
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1194131862866
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\MY COMP PRGRAMS\TRACKS PRO ERASER\Tracks Eraser Pro\delautocomp.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\MYCOMP~1\FREEAV~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\MYCOMP~1\FREEAV~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\MYCOMP~1\FREEAV~1\avgemc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

--
End of file - 5906 bytes

CHEERS

guestolo · « **Reply #1 on:** November 18, 2007, 08:14:20 PM »

Can you do the following
Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post the contents of main.txt and extra.txt

OVERKILL · « **Reply #2 on:** November 19, 2007, 08:48:22 AM »

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 1700MHz
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 767.48 MiB / 451.55 MiB
Pagefile Memory (total/avail): 3030.42 MiB / 2777.91 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.03 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 149.04 GiB total, 96.49 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD1600AAJB-00PVA0 - 149.05 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 149.04 GiB - C:

-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is enabled.

FirewallOverride is set.

AV: AVG 7.5.503 v7.5.503 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\MY COMP PRGRAMS\\MIRC\\mirc.exe"="C:\\MY COMP PRGRAMS\\MIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\MY COMP PRGRAMS\\SPYBOT\\Spybot - Search & Destroy\\SpybotSD.exe"="C:\\MY COMP PRGRAMS\\SPYBOT\\Spybot - Search & Destroy\\SpybotSD.exe:*:Enabled:Spybot - Search & Destroy"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\\MY COMP PRGRAMS\\IMTOO CD RIPPER\\CD Ripper\\cdripper.exe"="C:\\MY COMP PRGRAMS\\IMTOO CD RIPPER\\CD Ripper\\cdripper.exe:*:Enabled:ImTOO CD Ripper"
"C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avginet.exe"="C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avginet.exe:*:Enabled:avginet.exe"
"C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avgamsvr.exe"="C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avgcc.exe"="C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avgemc.exe"="C:\\MY COMP PRGRAMS\\FREE AVG VIRUS SCANNER\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\MY COMP PRGRAMS\\LINEWIRE\\LimeWire\\LimeWire.exe"="C:\\MY COMP PRGRAMS\\LINEWIRE\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\MY COMP PRGRAMS\\SoulSeek Client\\Soulseek\\slsk.exe"="C:\\MY COMP PRGRAMS\\SoulSeek Client\\Soulseek\\slsk.exe:*:Enabled:slsk.exe"
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\\MY COMP PRGRAMS\\CREATIVE\\Orb\\bin\\Orb.exe"="C:\\MY COMP PRGRAMS\\CREATIVE\\Orb\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\MY COMP PRGRAMS\\CREATIVE\\Orb\\bin\\OrbTray.exe"="C:\\MY COMP PRGRAMS\\CREATIVE\\Orb\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\MY COMP PRGRAMS\\CREATIVE\\Orb\\bin\\OrbStreamerClient.exe"="C:\\MY COMP PRGRAMS\\CREATIVE\\Orb\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\Program Files\\SightSpeed\\SightSpeed.exe"="C:\\Program Files\\SightSpeed\\SightSpeed.exe:*:Enabled:SightSpeed"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HOME-COMPUTER
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\
LOGONSERVER=\\HOME-COMPUTER
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 0 Stepping 10, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=000a
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\TR~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\TR~1\LOCALS~1\Temp
USERDOMAIN=HOME-COMPUTER
USERNAME=
USERPROFILE=C:\Documents and Settings\
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Troy Lear (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> MsiExec.exe /I{12452C5A-32E2-40C6-808D-DA4FB6DC35A5}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Multimedia Center 9.14 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3CBA0E30-6F54-47EF-910E-1D4D450AFE45}
ATI Parental Control & Encoder --> MsiExec.exe /I{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}
ATI Remote Wonder 3.04 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{8F36E44A-E6E7-41B7-B6F6-4637BF84EFA5}
Audio Editor Gold v9.2.12 Build 543 --> "C:\MY COMP PRGRAMS\AUDIO EDIT\Audio Editor Gold\unins000.exe"
AudioConverter --> "C:\MY COMP PRGRAMS\AUDIO CONVERTER\TotalAudioConverter\unins000.exe"
AVG 7.5 --> C:\MY COMP PRGRAMS\FREE AVG VIRUS SCANNER\setup.exe /UNINSTALL
DAO --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C88E49AA-41C5-4420-A08D-BE1B6C5A3A74}
DVD Decrypter (Remove Only) --> "C:\MY COMP PRGRAMS\DVD RIPPING TOOLS\DVD DECRYPTER\uninstall.exe"
DVD Shrink 3.2 --> "C:\MY COMP PRGRAMS\DVD RIPPING TOOLS\DVD SHRINK\DVD Shrink\unins000.exe"
DVD Solution --> "C:\Program Files\Uninstall_CDS.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Invision 2.0 Build 3515 --> C:\MYCOMP~1\MIRC\UNWISE.EXE C:\MYCOMP~1\MIRC\INSTALL.LOG
Java(tm) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Lexmark 1200 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXCZUN5C.EXE -dLexmark 1200 Series
LimeWire 4.14.10 --> "C:\MY COMP PRGRAMS\LINEWIRE\LimeWire\uninstall.exe"
Logitech Audio Echo Cancellation Component --> MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Legacy USB Camera Driver Package --> "C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\10.50.1091\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"legacyqcam_10.50" /clone_wait /hide_progress
Logitech QuickCam --> MsiExec.exe /X{31C50740-FC5A-4C6C-B91B-E3B5DFADC824}
Logitech QuickCam Driver Package --> "C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Logitech Video Enumerator --> MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
mIRC --> "C:\MY COMP PRGRAMS\MIRC\mirc.exe" -uninstall
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MVision --> MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
MVision --> MsiExec.exe /I{5FE1E412-D114-46E8-A891-5BE087B256A5}
Nero 7 Ultra Edition --> MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickSFV (Remove only) --> C:\MY COMP PRGRAMS\QUICK SFV SCANNER\QSFVUNST.EXE C:\MY COMP PRGRAMS\QUICK SFV SCANNER\
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SoulSeek Client 156b --> "C:\MY COMP PRGRAMS\SoulSeek Client\Soulseek\uninstall.exe"
Spybot - Search & Destroy 1.4 --> "C:\MY COMP PRGRAMS\SPYBOT\Spybot - Search & Destroy\unins000.exe"
TitanTV Client components for ATI --> MsiExec.exe /I{A3DD7BA6-37A6-4245-A167-B3AA137B2157}
Tracks Eraser Pro v5.5 --> "C:\MY COMP PRGRAMS\TRACKS PRO ERASER\Tracks Eraser Pro\unins000.exe"
UltraISO Premium V8.61 --> "C:\MY COMP PRGRAMS\ULTRA ISO\UltraISO\unins000.exe"
VIA Vinyl Audio Codecs Driver Setup Program --> RunDll32.exe UnAudioNT.dll,UninstallAudio C:\WINDOWS\IsUninst.exe -y-f"C:\PROGRA~1\VIAudioi\SBASetup\Uninst.isu"
Winamp (remove only) --> "C:\MY COMP PRGRAMS\WIN AMP\Winamp\UninstWA.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinRAR archiver --> C:\MY COMP PRGRAMS\WIN RAR\uninstall.exe
WinZip --> "C:\MY COMP PRGRAMS\WIN ZIP\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

-- Application Event Log -------------------------------------------------------

Event Record #/Type1035 / Error
Event Submitted/Written: 11/18/2007 04:31:43 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application swdsvc.exe, version 5.0.5.20, faulting module swdsvc.exe, version 5.0.5.20, fault address 0x000015fb.
Processing media-specific event for [swdsvc.exe!ws!]

Event Record #/Type947 / Error
Event Submitted/Written: 11/17/2007 06:29:09 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.20661, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00031c6b.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type946 / Error
Event Submitted/Written: 11/17/2007 02:59:31 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.20661, faulting module flash9d.ocx, version 9.0.47.0, fault address 0x00099a25.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type945 / Error
Event Submitted/Written: 11/17/2007 02:36:22 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application yahoomessenger.exe, version 8.1.0.421, faulting module yahoomessenger.exe, version 8.1.0.421, fault address 0x0018c1e9.
Processing media-specific event for [yahoomessenger.exe!ws!]

Event Record #/Type944 / Error
Event Submitted/Written: 11/17/2007 02:22:14 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application yahoomessenger.exe, version 8.1.0.421, faulting module yahoomessenger.exe, version 8.1.0.421, fault address 0x0018c1e9.
Processing media-specific event for [yahoomessenger.exe!ws!]

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type5903 / Warning
Event Submitted/Written: 11/19/2007 06:35:03 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type5902 / Warning
Event Submitted/Written: 11/18/2007 11:27:18 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type5901 / Warning
Event Submitted/Written: 11/18/2007 10:57:51 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type5900 / Warning
Event Submitted/Written: 11/18/2007 10:44:12 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type5786 / Error
Event Submitted/Written: 11/18/2007 04:31:37 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The LexBce Server service terminated unexpectedly. It has done this 1 time(s).

-- End of Deckard's System Scanner: finished at 2007-11-19 08:43:40 ------------

Deckard's System Scanner v20071014.68
Run by Troy Lear on 2007-11-19 08:40:32
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.

-- Last 1 Restore Point(s) --
1: 2007-11-19 16:40:34 UTC - RP1 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as .exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:41:56 AM, on 11/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20661)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\MYCOMP~1\FREEAV~1\avgamsvr.exe
C:\MYCOMP~1\FREEAV~1\avgupsvc.exe
C:\MYCOMP~1\FREEAV~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\MYCOMP~1\SPYBOT\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\MYCOMP~1\FREEAV~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1194131884818
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1194131862866
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\MY COMP PRGRAMS\TRACKS PRO ERASER\Tracks Eraser Pro\delautocomp.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\MYCOMP~1\FREEAV~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\MYCOMP~1\FREEAV~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\MYCOMP~1\FREEAV~1\avgemc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

--
End of file - 5765 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 ISODrive (ISO CD-ROM Device Driver) - c:\my comp prgrams\ultra iso\ultraiso\drivers\isodrive.sys <Not Verified; EZB Systems, Inc.; ISODrive>

S0 ntcdrdrv - c:\windows\system32\drivers\ntcdrdrv.sys (file missing)
S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S1 MusCVideo32 - c:\windows\system32\drivers\muscvideo32.sys
S3 MusCDriverV32 - c:\windows\system32\drivers\muscdriverv32.sys <Not Verified; Windows ® 2000/XP; Windows ® 2000/XP Driver>
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 Autocomplete (AutoComplete Service) - c:\my comp prgrams\tracks pro eraser\tracks eraser pro\delautocomp.exe <Not Verified; Acesoft; AUTOCOMP>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Files created between 2007-10-19 and 2007-11-19 -----------------------------

2007-11-18 16:42:59 0 d-------- C:\Program Files\Trend Micro
2007-11-18 15:18:36 0 d-------- C:\Documents and Settings\Application Data\Uniblue
2007-11-17 15:21:00 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-17 10:43:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-11-17 10:41:20 0 d-------- C:\Program Files\Yahoo!
2007-11-17 10:37:56 0 d-------- C:\Documents and Settings\Application Data\.gaim
2007-11-17 09:57:35 0 d-------- C:\Documents and Settings\Application Data\Paltalk
2007-11-17 09:57:32 0 d-------- C:\WINDOWS\PaltalkScene
2007-11-17 09:57:32 0 d-------- C:\Program Files\Paltalk Messenger
2007-11-17 09:20:29 0 d-------- C:\Documents and Settings\Contacts
2007-11-17 09:08:17 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-17 09:08:08 0 d-------- C:\Program Files\Windows Live
2007-11-17 09:08:01 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-17 08:11:02 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-11-17 07:52:46 0 d-------- C:\Program Files\Common Files\Logitech
2007-11-17 07:51:49 0 d-------- C:\Program Files\Common Files\LogiShrd
2007-11-17 07:51:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2007-11-17 06:22:25 0 d-------- C:\Documents and Settings\Application Data\ATI
2007-11-17 05:50:54 0 d-------- C:\CLEAN UP FOLDERS
2007-11-16 08:11:08 0 d-------- C:\Documents and Settings\Application Data\muvee Technologies
2007-11-16 07:10:24 0 d-------- C:\Documents and Settings\All Users\Application Data\X10 Settings
2007-11-16 07:10:08 0 d-------- C:\Documents and Settings\Application Data\Creative
2007-11-16 06:41:26 41984 -----n--- C:\WINDOWS\Ctregrun.exe <Not Verified; Creative Technology Ltd; Creative On-line Registration System>
2007-11-16 06:12:37 0 d-------- C:\WINDOWS\CtDrvInstall
2007-11-16 06:11:13 0 d-------- C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-11-13 15:38:48 0 d-------- C:\WINDOWS\Sun
2007-11-13 13:40:01 0 d-------- C:\Documents and Settings\Application Data\Sun
2007-11-13 12:45:38 0 d-------- C:\28_WEEKS_LATER
2007-11-13 09:20:04 0 dr-h----- C:\$VAULT$.AVG
2007-11-13 02:09:01 0 d-------- C:\28_WEEKS_LATE
2007-11-13 02:08:36 0 d-------- C:\28_WEEKS_LAT
2007-11-12 08:17:46 0 d-------- C:\Documents and Settings\Application Data\Help
2007-11-10 20:17:29 0 d-------- C:\Documents and Settings\Application Data\AVG7
2007-11-10 20:16:17 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-11-10 20:16:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-10 20:16:01 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-11-10 17:48:39 413696 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2007-11-10 17:48:39 86016 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions © Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(tm) Library>
2007-11-10 11:11:32 0 d-------- C:\Documents and Settings\Application Data\vlc
2007-11-10 08:18:48 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-11-10 08:18:44 0 d-------- C:\Program Files\Codec Pack - All In 1
2007-11-09 12:06:31 0 d-------- C:\Documents and Settings\Incomplete
2007-11-09 12:06:13 0 d-------- C:\Documents and Settings\Application Data\LimeWire
2007-11-09 12:05:24 0 d-------- C:\Program Files\Java
2007-11-09 12:04:47 0 d-------- C:\Program Files\Common Files\Java
2007-11-07 23:04:26 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-07 21:42:58 0 d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2007-11-07 21:32:06 0 d-------- C:\Program Files\NCH Swift Sound
2007-11-07 21:32:06 0 d-------- C:\Documents and Settings\Application Data\NCH Swift Sound
2007-11-07 20:49:25 2688 --a------ C:\WINDOWS\system32\drivers\MusCVideo32.sys
2007-11-07 20:49:25 513152 --a------ C:\WINDOWS\system32\drivers\MusCDriverV32.sys <Not Verified; Windows ® 2000/XP; Windows ® 2000/XP Driver>
2007-11-07 19:00:48 0 d-------- C:\Documents and Settings\Application Data\ATI MMC
2007-11-07 19:00:14 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI MMC
2007-11-07 15:07:14 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-07 15:07:14 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-07 14:40:25 0 d-------- C:\Documents and Settings\Application Data\WinRAR
2007-11-05 10:48:01 0 d-------- C:\Program Files\MSXML 6.0
2007-11-05 10:13:20 0 d--h----- C:\WINDOWS\$hf_mig$
2007-11-05 10:05:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2007-11-04 23:37:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2007-11-03 15:18:29 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-11-03 15:17:13 0 d-------- C:\Documents and Settings\Application Data\Macromedia
2007-11-03 13:28:50 0 d-------- C:\Documents and Settings\Application Data\CyberLink
2007-11-03 13:27:23 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-11-03 13:26:50 0 d-------- C:\Documents and Settings\Application Data\RipIt4Me
2007-11-03 12:53:38 0 dr------- C:\Documents and Settings\LocalService\Favorites
2007-11-03 12:25:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-03 12:12:53 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2007-11-03 11:51:22 0 d-------- C:\Program Files\Lexmark 1200 Series
2007-11-03 11:51:12 299520 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2007-11-03 11:51:10 0 d-------- C:\Documents and Settings\WINDOWS
2007-11-03 11:45:51 0 d-------- C:\Program Files\ATI Multimedia
2007-11-03 11:43:43 0 d-------- C:\Program Files\TitanTV
2007-11-03 11:43:24 0 d-------- C:\Program Files\msaccrt
2007-11-03 11:43:01 0 d-------- C:\WINDOWS\system32\windows media
2007-11-03 11:42:58 0 d-------- C:\WINDOWS\RegisteredPackages
2007-11-03 11:42:57 0 d--h----- C:\WINDOWS\msdownld.tmp
2007-11-03 11:42:55 0 d-------- C:\Program Files\Windows Media Components
2007-11-03 11:41:57 0 d-------- C:\WINDOWS\Downloaded Installations
2007-11-03 11:39:51 520192 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2007-11-03 11:39:32 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2007-11-03 11:39:21 0 d-------- C:\Program Files\ATI Technologies
2007-11-03 11:38:05 0 d-------- C:\Program Files\Common Files\ATI Technologies
2007-11-03 11:37:09 0 d-------- C:\Program Files\Common Files\ATI
2007-11-03 11:35:31 0 d-------- C:\Program Files\00 ATI NEW DRIVERS
2007-11-03 11:28:46 0 d-------- C:\Program Files\Common Files\Ahead
2007-11-03 11:23:19 0 d-------- C:\ALBUM TO RIP & TEST
2007-11-03 10:13:06 0 d-------- C:\Program Files\Winamp
2007-11-03 10:11:43 36864 --a------ C:\WINDOWS\system32\UnAudioNT.dll
2007-11-03 10:11:41 0 d-------- C:\Program Files\VIAudioi
2007-11-03 10:11:35 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShieldÂ® unInstaller>
2007-11-03 10:09:30 0 d-------- C:\Program Files\Microsoft ActiveSync
2007-11-03 10:09:29 0 d-------- C:\WINDOWS\SHELLNEW
2007-11-03 10:05:55 0 dr-h----- C:\MSOCache
2007-11-03 09:58:08 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-11-03 09:46:25 0 d-------- C:\Program Files\Common Files\EZB Systems
2007-11-03 09:41:07 0 d-------- C:\WINDOWS\Pc.Background.Pic
2007-11-03 09:40:01 0 d-------- C:\Documents and Settings\Application Data\Softplicity
2007-11-03 09:35:57 0 d-------- C:\Program Files\CyberLink
2007-11-03 09:35:52 40960 --a------ C:\Program Files\Uninstall_CDS.exe
2007-11-03 09:35:51 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-03 09:35:36 0 d-------- C:\Program Files\Common Files\InstallShield
2007-11-03 09:33:27 348160 --a------ C:\WINDOWS\system32\NCTWMAFile2.dll <Not Verified; Online Media Technologies Ltd.; NCTWMAFile2 ActiveX DLL>
2007-11-03 09:33:26 479232 --a------ C:\WINDOWS\system32\NCTAudioVisualization2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioVisualization2 ActiveX DLL>
2007-11-03 09:33:26 602112 --a------ C:\WINDOWS\system32\NCTAudioTransform2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioTransform2 ActiveX DLL>
2007-11-03 09:33:26 458752 --a------ C:\WINDOWS\system32\NCTAudioRecord2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioRecord2 ActiveX DLL>
2007-11-03 09:33:26 458752 --a------ C:\WINDOWS\system32\NCTAudioPlayer2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioPlayer2 ActiveX DLL>
2007-11-03 09:33:26 1212416 --a------ C:\WINDOWS\system32\NCTAudioInformation2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioInformation2 ActiveX DLL>
2007-11-03 09:33:26 1986560 --a------ C:\WINDOWS\system32\NCTAudioFile2.dll <Not Verified; NCT Company Ltd.; NCTAudioFile2 ActiveX DLL>
2007-11-03 09:33:26 880640 --a------ C:\WINDOWS\system32\NCTAudioEditor2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioEditor2 ActiveX DLL>
2007-11-03 09:33:26 417792 --a------ C:\WINDOWS\system32\NCTAudioDisplay2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioDisplay2 ActiveX DLL>
2007-11-03 09:33:26 2084864 --a------ C:\WINDOWS\system32\NCTAudioDesign2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioDesign2 ActiveX DLL>
2007-11-03 09:33:25 835584 --a------ C:\WINDOWS\system32\NCTAudioCDGrabber2.dll <Not Verified; NCT; NCTAudioCDGrabber2 ActiveX DLL>
2007-11-03 09:30:43 0 d-------- C:\WINDOWS\pss
2007-11-03 09:26:46 0 d-------- C:\MY COMP PRGRAMS
2007-11-03 09:22:45 0 d-------- C:\Documents and Settings\Application Data\Identities
2007-11-03 09:22:31 0 d--h----- C:\Documents and Settings\Templates
2007-11-03 09:22:31 0 dr------- C:\Documents and Settings\Start Menu
2007-11-03 09:22:31 0 dr-h----- C:\Documents and Settings\SendTo
2007-11-03 09:22:31 0 dr-h----- C:\Documents and Settings\Recent
2007-11-03 09:22:31 0 d--h----- C:\Documents and Settings\PrintHood
2007-11-03 09:22:31 5242880 --ah----- C:\Documents and Settings\NTUSER.DAT
2007-11-03 09:22:31 0 d--h----- C:\Documents and Settings\NetHood
2007-11-03 09:22:31 0 dr------- C:\Documents and Settings\My Documents
2007-11-03 09:22:31 0 d--h----- C:\Documents and Settings\Local Settings
2007-11-03 09:22:31 0 dr------- C:\Documents and Settings\Favorites
2007-11-03 09:22:31 0 d-------- C:\Documents and Settings\Desktop
2007-11-03 09:22:31 0 d--hs---- C:\Documents and Settings\Cookies
2007-11-03 09:22:31 0 d--h----- C:\Documents and Settings\Application Data
2007-11-03 09:21:41 0 d-------- C:\WINDOWS\Prefetch
2007-11-03 09:21:40 0 d---s---- C:\WINDOWS\system32\Microsoft
2007-11-03 09:21:39 1572864 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-11-03 09:21:39 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2007-11-03 09:21:39 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2007-11-03 09:21:39 0 d-------- C:\Documents and Settings\LocalService\Application Data
2007-11-03 09:21:39 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2007-11-03 09:21:30 1572864 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-11-03 09:21:30 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2007-11-03 09:21:30 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2007-11-03 09:21:30 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2007-11-03 09:21:30 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2007-11-03 09:17:29 0 d-------- C:\WINDOWS\system32\xircom
2007-11-03 09:17:29 0 d-------- C:\Program Files\microsoft frontpage
2007-11-03 09:17:25 233472 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-11-03 09:17:19 0 -rahs---- C:\MSDOS.SYS
2007-11-03 09:17:19 0 -rahs---- C:\IO.SYS
2007-11-03 09:17:19 0 --a------ C:\CONFIG.SYS
2007-11-03 09:17:19 50 --a------ C:\AUTOEXEC.BAT
2007-11-03 09:15:57 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-11-03 09:15:29 0 d--h----- C:\Program Files\WindowsUpdate
2007-11-03 09:15:01 0 d-------- C:\WINDOWS\system32\DirectX
2007-11-03 09:14:17 0 d---s---- C:\WINDOWS\Tasks
2007-11-03 09:14:16 0 d-------- C:\Program Files\Common Files\MSSoap
2007-11-03 09:14:12 0 d-------- C:\WINDOWS\srchasst
2007-11-03 09:14:03 0 d-------- C:\Program Files\Movie Maker
2007-11-03 09:13:53 0 d-------- C:\WINDOWS\system32\Restore
2007-11-03 09:13:29 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-11-03 09:13:13 0 d-------- C:\WINDOWS\Registration
2007-11-03 09:12:20 0 d-------- C:\Program Files\Online Services
2007-11-03 09:12:08 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-03 09:12:04 0 d-------- C:\WINDOWS\Offline Web Pages
2007-11-03 09:12:04 0 d---s---- C:\WINDOWS\Downloaded Program Files
2007-11-03 09:11:59 0 d-------- C:\Program Files\Messenger
2007-11-03 09:11:55 0 d-------- C:\Program Files\MSN Gaming Zone
2007-11-03 09:11:12 0 d-------- C:\Program Files\Windows NT
2007-11-03 09:11:07 0 d-------- C:\WINDOWS\system32\MsDtc
2007-11-03 09:11:05 0 d-------- C:\WINDOWS\system32\Com
2007-11-03 01:00:57 0 d--hs---- C:\WINDOWS\Installer
2007-11-03 01:00:56 0 d-------- C:\Program Files\Common Files\ODBC
2007-11-03 01:00:53 0 d-------- C:\Program Files\Common Files\SpeechEngines
2007-11-03 01:00:52 0 dr------- C:\Program Files
2007-11-03 01:00:52 0 d-------- C:\Program Files\Common Files
2007-11-03 01:00:24 0 d--h----- C:\Documents and Settings\Default User\Templates
2007-11-03 01:00:24 0 dr------- C:\Documents and Settings\Default User\Start Menu
2007-11-03 01:00:24 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2007-11-03 01:00:24 0 d--h----- C:\Documents and Settings\Default User\Recent
2007-11-03 01:00:24 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2007-11-03 01:00:24 0 d--h----- C:\Documents and Settings\Default User\NetHood
2007-11-03 01:00:24 0 d-------- C:\Documents and Settings\Default User\My Documents
2007-11-03 01:00:24 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2007-11-03 01:00:24 0 d-------- C:\Documents and Settings\Default User\Favorites
2007-11-03 01:00:24 0 d-------- C:\Documents and Settings\Default User\Desktop
2007-11-03 01:00:24 0 d--hs---- C:\Documents and Settings\Default User\Cookies
2007-11-03 01:00:24 0 d--h----- C:\Documents and Settings\All Users\Templates
2007-11-03 01:00:24 0 dr------- C:\Documents and Settings\All Users\Start Menu
2007-11-03 01:00:24 0 d-------- C:\Documents and Settings\All Users\Favorites
2007-11-03 01:00:24 0 dr------- C:\Documents and Settings\All Users\Documents
2007-11-03 01:00:24 0 d-------- C:\Documents and Settings\All Users\Desktop
2007-11-03 00:59:43 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-11-03 00:59:43 0 d-------- C:\WINDOWS\system32\CatRoot
2007-11-03 00:59:37 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2007-11-03 00:59:37 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2007-11-03 00:59:37 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2007-11-03 00:59:37 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2007-11-03 00:59:11 0 d--hs---- C:\System Volume Information
2007-11-03 00:59:11 0 d-------- C:\Documents and Settings
2007-11-03 00:51:36 0 d-------- C:\WINDOWS
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\WinSxS
2007-11-03 00:51:36 0 dr------- C:\WINDOWS\Web
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\twain_32
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\wins
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\wbem
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\usmt
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\spool
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\ShellExt
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\Setup
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\ras
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\PreInstall
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\oobe
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\npp
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\mui
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\Macromed
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\inetsrv
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\IME
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\icsxml
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\ias
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\export
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\drivers
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-11-03 00:51:36 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\dhcp
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\config
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\3076
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\2052
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1054
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1042
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1041
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1037
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1033
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1031
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1028
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system32\1025
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\system
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\security
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Resources
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\repair
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Provisioning
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\PeerNet
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\pchealth
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Network Diagnostic
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\mui
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\msapps
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\msagent
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Media
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\l2schemas
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\java
2007-11-03 00:51:36 0 d--h----- C:\WINDOWS\inf
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\ime
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Help
2007-11-03 00:51:36 0 dr--s---- C:\WINDOWS\Fonts
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Driver Cache
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Debug
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Cursors
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Connection Wizard
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\Config
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\AppPatch
2007-11-03 00:51:36 0 d-------- C:\WINDOWS\addins

-- Find3M Report ---------------------------------------------------------------

2007-11-03 09:45:06 24975 --a------ C:\WINDOWS\twain_16.dll
2007-11-03 01:00:24 62 --ahs---- C:\Documents and Settings\Application Data\desktop.ini

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [07/12/2006 09:22 PM]
"AVG7_CC"="C:\MYCOMP~1\FREEAV~1\avgcc.exe" [11/10/2007 08:16 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 04:00 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ShowDeskFix"=regsvr32 /s /n /i:u shell32

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"=C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Troy Lear^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Troy Lear\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATI DeviceDetect]
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATI Remote Control]
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
Ati2mdxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVFX Engine]
C:\MY COMP PRGRAMS\Creative Live! Cam\VideoFX\StartFX.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager]
"C:\MY COMP PRGRAMS\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
C:\WINDOWS\CTRegRun.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
"C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
"C:\MY COMP PRGRAMS\QUICK CAM LOGITECH\QuickCam10.exe" /hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSetup]
C:\DOCUME~1\TROLE~1\LOCALS~1\Temp\QuickCam_11.5.0\setup.exe /skip_all_checks /p /start /restart driveronly /l:enu

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\MY COMP PRGRAMS\CREATIVE\Orb\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\MY COMP PRGRAMS\POWER DVD\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tracks Eraser Pro]
C:\MY COMP PRGRAMS\TRACKS PRO ERASER\Tracks Eraser Pro\te.exe min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\MY COMP PRGRAMS\REGITERY BOOST 2\RegistryBooster 2\RegistryBooster.exe /S

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0230Mon.exe]
C:\WINDOWS\system32\V0230Mon.exe

-- End of Deckard's System Scanner: finished at 2007-11-19 08:43:40 ------------

Thanx For the quick reply.. I did edit out my name I am sure you can understand that...

guestolo · « **Reply #3 on:** November 19, 2007, 09:49:39 AM »

Can you try the following
Using browser Internet Explorer
Run an online virus scan at [color=\"#2E8B57\"]Kaspersky's[/color]
At the link click the button Kaspersky Online Scanner
Accept the prompt at the Welcome screen
You will be promted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now under select a target to scan:

Select My Computer

This program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.

***Now click on the Save as Text button:

Save the file to your desktop. I will need to see it later

Post back that report please

OVERKILL · « **Reply #4 on:** November 19, 2007, 05:11:42 PM »

I must be missing something here m8 there is no otion to save to txt at all.. It does show me nothing was found. If there is a way to paste a screenshot i could show you there.. I did what you said install selete my comp & let it scan.

Total number of scanned objects: 5817
Number of viruses found: 0
Number of infected objects: 0
Number of suspicious objects: 0
Duration of the scan process: 00:01:52

that is was came up in the end of the scan.. unless i did something very wrong i don't mind doing it over. what the heck i will do it all over again. I have all the updated definition files. I might as well I h8 to come this far & not find anything out.

guestolo · « **Reply #5 on:** November 19, 2007, 07:23:44 PM »

Well, it's good news that Kaspersky came back clean
But, let's try another tool

Download this file - Combofix.exe and save it ONLY to your desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
It's default location is C:\Combofix.txt

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Post that log back please with a fresh hijackthis log>>Post the whole hijackthis log, you cut off the top part in your first post here

OVERKILL · « **Reply #6 on:** November 20, 2007, 11:30:19 AM »

Not very good news @ all m8 it did find something this time around

Total number of scanned objects: 33429
Number of viruses found: 1
Number of infected objects: 1
Number of suspicious objects: 0
Duration of the scan process: 00:44:47
Total number of scanned objects: 33429
Number of viruses found: 1
Number of infected objects: 1
Number of suspicious objects: 0
Duration of the scan process: 00:44:47

but i still don't see anywhere to save as Text anyway i will use that next one any way.

That next tool you asked me to try says it is expired Combofix.exe

OVERKILL · « **Reply #7 on:** November 20, 2007, 12:52:42 PM »

Here is the next log any way

ComboFix 07-11-08.3 - 2006-11-20 11:38:26.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.357 [GMT -8:00]
Running from: C:\Documents and Settings\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-10-08 to 2007-11-08 )))))))))))))))))))))))))))))))
.

2007-11-20 11:31   51,200   --a------   C:\WINDOWS\NirCmd.exe
2007-11-19 11:33   <DIR>   d--------   C:\WINDOWS\system32\Kaspersky Lab
2007-11-19 11:33   <DIR>   d--------   C:\WINDOWS\LastGood
2007-11-19 11:33   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-19 08:15   <DIR>   d--------   C:\Documents and Settings\01 SOUL SEEK ALBUMS\Album.Big.Wreck.In.Loving.Memory.Of...(1997)
2007-11-19 04:09   <DIR>   d--------   C:\Documents and Settings\01 SOUL SEEK ALBUMS\Album.Rise.Against.The.Sufferer.&.The.Witness.(2006)
2007-11-19 02:14   <DIR>   d--------   C:\Documents and Settings\01 SOUL SEEK ALBUMS\Album.Rise.Against.The.Unraveling.(2001)
2007-11-19 01:35   <DIR>   d--------   C:\Documents and Settings\01 SOUL SEEK ALBUMS\Album.Rise.Against.Revolutions.Per.Minute.(2003)
2007-11-19 01:13   <DIR>   d--------   C:\Documents and Settings\01 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.Blood.Sugar.Magik.(1991)
2007-11-19 00:49   <DIR>   d--------   C:\Documents and Settings\01 SOUL SEEK ALBUMS\Album.Rise.Against.Siren.Song.Of.The.Counter.Culture.(2004)
2007-11-18 21:36   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Flogging.Molly.Within.A.Mile.Of.Home.(2004)
2007-11-18 21:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Jimmy.Eat.World.Clarity.(1999)
2007-11-18 21:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Jack.Johnson.On.And.On.(2003)
2007-11-18 21:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Jack.Johnson.In.Between.Dreams.(2005)
2007-11-18 21:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.John.Lee.Hooker.The.Very.Best.Of.(1995)
2007-11-18 21:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.John.Lee.Hooker.The.Healer.(1989)
2007-11-18 21:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.John.Lee.Hooker.Mr.Lucky.(1991)
2007-11-18 21:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Jimmy.Eat.World.Static.Prevails.(1996)
2007-11-18 21:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Jimmy.Eat.World.Futures.(2004)
2007-11-18 21:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Jack.Johnson.Brushfire.Fairytales.(2000)
2007-11-18 20:52   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Flogging.Molly.Swagger.(2000)
2007-11-18 20:52   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Flogging.Molly.Drunken.Lullabies.(2002)
2007-11-18 18:48   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Nickleback.The.State.(1999)
2007-11-18 18:48   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Nickelback.Curb.(2002)
2007-11-18 17:25   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.Smash.(1994)
2007-11-18 16:42   <DIR>   d--------   C:\Program Files\Trend Micro
2007-11-18 16:19   626,688   --a------   C:\WINDOWS\system32\msvcr80.dll
2007-11-18 15:18   <DIR>   d--------   C:\Documents and Settings\Application Data\Uniblue
2007-11-17 15:21   <DIR>   d--------   C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-17 10:43   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-11-17 10:41   <DIR>   d--------   C:\Program Files\Yahoo!
2007-11-17 10:37   <DIR>   d--------   C:\Documents and Settings\Application Data\.gaim
2007-11-17 09:57   <DIR>   d--------   C:\WINDOWS\PaltalkScene
2007-11-17 09:57   <DIR>   d--------   C:\Program Files\Paltalk Messenger
2007-11-17 09:57   <DIR>   d--------   C:\Documents and Settings\Application Data\Paltalk
2007-11-17 09:20   <DIR>   d--------   C:\Documents and Settings\Contacts
2007-11-17 09:08   <DIR>   d--------   C:\Program Files\Windows Live
2007-11-17 09:08   <DIR>   d--hsc---   C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-17 09:08   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-17 08:12   195,096   --a------   C:\WINDOWS\system32\lvci1150.dll
2007-11-17 08:11   <DIR>   d----c---   C:\WINDOWS\system32\DRVSTORE
2007-11-17 07:56   59,264   --a------   C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-11-17 07:56   59,264   --a--c---   C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-11-17 07:56   13,848   --a------   C:\WINDOWS\system32\drivers\lv302af.sys
2007-11-17 07:55   1,279,000   --a------   C:\WINDOWS\system32\drivers\LV302V32.SYS
2007-11-17 07:55   490,008   --a------   C:\WINDOWS\system32\LVUI2.dll
2007-11-17 07:55   465,432   --a------   C:\WINDOWS\system32\LVUI2RC.dll
2007-11-17 07:55   416,280   --a------   C:\WINDOWS\system32\LVCodec2.dll
2007-11-17 07:55   348,160   -ra------   C:\WINDOWS\system\msvcr71.dll
2007-11-17 07:55   133,920   -ra------   C:\WINDOWS\system32\lvcoinst.dll
2007-11-17 07:55   41,752   --a------   C:\WINDOWS\system32\drivers\LVUSBSta.sys
2007-11-17 07:55   21,138   --a------   C:\WINDOWS\system32\Repository.reg
2007-11-17 07:52   <DIR>   d--------   C:\Program Files\Common Files\Logitech
2007-11-17 07:51   <DIR>   d--------   C:\Program Files\Common Files\LogiShrd
2007-11-17 07:51   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Logitech
2007-11-17 06:22   <DIR>   d--------   C:\Documents and Settings\Application Data\ATI
2007-11-17 06:04   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Rx.Bandits.Those.Damn.Bandits.(1997)
2007-11-17 06:04   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Rx.Bandits.The.Resignation.(2003)
2007-11-17 06:03   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Silverstein.When.Broken.Is.Easily.Fixed.(2003)
2007-11-17 06:03   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Silverstein.Discovering.The.Waterfront.(2005)
2007-11-17 06:03   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Shyne.Shyne.(2000)
2007-11-17 06:03   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Rx.Bandits.Progress.(2001)
2007-11-17 06:03   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Rx.Bandits.Halfway.Between.Here.And.There.(1999)
2007-11-17 06:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.The.Uplift.Mofo.Party.Plan.(1987)
2007-11-17 06:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.The.Red.Hot.Chili.Pepper.(1984)
2007-11-17 06:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.Stadium.Arcadium.(2006)
2007-11-17 06:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.One.Hot.Minute.(1995)
2007-11-17 06:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.Mother's.Milk.(1989)
2007-11-17 06:02   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.Essential.Under.The.Covers.(1998)
2007-11-17 06:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.What.Hits!.(1992)
2007-11-17 06:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.Californication.(1999)
2007-11-17 06:01   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Red.Hot.Chili.Peppers.By.The.Way.(2002)
2007-11-17 06:00   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Sex.Pistols.The.Great.Rock.N'.Roll.Swindle.(2002)
2007-11-17 06:00   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Sex.Pistols.Jubilee.(2002)
2007-11-17 06:00   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Sex.Pistols-Never.Mind.The.Bollocks.Here's.The.Sex.Pistol.(1990)
2007-11-17 05:59   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Nickelback.Silver.Side.Up.(2001)
2007-11-17 05:59   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Nickelback.All.The.Right.Reasons.(2005)
2007-11-17 05:58   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Nickelback.The.Long.Road.(2003)
2007-11-17 05:53   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.Ignition.(1993)
2007-11-17 05:53   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.Greatest.Hits.(2005)
2007-11-17 05:53   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.Conspiracy.Of.One.(2000)
2007-11-17 05:53   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.Americana.(1998)
2007-11-17 05:52   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.White.Stripes.Get.Behind.Me.Satan.(2005)
2007-11-17 05:52   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.White.Stripes.Elephant.(2003)
2007-11-17 05:51   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.The.Offspring.(1989)
2007-11-17 05:51   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.Splinter.(2003)
2007-11-17 05:51   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.The.Offspring.Ixnay.on.the.Hombre.(1997)
2007-11-17 05:50   <DIR>   d--------   C:\CLEAN UP FOLDERS
2007-11-17 03:24   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Thin.Lizzy.Night.Life.(1974)
2007-11-17 03:24   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Thin.Lizzy.Live.And.Dangerous.(1978)
2007-11-17 03:23   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Thin.Lizzy.Life.Live.(1983)
2007-11-17 03:23   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Thin.Lizzy.Johnny.The.Fox.(1977)
2007-11-17 03:23   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Thin.Lizzy.Jailbreak.(1976)
2007-11-17 03:23   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Thin.Lizzy.Fighting.(1975)
2007-11-17 03:23   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.Thin.Lizzy.Chinatown.(1980)
2007-11-17 03:22   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.U2.Zooropa.(1993)
2007-11-17 03:22   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.U2.War.(1983)
2007-11-17 03:22   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.U2.Under.A.Blood.Red.Sky.(1983)
2007-11-17 03:22   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.U2.The.Joshua.Tree.(1987)
2007-11-17 03:22   <DIR>   d--------   C:\Documents and Settings\05 SOUL SEEK ALBUMS\Album.U2.The.Best.Of.1990-2000.(2002)

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-12 21:22]
"AVG7_CC"="C:\MYCOMP~1\FREEAV~1\avgcc.exe" [2007-11-10 20:16]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ShowDeskFix"=regsvr32 /s /n /i:u shell32

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"=C:\MYCOMP~1\FREEAV~1\avgw.exe /RUNONCE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PalTalk.lnk
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Troy Lear^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=C:\Documents and Settings\Troy Lear\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATI DeviceDetect]
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATI Remote Control]
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
Ati2mdxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVFX Engine]
C:\MY COMP PRGRAMS\Creative Live! Cam\VideoFX\StartFX.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Live! Cam Manager]
"C:\MY COMP PRGRAMS\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
C:\WINDOWS\CTRegRun.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
"C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
"C:\MY COMP PRGRAMS\QUICK CAM LOGITECH\QuickCam10.exe" /hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSetup]
C:\DOCUME~1\TROYLE~1\LOCALS~1\Temp\QuickCam_11.5.0\setup.exe /skip_all_checks /p /start /restart driveronly /l:enu

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\MY COMP PRGRAMS\CREATIVE\Orb\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\MY COMP PRGRAMS\POWER DVD\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tracks Eraser Pro]
C:\MY COMP PRGRAMS\TRACKS PRO ERASER\Tracks Eraser Pro\te.exe min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\MY COMP PRGRAMS\REGITERY BOOST 2\RegistryBooster 2\RegistryBooster.exe /S

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0230Mon.exe]
C:\WINDOWS\system32\V0230Mon.exe

R1 ISODrive;ISO CD-ROM Device Driver;\??\C:\MY COMP PRGRAMS\ULTRA ISO\UltraISO\drivers\ISODrive.sys
S0 ntcdrdrv;ntcdrdrv;C:\WINDOWS\system32\DRIVERS\ntcdrdrv.sys
S1 MusCVideo32;MusCVideo32;C:\WINDOWS\system32\DRIVERS\MusCVideo32.sys
S3 MusCDriverV32;MusCDriverV32;C:\WINDOWS\system32\drivers\MusCDriverV32.sys

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-08 11:40:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-08 11:41:10
.
   --- E O F ---

I hope this shows you something this time...

OVERKILL · « **Reply #8 on:** November 20, 2007, 01:28:35 PM »

Not to sure if this will help you but when i did another scan it says there has been a
change to shell32.dll... i was not to sure if i should do anything to it or not.

guestolo · « **Reply #9 on:** November 20, 2007, 09:33:06 PM »

Quote

Not to sure if this will help you but when i did another scan it says there has been a
change to shell32.dll... i was not to sure if i should do anything to it or not.

That's ok
Here's what I quoted from another site, when a user asked the same question

Quote

It is normal that AVG shows that files, the MBR or Boot record to have changed.
These are done during normal maintenance, when you or windows updates files, or have had to correct errors on the drive.
**The only time that you should worry is if they also show as infected.

Open the AVG Test Center, click the F3 key on your keyboard and tell it to accept the changes.
If it still shows after that, run a search for AVG7QT.DAT file and delete it. AVG will rebuild it the next time it is run.

Are you still having problems?
If so, it's time to run down some standard cleanup procedures
If you are having problems, please explain what they are

OVERKILL · « **Reply #10 on:** November 21, 2007, 08:53:43 AM »

I still have problems with my video encoding.. I could be doing a movie & all the sudden my computer just crashes. It reboots & says your computer have just recovered from a serious error.. This has not happened in the pass so is there anyway spyware could cause this. Yes I still am having problem with my computer not just the encoding part I find even doing the simplest thing like just opening applications it takes them an exit few second to open.. Itâ€™s like something is bogging the computer down. It just seem like there is something running in the background that should not be running..

I did purchase a hard copy of McAfee Suite yesterday. Just wounding if you recommend this software at all. I did read a little about Mcafee & a lot of people love it. Reason being it does not take up all your computers resources. Some what like Nortons does. That was the only reason I got a copy of Mcafee.

If there is anything else you think I should try I am all ears.

guestolo · « **Reply #11 on:** November 21, 2007, 07:36:11 PM »

I would opt to find out why it's blue screening>restarting, before installing McAfee

Can you do the following
Right click the MyComputer icon and left click Properties
Click ADVANCED>>Settings under 'Startup and Recovery'
Uncheck "Automatically Restart" under System Failure

Ok and apply out of there
The next time instead of the computer restarting
Hopefully you get a BSOD and you can post back here the exact error message on screen

OVERKILL · « **Reply #12 on:** November 21, 2007, 10:50:32 PM »

I did what you said to do & it still blue screened me. The info I got was the same as always. Serious error blah blah about 5 times this time after I had to reboot it myself becuase it would not come out of the blue screen. Where do I collect the BSOD info anyway? The info I got was just from mircosoft data stuff.

C:\DOCUME~1\TR~1\LOCALS~1\Temp\WERac8c.dir00\Mini111407-01.dmp
C:\DOCUME~1\TR~1\LOCALS~1\Temp\WERac8c.dir00\sysdata.xml
BCCode : 1000000a BCP1 : 6C45F606 BCP2 : 000000FF BCP3 : 00000001
BCP4 : 804DF063 OSVer : 5_1_2600 SP : 2_0 Product : 768_1

guestolo · « **Reply #13 on:** November 21, 2007, 10:59:02 PM »

Can you upload a couple minidump files
I may be able to get a clue as to what's going on
Navigate to the following folder
C:\WINDOWS\Minidump

Zip up a couple files, they should have the name mini********
*****>>Is the date of dump

Come back here and in a reply box use the UPLOAD button and attach the zipped file

OVERKILL · « **Reply #14 on:** November 21, 2007, 11:54:09 PM »

Ok I figured it out i didn't know how to attch the zipped files lol.. You R one busy dude! I have a couple more quetions. Is there anything i could use to test my ram & my video card?

guestolo · « **Reply #15 on:** November 22, 2007, 01:00:57 AM »

I removed the last zip file attachment
I'm getting mixed results from the dump files

I'm leaning towards a problem with your Quickcam software, possibly disabling AEC may help
You could try disabling it

Quote

1. Launch the â€œLogitech Camera Settingâ€ Applet from Windows Control Panel.
2. Select the â€œAudioâ€ tab in the â€œCamera Settings" window.
3. Locate and Uncheck the â€œEnable AECâ€ option.

I would like to see some fresh logs
Can you navigate to this folder

C:\WINDOWS\Minidump
Inside the Minidump folder, delete it's contents
Allow computer to Blue screen again a few more times and upload a new zip file with the latest dumps
Let's see if we can find a path to the problem

OVERKILL · « **Reply #16 on:** November 22, 2007, 09:47:51 PM »

Here are 2 new logs & my comp did blues screen both times, but do think I found out what the problem is I got some ram a while back & it was comcrap ram. I just took a shot & pulled it out of my computer & this dvd I have beening trying for 2 weeks now went & encoded with out a problem. I have 2 other sticks of ram that are Kington. So I think it was the ram becuse it couldn't be the quickcam becuase i just got that & my computer was doing this about a 2 months before I even had the quick cam or Yahoo massanger. I have just started using them 2 things & my computer was doing this blue screen thing for about 2 months to 1 1/2 months ago. Does that make any sence that the ram could of been messing things up & it's on it's way out? I says it's there when I put the stick of ram back in, but boy does that stick ram get hot as hell very quick.

guestolo · « **Reply #17 on:** November 22, 2007, 10:22:23 PM »

Quote

Does that make any sence that the ram could of been messing things up

It very well could be the problem
Again, the last 2 logs indicate various problems that may be hardware related

Try memtest86
http://www.memtest86.com/
Click the Free download
Download under
ISO images suitable for creating a bootable Memtest86 CD-ROM
Unzip to desktop then burn the image(ISO) to a CD

ensure to burn as image file
Boot with CD drive as first boot

Test the memory and see if it's the problem

OVERKILL · « **Reply #18 on:** November 23, 2007, 12:33:31 PM »

I did try that boot test memory but my cd-rom would not boot from it so I took this computer to a buddy that has a small shop & he tested my comp & the problem was the stick of ram & he hooked up 2 new ide cables he did say they were a little old & every time the reboot it's not picking up my HD so he changed the 2 cables as well. It only cost $15 to do this. So I figure I will pick up 2 other 512 sticks of ram from E-Bay & once this comps been working a good 2 weeks it's going to someone that could really use it. I really don't want to give someone a comp thatâ€™s not work perfect.

For the past week or so you have been great with answering question for me. I do wish I knew how to read those logs & made any sense out of them. They all look Chinese to me.

I have not really looked around the forum to much but I am sure I might be able to help out in other places if there is anything to do with video encoding..

guestolo · « **Reply #19 on:** November 23, 2007, 08:05:58 PM »

Quote

so I took this computer to a buddy that has a small shop & he tested my comp & the problem was the stick of ram & he hooked up 2 new ide cables he did say they were a little old & every time the reboot it's not picking up my HD so he changed the 2 cables as well.

Hopefully 80 conductor cables, 40 may be a bit outdated
Depends on sytem specs

Good troubleshooting techniques, a computer repair guy/girl is almost like being a Vet
Patient won't tell you what's wrong, you have to figure it out yourself

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Keep us informed how things are running when you get new cable/ram installed please

What are the specs. of the computer?

Edit>>Silly me, P4 1.7 GHz
Gig of Ram, Probably 256 shared to video
Not bad

News:

Author Topic: Hijackthis (Read 2057 times)