Webmaster Forum

Please help me!

vigurv2nt — Fri, 20 Nov 2009 12:37:18 -0800

Topic Replies: 1

Winlogon.exe error

aahna — Wed, 18 Nov 2009 10:00:33 -0800

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:13:33 PM, on 11/18/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusISafe.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusVetMsg.exe
C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSsystem32S3trayp.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesGenesys Logic PC Camera DeviceGenePccMon.exe
C:Program FilesWinampwinampa.exe
C:Program FilesASUSTeKASUSDVDPDVDServ.exe
C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusCAVTray.exe
C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusCAVRID.exe
C:Program FilesGoogleGoogle Talkgoogletalk.exe
C:Program FilesYahoo!Search ProtectionSearchProtection.exe
C:Program FilesSpeeditup FreePCCheckUpPCCheckUp.exe
C:Program FilesJavajre6binjusched.exe
C:WINDOWSsystem321B763A1FC66E.EXE
C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe
C:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe
C:Program FilesToshibaBluetooth Toshiba StackTosBtHid.exe
C:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingskratikaMy DocumentsDownloadsHijackThis.exe

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
O2 - BHO: (no name) - {01040827-AE74-4CF3-82C9-9DACC8CD98A3} - C:WINDOWSsystem32xdumhmbp.dll
O2 - BHO: (no name) - {01C8C94C-31EC-4E38-B04B-F28D688994Ce} - C:WINDOWSsystem32xdumhmbp.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpn1yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 - BHO: (no name) - {F4AF5E72-9AFC-4A90-A4AB-FE64AC9644A3} - c:windowssystem32inavzjy.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:Program FilesYahoo!CompanionInstallscpn1YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn1yt.dll
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [S3Trayp] S3trayp.exe
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [GenePccMon.exe] C:Program FilesGenesys Logic PC Camera DeviceGenePccMon.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [RemoteControl] "C:Program FilesASUSTeKASUSDVDPDVDServ.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [CaAvTray] "C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusCAVTray.exe"
O4 - HKLM..Run: [CAVRID] "C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusCAVRID.exe"
O4 - HKLM..Run: [googletalk] C:Program FilesGoogleGoogle Talkgoogletalk.exe /autostart
O4 - HKLM..Run: [YSearchProtection] "C:Program FilesYahoo!Search ProtectionSearchProtection.exe"
O4 - HKLM..Run: [PC-Checkup] "C:Program FilesSpeeditup FreePCCheckUpPCCheckUp.exe" -mini
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"
O4 - HKLM..Run: [1FC66E] C:WINDOWSsystem321B763A1FC66E.EXE
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Startup: .lnk = C:WINDOWSsystem321B763A1FC66E.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: xsowzywu - C:WINDOWSSYSTEM32inavzjy.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusISafe.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6binjqs.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:PROGRA~1MYWEBS~1bar2.binmwssvc.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:Program FilesCAeTrust EZ ArmoreTrust EZ AntivirusVetMsg.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:Program FilesYahoo!SoftwareUpdateYahooAUService.exe

--
End of file - 7780 bytes]]>

Topic Replies: 2

Check anyone?ü

albin — Tue, 17 Nov 2009 21:10:09 -0800

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:08 PM, on 11/18/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesCommon FilesG DATAAVKProxyAVKProxy.exe
C:Program FilesG DATAInternetSecurityAVKAVKService.exe
C:Program FilesG DATAInternetSecurityAVKAVKWCtl.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesGoogleUpdate1.2.183.13GoogleCrashHandler.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesG DATAInternetSecurityFirewallGDFwSvc.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:Program FilesMozilla Firefoxfirefox.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://us.rd./customize/ycomp/defaults/ ... ch/ie.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd..com/customize/ycomp/defau ... //www..com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www..com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ph..com/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ph..com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd..com/customize/ycomp/defau ... //www..com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: (no name) - {39fc2065-c9c7-49cd-8942-44cc2dedc844} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM..Run: [GDFirewallTray] C:Program FilesG DATAInternetSecurityFirewallGDFirewallTray.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-18..RunOnce: [RunNarrator] Narrator.exe (User SYSTEM)
O4 - HKUS.DEFAULT..RunOnce: [RunNarrator] Narrator.exe (User Default user)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O10 - Unknown file in Winsock LSP: c:windowssystem32mk8mw5qsvwsa.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32mk8mw5qsvwsa.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:Program FilesYaoo!CommonYinsthelper.dll
O21 - SSODL: XqIpRpc - {70C8AD4E-DA62-07E4-DFAC-C5FC81FA5979} - C:WINDOWSSystem32tywt.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:Program FilesCommon FilesG DATAAVKProxyAVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:Program FilesG DATAInternetSecurityAVKAVKService.exe
O23 - Service: AntiVirus Monitor (AVKWCtl) - G DATA Software AG - C:Program FilesG DATAInternetSecurityAVKAVKWCtl.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - G DATA Software AG - C:Program FilesG DATAInternetSecurityFirewallGDFwSvc.exe
O23 - Service: Google Update Service (gupdate1c9ed7f2faf9d3c) (gupdate1c9ed7f2faf9d3c) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6binjqs.exe

--
End of file - 5416 bytes]]>

Topic Replies: 1

Major computer problems

grinchster — Tue, 17 Nov 2009 04:33:00 -0800

I am working with a Compaq Presario. It has a pentium 4 processor and the operating system is Windows XP Home. I know it has multiple viruses and I am at my witts end.

The computer is slow, very slow. It will not let me boot in safe mode. Everytime it starts up, it gives an error message about missing "C/windows/system32/dewukobe.dll"

I ran two different anit-virus software scans. AVG detected about 10 viruses and moved the to the vault. The Shield Deluxe 2009 detected about the same and moved them to its vault. Both softwares ran a complete computer scan. Then I tried to run housecall. It stops as soon as i launch it. Next I shut down the PC and tried to boot up in safe mode. It will not allow me to do so. Everytime I select safe mode it shuts down and reboots. It will only allow me to boot normally. When I try to run Ad-ware it just freezes saying "loading". I then ran malwarebytes anti-malware. It quarantined 1 file. Last i ran spybots.

Here is my highjack this log. PLEASE, someone help me! Any and all help will be greatly appreciated!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:37:14 AM, on 11/17/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesBitDefenderBitDefender Update Servicelivesrv.exe
C:Program FilesPCSecurityShieldBitDefender 2009vsserv.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAVGAVG9avgchsvx.exe
C:Program FilesAVGAVG9avgrsx.exe
C:Program FilesAVGAVG9avgcsrvx.exe
C:Program FilesLavasoftAd-AwareAAWService.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAVGAVG9Identity ProtectionAgentBinAVGIDSAgent.exe
C:WINDOWSAGRSMMSG.exe
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesLexmark 2400 Serieslxcrmon.exe
C:Program FilesLexmark 2400 Seriesezprint.exe
C:Program FilesPCSecurityShieldBitDefender 2009bdagent.exe
C:PROGRA~1AVGAVG9avgtray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesNikonPictureProjectNkbMonitor.exe
C:Program FilesAVGAVG9Identity Protectionagentbinavgidsmonitor.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesAVGAVG9avgwdsvc.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesPCSecurityShieldBitDefender 2009seccenter.exe
C:WINDOWSsystem32lxcrcoms.exe
C:WINDOWSMicrosoft-NETFrameworkv1.1.4322netfxupdate.exe
C:Program FilesAVGAVG9avgam.exe
C:Program FilesAVGAVG9avgnsx.exe
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesLavasoftAd-AwareAAWTray.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www-yahoo-com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www-yahoo-com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go-microsoft-com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go-microsoft-com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go-microsoft-com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go-microsoft-com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: WormRadar-com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG9avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: The Shield Deluxe 2009 Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:Program FilesPCSecurityShieldBitDefender 2009IEToolbar.dll
O4 - HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM..Run: [Cpqset] C:Program FilesHPQDefault Settingscpqset.exe
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"
O4 - HKLM..Run: [UpdateManager] "C:Program FilesCommon FilesSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb11.exe
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [lxcrmon.exe] "C:Program FilesLexmark 2400 Serieslxcrmon.exe"
O4 - HKLM..Run: [EzPrint] "C:Program FilesLexmark 2400 Seriesezprint.exe"
O4 - HKLM..Run: [FaxCenterServer] "C:Program FilesLexmark Fax Solutionsfm3032.exe" /s
O4 - HKLM..Run: [LXCRCATS] rundll32 C:WINDOWSSystem32spoolDRIVERSW32X863LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [Malwarebytes Anti-Malware (reboot)] "C:Program FilesMalwarebytes Anti-Malwarembam.exe" /runcleanupscript
O4 - HKLM..Run: [BDAgent] "C:Program FilesPCSecurityShieldBitDefender 2009bdagent.exe"
O4 - HKLM..Run: [BitDefender Antiphishing Helper] "C:Program FilesPCSecurityShieldBitDefender 2009IEShow.exe"
O4 - HKLM..Run: [7156725161] C:Documents and SettingsDavid GarrettApplication Data71567251617156725161.exe
O4 - HKLM..Run: [3527201629] C:DOCUME~1DAVIDG~1APPLIC~1352720~13527201629.exe
O4 - HKLM..Run: [AVG9_TRAY] C:PROGRA~1AVGAVG9avgtray.exe
O4 - HKLM..Run: [soyanawog] Rundll32.exe "c:windowssystem32dewukobe.dll",a
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%InstallerTSClientMsiTranstscuinst.vbs"
O4 - Global Startup: NkbMonitor.exe.lnk = C:Program FilesNikonPictureProjectNkbMonitor.exe
O4 - Global Startup: Windows Search.lnk = C:Program FilesWindows Desktop SearchWindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~4OFFICE11EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~4OFFICE11REFIEBAR.DLL
O9 - Extra button: Real-com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra Tools menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra Tools menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm-tools-akamai-com/dlmanager/v ... .2.5.0.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia-tv/axiscam/Code ... ontrol.ocx
O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www-imagestation-com/common/clas ... v=1,0,0,37
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG9avgpp.dll
O20 - AppInit_DLLs: c:windowssystem32dewukobe.dll,matizava.dll
O20 - Winlogon Notify: avgrsstarter - C:WINDOWSSYSTEM32avgrsstx.dll
O21 - SSODL: suwinumeb - {a6237746-bfc2-45f6-bd91-5816872d3ff8} - c:windowssystem32wegahuwe.dll (file missing)
O21 - SSODL: daguyedob - {afc21c4d-2253-4f2f-8394-0b1c08d44d1d} - c:windowssystem32gelapele.dll (file missing)
O21 - SSODL: tiyofokif - {72e283c3-cadb-41cc-a485-40d8a6ae3e63} - c:windowssystem32dewukobe.dll (file missing)
O22 - SharedTaskScheduler: kupuhivus - {2e0f824f-570b-4f33-873e-30e5ff1176d5} - c:windowssystem32wasodoku.dll (file missing)
O22 - SharedTaskScheduler: kupuhivus - {a6237746-bfc2-45f6-bd91-5816872d3ff8} - c:windowssystem32wegahuwe.dll (file missing)
O22 - SharedTaskScheduler: tokatiluy - {afc21c4d-2253-4f2f-8394-0b1c08d44d1d} - c:windowssystem32gelapele.dll (file missing)
O22 - SharedTaskScheduler: gahurihor - {72e283c3-cadb-41cc-a485-40d8a6ae3e63} - c:windowssystem32dewukobe.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: The Shield Deluxe 2009 Arrakis Server (Arrakis3) - Unknown owner - C:Program FilesCommon FilesBitDefenderBitDefender Arrakis ServerbinArrakis3.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:Program FilesAVGAVG9avgwdsvc.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:Program FilesAVGAVG9Identity ProtectionAgentBinAVGIDSAgent.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:WINDOWSsystem32hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:WINDOWSsystem32hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6binjqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:Program FilesLavasoftAd-AwareAAWService.exe
O23 - Service: The Shield Deluxe 2009 Desktop Update Service (LIVESRV) - PCSecurityShield - C:Program FilesCommon FilesBitDefenderBitDefender Update Servicelivesrv.exe
O23 - Service: lxcr_device - - C:WINDOWSsystem32lxcrcoms.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxLiveShare9.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
O23 - Service: The Shield Deluxe 2009 Virus Shield (VSSERV) - PCSecurityShield - C:Program FilesPCSecurityShieldBitDefender 2009vsserv.exe

--
End of file - 11147 bytes]]>

Topic Replies: 1

Press Esc to skip SPTD.SYS

albin — Sun, 15 Nov 2009 14:53:23 -0800

Topic Replies: 0

Blue Screen

gblondie — Fri, 13 Nov 2009 13:26:16 -0800

Topic Replies: 1

Hijackthis Logfile / WLM problem

missegyptian — Wed, 11 Nov 2009 02:24:20 -0800

I cannot edit either regedit or taskmanager. I followed the instructions on providing you guys my hijackthis logfile. I hope I can get some help!

Also, whenever I try to upgrade to Windows Live Messenger, I get an error and installation always fails. Could this be linked to being unable to edit regedit and taskmanager?

Thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:56:56 AM, on 11/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesMcAfeeVirusScan Enterpriseengineserver.exe
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32mfevtps.exe
C:WINDOWSsystem32HPZipm12.exe
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:WINDOWSSystem32PAStiSvc.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesApoint2KApoint.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesApoint2KApntex.exe
C:Program FilesHpDigital Imagingbinhpqtra08.exe
C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSsystem32msiexec.exe
C:Program FilesHPQSHAREDHPQWMI.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:WINDOWSsystem32wuauclt.exe
C:DOCUME~1TEREBE~1LOCALS~1Temparcnng.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempngpt.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinrfumx.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempkboryq.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinuqeah.exe
C:WINDOWSsystem32MsiExec.exe
C:WINDOWSsystem32MsiExec.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinvwrcd.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempkguxe.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempgaxydm.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinxbvw.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesMessengermsmsgs.exe
C:DOCUME~1TEREBE~1LOCALS~1Temptbcgvv.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinfrvot.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwincgrro.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinogcm.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinpuvkqq.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinfefs.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinmvon.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwiniesg.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempdkbc.exe
C:DOCUME~1TEREBE~1LOCALS~1Tempwinbniekq.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = gomicrosoftcom/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = gomicrosoftcom/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = gomicrosoftcom/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = startshawcastart/enca/addons/search/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = gomicrosoftcom/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = httpgomicrosoftcom/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer Provided by SHAW Internet
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL = 68.147.217.136
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0AcrobatActiveXAcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_05binssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesMcAfeeVirusScan Enterprisescriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:Program FilesAdobeAcrobat 6.0AcrobatAcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.3.4501.1418swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:Program FilesAdobeAcrobat 6.0AcrobatAcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll
O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe
O4 - HKLM..Run: [SoundMAX] C:Program FilesAnalog DevicesSoundMAXSmax4.exe /tray
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [Apoint] C:Program FilesApoint2KApoint.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_05binjusched.exe"
O4 - HKLM..Run: [hpWirelessAssistant] C:Program FileshpqHP Wireless AssistantHP Wireless Assistant.exe
O4 - HKLM..Run: [HP Software Update] C:Program FilesHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [LSBWatcher] c:hpdrivershplsbwatcherlsburnwatcher.exe
O4 - HKLM..Run: [eabconfg.cpl] C:Program FilesHPQQuick Launch ButtonsEabServr.exe /Start
O4 - HKLM..Run: [Cpqset] C:Program FilesHPQDefault Settingscpqset.exe
O4 - HKLM..Run: [ChangeResolution] C:hpbinChangeResolution.exe
O4 - HKLM..Run: [Microsoft Works Update Detection] C:Program FilesCommon FilesMicrosoft SharedWorks SharedWkUFind.exe
O4 - HKLM..Run: [Athan] C:Program FilesAthanAthan.exe
O4 - HKLM..Run: [McAfeeUpdaterUI] "C:Program FilesMcAfeeCommon Frameworkudaterui.exe" /StartedFromRunKey
O4 - HKLM..Run: [ShStatEXE] "C:Program FilesMcAfeeVirusScan EnterpriseSHSTAT.EXE" /STANDALONE
O4 - HKLM..Run: [zzzHPSETUP] D:Setup.exe RESET
O4 - HKLM..Run: [WrtMon.exe] C:WINDOWSsystem32spooldriversw32x863WrtMon.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [swg] "C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Yahoo! Pager] "C:Program FilesYahoo!MessengerYahooMessenger.exe" -quiet
O4 - HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKUSS-1-5-19..Run: [jigekujuja] Rundll32.exe "C:WINDOWSsystem32ripojopo.dll",s (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: [jigekujuja] Rundll32.exe "C:WINDOWSsystem32ripojopo.dll",s (User NETWORK SERVICE)
O4 - Global Startup: Acrobat Assistant.lnk = C:Program FilesAdobeAcrobat 6.0Distillracrotray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHpDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:Program FilesKodakKodak EasyShare softwarebinEasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O7 - HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem, DisableRegedit=1
O8 - Extra context menu item: &Search - editsmywebsearchcom/toolbaredits/menusearch.jhtml?p=ZJxdm128YYCA
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~4Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra Tools menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra Tools menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra Tools menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=ieredirecthpcom/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=laptop
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - akexeimgfarmcom/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15-3.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - h20270www2hpcom/ediags/gmn2/install/HPProductDetection.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: C:WINDOWSsystem32zikewapo.dll C:WINDOWSsystem32dalusulo.dll c:windowssystem32ligijowe.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:Program FilesHPQSHAREDHPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:Program FilesMcAfeeVirusScan Enterpriseengineserver.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:WINDOWSsystem32mfevtps.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
O23 - Service: STI Simulator - Unknown owner - C:WINDOWSSystem32PAStiSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:Program FilesWindows LiveinstallerWLSetupSvc.exe (file missing)

--
End of file - 11846 bytes]]>

Topic Replies: 9

Okay, so something is a little suspicious...

mafiamade — Sun, 08 Nov 2009 11:42:44 -0800

First off, i did everything that JrzyCrim said to do in the "Steps to Take Before Posting your Hijack This Log".

Anyways my problem is that at random times my computer runs at 100% cpu usage. Im quite positive its a virus because when i open *task manager > processes* theres a couple of items that keep popping up and re-appearing in different spots on the processes list.

Anyways i saved a HJT v.2.0.2 log, here it is:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:16:57 PM, on 08/11/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesRegCureRegCure.exe
C:Program FilesDellTPadApoint.exe
C:WindowsOEM02Mon.exe
C:Program FilesSigmatelC-Major AudioWDMsttray.exe
C:WindowsWindowsMobilewmdc.exe
C:Program FilesDellDell Webcam ManagerDellWMgr.exe
C:WindowsSystem32WLTRAY.EXE
C:WindowsSystem32ico.exe
C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:WindowsvVX3000.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Windowsehomeehtray.exe
C:Windowssystem32Taskmgr.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesDigital Line DetectDLG.exe
C:Program FilesInternet Explorerieuser.exe
C:Windowsehomeehmsas.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.EXE
C:Program FilesYahoo!Messengerymsgr_tray.exe
C:WindowsSystem32Pelmiced.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe
C:Program FilesDellTPadApMsgFwd.exe
C:Program FilesDellTPadHidFind.exe
C:Program FilesDellTPadApntex.exe
C:Windowssystem32conime.exe
C:Windowssystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesGoogleGoogle ToolbarGoogleToolbarUser.exe
C:Program FilesWindows LiveToolbarwltuser.exe
C:Windowssystem32SearchFilterHost.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =/ig/dell?hl=en&client=dell-row&channel=ca&ibd=0080122
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer provided by Dell
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.6coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:PROGRA~1COMMON~1SYMANT~1IDSIPSBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:Program FilesJavajre1.6.0binssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.3.4501.1418swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser2.6CoIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [ECenter] C:DellE-CenterEULALauncher.exe
O4 - HKLM..Run: [Apoint] C:Program FilesDellTPadApoint.exe
O4 - HKLM..Run: [OEM02Mon.exe] C:WindowsOEM02Mon.exe
O4 - HKLM..Run: [SigmatelSysTrayApp] %ProgramFiles%SigmaTelC-Major AudioWDMsttray.exe
O4 - HKLM..Run: [Windows Mobile Device Center] %windir%WindowsMobilewmdc.exe
O4 - HKLM..Run: [StartCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe
O4 - HKLM..Run: [DELL Webcam Manager] "C:Program FilesDellDell Webcam ManagerDellWMgr.exe" /s
O4 - HKLM..Run: [Broadcom Wireless Manager UI] C:Windowssystem32WLTRAY.exe
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [dscactivate] C:Program FilesDell Support Centergs_agentcustomdsca.exe
O4 - HKLM..Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [osCheck] "C:Program FilesNorton 360osCheck.exe"
O4 - HKLM..Run: [MSConfig] "C:Windowssystem32msconfig.exe" /auto
O4 - HKLM..Run: [VX3000] C:WindowsvVX3000.exe
O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [LifeCam] "C:Program FilesMicrosoft LifeCamLifeExp.exe"
O4 - HKCU..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [Yahoo! Pager] "C:PROGRA~1Yahoo!MESSEN~1YAHOOM~1.EXE" -quiet
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User NETWORK SERVICE)
O4 - Global Startup: Digital Line Detect.lnk = C:Program FilesDigital Line DetectDLG.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:Program FilesJavajre1.6.0binnpjpi160.dll
O9 - Extra Tools menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:Program FilesJavajre1.6.0binnpjpi160.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra Tools menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra Tools menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: @C:WindowsWindowsMobileINetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra Tools menuitem: @C:WindowsWindowsMobileINetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:Windowssystem32aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateAluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 - Service: dlbk_device - - C:Windowssystem32dlbkcoms.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:Program FilesSymantecLiveUpdateLuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:Windowssystem32STacSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:PROGRA~1COMMON~1SYMANT~1CCPD-LCsymlcsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:WindowsSystem32WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe]]>

Topic Replies: 2

Installing Windows Live Messenger and csrss.exe issue!?

tattoomagoo — Sat, 07 Nov 2009 14:49:48 -0800

My Problem:

Upgrading the new Windows Live Messenger on Vista. WLM Must close csrss.exe before continuing. I hit close automatically. Microsoft Live Messenger fails the upgrade/install. I am at my wits end here. Here is my hijackthis log. Hopefully someone can help. :(

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:29:38 PM, on 11/7/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal

Running processes:
C:Program Files (x86)Common FilesNeroLibNMIndexStoreSvr.exe
C:Program FilesTheWeatherNetworkWeatherEyeWeatherEye.exe
C:Program Files (x86)Spybot - Search & DestroyTeaTimer.exe
C:hpsupporthpsysdrv.exe
C:Program Files (x86)HPHP Software UpdatehpwuSchd2.exe
C:Program Files (x86)AVGAVG8avgtray.exe
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program Files (x86)Mozilla Firefoxfirefox.exe
C:hpkbdkbd.exe
C:Program Files (x86)mIRCmirc.exe
C:Program Files (x86)Trend MicroHijackThisHijackThis.exe
C:WindowsSysWOW64NOTEPAD.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp .com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=desktop
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.freemov2avi .com/search/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft .com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft .com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft .com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:Program Files (x86)AVGAVG8ToolbarIEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:Program Files (x86)HPSmart Web Printinghpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:Program Files (x86)Spyware DoctorBDTPCTBrowserDefender.dll
O2 - BHO: WormRadar .com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program Files (x86)AVGAVG8avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~2SPYBOT~1SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:Program Files (x86)AVGAVG8ToolbarIEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:Program Files (x86)AVGAVG8ToolbarIEToolbar.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:Program Files (x86)Spyware DoctorBDTPCTBrowserDefender.dll
O4 - HKLM..Run: [hpsysdrv] c:hpsupporthpsysdrv.exe
O4 - HKLM..Run: [KBD] C:HPKBDKbdStub.EXE
O4 - HKLM..Run: [OsdMaestro] c:Program FilesHewlett-PackardOn-Screen OSD IndicatorOSD64.exe
O4 - HKLM..Run: [HP Software Update] C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [AVG8_TRAY] C:PROGRA~2AVGAVG8avgtray.exe
O4 - HKLM..Run: [NBKeyScan] "C:Program Files (x86)NeroNero8Nero BackItUpNBKeyScan.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [ArcSoft Connection Service] "C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe"
O4 - HKLM..Run: [EEventManager] C:PROGRA~2EPSONS~1EVENTM~1EEventManager.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Javajre6binjusched.exe"
O4 - HKCU..Run: [BTBFirstRun] C:Program Files (x86)Hewlett-PackardSDPhprun.exe
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program Files (x86)Windows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program Files (x86)Common FilesNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU..Run: [EPSON WorkForce 600 Series] C:Windowssystem32spoolDRIVERSx643E_IATIEKA.EXE /FU "C:WindowsTEMPE_SD655.tmp" /EF "HKCU"
O4 - HKCU..Run: [WeatherEye] C:Program FilesTheWeatherNetworkWeatherEyeWeatherEye.exe
O4 - HKCU..Run: [EPSON WorkForce 600 Series (Copy 1)] C:Windowssystem32spoolDRIVERSx643E_IATIEKA.EXE /FU "C:WindowsTEMPE_S3AED.tmp" /EF "HKCU"
O4 - HKCU..Run: [EPSON WorkForce 600(Network)] C:Windowssystem32spoolDRIVERSx643E_IATIEKA.EXE /FU "C:WindowsTEMPE_S5CB0.tmp" /EF "HKCU"
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program Files (x86)Spybot - Search & DestroyTeaTimer.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User NETWORK SERVICE)
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program Files (x86)Common FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program Files (x86)Microsoft OfficeOffice10OSA.EXE
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:Program Files (x86)PokerStarsPokerStarsUpdate.exe
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:Program Files (x86)HPSmart Web Printinghpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:Program Files (x86)HPSmart Web Printinghpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~2SPYBOT~1SDHelper.dll
O9 - Extra Tools menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~2SPYBOT~1SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail .com/mail/w3/pr01/resources/VistaMSNPUplden-ca.cab
O18 - Protocol: intu-qt2008 - {05E53CE9-66C8-4A9E-A99F-FDB7A8E7B596} - C:Program Files (x86)QuickTax 2008ic2008pp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program Files (x86)AVGAVG8avgpp.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: ASP .NET State Service (aspnet_state) - Unknown owner - C:WindowsMicrosoft .NETFrameworkv2.0.50727aspnet_state.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:Program Files (x86)SymantecLiveUpdateAluSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:PROGRA~2AVGAVG8avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~2AVGAVG8avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:Program Files (x86)Spyware DoctorBDTBDTUpdateService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:Program Files (x86)Common FilesEPSONEBAPIeEBSVC.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:ProgramDataEPSONEPW!3 SSRPE_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:ProgramDataEPSONEPW!3 SSRPE_S40RPB.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)HP GamesMy HP Game ConsoleGameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:hpHPEZBTNHPBtnSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:Program Files (x86)Common FilesLightScribeLSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:Program Files (x86)SymantecLiveUpdateLuComServer_3_4.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:Program FilesCommon FilesLogiShrdLVCOMSERLVCSer64.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:Program FilesCommon FilesLogiShrdSrvLnchSrvLnch.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:Program Files (x86)NeroNero8Nero BackItUpNBService.exe
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:Program Files (x86)Common FilesNeroLibNMIndexingService.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program Files (x86)Spybot - Search & DestroySDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:Program Files (x86)Spyware DoctorpctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:Program Files (x86)Spyware DoctorpctsSvc.exe
O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:Windowssystem32DRIVERSxaudio64.exe (file missing)

--
End of file - 12920 bytes

Thanks guys

Mike]]>

Topic Replies: 1

blue screen of death

robert78.5 — Thu, 05 Nov 2009 18:07:51 -0800

***stop;;0x0000007B (0x81821210,0xc0000032,0x00000000,0x00000000)INACCESSIBLE_BOOT_DEVICE
If this is the first time, youve seen this stop error screen, restart your computer. if this screen appears again, follow these steps.
check for viruses on your computer. remove any newly installed hard drives or hard drive controllers. check your hard drive to make sure it is properly configured and terminated. run chkdsk/f to check for hard drive corruption, and then restart your computer.
refer to your getting started manual for more information on troubleshooting stop errors.

my question is: how do i run chkdsk/f if i cant get to a black screen???
thanks]]>

Topic Replies: 7