Jump to content


Photo

Slow boot up time & long shut down time


  • This topic is locked This topic is locked
63 replies to this topic

#1 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 18 December 2006 - 06:20 PM

Greetings! Yes I've read the forum FAQ. I hope that someone can help me. My PC boot up time is close to 4 minutes. No, I am not kidding. I remember when, in less than 45 seconds, I was up and running. What happened? My shut down time is also long: close to 2 minutes. HeLp! Thank you

Here's my HiJackThis file:

Logfile of HijackThis v1.99.1
Scan saved at 7:16:37 PM, on 12/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\progra~1\mcafee\MCAFEE~1\masalert.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimt.../aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {52706EF7-D7A2-49AD-A615-E903858CF284} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyds...oad/tgctlcm.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safe...lscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1132526625046
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) -
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.ver...tWebInstall.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

Edited by ylselo, 20 December 2006 - 06:19 PM.


#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,533 posts

Posted 21 December 2006 - 05:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 26 December 2006 - 09:55 PM

Hi ylselo, and Welcome to SWI

Sorry it has taken so long to get to you, but the board has been very busy lately, and all the Helpers here are volunteers.

I suggest printing out each set of instructions and reading the entire post before proceeding. It will make following them easier.

From what I see in your HijackThis log, the problem of the slowdown is probably caused by running multiple security applications for the same function:

*You appear to be running both McAfee Personal Firewall and Sygate Personal Firewall. You should not run more than one firewall, as they can conflict with each other as they are both trying to do the same thing at the same time. You should uninstall one of them.

*You are also running multiple antispyware applications that are essentially performing the same or similar services, McAfee AntiSpyware, Windows Defender, and Spybot Search & Destroy's TeaTimer resident utility. While not as bas as running two firewalls, they are probiding largely redundant services and will add to your slowdown. I would recommend not running TeaTimer, and using Spybot S&D scanner on occasion instead, and disabling the resident protection of either Windows Defender or McAfee AntiSpyware, and instead, use the one that you disable as an on-demand scanner instead of running it resident.

*While I don't specifically see a service for McAfee AntiVirus, since I do see other McAfee software. Since I do see entries for a Computer Associates antivirus provided by Yahoo, I though it best to mention the same warning applies, you should never be running more than one antivirus program resident, just like the firewall. Neither provides additional protection, and can cause slowdowns, conflicts, and problems removing or preventing infections as both programs are trying to do the same thing at the same time.

The only thing to fix in your log is some empty entries that were not previously removed, probably due to one of the resident protection programs. We will need to disable them first before proceeding.

I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:
1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts

When everything is done and your log is clean again, you can enable it again.
If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.
Then, Download ResetTeaTimer.bat.
Double click ResetTeaTimer.bat to remove all entries set by TeaTimer.
Please don't forget this step to disable teatimer.

Please disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.

Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.
After all of the fixes are complete it is very important that you enable Real-time Protection again.

Disable McAfee AntiSpyware's resident protection.
  • Open McAfee AntiSpyware, click "Change Settings".
  • When the settings dialog box appears, click the "Auto-Protect" tab.
  • Uncheck "Enable Auto-Protect".
  • Click "OK" to close the dialog box.
Download ATF Cleaner by Atribune from here http://www.atribune....tent/view/25/1/ and save it to your Desktop.

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

* The purpose of the Prefetch folder is to increase the speed at which you can access the programs that you use on your PC. Unfortunately, Windows doesn't differentiate between a program you use every day and one you rarely use, which means that it may be prefetching a lot of stuff that you rarely use, adding to your startup time.
You may find that the first time you boot up after cleaning out this folder, your PC takes longer to start - the second, and subsequent, boots should be quicker.

Now you need to run HijackThis and click "Do a system scan only." Place a check next to the following entries (if they are still there):

O2 - BHO: (no name) - {52706EF7-D7A2-49AD-A615-E903858CF284} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (file missing)
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) -


Now close all browser and other windows except for HijackThis, and click "Fix Checked" to have HijackThis fix the entries you checked.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation, Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    • Java 2 Runtime Environment, SE v1.4.2
    • J2SE Runtime Environment 5.0
    • J2SE Runtime Environment 5.0 Update 2
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6-windows-i586.exe that you downloaded to install the newest version.
Please restart your system and post a new HijackThis log.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#4 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 31 December 2006 - 12:06 AM

THank you for your help. I tried to follow your advices step by step the best I could but I ran into some problems:
1:) I didn't really understand when exactly to run the program "ResetTeaTimer.bat".
2:) I could not disable McAfee Firewall & Antispyware. I had to delete them.
3:) My Control Panel: " Add & Remove Program" doesn't work. When I click it, nothing happens. So, I still had files of McAfee I couldn't delete.
4:) My PC is as slow as before. There was no improvement.
Here's a copy of my lastest "HiJackThis" log:

Logfile of HijackThis v1.99.1
Scan saved at 12:54:03 AM, on 12/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimt.../aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyds...oad/tgctlcm.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safe...lscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1132526625046
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.ver...tWebInstall.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MpfService - McAfee - (no file)
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

#5 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 31 December 2006 - 09:11 AM

1:) I didn't really understand when exactly to run the program "ResetTeaTimer.bat".

It only needed to be run if the entries you fixed with HijackThis returned. They didn't, so there's no need to run it.

2:) I could not disable McAfee Firewall & Antispyware. I had to delete them.
3:) My Control Panel: " Add & Remove Program" doesn't work. When I click it, nothing happens. So, I still had files of McAfee I couldn't delete.

You mean you simply deleted the files you could in the McAfee folders? If you did that, you may not be able to properly uninstall them without reinstalling them first.

In Control Panel, when you click on Add or Remove Programs, nothing happens?
Are you trying to open it from an account with administrator rights, or a limited account?
If it was an administrator account, there may be a policy set that prevents opening Add or Remove Programs. Is this a personal computer or a corporate computer?

Please run Notepad and copy the following text into a new file:

sc config MpfService start= disabled
sc stop MpfService
sc delete MpfService
Save the file to the desktop as remove.bat and make sure the "Save as type" field says "All files". Locate remove.bat on the Desktop and double-click on it to run it. Please note any errors encountered.

Download ComboFix© by sUBs from:
http://download.blee...Bs/combofix.exe
Save the file to your Desktop.
Double click combofix.exe & follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.
When finished, and after reboot, it should open a log, combofix.txt.
Post that log in your next reply along with a new HijackThis log and answers to the above questions.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#6 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 31 December 2006 - 08:39 PM

One more time, I thank you for helping me and wish you all a Happy New Year.
The computer is mine. It's not corporate and I am the sole user ie administrator. I followed all your instructions and here is what we got:
After running the "remove.bat" file, a DOS window opened up with a few lines of text. It closed right away and I didn't get a chance to read.
I downloaded and ran Combofix; then rebooted. It still took about 200 seconds before I could use the PC including a blank screen lasting about 45 secons.
Here are the logs:

Owner - 06-12-31 21:20:02.28 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Owner\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-11-31 to 2006-12-31 ))))))))))))))))))))))))))))))))))


2006-12-31 17:16 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Yahoo!
2006-12-31 00:45 <DIR> dr-h----- C:\Documents and Settings\Owner\Recent
2006-12-30 23:49 <DIR> d-------- C:\Program Files\Java
2006-12-30 23:49 <DIR> d-------- C:\Program Files\Common Files\Java
2006-12-25 22:36 2 --a------ C:\WINDOWS\system32\vrecorder.dll
2006-12-25 22:23 <DIR> d-------- C:\Program Files\ZD Soft
2006-12-20 19:14 <DIR> d-------- C:\HJT
2006-12-16 18:36 <DIR> d-------- C:\autoruns
2006-12-15 17:26 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-12-15 15:50 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
2006-12-05 02:38 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2006-12-04 20:31 <DIR> d-------- C:\Documents and Settings\Owner\.housecall6.6


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-31 01:23 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-30 23:49 -------- d-------- C:\Program Files\Common Files
2006-12-22 23:04 -------- d-------- C:\Program Files\verizon
2006-12-15 16:01 -------- d-------- C:\Program Files\Outlook Express
2006-12-15 16:01 -------- d-------- C:\Program Files\Common Files\System
2006-12-07 01:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-12-05 02:38 -------- d-------- C:\Program Files\Internet Explorer
2006-11-27 21:59 -------- d-------- C:\Program Files\Common Files\Motive
2006-11-22 22:52 -------- d-------- C:\Program Files\Verizon Online
2006-11-22 22:48 -------- d-------- C:\Documents and Settings\Owner\Application Data\Skype
2006-11-22 22:36 -------- d-------- C:\Program Files\Windows Live Safety Center
2006-11-19 19:26 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-08 00:06 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-06 22:40 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-03 22:52 -------- d-------- C:\Program Files\MySpyProtector
2006-11-02 17:18 -------- d-------- C:\Documents and Settings\Owner\Application Data\Uniblue
2006-10-19 08:56 713216 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-17 12:33 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-10-17 12:33 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-10-17 12:33 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-10-17 12:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-10-17 12:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-10-17 12:33 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-10-17 12:33 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 12:01 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-10-17 12:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-10-17 12:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-10-17 12:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-10-17 12:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-10-17 12:01 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-10-17 12:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-10-17 12:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-10-17 12:00 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-17 11:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AutorunsDisabled]
"NetZero_uoltray"="C:\\Program Files\\NetZero\\exec.exe regrun"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
"CaAvTray"="\"C:\\Program Files\\Yahoo!\\Antivirus\\CAVTray.exe\""
"CAVRID"="\"C:\\Program Files\\Yahoo!\\Antivirus\\CAVRID.exe\""
"YOP"="C:\\PROGRA~1\\Yahoo!\\YOP\\yop.exe /autostart"
"Motive SmartBridge"="C:\\PROGRA~1\\verizon\\SMARTB~1\\MotiveSB.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\AutorunsDisabled]
"Motive SmartBridge"="C:\\PROGRA~1\\VERIZO~1\\HELPSU~1\\SMARTB~1\\MotiveSB.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\AutorunsDisabled]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\AutorunsDisabled\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,dd,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"NetZero_uoltray"="C:\\Program Files\\NetZero\\exec.exe regrun"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"zzzHPSETUP"="E:\\Setup.exe \\RESET"
"SetDefPrt"="C:\\Program Files\\Brother\\Brmfl03a\\BrStDvPt.exe"
"SoundMan"="SOUNDMAN.EXE"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"PCPitstop Optimize Registration Reminder"="C:\\Program Files\\PCPitstop\\Optimize\\Reminder.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\Documents and Settings\\All Users.WINDOWS\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MI1933~1\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^notepad.exe]
"path"="C:\\Documents and Settings\\Owner\\Start Menu\\Programs\\Startup\\notepad.exe"
"backup"="C:\\WINDOWS\\pss\\notepad.exeStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\Owner\\Start Menu\\Programs\\Startup\\notepad.exe"
"item"="notepad"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\A Verizon App]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VERIZO~1"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\VERIZO~1\\HELPSU~1\\VERIZO~1.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="aim"
"hkey"="HKCU"
"command"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCMSMMSG]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCMSMMSG"
"hkey"="HKLM"
"command"="BCMSMMSG.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="McAgent"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="McUpdate"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MotiveSB"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\VERIZO~1\\HELPSU~1\\SMARTB~1\\MotiveSB.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFEXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MpfTray"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetZero_uoltray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="exec"
"hkey"="HKCU"
"command"="C:\\Program Files\\NetZero\\exec.exe regrun"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BrStDvPt"
"hkey"="HKLM"
"command"="C:\\Program Files\\Brother\\Brmfl03a\\BrStDvPt.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcmnhdlr"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YAHOOM~1"
"hkey"="HKCU"
"command"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\_AntiSpyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="masalert"
"hkey"="HKLM"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, digest.dll, msnsspc.dll,schannel.dll"



~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

backup-20061230-231055-228
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) -
backup-20061230-231055-174
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll (file missing)
backup-20061230-231055-415
O2 - BHO: (no name) - {52706EF7-D7A2-49AD-A615-E903858CF284} - (no file)
backup-20061230-231055-395
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\McAfee AntiSpyware.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

Completion time: 06-12-31 21:22:10.57
C:\ComboFix.txt ... 06-12-31 21:22

Logfile of HijackThis v1.99.1
Scan saved at 9:29:17 PM, on 12/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimt.../aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyds...oad/tgctlcm.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safe...lscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1132526625046
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.ver...tWebInstall.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

#7 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 02 January 2007 - 09:41 PM

You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site. Please follow the instructions exactly in the order listed; this is very important!

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Download AVG Anti-Spyware from HERE and save that file to your desktop.
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update".
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

Next, please reboot your computer in Safe Mode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Click the "Delete Cookies" button
  • Next to it, Click the "Delete Files" button
  • When prompted, place a check in: "Delete all offline content", click OK
Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu on the left side of the Options window.
  • Click the Clear button located to the right of each option (History, Cookies, Cache).
  • Click OK to close the Options window
    Alternatively, you can clear all information stored while browsing by clicking Clear All.
    A confirmation dialog box will be shown before clearing the information.
Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
Open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted: "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.

After SmitfraudFix finishes (and after a reboot if required), please open AVG Anti-Spyware. (If a reboot is required, please boot BACK into Safe Mode.)
Run a complete system scan with AVG Anti-Spyware.
IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning process:
  • Launch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware
See if you can now go to Start > Control Panel > Add or Remove Programs and remove the following program, if found:
MySpyProtector

If you still can't open Control Panel, Please run HijackThis, click on "Open the Misc Tools section", and then on "Open Uninstall Manager". Click the "Open Add/Remove Software list" button, and see if Add or Remove Programs will open that way. If not, see if there is an uninstall option in the program group for MySpyProtector (if there is a program group for it), and uninstall it that way. Please let me know what happened.

Using Windows Explorer, delete the following folder (if still there):
C:\Program Files\MySpyProtector

Then please restart your system into Normal Windows.

Go to Start > Programs > Accessories > System Tools > Scheduled Tasks, and delete the following task:
McAfee AntiSpyware

Download the Registry Search Tool from here:
http://www.billsway....les/RegSrch.zip
Unzip to your Desktop and double click on regsrch.vbs
(if you have script protection, please allow this to run)

In the dialog that opens enter the following:
MySpyProtector

Press 'OK'
The search will run for a while then alert you when it is finished.
Press 'OK' and copy the contents of the WordPad window and post in this thread.

Please post a new HijackThis log, the contents of the SmitfraudFix log located at C:\rapport.txt, the log from AVG Anti-Spyware, the results of running the Resistry Search Tool, and note any errors encountered, including what happened with trying to open Add or Remove Programs.


Note : process.exe (used by SmitfraudFix) is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlog...processutil.htm

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#8 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 03 January 2007 - 05:29 PM

Hi. Thank you again for your continuing help.
Here’s a detailed point by point answer to your suggestions:
1.) Both SmitfraudFix & AVG Anti-Spyware were downloaded to my desktop and run in Safe mode. Their logs are at the end.
2.) Cleaning the Cache & cookies did not work like you suggested but I ended up deleting Cookies, Temporary Internet Files, History, Form Data, & passwords. Deleting all offline contents was not an option.
3.) I didn’t see SmitfraudFix check to see if wininet.dll was infected.
4.) After running AVG, I still could not open the “Add/Remove Software” in Control Panel, I couldn’t either do it running HiJackThis.
5.) When I opened Windows Explorer, the program MySpyProtector wasn’t there.
6.) I deleted McAfee AntiSpyware
7.) The Registry Search Tool didn’t detect MySpyProtector. I also ran regedit, and check for MySpyProtector, it wasn’t there either.

Here are the logs:
Logfile of HijackThis v1.99.1
Scan saved at 5:50:30 PM, on 1/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyds...oad/tgctlcm.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safe...lscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1132526625046
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.ver...tWebInstall.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
SmitFraudFix v2.132

Scan done at 13:43:34.51, Wed 01/03/2007
Run from C:\Documents and Settings\Owner\Desktop\SmitfraudFix\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 4:06:42 PM 1/3/2007

+ Scan result:



C:\Program Files\MySpyProtector -> Adware.MySpyProtector : No action taken.
C:\Program Files\MySpyProtector\MySpyProtector.elf -> Adware.MySpyProtector : No action taken.
C:\Program Files\MySpyProtector\prefs.dat -> Adware.MySpyProtector : No action taken.
C:\System Volume Information\_restore{22F9E4F2-0C43-45CC-943C-686F73B5198E}\RP296\A0074272.exe -> Adware.MySpyProtector : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3D.tmp -> TrackingCookie.247realmedia : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2F.tmp -> TrackingCookie.2o7 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3E.tmp -> TrackingCookie.2o7 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4.tmp -> TrackingCookie.2o7 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq18.tmp -> TrackingCookie.Adserver : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2D.tmp -> TrackingCookie.Bluestreak : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6.tmp -> TrackingCookie.Bluestreak : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq33.tmp -> TrackingCookie.Bridgetrack : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq48.tmp -> TrackingCookie.Bridgetrack : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq43.tmp -> TrackingCookie.Burstnet : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq22.tmp -> TrackingCookie.Casalemedia : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq51.tmp -> TrackingCookie.Casalemedia : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq52.tmp -> TrackingCookie.Centrport : No action taken.
C:\Documents and Settings\Owner\Cookies\owner@com[2].txt -> TrackingCookie.Com : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2.tmp -> TrackingCookie.Com : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq30.tmp -> TrackingCookie.Com : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9.tmp -> TrackingCookie.Com : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq53.tmp -> TrackingCookie.Falkag : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq11.tmp -> TrackingCookie.Onestat : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq31.tmp -> TrackingCookie.Pointroll : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB.tmp -> TrackingCookie.Qksrv : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq23.tmp -> TrackingCookie.Questionmarket : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq32.tmp -> TrackingCookie.Questionmarket : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC.tmp -> TrackingCookie.Questionmarket : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE.tmp -> TrackingCookie.Realtracker : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq24.tmp -> TrackingCookie.Revenue : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq19.tmp -> TrackingCookie.Ru4 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2E.tmp -> TrackingCookie.Ru4 : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq20.tmp -> TrackingCookie.Serving-sys : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq12.tmp -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq25.tmp -> TrackingCookie.Tacoda : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2B.tmp -> TrackingCookie.Tacoda : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq13.tmp -> TrackingCookie.Tradedoubler : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2C.tmp -> TrackingCookie.Tribalfusion : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq28.tmp -> TrackingCookie.Yieldmanager : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq50.tmp -> TrackingCookie.Yieldmanager : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq26.tmp -> TrackingCookie.Zedo : No action taken.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq49.tmp -> TrackingCookie.Zedo : No action taken.


::Report end


Like I said above, running the Registry Search Tool didn’t accomplish much. I still cannot access Add/Remove Program and my PC still takes about 180 to 200 seconds to boot.
Hoping to hear from you soon.

#9 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 04 January 2007 - 04:26 AM

When I opened Windows Explorer, the program MySpyProtector wasn’t there.

It should be there, it was in both the ComboFix log (which shows it's not hidden or a sysem file), and the AVG Anti-Spyware log. AVG Anti-Spyware would have removed it, but it wasn't configured per the instructions (note the red text).

Run AVG Anti-Spyware
  • On the main screen select the icon "Update".
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
  • Run a complete system scan with AVG Anti-Spyware.
    IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning process:
  • Launch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • When prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware
Please download SilentRunners from here:
http://www.silentrun...ent Runners.zip
Unzip it to the desktop and double-click on it. If you get any kind of warning message about scripts, please choose to allow the script to run. When the scan is finished, a message will pop up and a logfile will have been created on the desktop. Please post the entire contents of this logfile for me to see.

Download and Save BlackLight to your desktop.
F-Secure Blacklight: http://www.f-secure....blacklight.html
Double-click blbeta.exe then accept the agreement.
click > scan then > next,
You'll see a list of all items found.
Do NOT choose rename for any items yet! I need to see the log first, because legitimate items can also be present there...
A log will be created on your desktop with the name fsbl.xxxxxxx.log (the xxxxxxx are numbers)
Post the contents of the log in your next reply.

Please post a new HijackThis log, the log from SilentRunners, and the log from BlackLight.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#10 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 04 January 2007 - 07:20 PM

By the way, my PC is noticeably slower now than when we started. My web seek times are longer - time for a page to load etc.
Here are the logs:

Logfile of HijackThis v1.99.1
Scan saved at 7:55:56 PM, on 1/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyds...oad/tgctlcm.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safe...lscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1132526625046
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.ver...tWebInstall.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE


"Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"SmcService" = "C:\PROGRA~1\Sygate\SPF\smc.exe -startgui" ["Sygate Technologies, Inc."]
"CaAvTray" = ""C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"" ["Computer Associates International, Inc."]
"CAVRID" = ""C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"" ["Computer Associates International, Inc."]
"YOP" = "C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart" ["Yahoo! Inc."]
"Motive SmartBridge" = "C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe" ["Motive Communications, Inc."]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0\bin\jusched.exe"" ["Sun Microsystems, Inc."]
"!AVG Anti-Spyware" = ""C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized" ["Anti-Malware Development a.s."]
"TkBellExe" = ""C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{02478D38-C3F9-4EFB-9B51-7695ECA05670}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Yahoo! Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll" ["Yahoo! Inc."]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Yahoo! IE Services Button"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Common\yiesrvc.dll" ["Yahoo! Inc."]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0\bin\ssv.dll" ["Sun Microsystems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{1CE2AA40-1317-11D3-9922-00104B0AD431}" = "CA_AntiVirus"
-> {HKLM...CLSID} = "CA_AntiVirus"
\InProcServer32\(Default) = "C:\WINDOWS\avshlext.dll" ["Computer Associates International, Inc."]
"{5464D816-CF16-4784-B9F3-75C0DB52B499}" = "Yahoo! Mail"
-> {HKLM...CLSID} = "YMailShellExt Class"
\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi.dll" ["Yahoo! Inc."]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook"
-> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook"
\InProcServer32\(Default) = "C:\PROGRA~1\WINDOW~4\MpShHook.dll" [MS]
<<!>> "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" = "AVG Anti-Spyware 7.5"
-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" ["Anti-Malware Development a.s."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]
CA_AntiVirus\(Default) = "{1CE2AA40-1317-11D3-9922-00104B0AD431}"
-> {HKLM...CLSID} = "CA_AntiVirus"
\InProcServer32\(Default) = "C:\WINDOWS\avshlext.dll" ["Computer Associates International, Inc."]
Yahoo! Mail\(Default) = "{5464D816-CF16-4784-B9F3-75C0DB52B499}"
-> {HKLM...CLSID} = "YMailShellExt Class"
\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi.dll" ["Yahoo! Inc."]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
AVG Anti-Spyware\(Default) = "{8934FCEF-F5B8-468f-951F-78A921CD3920}"
-> {HKLM...CLSID} = "CContextScan Object"
\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll" ["Anti-Malware Development a.s."]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
CA_AntiVirus\(Default) = "{1CE2AA40-1317-11D3-9922-00104B0AD431}"
-> {HKLM...CLSID} = "CA_AntiVirus"
\InProcServer32\(Default) = "C:\WINDOWS\avshlext.dll" ["Computer Associates International, Inc."]


Group Policies {policy setting}:
--------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"DisableRegistryTools" = (REG_DWORD) hex:0x00000000
{Prevent access to registry editing tools}

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\ssmypics.scr" [MS]


DESKTOP.INI DLL launch in local fixed drive directories:
--------------------------------------------------------
C:\Documents and Settings\e\Local Settings\History\DESKTOP.INI -- cannot be opened!
C:\Documents and Settings\e\Local Settings\History\History.IE5\DESKTOP.INI -- cannot be opened!
C:\Documents and Settings\e\Local Settings\Temporary Internet Files\DESKTOP.INI -- cannot be opened!
C:\Documents and Settings\e\My Documents\My Webs\DESKTOP.INI -- cannot be opened!

WARNING! F: is an unreadable partition!


Enabled Scheduled Tasks:
------------------------

"MP Scheduled Scan" -> launches: "C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS]
"Spybot - Search & Destroy - Scheduled Task" -> launches: "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe /AUTOCHECK" ["Safer Networking Limited"]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\WINDOWS\system32\VetRedir.dll ["Computer Associates International, Inc."], 01 - 03, 19
%SystemRoot%\system32\mswsock.dll [MS], 04 - 06, 09 - 18
%SystemRoot%\system32\rsvpsp.dll [MS], 07 - 08


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"
-> {HKLM...CLSID} = "Yahoo! Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll" ["Yahoo! Inc."]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided)
-> {HKLM...CLSID} = "Yahoo! Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll" ["Yahoo! Inc."]

Explorer Bars

HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD}\(Default) = (no title provided)
-> {HKLM...CLSID} = "&Yahoo! Messenger"
\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\yhexbmesus.dll" ["Yahoo! Inc."]

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD}\(Default) = (no title provided)
-> {HKLM...CLSID} = "&Yahoo! Messenger"
\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\yhexbmesus.dll" ["Yahoo! Inc."]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll" ["Sun Microsystems, Inc."]

{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\
"ButtonText" = "Yahoo! Services"
"CLSIDExtension" = "{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}"
-> {HKLM...CLSID} = "Yahoo! IE Services Button"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Common\yiesrvc.dll" ["Yahoo! Inc."]

{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\
"ButtonText" = "AIM"
"Exec" = "C:\Program Files\AIM\aim.exe" ["America Online, Inc."]


Miscellaneous IE Hijack Points
------------------------------

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = (no title provided)
-> {HKLM...CLSID} = "Yahoo! Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll" ["Yahoo! Inc."]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

AVG Anti-Spyware Guard, AVG Anti-Spyware Guard, "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe" ["Anti-Malware Development a.s."]
CAISafe, CAISafe, "C:\Program Files\Yahoo!\Antivirus\ISafe.exe" ["Computer Associates International, Inc."]
Sygate Personal Firewall, SmcService, "C:\Program Files\Sygate\SPF\smc.exe" ["Sygate Technologies, Inc."]
VET Message Service, VETMSGNT, "C:\Program Files\Yahoo!\Antivirus\VetMsg.exe" ["Computer Associates International, Inc."]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]


----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 70 seconds.
---------- (total run time: 142 seconds)



01/04/07 20:09:58 [Info]: BlackLight Engine 1.0.55 initialized
01/04/07 20:09:58 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/04/07 20:09:58 [Note]: 7019 4
01/04/07 20:09:58 [Note]: 7005 0
01/04/07 20:10:01 [Note]: 7006 0
01/04/07 20:10:01 [Note]: 7011 500
01/04/07 20:10:01 [Note]: 7026 0
01/04/07 20:10:01 [Note]: 7026 0
01/04/07 20:10:06 [Note]: FSRAW library version 1.7.1021
01/04/07 20:12:38 [Note]: 2000 1012
01/04/07 20:22:29 [Note]: 7007 0

#11 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 05 January 2007 - 04:45 AM

I saw nothing wrong with your logs.

Please download Ad-Aware SE Personal and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.

1) Run Ad-Aware, and click Check for updates now.

2) Select Configurations (click the Gear wheel at the top) as follows:
  • General Button > Safety & Settings: Check (Green) all three.
  • Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
Click Proceed.

3) To start the scan, Click > "Scan Now" at left
  • Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
  • Select "Search for low-risk threats"
  • Select "Perform full system scan"
  • Click Next
4) When the scan has completed, select Next.
  • In the Scanning Results window, select the "Critical Objects" tab.
  • Right-click on the screen and choose "Select all objects"
  • Click Next to remove the infections found, and click OK to the prompt.
  • Restart the computer.
Does that help with the running slow problem?

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#12 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 05 January 2007 - 12:52 PM

Here is a copy of the Ad-Aware SE log. No, after rebooting the PC, I didn't notice any speed improvment. I still have a dark screen for about 40 seconds during boot time.

ArchiveData(auto-quarantine- 2007-01-05 13-32-13.bckp)
Referencefile : SE1R142 02.01.2007
======================================================

TRACKING COOKIE
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=IECache Entry : Cookie:owner@revsci.net/
obj[1]=IECache Entry : Cookie:owner@live365.com/

By the way, I still cannot access Add/Remove Programs from the Control Panel.

Edited by ylselo, 05 January 2007 - 09:54 PM.


#13 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 05 January 2007 - 09:57 PM

You may need your Windows Installation CD for this step.
Now please go to Start -> Run -> cmd and press Enter. At the command prompt type sfc /scannow, making sure to put a space between the "c" and the slash, and then press Enter. This will run the System File Checker. Follow the prompts, and insert your Windows installation CD if requested. Then please restart your computer.

Go to:
http://windowsxp.mvps.org/IEFIX.htm
Follow the directions for downloading and running IEFix.

Restart your system.
Was there any improvement?

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#14 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 05 January 2007 - 11:34 PM

I did as you suggested. There was no changes: It still takes almost 3 minutes to boot, the blank screen at boot up time last about 40 seconds, I still cannot access Add/Remove Program from Control Panel, & I couldn't run IEFix because that program doesn't support IE7 which I currently use. Besides, there's nothing wrong with IE7. And the PC is slower.
Is there any possibility to reinstall Windows without losing, reinstalling all my current programs?

Edited by ylselo, 05 January 2007 - 11:34 PM.


#15 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 06 January 2007 - 06:28 AM

Yes, you can do a repair installation, which will keep your programs intact. You will have to update Windows after that and reapply all the critical updates. I can give you instructions for that, but let's try this first:

Download SDFix and save it to your desktop.

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
  • In Safe Mode, right click the SDFix.zip folder and choose Extract All,
  • Open the extracted folder and double click RunThis.bat to start the script.
  • Type Y to begin the script.
  • It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new HijackThis log.
Can you open Add or Remove Programs from Control Panel?

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#16 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 06 January 2007 - 10:56 PM

I did as you told me. No, I still cannot open Add/Remove Programs.
Here are the logs:


SDFix: Version 1.55
****************

Sat 01/06/2007 - 23:40:42.26

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Stage One - Safe Mode

Checking Services...

Service Name:


File Path:



Starting Registry Repairs...

Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two - Normal Mode

Checking For Malware:
--------------------


Backing Up and Removing any Files Found...

Alternate Stream Check:

C:\WINDOWS\system32
No streams found.
Final Check:

Remaining Services:
------------------


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\Yserver.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Disabled:Yahoo! Messenger"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Checking for files with Hidden Attributes:

C:\NTDETECT.COM
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\hiberfil.sys
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\Documents and Settings\Owner\My Documents\~WRL0005.tmp
C:\Documents and Settings\Owner\My Documents\~WRL3227.tmp
C:\my flash junk\ET (G)\~WRL2075.tmp

FINISHED!



SDFix: Version 1.55
****************

Sat 01/06/2007 - 23:40:42.26

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Stage One - Safe Mode

Checking Services...

Service Name:


File Path:



Starting Registry Repairs...

Restoring Default Hosts File...

Stage One Complete

Rebooting...

Stage Two - Normal Mode

Checking For Malware:
--------------------


Backing Up and Removing any Files Found...

Alternate Stream Check:

C:\WINDOWS\system32
No streams found.
Final Check:

Remaining Services:
------------------


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\Yserver.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Disabled:Yahoo! Messenger"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Checking for files with Hidden Attributes:

C:\NTDETECT.COM
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\hiberfil.sys
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\Documents and Settings\Owner\My Documents\~WRL0005.tmp
C:\Documents and Settings\Owner\My Documents\~WRL3227.tmp
C:\my flash junk\ET (G)\~WRL2075.tmp

FINISHED!
Logfile of HijackThis v1.99.1
Scan saved at 11:54:29 PM, on 1/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyds...oad/tgctlcm.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safe...lscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1132526625046
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.ver...tWebInstall.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

#17 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 07 January 2007 - 07:22 AM

Let's see if there are Windows files missing that are preventing you from opening Add or Remove Programs:
You may need your Windows Installation CD for this step.
Please go to Start -> Run -> cmd and press Enter. At the command prompt type sfc /scannow, making sure to put a space between the "c" and the slash, and then press Enter. This will run the System File Checker. Follow the prompts, and insert your Windows installation CD if requested. Then please restart your computer.

Can you open Add or Remove Programs now?

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#18 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 07 January 2007 - 01:37 PM

On Jan 5, 2007, you had me run cmd and at the command prompt I typed sfc /scannow. And I told you that after doing so I still couldn't open Add/Remove Programs. Do you still want me to repeat that step?

#19 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 07 January 2007 - 02:14 PM

No, I didn't scroll far enough back to see that you had already done that.

Let's try doing a repair install and see if that will fix the problem.
XP Repair install

Boot the computer using the XP CD. You may need to change the boot order in the system BIOS so the CD boots before the hard drive. Check your system documentation for steps to access the BIOS and change the boot order. When you see the "Welcome To Setup" screen, you will see the options below. This portion of the Setup program prepares Microsoft.

Windows XP to run on your computer:

To setup Windows XP now, press ENTER.

To repair a Windows XP installation using Recovery Console, press R.

To quit Setup without installing Windows XP, press F3.

Press Enter to start the Windows Setup. do not choose "To repair a Windows XP installation using the Recovery Console, press R", (you Do Not want to load Recovery Console). I repeat, do not choose "To repair a Windows XP installation using the Recovery Console, press R".

Accept the License Agreement and Windows will search for existing Windows installations. Select the XP installation you want to repair from the list and press R to start the repair. If Repair is not one of the options, END setup. After the reboot read Warning#2!

Setup will copy the necessary files to the hard drive and reboot. Do not press any key to boot from CD when the message appears. Setup will continue as if it were doing a clean install, but your applications and settings will remain intact.

After that, go to Windows Update and install ALL critical updates.

Please post a new HijackThis log.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#20 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 08 January 2007 - 08:58 PM

I did a Windows repair & followed your instructions step by step:
1> Right after the repair and rebooting and before updating, I was able to access Add/Remove Program.
2> After installing Service Pack 2, I was able to access Add/Remove Program.
3> But after total updating online, I couldn't access Add/Remove Program.
And the overall speed gain was NONE. I still log 3 minutes at boot up time.

Here's the log:
Logfile of HijackThis v1.99.1
Scan saved at 9:48:08 PM, on 1/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\verizon\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyds...oad/tgctlcm.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safe...lscbase8460.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1132526625046
O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - https://download.ver...tWebInstall.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

PS I tend to believe that my slow boot up time problem has more to do some programs loading than some malware. I may be mistaken.

Edited by ylselo, 08 January 2007 - 09:56 PM.


#21 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 08 January 2007 - 11:12 PM

PS I tend to believe that my slow boot up time problem has more to do some programs loading than some malware. I may be mistaken.

It could be, or it might be something that isn't loading, and the system is waiting for it to fail.

I did a Windows repair & followed your instructions step by step:
1> Right after the repair and rebooting and before updating, I was able to access Add/Remove Program.
2> After installing Service Pack 2, I was able to access Add/Remove Program.
3> But after total updating online, I couldn't access Add/Remove Program.

When you say "after total updating online", you are referring to Windows Update, and not some site called "total updating online", correct?

Go to Start >Run, and in the Run box type the following text and hit Enter:
regsvr32 appwiz.cpl

Restart your system.

Can you open Add or Remove Programs now?

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#22 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 09 January 2007 - 09:51 PM

No I didn't go to a site called "total updating online", but rather to Windows Update.

"It could be, or it might be something that isn't loading, and the system is waiting for it to fail." This reminds me that sometime back, as I was still obsessed with that slow booting time, I went to a Cnet.com class trying to speed up my PC. I made a few changes and it didn't work. In fact, that's when I started seeing that 40 seconds blank screen at boot up time. Here's Cnet lesson site: http://pc-troublesho...ing-strategies/

Once again, thank you for your patience. As per your last instruction, Add/Remove Program did finally show up after a good 10 minutes where as the other commands to the left of that window are very fast.
Speed up instructions?
By the way, is it ok to remove, delete the Windows Security Updates, Windows XP Hotfix, IE updates that populate the Add/Remove Programs windows?

Edited by ylselo, 09 January 2007 - 10:00 PM.


#23 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 15 January 2007 - 07:02 PM

It's been six days I have not seen any reply. Are you done helping me?

#24 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 15 January 2007 - 08:27 PM

Sorry, I missed the reply.

Please register (it's free, don't worry) with PCPitStop and run the full tests here. When the tests are complete, a results page will pop up. Click "Share these results with TechExpress" on the left-hand side. Then copy the URL provided and post it here for me.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#25 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 15 January 2007 - 10:21 PM

I really don't know what to do & how to get there. More clarification would be greatly appreciated.
Thank you

#26 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 15 January 2007 - 11:41 PM

I really don't know what to do & how to get there. More clarification would be greatly appreciated.

Just go to http://www.pcpitstop...top/default.asp and register for a free acount.
Over on the left, click where it says "Sign up now!"

Then click where it says:
New Members
Click the key to
run the full tests
on your PC now!

Look at the top of the page and see if the yellow Information Bar is displaying a message about PC Pitstop. If so, click the Information Bar and select "Install ActiveX Control".

Run the full tests.
When the tests are complete, a results page will pop up.
Click "Share these results with TechExpress" on the left-hand side.
Then copy the URL provided and post it here for me.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#27 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 16 January 2007 - 06:09 PM

I ran Pitstop. Here's the link: http://www.pcpitstop...Z8UFWXFZ7WSBMZJ

#28 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 16 January 2007 - 11:42 PM

While it didn't find anything seriously wrong, there are recommendations for your system to adjust your browser cache size and to defragment your system.

I don't think that will change your performance that much. The only other thing I can think of short of backing up your data and reinstalling Windows, would be to do a logged boot and see if you can find items that fail to load, and are successfull in fixing that. While that may affect the time your system takes to load windows, I don't know that it will change the time it takes to shut down.

If you want to try that...

The slow boot may be due to a file that was deleted still trying to load from the registry.
Let's see if we can find it.

Restart your computer and begin tapping the F8 key on your keyboard.
If done right a Windows Advanced Options menu will appear. Select the "Enable Boot Logging" option and press Enter.

After your system finished booting, you will have a log at C:\Windows\ntbtlog.txt
Double-click on the log to open it with Notepad.
Take a look at the log.
Here's an example of what a successful loading will look like:

[00151C1F] Loading Device = C:\CDROM\OAKCDROM.SYS
[00151C5C] LoadSuccess = C:\CDROM\OAKCDROM.SYS

...and failure:

[00151E01] Dynamic load failed crlds3d.vxd : [00151E01] File not found
[00151E01] Dynamic load device crlds3d.vxd
[00151E01] Dynamic load failed crlds3d.vxd : [00151E01] File not found

In Notepad, with the log open, hit the F3 key (search), and enter failed.
Do you find anything that failed to load?
If you do, continue to search for all the failed items and copy/paste the lines for it/them where it tried to load (Loading), and then failed in your next reply.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#29 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 17 January 2007 - 08:22 PM

Once more I want to express my thanks to you for your commitment & patience.
I think you may be up to something. F3 didn't detect anything that failed to load. However, some items, like you suggested kept on trying to load time and time again, like my sound, my codecs. Incidentally, my DVD-ROM only plays CDs but not DVDs. Go figure. In any case since I couldn't follow your advice 100%, I am sending you a copy of the ntbtlog.
I hope this helps you help me find a true final solution to my slow boot up time.
From what I see from the log, if we, you can get the processor to find and load the files it needs only once, that would have a tremendous impact on booting time.

Service Pack 2 1 2 2007 23:22:47.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver pciide.sys
Loaded driver \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver uagp35.sys
Loaded driver Teefer.sys
Loaded driver Mup.sys
Did not load driver ACPI Uniprocessor PC
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Loaded driver \SystemRoot\System32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\System32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\System32\Drivers\GEARAspiWDM.sys
Did not load driver Realtek AC'97 Audio
Loaded driver \SystemRoot\System32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\System32\DRIVERS\usbehci.sys
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Loaded driver \SystemRoot\System32\DRIVERS\fdc.sys
Did not load driver Communications Port
Did not load driver Printer Port
Loaded driver \SystemRoot\System32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\System32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\kbdclass.sys
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Loaded driver \SystemRoot\System32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\System32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\update.sys
Loaded driver \SystemRoot\System32\DRIVERS\mssmbios.sys
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Loaded driver \SystemRoot\System32\DRIVERS\usbhub.sys
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Loaded driver \SystemRoot\System32\DRIVERS\flpydisk.sys
Loaded driver \SystemRoot\System32\Drivers\VETFDDNT.SYS
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Did not load driver VETEFILE.SYS
Did not load driver VET-REC.SYS
Did not load driver VET-FILT.SYS
Did not load driver VETMONNT.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\DRIVERS\AvgAsCln.sys
Loaded driver \SystemRoot\System32\drivers\vga.sys
Did not load driver mnmdd.SYS
Did not load driver RDPCDD.SYS
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Did not load driver RasAcd.SYS
Did not load driver IPSec.SYS
Did not load driver MPFIREWL.SYS
Did not load driver Tcpip.SYS
Did not load driver wpsdrvnt.SYS
Did not load driver NetBT.SYS
Did not load driver AFD.SYS
Did not load driver NetBIOS.SYS
Did not load driver Serial.SYS
Did not load driver AmdK7.SYS
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Did not load driver SiSkp.SYS
Did not load driver Rdbss.SYS
Did not load driver MRxSmb.SYS
Did not load driver Fips.SYS
Did not load driver AVG Anti-Spyware Driver.SYS
Did not load driver VETEBOOT.SYS
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver CanoScan LiDE 30/N1240U
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver CanoScan LiDE 30/N1240U
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Loaded driver \SystemRoot\System32\Drivers\Fastfat.SYS
Loaded driver \SystemRoot\System32\Drivers\Udfs.SYS
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver CanoScan LiDE 30/N1240U
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AFD.SYS
Did not load driver AFD.SYS
Did not load driver AFD.SYS
Did not load driver AFD.SYS
Service Pack 2 1 2 2007 23:54:30.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver pciide.sys
Loaded driver \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver uagp35.sys
Loaded driver Teefer.sys
Loaded driver Mup.sys
Did not load driver ACPI Uniprocessor PC
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Captur

Edited by ylselo, 17 January 2007 - 08:46 PM.


#30 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 17 January 2007 - 08:48 PM

This is the remaining of the ntbtlog:[u][color=#FF0000]

Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Loaded driver \SystemRoot\System32\DRIVERS\flpydisk.sys
Loaded driver \SystemRoot\System32\Drivers\VETFDDNT.SYS
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Did not load driver VETEFILE.SYS
Did not load driver VET-REC.SYS
Did not load driver VET-FILT.SYS
Did not load driver VETMONNT.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\DRIVERS\AvgAsCln.sys
Loaded driver \SystemRoot\System32\drivers\vga.sys
Did not load driver mnmdd.SYS
Did not load driver RDPCDD.SYS
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Did not load driver RasAcd.SYS
Did not load driver IPSec.SYS
Did not load driver MPFIREWL.SYS
Did not load driver Tcpip.SYS
Did not load driver wpsdrvnt.SYS
Did not load driver NetBT.SYS
Did not load driver AFD.SYS
Did not load driver NetBIOS.SYS
Did not load driver Serial.SYS
Did not load driver AmdK7.SYS
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Did not load driver SiSkp.SYS
Did not load driver Rdbss.SYS
Did not load driver MRxSmb.SYS
Did not load driver Fips.SYS
Did not load driver AVG Anti-Spyware Driver.SYS
Did not load driver VETEBOOT.SYS
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver CanoScan LiDE 30/N1240U
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Loaded driver \SystemRoot\System32\Drivers\Fastfat.SYS
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Did not load driver AMD K7 Processor
Did not load driver SiS 650/651/740/661FX/741/760 series
Did not load driver Realtek AC'97 Audio
Did not load driver CanoScan LiDE 30/N1240U
Did not load driver SiS 900-Based PCI Fast Ethernet Adapter
Did not load driver BCM V.92 56K Modem
Did not load driver Communications Port
Did not load driver Printer Port
Did not load driver Audio Codecs
Did not load driver Legacy Audio Drivers
Did not load driver Media Control Devices
Did not load driver Legacy Video Capture Devices
Did not load driver Video Codecs
Did not load driver WAN Miniport (L2TP)
Did not load driver WAN Miniport (IP)
Did not load driver WAN Miniport (PPPOE)
Did not load driver WAN Miniport (PPTP)
Did not load driver Packet Scheduler Miniport
Did not load driver Packet Scheduler Miniport
Did not load driver Direct Parallel
Service Pack 2 1 17 2007 20:57:02.500
Loaded driver \WINDOWS\system32\ntoskrnl.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\System32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver pciide.sys
Loaded driver \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver PartMgr.sys
Loaded driver VolSnap.sys
Loaded driver atapi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Loaded driver fltmgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver uagp35.sys
Loaded driver Teefer.sys
Loaded driver Mup.sys
Loaded driver \SystemRoot\System32\DRIVERS\amdk7.sys
Loaded driver \SystemRoot\system32\DRIVERS\sisgrp.sys
Loaded driver \SystemRoot\System32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\System32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\System32\Drivers\GEARAspiWDM.sys
Loaded driver \SystemRoot\system32\drivers\ALCXWDM.SYS
Loaded driver \SystemRoot\System32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\System32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\System32\DRIVERS\sisnic.sys
Loaded driver \SystemRoot\system32\DRIVERS\BCMSM.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\System32\DRIVERS\fdc.sys
Loaded driver \SystemRoot\System32\DRIVERS\serial.sys
Loaded driver \SystemRoot\System32\DRIVERS\serenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\parport.sys
Loaded driver \SystemRoot\System32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\System32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\System32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\System32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\System32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\System32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\System32\DRIVERS\psched.sys
Loaded driver \SystemRoot\System32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\System32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\System32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\System32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\System32\DRIVERS\update.sys
Loaded driver \SystemRoot\System32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\System32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\System32\DRIVERS\flpydisk.sys
Loaded driver \SystemRoot\System32\Drivers\VETFDDNT.SYS
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\DRIVERS\AvgAsCln.sys
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\System32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\System32\Drivers\MpFirewall.sys
Loaded driver \SystemRoot\System32\DRIVERS\tcpip.sys
Loaded driver \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \SystemRoot\System32\Drivers\VETEFILE.SYS
Loaded driver \SystemRoot\System32\Drivers\VET-REC.SYS
Loaded driver \SystemRoot\System32\Drivers\VET-FILT.SYS
Did not load driver \SystemRoot\System32\Drivers\VET-FILT.SYS
Loaded driver \SystemRoot\System32\Drivers\VETEBOOT.SYS
Loaded driver \SystemRoot\System32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\System32\DRIVERS\wanarp.sys
Did not load driver \SystemRoot\System32\Drivers\VETEFILE.SYS
Loaded driver \SystemRoot\System32\Drivers\VETMONNT.SYS
Loaded driver \SystemRoot\system32\DRIVERS\srvkp.sys
Loaded driver \SystemRoot\System32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbscan.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbccgp.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbprint.sys
Loaded driver \SystemRoot\System32\Drivers\BrUsbScn.sys
Loaded driver \SystemRoot\System32\Drivers\Brfilt.sys
Loaded driver \SystemRoot\system32\DRIVERS\mf.sys
Loaded driver \SystemRoot\System32\Drivers\BrUsbMdm.sys
Loaded driver \SystemRoot\System32\Drivers\BrSerWdm.sys
Loaded driver \SystemRoot\System32\Drivers\Fastfat.SYS
Loaded driver \SystemRoot\System32\Drivers\Udfs.SYS
Loaded driver \SystemRoot\System32\DRIVERS\ndisuio.sys
Loaded driver \SystemRoot\SYSTEM32\Drivers\wg3n.sys
Loaded driver \SystemRoot\SYSTEM32\Drivers\wg4n.sys
Loaded driver \SystemRoot\SYSTEM32\Drivers\wg5n.sys
Loaded driver \SystemRoot\SYSTEM32\Drivers\wg6n.sys
Did not load driver \SystemRoot\System32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\System32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\System32\DRIVERS\mrxdav.sys
Loaded driver \SystemRoot\System32\Drivers\ParVdm.SYS
Loaded driver \??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS
Loaded driver \SystemRoot\System32\DRIVERS\srv.sys
Loaded driver \??\C:\WINDOWS\system32\drivers\tmcomm.sys
Did not load driver \SystemRoot\System32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\drivers\wdmaud.sys
Loaded driver \SystemRoot\system32\drivers\sysaudio.sys
Loaded driver \SystemRoot\system32\drivers\splitter.sys
Loaded driver \SystemRoot\system32\drivers\aec.sys
Loaded driver \SystemRoot\system32\drivers\swmidi.sys
Loaded driver \SystemRoot\system32\drivers\DMusic.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\System32\Drivers\HTTP.sys

#31 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 17 January 2007 - 09:21 PM

The failure of those 19 items to load time after time seems to be part of the problem. I've asked for expert advice on any possible solution, and will post back when I have something.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#32 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 19 January 2007 - 04:13 AM

Go to Start > Run, and type eventvwr and hit Enter.

You should see errors associated under either Application or System. Click on each item that has an "X" in a red circle. Does that show what failed?

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#33 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 19 January 2007 - 05:09 PM

Go to Start > Run, and type eventvwr and hit Enter.

You should see errors associated under either Application or System. Click on each item that has an "X" in a red circle. Does that show what failed?


I went into Event viewer. I saw a lot errors under Application & System. When I went into each app's properties, I saw among others P2ktools.exe, Aim.exe, winword.exe, etc. Under System, it was mostly a bunch of bad sectors on the HD.
Now, what's next?

#34 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 20 January 2007 - 06:26 AM

Under System, it was mostly a bunch of bad sectors on the HD.

It appears that your hard drive is dying. I'd recommend backing up anything important (docs, pics, e-mail, favorites, data files from your installed programs) and purchasing and installing a new hard drive, and then reinstall windows. You don't need to backup program files, just backup your data. The programs can be reinstalled later. I would save your data to CD/DVD or an external device such as an external USB drive.

Before you reinstall Windows, disconnect your system from the Internet (pull the modem or LAN cable).

After you reinstall Windows:
  • Install your Antivirus.
  • Install your Firewall.
  • Reconnect to the Internet.
  • Update your AntiVirus.
  • Go to Windows Update and install SP2 and ALL critical updates.
  • After that, please post a new HijackThis log.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#35 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 20 January 2007 - 08:21 PM

[quote name='TheJoker' date='Jan 20 2007, 07:26 AM' post='509048']
[quote]Under System, it was mostly a bunch of bad sectors on the HD.[/quote]
It appears that your hard drive is dying.

What do you think if I defrag the HD first, then run Eventvwr again before I replace the HD?

#36 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 21 January 2007 - 07:33 AM

What do you think if I defrag the HD first, then run Eventvwr again before I replace the HD?

Unfortunately, that won't do anything to help solve the problem of the disk errors. Those aren't errors you can correct other than to replace the drive.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#37 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 22 January 2007 - 09:31 PM

The fact is that my current HD, a Maxtor 6L300R0 300Gig, is not even 2 years old yet. I used to have a 13 Gig Maxtor that failed too.
Chances are, I want to stay away from Maxtor. Now that you suggest that I replace the HD, which one do you recommend? One that could last longer?

#38 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 23 January 2007 - 12:13 AM

Seagate, Maxtor and Western Digital are all good drives, but you can't predict when any individual drive will fail. I have all three brands in my 2 systems, and would purchase any of them again. I would go with the size drive you need, and the best deal you find, either locally or mail order.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#39 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 27 January 2007 - 08:32 PM

I am getting a new drive. I would like to partition it. I want to devote a partition only for Windows and maybe 2 other partitions for my programs and data. What would you recommend in terms of procedure, size of the partitions? Any other important advices that you might think of are welcome.
Thank you

#40 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 28 January 2007 - 05:31 PM

Just figure out what size you want to make your windows partition, then then what you want to divide between your other parttitions. For instance, I have a 30GB Windows partition, but that's for both Windows, and my programs, and it's only half full (13GB used). Take Vista into consideration if you plan to upgrade, I'd expect it to be larger, requiring more room. If you have a disc partitioning utility like Partition Magic, you can always change the size later, but why not take that into consideration now and avoid that. If you have a program and a data partition, if you do lots of music, make the data partition larger, digital entertainment will take more and more room.

If you have a backup program, you should backup your data before starting the new Windows installation. You don't need to backup program files, just backup your data. The programs can be reinstalled later. I would save your data to CD/DVD or an external device such as an external USB drive.

There is an excellent set of instructions at the below link complete with screenshots of what to expect at each step.
http://www.michaelst...tall.html#steps

You should print out those instructions before proceeding.
Have the installation discs or a saved install file handy for your antivirus and firewall.
Disconnect from the Internet before proceeding with the installation (pull your connection cable).

When you get to step 10b, choose to delete the partition by pressing "D". You will then be prompted to create a new partition in the empty space. This will remove all data from the deleted space.

After you reinstall Windows:
  • Install your Antivirus.
  • Install your Firewall.
  • Reconnect to the Internet.
  • Update your AntiVirus.
  • Go to Windows Update and install SP2 and ALL critical updates.
  • After that, please post a new HijackThis log.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#41 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 01 February 2007 - 09:48 PM

It took me some time to get most of everything running. I got a new HD, installed it as per your instructions. My boot up time is now about 70 to 75 seconds. Almost everything is running fine, except that my DVD ROM doesn't play DVDs. Windows Media Player says that I have no codecs installed. I tried reloading the CD that came with my DVD ROM, it says "unqualified machine." Any help here? And also how do I install Windows XP Back up program. I am running the Home Edition.
Thank you

Here's my latest HJT:

Logfile of HijackThis v1.99.1
Scan saved at 10:39:00 PM, on 2/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
E:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SmcService] E:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - E:\Program Files\Sygate\SPF\smc.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

#42 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 02 February 2007 - 08:50 PM

Your HijackThis log looks fine :thumbsup:

Almost everything is running fine, except that my DVD ROM doesn't play DVDs. Windows Media Player says that I have no codecs installed. I tried reloading the CD that came with my DVD ROM, it says "unqualified machine."

You need a software based DVD player installed to play DVD's. It sounds like for some reason you can't install the software you have that you said came with your drive. Are you sure it's the correct CD, or did you change the drive at one point? Or the BIOS for the drive? It sounds like it's looking for the brand drive that it was licensed to, and changing/updating the drive's BIOS could have done that.

Try VideoLAN - VLC media player instead:
http://www.videolan.org/

It supports a large number of multimedia formats, without the need for additional codecs:
http://www.videolan....c/features.html

And also how do I install Windows XP Back up program. I am running the Home Edition.

The Backup utility is not included in the default installation of Windows XP Home Edition.
To manually install Backup:
  • Double-click the Ntbackup.msi file in the following location on the Windows XP Home Edition CD-ROM to start a wizard that installs Backup:
    CD-ROM Drive:\VALUEADD\MSFT\NTBACKUP\Ntbackup.msi
  • When the wizard is complete, click Finish.
Note: Automated System Recovery is not a supported feature in Windows XP Home Edition using Backup. I recommend purchasing a good backup program that supports system recovery.
There are two basic types of backup, a file based backup like Backup My PC from Roxio (review Here) or NovaBACKUP from NovaStor, or an image backup that images the partition as one large file like Norton Save & Restore, Acronis True Image 10 Home (review Here), or Image for Windows. I personally prefer an image based backup, and would recommend Acronis.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#43 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 02 February 2007 - 09:44 PM

You are brilliant! As of this minute, I am watching a movie after having downloaded VLC media player. However, I would like to use WMP also which at this I still cannot play.
I think you got it right when you said that: "It sounds like it's looking for the brand drive that it was licensed to". My previous HD only had two partitions C & D; but now, this one has 3. Right now, my DVD ROM is Drive H when it used to be E in my old configuration. How do I make the software see the DVD ROM in drive H?
I am going to review the suggested back up programs and let you know later of my choice.

#44 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 03 February 2007 - 07:39 AM

As of this minute, I am watching a movie after having downloaded VLC media player. However, I would like to use WMP also which at this I still cannot play.

Have you upgraded to WMP 11? That may fix that problem.

I think you got it right when you said that: "It sounds like it's looking for the brand drive that it was licensed to". My previous HD only had two partitions C & D; but now, this one has 3. Right now, my DVD ROM is Drive H when it used to be E in my old configuration. How do I make the software see the DVD ROM in drive H?

The drive letter that is assigned to the DVD drive, or the number of partitions shouldn't matter, the software is just looking for the right brand DVD drive that it was licensed to go with. If you haven't changed the drive, and you're sure you have the right CD, are you sure you never updated the BIOS (firmware) in the drive, for instance, to update the write strategies (particularly one from another drive OEM'd by the same manufacturer that had a more up-to-date strategy), or to remove region restrictions? If you have, you may not be able to install that software.

This page explains how to change drive letter assignments in Windows XP, but I don't think that will make a difference, You also need to be careful, and it's not something to be done unnecessarily.
http://support.microsoft.com/kb/307844

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#45 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 03 February 2007 - 10:23 PM

On my old HD, I had WMP 11, and I still could not play DVDs. I don't know if upgrading will make a difference.

You said

the software is just looking for the right brand DVD drive that it was licensed to go with. If you haven't changed the drive, and you're sure you have the right CD, are you sure you never updated the BIOS (firmware) in the drive, for instance, to update the write strategies (particularly one from another drive OEM'd by the same manufacturer that had a more up-to-date strategy), or to remove region restrictions?

I don't understand it all but I know never to mess around with the regions. I would appreciate further clarification about your statement above, please.
Thank you

#46 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 04 February 2007 - 01:25 PM

DVD drive manufacturers often update their firmware (BIOS) to include information to be able to correctly write to new or changed DVD brands. If you don't have a problem burning your current brand, it's not necessary to update the firmware. If you do update the firmware, and have a problem updating it, it's always possible that there might be no way to recover the drive short of replacing it (if it's not broke, don't fix it).

After updating to WMP 11 (if you decide to), you need to install a CODEC to play DVD's. You can get more information here:
http://www.microsoft...aspx#DVDDecoder

The software they list though is commercial software. You might want to try the free version of DivX:
http://www.divx.com/...indows/download

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#47 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 05 February 2007 - 07:00 PM

If I upgrade to WMP 11 and I don't like it, is there anyway I can revert back to the previous version beside using Restore?

#48 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,476 posts

Posted 06 February 2007 - 06:40 AM

You can either uninstall it, or roll it back to the previous version using System Restore:
http://www.microsoft...stallation.mspx

http://www.google.co...ninstall WMP 11

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#49 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 11 February 2007 - 08:01 PM

Hi,
I am posting this HJT because I am concerned that my PC may have been highjacked. My mouse is moving on my desktop by itself as if someone is controlling my PC. I breathed a little easier after I turned off my router and the mouse kept on moving. I have to admit that it had done that even with the old HD.
Also I stopped using Sygate Firewall and installed Kerio's; but I have the same problem that made switch: the firewall is preventing me from going to certain sites. I don't see where to adjust it. I even put those sites on my "trusted sites" to no avail.

Here's my HJT:
Logfile of HijackThis v1.99.1
Scan saved at 8:18:27 PM, on 2/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
E:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
E:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [PaperPort PTD] E:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] E:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink...xp/CheckDVD.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

#50 ylselo

ylselo

    Member

  • Full Member
  • Pip
  • 36 posts

Posted 11 February 2007 - 08:05 PM

Hi,
I am posting this HJT because I am concerned that my PC may have been highjacked. My mouse is moving on my desktop by itself as if someone is controlling my PC. I breathed a little easier after I turned off my router and the mouse kept on moving. I have to admit that it had done that even with the old HD.
Also I stopped using Sygate Firewall and installed Kerio's; but I have the same problem that made switch: the firewall is preventing me from going to certain sites. I don't see where to adjust it. I even put those sites on my "trusted sites" to no avail.

Here's my HJT:
Logfile of HijackThis v1.99.1
Scan saved at 8:18:27 PM, on 2/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
E:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
E:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [PaperPort PTD] E:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] E:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink...xp/CheckDVD.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE




Member of UNITE
Support SpywareInfo Forum - click the button