update.exe - Page 2

mightymax_81 · 03-04-2007, 03:21 AM

hi...

The logs for BitDefender and Comboscan are attached as .rar file as I cant post BitDefender log as html ;p

Anyway, there is still some glitches in my system.

When I run video file using media player, the indicator light shows that the harddisk is busy and it make the media player lag (video and audio are not in synch, either one will be lagging). I tested my system again by playing a game called Alien Shooter, the lag is also obvious. Its like my system is having a hard time processing even a simple task. Unlike before I can multi task without any lag.

Now I am even considering reformating my laptop using its recovery cd... exept i wont be having all the patches and updates for my windows since it's originaly SP1. I can always update it whenever I'm only.... what do you think??? :(

ComboScan v20070212.14 run by max on 2007-03-04 at 17:41:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.

-- HijackThis log (run as max.com) ----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 17:42:20, on 04/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
C:\Documents and Settings\max\Desktop\comboscan.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\max\LOCALS~1\Temp\~hgcnrog.tmp\max.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:1080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\CPLBCL53.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] "C:\PROGRA~1\SYMNET~1\SNDMon.exe" /Consumer
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] ; "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] ; "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] ; "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] ;
O4 - HKLM\..\Run: [NeroFilterCheck] ; C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] ; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Wallpaper Calendar.lnk = C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

3 3xHybrid (3xHybrid service) - system32\DRIVERS\3xHybrid.sys
0 ACPIEC (Microsoft Embedded Controller Driver) - System32\DRIVERS\ACPIEC.sys
3 AgereSoftModem (Agere Systems Soft Modem) - System32\DRIVERS\AGRSM.sys
3 ALCXWDM (Service for Realtek AC97 Audio (WDM)) - system32\drivers\ALCXWDM.SYS
3 ApfiltrService (Alps Pointing-device Filter Driver) - System32\DRIVERS\Apfiltr.sys
3 Arp1394 (1394 ARP Client Protocol) - System32\DRIVERS\arp1394.sys
1 AVG Anti-Spyware Driver - \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
1 AvgAsCln (AVG Anti-Spyware Clean Driver) - System32\DRIVERS\AvgAsCln.sys
3 BlueletAudio (Bluetooth Audio Service) - system32\DRIVERS\blueletaudio.sys
3 BT (Bluetooth PAN Network Adapter) - system32\DRIVERS\btnetdrv.sys
3 Btcsrusb (Bluetooth USB For Bluetooth Service) - System32\Drivers\btcusb.sys
3 BTDriver (Bluetooth Virtual Communications Driver) - system32\DRIVERS\btport.sys
3 BTHidEnum (Bluetooth HID Enumerator) - system32\DRIVERS\vbtenum.sys
0 BTHidMgr (Bluetooth HID Manager Service) - System32\Drivers\BTHidMgr.sys
3 BTNetFilter (Bluetooth Network Filter) - \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys
3 BTWDNDIS (Bluetooth LAN Access Server) - system32\DRIVERS\btwdndis.sys
3 BTWUSB (WIDCOMM USB Bluetooth Driver) - System32\Drivers\btwusb.sys
3 CCDECODE (Closed Caption Decoder) - system32\DRIVERS\CCDECODE.sys
4 cdawdm - system32\DRIVERS\CDAWDM.sys
3 DKbFltr (Dritek HotKey Keyboard Filter Driver) - System32\Drivers\DKbFltr.sys
0 fcdabus - system32\DRIVERS\fcdabus.sys
3 fsRamDsk (RamDisk Drive Service) - system32\DRIVERS\fsRamDsk.sys
0 FVXSCSI - system32\DRIVERS\fvxscsi.sys
3 gmer - System32\DRIVERS\gmer.sys
3 gv3 (Intel GV3 Processor Driver) - System32\DRIVERS\gv3.sys
3 HidUsb (Microsoft HID Class Driver) - System32\DRIVERS\hidusb.sys
3 ialm - System32\DRIVERS\ialmnt5.sys
1 intelppm (Intel Processor Driver) - System32\DRIVERS\intelppm.sys
2 irda (IrDA Protocol) - System32\DRIVERS\irda.sys
3 mouhid (Mouse HID Driver) - System32\DRIVERS\mouhid.sys
3 MPE (BDA MPE Filter) - system32\DRIVERS\MPE.sys
3 MSIRCOMM (Microsoft IR Communications Driver) - system32\DRIVERS\MSIRCOMM.sys
3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - system32\drivers\MSTEE.sys
3 NABTSFEC (NABTS/FEC VBI Codec) - system32\DRIVERS\NABTSFEC.sys
3 NAVENG - \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070302.052\NAVENG.Sys
3 NAVEX15 - \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070302.052\NavEx15.Sys
3 NdisIP (Microsoft TV/Video Connection) - system32\DRIVERS\NdisIP.sys
3 NIC1394 (1394 Net Driver) - System32\DRIVERS\nic1394.sys
3 nm (Network Monitor Driver) - system32\DRIVERS\NMnt.sys
3 NPF (WinPcap Packet Driver (NPF)) - system32\drivers\NPF.sys
3 NTIDrvr (Upper Class Filter Driver) - System32\DRIVERS\NTIDrvr.sys
2 NwlnkIpx (NWLink IPX/SPX/NetBIOS Compatible Transport Protocol) - system32\DRIVERS\nwlnkipx.sys
2 NwlnkNb (NWLink NetBIOS) - system32\DRIVERS\nwlnknb.sys
2 NwlnkSpx (NWLink SPX/SPXII Protocol) - system32\DRIVERS\nwlnkspx.sys
0 ohci1394 (VIA OHCI Compliant IEEE 1394 Host Controller) - System32\DRIVERS\ohci1394.sys
0 PCIIde - System32\DRIVERS\pciide.sys
0 Pcmcia - System32\DRIVERS\pcmcia.sys
3 pfc (Padus ASPI Shell) - system32\drivers\pfc.sys
0 PxHelp20 - System32\Drivers\PxHelp20.sys
3 Rasirda (WAN Miniport (IrDA)) - System32\DRIVERS\rasirda.sys
3 ROOTMODEM (Microsoft Legacy Modem Driver) - System32\Drivers\RootMdm.sys
3 rtl8139 (Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver) - System32\DRIVERS\R8139n51.SYS
3 SAVRT - \??\C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVRT.SYS
1 SAVRTPEL - \??\C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVRTPEL.SYS
0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - System32\drivers\sfdrv01.sys
0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - System32\drivers\sfhlp02.sys
3 Sfloppy (High-Capacity Floppy Disk Drive) - system32\DRIVERS\sfloppy.sys
0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - System32\drivers\sfsync02.sys
3 SLIP (BDA Slip De-Framer) - system32\DRIVERS\SLIP.sys
3 SMCIRDA (SMC IrCC Miniport Device Driver) - System32\DRIVERS\smcirda.sys
3 SONYPVU1 (Sony USB Filter Driver (SONYPVU1)) - system32\DRIVERS\SONYPVU1.SYS
1 SPBBCDrv - \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
0 sptd - System32\Drivers\sptd.sys
3 streamip (BDA IPSink) - system32\DRIVERS\StreamIP.sys
3 SYMDNS - \SystemRoot\System32\Drivers\SYMDNS.SYS
3 SymEvent - \??\C:\Program Files\Symantec\SYMEVENT.SYS
3 SYMFW - \SystemRoot\System32\Drivers\SYMFW.SYS
3 SYMIDS - \SystemRoot\System32\Drivers\SYMIDS.SYS
3 SYMIDSCO - \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20070302.001\symidsco.sys
2 symlcbrd - \??\C:\WINDOWS\system32\drivers\symlcbrd.sys
3 SYMNDIS - \SystemRoot\System32\Drivers\SYMNDIS.SYS
3 SYMREDRV - \SystemRoot\System32\Drivers\SYMREDRV.SYS
1 SYMTDI - \SystemRoot\System32\Drivers\SYMTDI.SYS
1 Tcpip6 (Microsoft IPv6 Protocol Driver) - system32\DRIVERS\tcpip6.sys
3 tunmp (Microsoft Tun Miniport Adapter Driver) - system32\DRIVERS\tunmp.sys
3 usb2vcom (USB to Serial Bridge Controller) - System32\Drivers\usb2vcom.sys
3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - System32\DRIVERS\usbehci.sys
3 usbprint (Microsoft USB PRINTER Class) - system32\DRIVERS\usbprint.sys
3 usbscan (USB Scanner Driver) - system32\DRIVERS\usbscan.sys
3 USBSTOR (USB Mass Storage Driver) - system32\DRIVERS\USBSTOR.SYS
3 VComm (Virtual Serial port driver) - system32\DRIVERS\VComm.sys
3 VcommMgr (Bluetooth VComm Manager Service) - System32\Drivers\VcommMgr.sys
3 w70n51 (Intel(R) PRO/Wireless 7100 Adapter Driver) - System32\DRIVERS\w70n51.sys
4 WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - \SystemRoot\System32\drivers\ws2ifsl.sys
3 WSTCODEC (World Standard Teletext Codec) - system32\DRIVERS\WSTCODEC.SYS
3 WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - system32\DRIVERS\WudfPf.sys
3 WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - system32\DRIVERS\wudfrd.sys
3 {6080A529-897E-4629-A488-ABA0C29B635E} (Intel(R) Graphics Platform (SoftBIOS) Driver) - system32\drivers\ialmsbw.sys
3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (Intel(R) Graphics Chipset (KCH) Driver) - system32\drivers\ialmkchw.sys
3 {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55} (AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011) - system32\drivers\wA301a.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

2 6to4 (IPv6 Helper Service) - %SystemRoot%\system32\svchost.exe -k netsvcs
3 Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
3 aspnet_state (ASP.NET State Service) - %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
2 Automatic LiveUpdate Scheduler - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
2 AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
2 ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
3 ccPwdSvc (Symantec Password Validation) - "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
2 ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
2 Fax - %systemroot%\system32\fxssvc.exe
2 Irmon (Infrared Monitor) - %SystemRoot%\System32\svchost.exe -k netsvcs
3 LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
2 MDM (Machine Debug Manager) - "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
2 navapsvc (Norton AntiVirus Auto-Protect Service) - "C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe"
2 NPFMntor (Norton AntiVirus Firewall Monitor Service) - "C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe"
3 ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
3 SAVScan - "C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe"
2 SBService (ScriptBlocking Service) - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
2 SNDSrvc (Symantec Network Drivers Service) - "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
2 SPBBCSvc (Symantec SPBBCSvc) - "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
2 Symantec Core LC - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
2 UxTuneUp (TuneUp Design Expansion) - %SystemRoot%\System32\svchost.exe -k netsvcs
3 WMPNetworkSvc (Windows Media Player Network Sharing Service) - C:\Program Files\Windows Media Player\WMPNetwk.exe
3 WudfSvc (Windows Driver Foundation - User-mode Driver Framework) - %SystemRoot%\system32\svchost.exe -k WudfServiceGroup

-- Scheduled Tasks --------------------------------------------------------------

2007-03-04 00:00:04 304 --a------ C:\WINDOWS\Tasks\Symantec Drmc.job<SYMANT~2.JOB>
2007-03-03 18:59:46 386 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job<1-CLIC~1.JOB>
2007-03-02 20:19:28 544 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - max.job<NORTON~2.JOB>
2007-02-26 12:00:06 288 --a------ C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job<NORTON~1.JOB>

-- Files created between 2007-02-04 and 2007-03-04 ------------------------------

2007-03-04 14:44:51 0 d-------- C:\WINDOWS\BDOSCAN8
2007-03-04 14:44:46 0 d-------- C:\WINDOWS\LastGood
2007-03-03 22:37:37 80 --a------ C:\WINDOWS\gmer_uninstall.cmd<GMER_U~1.CMD>
2007-02-28 12:08:50 0 d-------- C:\Program Files\Common Files\Java
2007-02-26 14:25:14 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1>
2007-02-25 12:08:33 0 d-------- C:\Program Files\Trend Micro<TRENDM~1>
2007-02-22 14:08:34 0 d-------- C:\Program Files\BitComet
2007-02-22 11:25:37 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-02-22 09:12:03 0 d-------- C:\Program Files\CCleaner
2007-02-22 09:05:12 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys<Unsigned: GRISOFT, s.r.o.>
2007-02-22 09:05:09 0 d-------- C:\Program Files\Grisoft
2007-02-22 09:01:54 0 d-------- C:\SDFix
2007-02-17 12:22:55 0 d-------- C:\Program Files\HijackThis<HIJACK~1>
2007-02-16 08:23:04 0 d-------- C:\Program Files\BillP Studios<BILLPS~1>
2007-02-14 13:32:05 0 d-------- C:\Documents and Settings\Administrator.MADMAX\Application Data\TuneUp Software<TUNEUP~1>
2007-02-14 11:53:45 0 d-------- C:\Documents and Settings\Administrator.MADMAX\Application Data\InterTrust<INTERT~1>
2007-02-14 11:53:44 786432 --a------ C:\Documents and Settings\Administrator.MADMAX\ntuser.dat
2007-02-14 11:03:49 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-08 14:18:27 135168 --a------ C:\WINDOWS\system32\igfxres.dll<Signed: Intel Corporation>
2007-02-08 11:36:44 0 d-------- C:\Program Files\Alien Shooter<ALIENS~1>
2007-02-08 11:36:29 0 d-------- C:\Program Files\ReflexiveArcade<REFLEX~1>
2007-02-07 15:35:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Google

-- Find3M Report ----------------------------------------------------------------

2007-02-22 14:08:48 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll<BITCOM~1.DLL><Unsigned: BitComet>
2007-02-02 07:27:28 0 d-------- C:\Program Files\ChrisTV
2007-01-30 17:31:50 0 d-------- C:\Program Files\TuneUp Utilities 2007<TUNEUP~1>
2007-01-29 13:10:40 646392 --a------ C:\WINDOWS\system32\drivers\sptd.sys<Unsigned: n/a>
2007-01-26 09:19:06 524288 --a------ C:\WINDOWS\system32\DivXsm.exe<Unsigned: DivX Inc.>
2007-01-26 09:19:04 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll<Unsigned: n/a>
2007-01-26 09:19:02 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe<Signed: Sonic Solutions>
2007-01-26 09:19:02 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe<Signed: Sonic Solutions>
2007-01-26 09:19:02 129784 -----n--- C:\WINDOWS\system32\pxafs.dll<Signed: Sonic Solutions>
2007-01-26 09:19:02 36624 -----n--- C:\WINDOWS\system32\drivers\PxHelp20.sys<Unsigned: Sonic Solutions>
2007-01-26 09:18:56 200704 --a------ C:\WINDOWS\system32\ssldivx.dll<Unsigned: The OpenSSL Project, http://www.openssl.org/>
2007-01-26 09:18:56 1044480 --a------ C:\WINDOWS\system32\libdivx.dll<Unsigned: The OpenSSL Project, http://www.openssl.org/>
2007-01-26 09:13:46 196608 --a------ C:\WINDOWS\system32\dtu100.dll<Unsigned: DivX, Inc.>
2007-01-26 09:13:46 57344 --a------ C:\WINDOWS\system32\dpv11.dll<Unsigned: DivXNetworks>
2007-01-26 09:13:46 344064 --a------ C:\WINDOWS\system32\dpus11.dll<Unsigned: DivXNetworks>
2007-01-26 09:13:46 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll<Unsigned: DivXNetworks>
2007-01-26 09:13:46 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll<Unsigned: DivXNetworks>
2007-01-26 09:13:46 294912 --a------ C:\WINDOWS\system32\dpu11.dll<Unsigned: DivXNetworks>
2007-01-26 09:13:46 294912 --a------ C:\WINDOWS\system32\dpu10.dll<Unsigned: DivXNetworks>
2007-01-26 09:13:46 73728 --a------ C:\WINDOWS\system32\dpl100.dll<Unsigned: DivX, Inc.>
2007-01-26 09:13:44 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll<DIVX_X~2.DLL><Unsigned: DivX, Inc.>
2007-01-26 09:13:42 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll<DIVX_X~3.DLL><Unsigned: DivX, Inc.>
2007-01-26 09:13:42 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll<DIVX_X~1.DLL><Unsigned: DivX, Inc.>
2007-01-19 15:33:50 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0>
2007-01-15 16:25:52 0 d-------- C:\Program Files\Registry Mechanic<REGIST~1>
2007-01-12 12:20:28 0 d-------- C:\Documents and Settings\max\Application Data\WinPatrol<WINPAT~1>
2007-01-09 17:58:22 0 d-------- C:\Program Files\F?nts
2007-01-08 12:18:24 0 d-------- C:\Program Files\TvInternet<TVINTE~1>
2007-01-08 12:18:24 0 d-------- C:\Program Files\Common Files\Nullsoft
2007-01-04 12:53:14 3047 --a------ C:\WINDOWS\mozver.dat
2007-01-04 11:23:24 0 d-------- C:\Documents and Settings\max\Application Data\DivX
2006-12-19 16:53:46 24072 --a------ C:\WINDOWS\system32\uxtuneup.dll<Signed: TuneUp Software GmbH>
2006-12-13 00:24:44 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll<DIVXWM~1.DLL><Unsigned: n/a>
2006-12-13 00:24:44 118784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE><Unsigned: DivX, Inc.>

-- Registry Dump ----------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
"MSMSGS"="; \"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Skype"="; \"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"LaunchApp"="Alaunch"
"SoundMan"="SOUNDMAN.EXE"
"AGRSMMSG"="AGRSMMSG.exe"
"Apoint"="\"C:\\Program Files\\Apoint2K\\Apoint.exe\""
"LManager"="C:\\PROGRA~1\\LAUNCH~1\\CPLBCL53.EXE"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"Symantec NetDriver Monitor"="\"C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe\" /Consumer"
"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
"igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
"QuickTime Task"="; \"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="; \"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"Acrobat Assistant 7.0"="; \"C:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\Acrotray.exe\""
"Easy-PrintToolBox"="; "
"NeroFilterCheck"="; C:\\WINDOWS\\system32\\NeroCheck.exe"
"TkBellExe"="; \"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
"backup"="C:\\WINDOWS\\pss\\Adobe Acrobat Speed Launcher.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\WINDOWS\\Installer\\{AC76BA86-1033-0000-7760-000000000002}\\SC_Acrobat.exe "
"item"="Adobe Acrobat Speed Launcher"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^max^Start Menu^Programs^Startup^Adobe Gamma.lnk]
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^max^Start Menu^Programs^Startup^Wallpaper Calendar.lnk]
"path"="C:\\Documents and Settings\\max\\Start Menu\\Programs\\Startup\\Wallpaper Calendar.lnk"
"backup"="C:\\WINDOWS\\pss\\Wallpaper Calendar.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\zepsoft\\WALLPA~1\\WallCal3.exe /delay 5"
"item"="Wallpaper Calendar"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Norton SystemWorks"="\"C:\\Program Files\\Norton SystemWorks\\cfgwiz.exe\" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"Norton SystemWorks"="\"C:\\Program Files\\Norton SystemWorks\\cfgwiz.exe\" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

HKLM\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b26c5070-4274-11db-b207-0004236ff40e}]
Shell\Auto\command BrO_AcT.exe
Shell\AutoRun\command BrO_AcT.exe
Shell\Explore\command BrO_AcT.exe
Shell\OPEN\command BrO_AcT.exe

-- End of ComboScan: finished at 2007-03-04 at 17:43:13 -------------------------

tetonbob · 03-04-2007, 10:08 AM

Did you run the registry fix I asked you to create and run? Did it say it had successfully merged?

Due to the level and nature of infection (worms and backdoor bots) you've had on this system, a restore might be in order. Back up any valued data before you do that, and have installers for AV and Firewall protection on hand before doing so. Put protection in place before connecting to the internet.

The other issues you're experiencing will not likely improve from further attempts at cleaning malware from the system.

You might want to ask for assistance with those issues in one of our other forums before restoring.

Part of your issues may stem from these data:

CPU 0: Intel(R) Pentium(R) M processor 1300MHz
Percentage of Memory in Use: 65%
Physical Memory (total/avail): 495.48 MiB / 172.81 MiB
Pagefile Memory (total/avail): 1158 MiB / 930.58 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1992.04 MiB

C: is Fixed (FAT32) - 18.16 GiB total, 0.44 GiB free.

You have 512MB RAM. For many games these days, that's not enough. For Windows XP, it's just enough, though MS will tell you it can run on much less.

You have less than the Windows XP required free space. Windows XP requires a minimum of 1.5GB free space.

http://support.microsoft.com/kb/314865

Answers to those other questions will be better asked in our Windows XP or Hardware support forums. The staff and members in those areas will be better able to assist you with that.

Let them know you've been here, and have been cleared of malware.

Stay away from P2P programs, as they can be doorways to infection. Bitdefender removed Kazaa files. You also have BitTorrent and BitComet installed.

03-04-2007, 10:08 AM	#22 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 26,452 OS: 2000 Pro; XP Pro; XP Home	Did you run the registry fix I asked you to create and run? Did it say it had successfully merged? Due to the level and nature of infection (worms and backdoor bots) you've had on this system, a restore might be in order. Back up any valued data before you do that, and have installers for AV and Firewall protection on hand before doing so. Put protection in place before connecting to the internet. The other issues you're experiencing will not likely improve from further attempts at cleaning malware from the system. You might want to ask for assistance with those issues in one of our other forums before restoring. Part of your issues may stem from these data: CPU 0: Intel(R) Pentium(R) M processor 1300MHz Percentage of Memory in Use: 65% Physical Memory (total/avail): 495.48 MiB / 172.81 MiB Pagefile Memory (total/avail): 1158 MiB / 930.58 MiB Virtual Memory (total/avail): 2047.88 MiB / 1992.04 MiB C: is Fixed (FAT32) - 18.16 GiB total, 0.44 GiB free. You have 512MB RAM. For many games these days, that's not enough. For Windows XP, it's just enough, though MS will tell you it can run on much less. You have less than the Windows XP required free space. Windows XP requires a minimum of 1.5GB free space. http://support.microsoft.com/kb/314865 Answers to those other questions will be better asked in our Windows XP or Hardware support forums. The staff and members in those areas will be better able to assist you with that. Let them know you've been here, and have been cleared of malware. Stay away from P2P programs, as they can be doorways to infection. Bitdefender removed Kazaa files. You also have BitTorrent and BitComet installed. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Please do not ask for help via Private Message.