Win Update not working and slow computer

gregjam · 05-13-2008, 07:45 AM

Until recently this computer has been used by various family members and as I am away for extended periods they have had administrator rights. The computer has been used as a games machine and also MSN and other chat sites. With a multi lingual family sites visited range worldwide with Thailand featuring heavily which has probably not helped.

AVG free has been running on the machine with infrequent running of spybot-search and destroy. Windows update was on automatic throughout. Since buying my youngest his own computer to fill with bugs I can finally get to use this desktop and have found it running very slowly, particularly on the internet. Recent attempts to use the windows update have failed with repeated attempts never getting to the actual download section. It keeps stalling and on occaision It has got just past the express/custom screen but no much farther. I also noted that when running spybot-search and destroy it only gets to122000 of more that 150000 and stops there.

Because of the kids using the computer and being away I have webwatcher installed which did not seem to affect performance earlier (is that part of the problem). I have recently deleted quite a few games including crysis, half life, command and conquer to free up space with no beneficial effect.

As per the guidelines attached is the extra.txt file and below the DSS main text

Deckard's System Scanner v20071014.68
Run by Dad on 2008-05-13 13:53:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
106: 2008-05-13 12:53:56 UTC - RP787 - Deckard's System Scanner Restore Point
105: 2008-05-12 20:37:34 UTC - RP786 - Installed Windows Internet Explorer 7.
104: 2008-05-12 20:37:20 UTC - RP785 - Installed Windows IDNMitigationAPIs.
103: 2008-05-12 20:36:52 UTC - RP784 - Installed Windows NLSDownlevelMapping.
102: 2008-05-12 20:36:11 UTC - RP783 - Installed Windows XP KB915865.

-- First Restore Point --
1: 2008-02-14 05:58:52 UTC - RP682 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Dad.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:09, on 13/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
c:\opt\MBCASE\WIS\TBCD\tbmux32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
C:\DOCUME~1\Dad\LOCALS~1\Temp\clclean.0001
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgcmgr.exe
C:\PROGRA~1\AVG\AVG8\avgscanx.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Dad\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Dad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=w...WXnC7340dVO9Y=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/de...=uk&l=en&s=gen
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by ntl:home
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0F910E45-A88D-4AAD-BE5D-3F5584727A9E} - C:\Program Files\Windows Media Player\tenoxanih.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
O4 - HKCU\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /M "Stylus CX3600" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1144833193668
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab47946.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-uk.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: ShellService - {8FB2D6CA-E258-48CF-9DAB-EEFB735E225C} - C:\WINDOWS\system32\config\atww\ShellService.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: konfig - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: license - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mcp - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TransBaseService - TransAction Software, D 81737 Munich - c:\opt\MBCASE\WIS\TBCD\tbmux32.exe

--
End of file - 13986 bytes

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 filesvc - c:\windows\system32\config\atww\filesvc.sys
R2 procdrv - c:\windows\system32\config\atww\procdrv.sys (file missing)
R2 regfil - c:\windows\system32\config\atww\regfil.sys
R3 NCHSSVAD (SoundTap Recorder) - c:\windows\system32\drivers\nchssvad.sys <Not Verified; NCH Swift Sound; NCH Swift Sound Virtual Audio Device>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>

S3 efipsk - c:\documents and settings\mum\local settings\temp\efipsk.sys
S3 FreshIO - c:\program files\freshdevices\freshdiagnose\freshio.sys
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
S3 ZSMC302 (VIMICRO USB PC Camera) - c:\windows\system32\drivers\usbvm31b.sys <Not Verified; VM; >

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8>
R2 TransBaseService - c:\opt\mbcase\wis\tbcd\tbmux32.exe <Not Verified; TransAction Software, D 81737 Munich; TransBase/CD DataBase System>
R3 Creative Labs Licensing Service - "c:\program files\common files\creative labs shared\service\creativelicensing.exe" <Not Verified; Creative Labs; Creative Labs Licensing Service>

S2 mcp - c:\opt\mbcase\pm\bin\mcp (file missing)
S3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" (file missing)
S3 konfig - c:\opt\mbcase\pm\bin\mcp (file missing)
S3 license - c:\opt\mbcase\pm\bin\mcp (file missing)

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Microsoft Loopback Adapter
Device ID: ROOT\NET\0000
Manufacturer: Microsoft
Name: Microsoft Loopback Adapter
PNP Device ID: ROOT\NET\0000
Service: msloop

-- Scheduled Tasks -------------------------------------------------------------

2008-05-13 13:12:05 250 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-05-13 09:01:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-05-12 21:11:27 418 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{09A9C601-5987-431B-9FA6-A9C7F42E43D6}.job
2008-05-09 18:30:00 356 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (GREGJAM-Geoffrey).job
2008-05-09 18:30:00 346 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (GREGJAM-Dad).job

-- Files created between 2008-04-13 and 2008-05-13 -----------------------------

2008-05-13 12:51:39 0 d-------- C:\Program Files\Zonedout
2008-05-13 12:49:52 0 d-------- C:\Documents and Settings\Dad\Application Data\WinRAR
2008-05-13 12:44:02 0 d-------- C:\Program Files\SpywareBlaster
2008-05-13 09:43:39 0 d-------- C:\WINDOWS\LastGood
2008-05-13 09:43:16 0 d-------- C:\Program Files\Panda Security
2008-05-13 08:57:39 0 d-------- C:\Program Files\Trend Micro
2008-05-12 13:15:34 691545 --a------ C:\WINDOWS\unins000.exe
2008-05-12 13:15:34 2540 --a------ C:\WINDOWS\unins000.dat
2008-05-08 20:29:24 0 d-------- C:\Documents and Settings\Dad\Application Data\Skype
2008-05-07 11:35:36 0 d-------- C:\Documents and Settings\JanKev\Application Data\AVGTOOLBAR
2008-05-05 21:16:11 0 d-------- C:\WINDOWS\nvidia icons
2008-05-05 21:15:54 0 d-------- C:\WINDOWS\NV34002064.TMP
2008-05-05 21:04:53 0 d-------- C:\NVIDIA
2008-05-04 17:38:40 0 d-------- C:\Documents and Settings\Mum\Application Data\teamspeak2
2008-05-04 17:38:23 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-05-04 17:35:04 0 d-------- C:\Documents and Settings\Mum\Application Data\AVGTOOLBAR
2008-05-02 19:45:06 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\AVGTOOLBAR
2008-05-02 16:45:53 0 d--h----- C:\$AVG8.VAULT$
2008-05-02 16:30:13 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-02 16:30:13 0 d-------- C:\Documents and Settings\Dad\Application Data\AVGTOOLBAR
2008-05-02 16:29:54 0 d-------- C:\Program Files\AVG
2008-05-02 16:29:54 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-01 16:23:21 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-27 13:36:07 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\Xfire
2008-04-27 13:17:28 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire
2008-04-27 13:13:57 0 d-------- C:\Documents and Settings\Mum\Application Data\Xfire
2008-04-27 13:13:54 0 d-------- C:\Program Files\Xfire
2008-04-20 19:44:59 0 d-------- C:\Documents and Settings\Mum\Application Data\skypePM
2008-04-20 19:43:35 0 d-------- C:\Documents and Settings\Mum\Application Data\Skype
2008-04-20 19:43:18 0 d-------- C:\Program Files\Skype
2008-04-20 19:43:18 0 d-------- C:\Program Files\Common Files\Skype
2008-04-18 20:20:49 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\skypePM
2008-04-18 20:20:49 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-04-18 20:17:58 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\Skype
2008-04-18 20:17:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-04-16 20:13:46 0 d-------- C:\Documents and Settings\Mum\Application Data\FUJIFILM

-- Find3M Report ---------------------------------------------------------------

2008-05-13 09:43:17 4272 --a------ C:\WINDOWS\mozver.dat
2008-05-12 13:35:26 0 d-------- C:\Program Files\Steam
2008-05-12 04:08:06 0 d-------- C:\Program Files\Electronic Arts
2008-05-12 03:50:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-12 03:37:24 0 d-------- C:\Program Files\NCH Swift Sound
2008-05-12 03:35:22 0 d-------- C:\Program Files\iPod
2008-05-02 18:09:42 0 d-------- C:\Program Files\GameSpy Arcade
2008-04-22 21:32:51 0 d-------- C:\Program Files\THQ
2008-04-20 19:43:18 0 d-------- C:\Program Files\Common Files
2008-04-16 20:13:45 0 d-------- C:\Program Files\FinePixViewer
2008-04-14 16:44:40 0 d-------- C:\Program Files\Movie Maker
2008-04-02 08:19:58 0 d-------- C:\Program Files\MSN Messenger
2008-04-02 08:19:57 0 d-------- C:\Program Files\Messenger Plus! Live
2008-03-31 07:05:21 0 d-------- C:\Documents and Settings\Dad\Application Data\Adobe
2008-03-29 08:56:44 0 d-------- C:\Program Files\Java
2008-03-24 19:52:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2008-03-24 19:52:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-03-24 19:52:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-03-24 19:52:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-03-24 19:52:00 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll
2008-03-24 19:52:00 1482752 --a------ C:\WINDOWS\system32\nview.dll
2008-03-24 19:52:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-03-24 19:52:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-03-24 19:52:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2008-03-12 22:04:11 215144 --a------ C:\WINDOWS\patchw32.dll
2008-03-12 16:55:51 4579 --a------ C:\WINDOWS\system32\EPPICResdb0000
2008-03-12 16:55:51 115 --a------ C:\WINDOWS\system32\EPPICResdb

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F910E45-A88D-4AAD-BE5D-3F5584727A9E}]
C:\Program Files\Windows Media Player\tenoxanih.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
02/05/2008 16:30 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [02/05/2008 16:30 2050816]

[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"SigmatelSysTrayApp"="stsystra.exe" [23/03/2005 00:20 C:\WINDOWS\stsystra.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [17/06/2005 07:56]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [05/08/2005 21:05]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [15/09/2005 09:47]
"MBMon"="CTMBHA.DLL" [19/05/2005 08:54 C:\WINDOWS\system32\CTMBHA.DLL]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [11/05/2000 01:00]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [10/06/2005 10:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/06/2005 10:44]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [08/09/2005 05:20]
"EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [04/03/2004 04:00]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/08/2004 05:00 C:\WINDOWS\system32\bthprops.cpl]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [04/02/2002 23:32]
"Logitech Utility"="Logi_MwX.Exe" [07/11/2003 10:50 C:\WINDOWS\LOGI_MWX.EXE]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [19/10/2007 21:16]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/11/2007 19:36]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [24/03/2008 19:52]
"nwiz"="nwiz.exe" [24/03/2008 19:52 C:\WINDOWS\system32\nwiz.exe]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [02/05/2008 16:29]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [24/03/2008 19:52]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [22/12/2004 17:40 C:\WINDOWS\MIDIDEF.EXE]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [02/12/2004 18:23]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 05:00]
"PowerBar"="" []
"gStart"="C:\Garmin\gStart.exe" []
"EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [04/03/2004 04:00]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 01:01:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8FB2D6CA-E258-48CF-9DAB-EEFB735E225C}"= C:\WINDOWS\system32\config\atww\ShellService.dll [15/10/2007 20:45 90240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BroadWaveRun]
"C:\Program Files\NCH Swift Sound\BroadWave\broadwave.exe" -logon

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart]
C:\Garmin\gStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
"C:\Program Files\lg_fwupdate\fwupdate.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoiceCenter]
"C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ

*Newly Created Service* - RKPAVPROC

-- End of Deckard's System Scanner: finished at 2008-05-13 13:58:03 ------------

I hope someone can be of help.

gregjam · 05-15-2008, 02:44 PM

Since the original post I have tried frequently to update without sucess until this evening. For some unknown reason it accessed the update site, completed the scan and has downloaded and installed both XP SP3 and the malicious software removal tool. I have no idea why this suddenly decided to work as in the intervening time I have done very little to the computer. All that did happen was to reduce the startup programmes, mainly updating programmes for nvidia, adobe etc. Perhaps there was a conflict there but I would still like someone to look and see if the information in the previous post gives any clue as to why I could not update until today.

I am much happier now it has updated but suspicious that there may be something lurking in the background ready to strike when I least expect it.

05-13-2008, 07:45 AM	#1 (permalink)
gregjam Registered User Join Date: May 2008 Posts: 2 OS: xp sp2	Win Update not working and slow computer Until recently this computer has been used by various family members and as I am away for extended periods they have had administrator rights. The computer has been used as a games machine and also MSN and other chat sites. With a multi lingual family sites visited range worldwide with Thailand featuring heavily which has probably not helped. AVG free has been running on the machine with infrequent running of spybot-search and destroy. Windows update was on automatic throughout. Since buying my youngest his own computer to fill with bugs I can finally get to use this desktop and have found it running very slowly, particularly on the internet. Recent attempts to use the windows update have failed with repeated attempts never getting to the actual download section. It keeps stalling and on occaision It has got just past the express/custom screen but no much farther. I also noted that when running spybot-search and destroy it only gets to122000 of more that 150000 and stops there. Because of the kids using the computer and being away I have webwatcher installed which did not seem to affect performance earlier (is that part of the problem). I have recently deleted quite a few games including crysis, half life, command and conquer to free up space with no beneficial effect. As per the guidelines attached is the extra.txt file and below the DSS main text Deckard's System Scanner v20071014.68 Run by Dad on 2008-05-13 13:53:40 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 106: 2008-05-13 12:53:56 UTC - RP787 - Deckard's System Scanner Restore Point 105: 2008-05-12 20:37:34 UTC - RP786 - Installed Windows Internet Explorer 7. 104: 2008-05-12 20:37:20 UTC - RP785 - Installed Windows IDNMitigationAPIs. 103: 2008-05-12 20:36:52 UTC - RP784 - Installed Windows NLSDownlevelMapping. 102: 2008-05-12 20:36:11 UTC - RP783 - Installed Windows XP KB915865. -- First Restore Point -- 1: 2008-02-14 05:58:52 UTC - RP682 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Dad.exe) ------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:57:09, on 13/05/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\bgsvcgen.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe c:\opt\MBCASE\WIS\TBCD\tbmux32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\stsystra.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE C:\DOCUME~1\Dad\LOCALS~1\Temp\clclean.0001 C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVG\AVG8\avgcmgr.exe C:\PROGRA~1\AVG\AVG8\avgscanx.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Documents and Settings\Dad\Desktop\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\Dad.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=w...WXnC7340dVO9Y= R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/de...=uk&l=en&s=gen R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by ntl:home R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0F910E45-A88D-4AAD-BE5D-3F5584727A9E} - C:\Program Files\Windows Media Player\tenoxanih.dll (file missing) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe O4 - HKCU\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /M "Stylus CX3600" /EF "HKCU" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1144833193668 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab47946.cab O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-uk.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: ShellService - {8FB2D6CA-E258-48CF-9DAB-EEFB735E225C} - C:\WINDOWS\system32\config\atww\ShellService.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: konfig - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing) O23 - Service: license - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: mcp - Unknown owner - c:\opt\MBCASE\pm\bin\mcp (file missing) O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: TransBaseService - TransAction Software, D 81737 Munich - c:\opt\MBCASE\WIS\TBCD\tbmux32.exe -- End of file - 13986 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD> R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver> R2 filesvc - c:\windows\system32\config\atww\filesvc.sys R2 procdrv - c:\windows\system32\config\atww\procdrv.sys (file missing) R2 regfil - c:\windows\system32\config\atww\regfil.sys R3 NCHSSVAD (SoundTap Recorder) - c:\windows\system32\drivers\nchssvad.sys <Not Verified; NCH Swift Sound; NCH Swift Sound Virtual Audio Device> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> S3 efipsk - c:\documents and settings\mum\local settings\temp\efipsk.sys S3 FreshIO - c:\program files\freshdevices\freshdiagnose\freshio.sys S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing) S3 ZSMC302 (VIMICRO USB PC Camera) - c:\windows\system32\drivers\usbvm31b.sys <Not Verified; VM; > -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service> R2 bgsvcgen (B's Recorder GOLD Library General Service) - c:\windows\system32\bgsvcgen.exe <Not Verified; B.H.A Corporation; B's Recorder GOLD8> R2 TransBaseService - c:\opt\mbcase\wis\tbcd\tbmux32.exe <Not Verified; TransAction Software, D 81737 Munich; TransBase/CD DataBase System> R3 Creative Labs Licensing Service - "c:\program files\common files\creative labs shared\service\creativelicensing.exe" <Not Verified; Creative Labs; Creative Labs Licensing Service> S2 mcp - c:\opt\mbcase\pm\bin\mcp (file missing) S3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" (file missing) S3 konfig - c:\opt\mbcase\pm\bin\mcp (file missing) S3 license - c:\opt\mbcase\pm\bin\mcp (file missing) -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Microsoft Loopback Adapter Device ID: ROOT\NET\0000 Manufacturer: Microsoft Name: Microsoft Loopback Adapter PNP Device ID: ROOT\NET\0000 Service: msloop -- Scheduled Tasks ------------------------------------------------------------- 2008-05-13 13:12:05 250 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job 2008-05-13 09:01:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2008-05-12 21:11:27 418 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{09A9C601-5987-431B-9FA6-A9C7F42E43D6}.job 2008-05-09 18:30:00 356 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (GREGJAM-Geoffrey).job 2008-05-09 18:30:00 346 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (GREGJAM-Dad).job -- Files created between 2008-04-13 and 2008-05-13 ----------------------------- 2008-05-13 12:51:39 0 d-------- C:\Program Files\Zonedout 2008-05-13 12:49:52 0 d-------- C:\Documents and Settings\Dad\Application Data\WinRAR 2008-05-13 12:44:02 0 d-------- C:\Program Files\SpywareBlaster 2008-05-13 09:43:39 0 d-------- C:\WINDOWS\LastGood 2008-05-13 09:43:16 0 d-------- C:\Program Files\Panda Security 2008-05-13 08:57:39 0 d-------- C:\Program Files\Trend Micro 2008-05-12 13:15:34 691545 --a------ C:\WINDOWS\unins000.exe 2008-05-12 13:15:34 2540 --a------ C:\WINDOWS\unins000.dat 2008-05-08 20:29:24 0 d-------- C:\Documents and Settings\Dad\Application Data\Skype 2008-05-07 11:35:36 0 d-------- C:\Documents and Settings\JanKev\Application Data\AVGTOOLBAR 2008-05-05 21:16:11 0 d-------- C:\WINDOWS\nvidia icons 2008-05-05 21:15:54 0 d-------- C:\WINDOWS\NV34002064.TMP 2008-05-05 21:04:53 0 d-------- C:\NVIDIA 2008-05-04 17:38:40 0 d-------- C:\Documents and Settings\Mum\Application Data\teamspeak2 2008-05-04 17:38:23 0 d-------- C:\Program Files\Teamspeak2_RC2 2008-05-04 17:35:04 0 d-------- C:\Documents and Settings\Mum\Application Data\AVGTOOLBAR 2008-05-02 19:45:06 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\AVGTOOLBAR 2008-05-02 16:45:53 0 d--h----- C:\$AVG8.VAULT$ 2008-05-02 16:30:13 0 d-------- C:\WINDOWS\system32\drivers\Avg 2008-05-02 16:30:13 0 d-------- C:\Documents and Settings\Dad\Application Data\AVGTOOLBAR 2008-05-02 16:29:54 0 d-------- C:\Program Files\AVG 2008-05-02 16:29:54 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-05-01 16:23:21 0 d-------- C:\Program Files\Microsoft Silverlight 2008-04-27 13:36:07 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\Xfire 2008-04-27 13:17:28 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire 2008-04-27 13:13:57 0 d-------- C:\Documents and Settings\Mum\Application Data\Xfire 2008-04-27 13:13:54 0 d-------- C:\Program Files\Xfire 2008-04-20 19:44:59 0 d-------- C:\Documents and Settings\Mum\Application Data\skypePM 2008-04-20 19:43:35 0 d-------- C:\Documents and Settings\Mum\Application Data\Skype 2008-04-20 19:43:18 0 d-------- C:\Program Files\Skype 2008-04-20 19:43:18 0 d-------- C:\Program Files\Common Files\Skype 2008-04-18 20:20:49 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\skypePM 2008-04-18 20:20:49 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-04-18 20:17:58 0 d-------- C:\Documents and Settings\Geoffrey\Application Data\Skype 2008-04-18 20:17:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-04-16 20:13:46 0 d-------- C:\Documents and Settings\Mum\Application Data\FUJIFILM -- Find3M Report --------------------------------------------------------------- 2008-05-13 09:43:17 4272 --a------ C:\WINDOWS\mozver.dat 2008-05-12 13:35:26 0 d-------- C:\Program Files\Steam 2008-05-12 04:08:06 0 d-------- C:\Program Files\Electronic Arts 2008-05-12 03:50:24 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-05-12 03:37:24 0 d-------- C:\Program Files\NCH Swift Sound 2008-05-12 03:35:22 0 d-------- C:\Program Files\iPod 2008-05-02 18:09:42 0 d-------- C:\Program Files\GameSpy Arcade 2008-04-22 21:32:51 0 d-------- C:\Program Files\THQ 2008-04-20 19:43:18 0 d-------- C:\Program Files\Common Files 2008-04-16 20:13:45 0 d-------- C:\Program Files\FinePixViewer 2008-04-14 16:44:40 0 d-------- C:\Program Files\Movie Maker 2008-04-02 08:19:58 0 d-------- C:\Program Files\MSN Messenger 2008-04-02 08:19:57 0 d-------- C:\Program Files\Messenger Plus! Live 2008-03-31 07:05:21 0 d-------- C:\Documents and Settings\Dad\Application Data\Adobe 2008-03-29 08:56:44 0 d-------- C:\Program Files\Java 2008-03-24 19:52:00 1626112 --a------ C:\WINDOWS\system32\nwiz.exe 2008-03-24 19:52:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll 2008-03-24 19:52:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll 2008-03-24 19:52:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll 2008-03-24 19:52:00 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll 2008-03-24 19:52:00 1482752 --a------ C:\WINDOWS\system32\nview.dll 2008-03-24 19:52:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe 2008-03-24 19:52:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe 2008-03-24 19:52:00 425984 --a------ C:\WINDOWS\system32\keystone.exe 2008-03-12 22:04:11 215144 --a------ C:\WINDOWS\patchw32.dll 2008-03-12 16:55:51 4579 --a------ C:\WINDOWS\system32\EPPICResdb0000 2008-03-12 16:55:51 115 --a------ C:\WINDOWS\system32\EPPICResdb -- Registry Dump --------------------------------------------------------------- Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F910E45-A88D-4AAD-BE5D-3F5584727A9E}] C:\Program Files\Windows Media Player\tenoxanih.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] 02/05/2008 16:30 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [02/05/2008 16:30 2050816] [-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}] [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25] "SigmatelSysTrayApp"="stsystra.exe" [23/03/2005 00:20 C:\WINDOWS\stsystra.exe] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [17/06/2005 07:56] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [05/08/2005 21:05] "CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [15/09/2005 09:47] "MBMon"="CTMBHA.DLL" [19/05/2005 08:54 C:\WINDOWS\system32\CTMBHA.DLL] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [11/05/2000 01:00] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [10/06/2005 10:44] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/06/2005 10:44] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [08/09/2005 05:20] "EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [04/03/2004 04:00] "BluetoothAuthenticationAgent"="bthprops.cpl" [04/08/2004 05:00 C:\WINDOWS\system32\bthprops.cpl] "REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [04/02/2002 23:32] "Logitech Utility"="Logi_MwX.Exe" [07/11/2003 10:50 C:\WINDOWS\LOGI_MWX.EXE] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [19/10/2007 21:16] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/11/2007 19:36] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [24/03/2008 19:52] "nwiz"="nwiz.exe" [24/03/2008 19:52 C:\WINDOWS\system32\nwiz.exe] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [02/05/2008 16:29] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [24/03/2008 19:52] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetDefaultMIDI"="MIDIDef.exe" [22/12/2004 17:40 C:\WINDOWS\MIDIDEF.EXE] "Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [02/12/2004 18:23] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 05:00] "PowerBar"="" [] "gStart"="C:\Garmin\gStart.exe" [] "EPSON Stylus CX3600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe" [04/03/2004 04:00] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "RunNarrator"=Narrator.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 01:01:04] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8FB2D6CA-E258-48CF-9DAB-EEFB735E225C}"= C:\WINDOWS\system32\config\atww\ShellService.dll [15/10/2007 20:45 90240] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BroadWaveRun] "C:\Program Files\NCH Swift Sound\BroadWave\broadwave.exe" -logon [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gStart] C:\Garmin\gStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs BthServ Newly Created Service - RKPAVPROC -- End of Deckard's System Scanner: finished at 2008-05-13 13:58:03 ------------ I hope someone can be of help.

05-15-2008, 02:44 PM	#2 (permalink)
gregjam Registered User Join Date: May 2008 Posts: 2 OS: xp sp2	Has now updated !!! Since the original post I have tried frequently to update without sucess until this evening. For some unknown reason it accessed the update site, completed the scan and has downloaded and installed both XP SP3 and the malicious software removal tool. I have no idea why this suddenly decided to work as in the intervening time I have done very little to the computer. All that did happen was to reduce the startup programmes, mainly updating programmes for nvidia, adobe etc. Perhaps there was a conflict there but I would still like someone to look and see if the information in the previous post gives any clue as to why I could not update until today. I am much happier now it has updated but suspicious that there may be something lurking in the background ready to strike when I least expect it.