Doctor Inferno sent me for a check

View previous topic View next topic Go down

Solved Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 8:41 pm

As the toplic implies, Doc sent me to get a check up.

Here is a quick breakdown: The larger issue is that my computer has been freezing (permanent freeze so I have to manually shut off my comp) usually during applications such as games, ventrilo (teamspeak software), even installation of software, somtimes during scans, and sometimes just browsing the net. I also mentioned my antivirus software (Trend Micro PC-cillin Internet Security 14) wont open up due to an error. The message I receive is as follows:
"No network device was found, or there is a conflict with existing antivirus or security software. Only the Virus Scan, Spyware Scan, and Security Check functions will be available. To enable full product functionality, uninstall conflicting software or connect to a network, and then restart the program. Consult the Online Help > Problem Solving section for instructions"
*I press OK*
Error: "Unable to read the configuration. Restart your computer and try again. If the issue persists, consult Online Help > Problem Solving section for instructions. (error=7413-244, hr=0x80070422)
*Menu Screen shows up but then shuts down and I am not able to use any funcitons*

I don't want to uninstall yet because I haven't figured out where to get the software since it came with the computer. I did search their site and saw what version I had but saw no download link to reinstall.

Anyways, here's my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:26:33 PM, on 4/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jason\Desktop\hijackgpthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
O1 - Hosts: 216.100.189.135 beta.archaic-requiem.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Extender Resource Monitor.lnk = C:\WINDOWS\ehome\RMSysTry.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168894355390
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://keycrypt.levelupgames.co.in/nProtect/keycrypt/npkcx.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.4.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

--
End of file - 6828 bytes

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Belahzur on 8th April 2009, 8:59 pm

The "conlfiction" could be because Windows Defender is already on this machine.
Try using a different AV rather than Trend Micro, Avira for example.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 9:06 pm

Are you asking me to try the free version to see if it works (and report back) or letting me know that I should probably purchase different software?

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Belahzur on 8th April 2009, 9:10 pm

"or there is a conflict with existing antivirus or security software"

Some antivirus companies (like Kaspersky) make their AV so it won't install if there is another AV already installed. I'm aware Kaspersky does have some problems installing because the last AV present left a few registry keys behind.

I think that is what's up with Trend Micro here, it's detected presence of another AV, or atleast a few dead registry keys from the AV you had before installing Trend Micro.

I'm just wondering if it's detecting Windows Defender because I can see that is installed.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 9:32 pm

Well let me put it this way, Trend Micro came installed on my computer and I have subscribed to the paid version on occasion. I've had this computer for about 3-4 years now and have never had problems. I have also never installed any other Anti-virus software on it either. And I think, I'm no positive, I used Trend Micro after the update that came with Windows Defender. Could I unistall Windows Defender and see what happens?

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Belahzur on 8th April 2009, 9:39 pm

Yes, uninstall it and see what happens.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 9:44 pm

Uninstalled Windows Defender and ran Trend Micro software. I got the same two messages and no functionality still.

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Belahzur on 8th April 2009, 9:52 pm

Download the Registry Search Tool from HERE

Unzip to your Desktop and double click on regsrch.vbs
(if you have script protection, please allow this to run)

In the dialog that opens, enter the following:
Windows Defender

Press 'OK'

The search will run for a while then alert you when it is finished.
Press 'OK' and copy the contents of the WordPad window and post in this thread.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 9:57 pm

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "Windows Defender" 4/8/2009 2:56:50 PM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]
"command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDEFEND\0000]
"DeviceDesc"="Windows Defender"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\WinDefendRtp]
"EventMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\WinDefendRtp]
"ParameterMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\WinDefend]
"EventMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\WinDefend]
"ParameterMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDefend]
"DisplayName"="Windows Defender"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_WINDEFEND\0000]
"DeviceDesc"="Windows Defender"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Eventlog\Application\WinDefendRtp]
"EventMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Eventlog\Application\WinDefendRtp]
"ParameterMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Eventlog\System\WinDefend]
"EventMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Eventlog\System\WinDefend]
"ParameterMessageFile"="C:\\Program Files\\Windows Defender\\MpEvMsg.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinDefend]
"DisplayName"="Windows Defender"

[HKEY_USERS\S-1-5-21-2455655975-3604607410-2749139773-1005\Software\Microsoft\Search Assistant\ACMru\5604]
"001"="Windows Defender"

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Belahzur on 8th April 2009, 10:04 pm

Try this.

  • Now open a new notepad file.
  • Input this into the notepad file:

    Windows Registry Editor Version 5.00

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDEFEND]

  • Save this as fix.reg, save it to your desktop.
  • Double click fix.reg to run it.
  • Select yes to the registry merge prompt.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 10:18 pm

Okay, I followed your instructions. I also ran trend micro too if that was the next step, it still had the same problem. Did I need to restart my computer?

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Belahzur on 8th April 2009, 10:24 pm

Not usually.
Before I pass this off as not a malware problem and pass it onto Doc to figure out, lets have a look around.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    Link 1
    Link 2
  • Double click DDS.scr to run
  • When complete, DDS.txt will open.
  • Save the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 10:27 pm

Roger!

DDS (Ver_09-03-16.01) - NTFSx86
Run by Jason at 15:25:50.78 on Wed 04/08/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1512 [GMT -7:00]

AV: PC-cillin Internet Security - Virus Protection *On-access scanning enabled* (Outdated)
FW: PC-cillin Internet Security - Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jason\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - No File
uRun: [OE_OEM] "c:\program files\trend micro\internet security 14\tmas_oe\TMAS_OEMon.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [pccguide.exe] "c:\program files\trend micro\internet security 14\pccguide.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\extend~1.lnk - c:\windows\ehome\RMSysTry.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hposol08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168894355390
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - hxxp://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - hxxps://keycrypt.levelupgames.co.in/nProtect/keycrypt/npkcx.cab
DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.3.4.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jason\applic~1\mozilla\firefox\profiles\k0ak7vt5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 96256]
R2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\trendm~1\intern~1\Tmntsrv.exe [2006-9-18 345696]
R2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~1\TmPfw.exe [2006-8-29 923216]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2006-9-11 36368]
R2 tmproxy;Trend Micro Proxy Service;c:\progra~1\trendm~1\intern~1\tmproxy.exe [2006-8-29 566872]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2006-8-29 280392]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2007-2-7 194304]

=============== Created Last 30 ================

2009-04-06 00:52 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-04-04 16:36 --d----- c:\program files\Norton Security Scan
2009-04-04 14:13 --d----- c:\windows\NV8043724.TMP
2009-04-04 14:05 --d----- c:\windows\system32\AGEIA
2009-04-04 14:05 --d----- c:\windows\NV40923700.TMP
2009-03-28 15:29 1,493,528 a------- c:\windows\system32\D3DCompiler_39.dll
2009-03-28 15:29 467,984 a------- c:\windows\system32\d3dx10_39.dll
2009-03-28 15:29 3,851,784 a------- c:\windows\system32\D3DX9_39.dll
2009-03-28 15:29 --d----- c:\windows\Logs
2009-03-28 15:29 --d----- c:\docume~1\alluse~1\applic~1\PassMark
2009-03-28 15:29 --d----- c:\program files\PerformanceTest
2009-03-27 10:03 1,253,376 a------- c:\windows\system32\NvPVEnc.ax
2009-03-27 10:03 401,408 a------- c:\windows\system32\nvcuvid.dll
2009-03-19 17:51 -cd----- c:\docume~1\alluse~1\applic~1\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-03-15 13:53 494 a------- C:\hpfr5550.xml
2009-03-11 13:33 4,128 a------- C:\INFCACHE.1

==================== Find3M ====================

2009-03-27 08:14 453,152 a------- c:\windows\system32\NVUNINST.EXE
2009-03-26 20:53 68,376 a------- c:\windows\War3Unin.dat
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-09 04:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 04:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-01-21 20:13 57,808 a------- c:\docume~1\jason\applic~1\GDIPFONTCACHEV1.DAT
2009-01-16 22:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2009-01-16 18:24 70,936 a------- c:\windows\system32\PhysXLoader.dll
2008-08-19 21:19 22,328 a------- c:\docume~1\jason\applic~1\PnkBstrK.sys
2008-09-04 14:53 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090420080905\index.dat

============= FINISH: 15:26:31.37 ===============

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 10:28 pm

On a sidenote, I did disable some services a while back with MSconfig, but I checked them again and I made sure any related to the AV software were enabled (and they were).

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Belahzur on 8th April 2009, 11:00 pm

DDS can see the AV, but it's just not updated.
Does it not allow you to update the AV?


@RealBelahzur - [Prework] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 8th April 2009, 11:22 pm

If I try to open the sofware it won't go into the menu, I can't do anything with it. On their site, my account just shows what software I have but I can't redownload it from what I've seen.

Edit: I found the disc that came with the computer, so maybe i can reinstall it and update it again.

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 9th April 2009, 12:24 am

So I uninstalled the AV software but before reinstalling it I'm going to see if my compy will still freeze, but I cant test it until later, so I will get back to you on the results.

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 9th April 2009, 4:58 am

Okay for awhile my computer didn't freeze but then it eventually did =(. So I started it back up and started to install the AV software, it was almost finished and then i got BSOD (which has happened often since the freezing problem). Near the top it said Driver_IRQL_Not_Less_Or_Equal.

I started the computer back up, but it couldnt connect to the internet. So I decided i was going to uninstall the AV software again but it wouldn't let me because "This action is only valid for products that are currently installed." I still get a different error message instead when opening it up, but now I can actually go into the menu.

I had to turn off my computer about 2-3 more times before the internet was working for my computer (it was on cause my xbox was connected).

So yeah....weird. Compy still freezes.

Edit: not sure if the AV software got a complete install cause it froze near the end, and now I can't uninstall it from control panel.

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Doctor Inferno on 9th April 2009, 10:27 am

I need the error code of the BSOD.


Please be a GeekPolice fan on Facebook!



Have we helped you? Help us! | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Posts Posts : 11976
Joined Joined : 2007-12-26
Gender Gender : Male
OS OS : Windows 7 Home Premium and Ultimate X64
Protection Protection : Kaspersky PURE and Malwarebytes' Anti-Malware
Points Points : 104630
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 10th April 2009, 2:52 am

IS there any way I can find out the error code? Like, is there a folder that keeps Crash logs?

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 10th April 2009, 9:58 pm

Downloaded Speedfan to check temps. Only running my browser, my GPU is 67C, Core 67C, Ambient 54C. Now when i run an emulator (example), the temps do not change at all. But my comp will still freeze. So I don't think its temp.

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Doctor Inferno sent me for a check

Post by Jmor on 19th April 2009, 8:08 am

Did a clean install (unfortunately) but it fixed it Smile . This problem is done, you can mark topic as solved. Thanks for your support.

Jmor
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-01-14
OS OS : Windows XP SP3
Points Points : 28976
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum