bdss.exe causing havok!! My System is slowed to a crawl! Please Help

HI everyone! I cannot seem to figure out what is going on with my computer, Ive run Ad-Aware and Bitdefender and still my computer is going extremely slow. SVCHost at times is taking up 80,000k to 95,000k also at times 80-90% of my cpu. Could some one please help me straighten this all out?
Sincerley, Chris


Ad-Aware SE Build 1.06r1
Logfile Created on:Sunday, January 07, 2007 2:39:40 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R142 02.01.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):28 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


1-7-2007 2:39:40 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\gyyhhh\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\clip organizer\search\last query
Description : last query in microsoft clip organizer


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\common\open find\microsoft powerpoint\settings\insert picture\file name mru
Description : list of recent pictured inserted in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\common\open find\microsoft powerpoint\settings\save as\file name mru
Description : list of recent documents saved by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\10.0\powerpoint\recentfolderlist
Description : list of recent folders used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\11.0\common\general
Description : list of recently used symbols in microsoft office


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\11.0\common\open find\microsoft office powerpoint\settings\save as\file name mru
Description : list of recent documents saved by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\office\11.0\powerpoint\recentfolderlist
Description : list of recent folders used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1794217661-723718970-2336388479-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 704
ThreadCreationTime : 1-7-2007 7:51:59 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 768
ThreadCreationTime : 1-7-2007 7:52:03 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 796
ThreadCreationTime : 1-7-2007 7:52:06 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 840
ThreadCreationTime : 1-7-2007 7:52:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 852
ThreadCreationTime : 1-7-2007 7:52:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1020
ThreadCreationTime : 1-7-2007 7:52:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1124
ThreadCreationTime : 1-7-2007 7:52:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1212
ThreadCreationTime : 1-7-2007 7:52:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1304
ThreadCreationTime : 1-7-2007 7:52:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1404
ThreadCreationTime : 1-7-2007 7:52:15 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [ngvpnmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1416
ThreadCreationTime : 1-7-2007 7:52:16 PM
BasePriority : Normal
FileVersion : 8.70.447
ProductVersion : 8.70.447
ProductName : Aventail(R) Connect(TM) with Smart Tunneling(TM)
CompanyName : Aventail Corporation
FileDescription : VPN Tunnel Manager
InternalName : ngvpnmgr.exe
LegalCopyright : Copyright 1996-2006 Aventail Corporation
LegalTrademarks : Aventail(R) is a Trademark of Aventail Corporation
OriginalFilename : ngvpnmgr.exe

#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1584
ThreadCreationTime : 1-7-2007 7:52:19 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:13 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1700
ThreadCreationTime : 1-7-2007 7:52:25 PM
BasePriority : Normal


#:14 [adskscsrv.exe]
FilePath : C:\Program Files\Common Files\Autodesk Shared\Service\
ProcessID : 1712
ThreadCreationTime : 1-7-2007 7:52:25 PM
BasePriority : Normal
FileVersion : 2.51.000
FileDescription : System Level Service Utility

#:15 [guard.exe]
FilePath : G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 1744
ThreadCreationTime : 1-7-2007 7:52:25 PM
BasePriority : Normal
FileVersion : 7, 5, 0, 47
ProductVersion : 7, 5, 0, 47
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware guard
InternalName : AVG Anti-Spyware guard
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : guard.exe

#:16 [btwdins.exe]
FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\bin\
ProcessID : 1856
ThreadCreationTime : 1-7-2007 7:52:26 PM
BasePriority : Normal
FileVersion : 1.4.2 Build 10
ProductVersion : 1.4.2 Build 10
ProductName : Bluetooth Software 1.4.2 Build 10
CompanyName : WIDCOMM, Inc.
FileDescription : Bluetooth Support Server
InternalName : BTWDIns
LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.
OriginalFilename : BTWDIns.EXE

#:17 [defwatch.exe]
FilePath : C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\
ProcessID : 1872
ThreadCreationTime : 1-7-2007 7:52:26 PM
BasePriority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec Corporation
OriginalFilename : DefWatch.exe

#:18 [pds.exe]
FilePath : C:\WINDOWS\system32\cba\
ProcessID : 1908
ThreadCreationTime : 1-7-2007 7:52:26 PM
BasePriority : Normal
FileVersion : 6.12.0.112 E
ProductVersion : 6.12.0.112
ProductName : Intel Common Base Agent
CompanyName : Intel® Corporation
FileDescription : CBA -- Ping Discovery Service
InternalName : PDS
LegalCopyright : Copyright © 1997-2001 Intel® Corporation
LegalTrademarks : LANDesk® is a registered trademark of Intel Corporation
OriginalFilename : PDS.EXE

#:19 [rtvscan.exe]
FilePath : C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\
ProcessID : 1996
ThreadCreationTime : 1-7-2007 7:52:26 PM
BasePriority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec Corporation 1991-2002

#:20 [ppped.exe]
FilePath : G:\Program Files\CyberPower PowerPanel Personal Edition\
ProcessID : 176
ThreadCreationTime : 1-7-2007 7:52:29 PM
BasePriority : Normal


#:21 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 304
ThreadCreationTime : 1-7-2007 7:52:29 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:22 [sssvr.exe]
FilePath : C:\Program Files\Sony\VAIO Media Music Server\
ProcessID : 388
ThreadCreationTime : 1-7-2007 7:52:31 PM
BasePriority : Normal
FileVersion : 2.5.00.15184
ProductVersion : 2.5.00
ProductName : VAIO Media Music Server
CompanyName : Sony Corporation
FileDescription : VAIO Media Music Server
InternalName : SSSvr
LegalCopyright : Copyright 2002,2003 Sony Corp.
OriginalFilename : SSSvr.exe
Comments : VAIO Media Music Server

#:23 [photoappsrv.exe]
FilePath : C:\Program Files\Sony\Photo Server\appsrv\
ProcessID : 404
ThreadCreationTime : 1-7-2007 7:52:31 PM
BasePriority : Normal


#:24 [xcommsvr.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Communicator\
ProcessID : 484
ThreadCreationTime : 1-7-2007 7:52:31 PM
BasePriority : Normal
FileVersion : 1, 8, 11, 0
ProductVersion : 1, 8, 11, 0
ProductName : Softwin BitDefender Communicator Server
CompanyName : Softwin
FileDescription : BitDefender Communicator Server
InternalName : XCOMMSVR
LegalCopyright : Copyright © 2003-2004 Softwin
OriginalFilename : xcommsvr.exe
Comments : Manages communication between BitDefender components

#:25 [hndlrsvc.exe]
FilePath : C:\WINDOWS\system32\ams_ii\
ProcessID : 512
ThreadCreationTime : 1-7-2007 7:52:31 PM
BasePriority : Normal
FileVersion : 6.12.0.112 E
ProductVersion : 6.12.0.112
ProductName : Intel Alert Management System 2
CompanyName : Intel® Corporation
FileDescription : AMS2 Handler Manager Service
InternalName : Hndlrsvc
LegalCopyright : Copyright © 1997-2001 Intel® Corporation
LegalTrademarks : LANDesk® is a registered trademark of Intel Corporation
OriginalFilename : Hndlrsvc.exe

#:26 [msgsys.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 528
ThreadCreationTime : 1-7-2007 7:52:31 PM
BasePriority : Normal
FileVersion : 6.12.0.112 E
ProductVersion : 6.12.0.112
ProductName : Intel Common Base Agent
CompanyName : Intel® Corporation
FileDescription : CBA -- Message System
InternalName : MsgExe
LegalCopyright : Copyright © 1997-2001 Intel® Corporation
LegalTrademarks : LANDesk® is a registered trademark of Intel Corporation
OriginalFilename : MsgSys.EXE

#:27 [iao.exe]
FilePath : C:\WINDOWS\system32\ams_ii\
ProcessID : 612
ThreadCreationTime : 1-7-2007 7:52:31 PM
BasePriority : Normal
FileVersion : 6.12.0.112 E
ProductVersion : 6.12.0.112
ProductName : Intel Alert Management System 2
CompanyName : Intel® Corporation
FileDescription : Alert Originator Manager
InternalName : IAO
LegalCopyright : Copyright © 1997-2001 Intel® Corporation
LegalTrademarks : LANDesk® is a registered trademark of Intel Corporation
OriginalFilename : IAO.EXE

#:28 [xfr.exe]
FilePath : C:\WINDOWS\system32\cba\
ProcessID : 648
ThreadCreationTime : 1-7-2007 7:52:31 PM
BasePriority : Normal
FileVersion : 6.12.0.112 E
ProductVersion : 6.12.0.112
ProductName : Intel Common Base Agent
CompanyName : Intel® Corporation
FileDescription : CBA - Message Resource
InternalName : xfrrc
LegalCopyright : Copyright © 1997-2001 Intel® Corporation
LegalTrademarks : LANDesk® is a registered trademark of Intel Corporation
OriginalFilename : XFR.EXE

#:29 [sv_httpd.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\
ProcessID : 1036
ThreadCreationTime : 1-7-2007 7:52:33 PM
BasePriority : Normal
FileVersion : 2.5.00.14070
ProductVersion : 2.5.00.14070
ProductName : SV_Httpd.exe
CompanyName : Sony Corporation
FileDescription : Sony HTTP Server
InternalName : SV_Httpd
LegalCopyright : Copyright 2002, 2003 Sony Corp.
OriginalFilename : SV_Httpd.exe

#:30 [upnpframework.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\
ProcessID : 1168
ThreadCreationTime : 1-7-2007 7:52:35 PM
BasePriority : Normal
FileVersion : 3.0.00.15190
ProductVersion : 3.0.00.15190
ProductName : UPnPFramework.exe
CompanyName : Sony Corporation
FileDescription : Sony UPnP Framework
InternalName : UPnPFramework
LegalCopyright : Copyright 2002,2003 Sony Corp.
OriginalFilename : UPnPFramework.exe

#:31 [sv_httpd.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\
ProcessID : 1196
ThreadCreationTime : 1-7-2007 7:52:35 PM
BasePriority : Normal
FileVersion : 2.5.00.14070
ProductVersion : 2.5.00.14070
ProductName : SV_Httpd.exe
CompanyName : Sony Corporation
FileDescription : Sony HTTP Server
InternalName : SV_Httpd
LegalCopyright : Copyright 2002, 2003 Sony Corp.
OriginalFilename : SV_Httpd.exe

#:32 [upnpframework.exe]
FilePath : C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\
ProcessID : 1288
ThreadCreationTime : 1-7-2007 7:52:36 PM
BasePriority : Normal
FileVersion : 3.0.00.15190
ProductVersion : 3.0.00.15190
ProductName : UPnPFramework.exe
CompanyName : Sony Corporation
FileDescription : Sony UPnP Framework
InternalName : UPnPFramework
LegalCopyright : Copyright 2002,2003 Sony Corp.
OriginalFilename : UPnPFramework.exe

#:33 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2076
ThreadCreationTime : 1-7-2007 7:52:46 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:34 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1992
ThreadCreationTime : 1-7-2007 8:01:58 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:35 [viewmgr.exe]
FilePath : C:\Program Files\Viewpoint\Viewpoint Manager\
ProcessID : 1256
ThreadCreationTime : 1-7-2007 8:03:53 PM
BasePriority : Normal
FileVersion : 2, 0, 0, 42
ProductVersion : 2, 0, 0, 42
ProductName : Viewpoint Manager
CompanyName : Viewpoint Corporation
FileDescription : ViewMgr
InternalName : Viewpoint Manager
LegalCopyright : Copyright © 2004
OriginalFilename : ViewMgr.exe
Comments : Viewpoint Manager

#:36 [hpwuschd2.exe]
FilePath : C:\Program Files\Hewlett-Packard\HP Software Update\
ProcessID : 2428
ThreadCreationTime : 1-7-2007 8:03:56 PM
BasePriority : Normal
FileVersion : 50.0.146.000
ProductVersion : 050.000.146.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : Hewlett-Packard Product Assistant
InternalName : hpwuSchd2
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2004
OriginalFilename : hpwuSchd2.exe
Comments : Hewlett-Packard Product Assistant

#:37 [motivesb.exe]
FilePath : C:\PROGRA~1\SBCSEL~1\SMARTB~1\
ProcessID : 2464
ThreadCreationTime : 1-7-2007 8:03:56 PM
BasePriority : Normal
FileVersion : 5.6.7.asst_classic.smartbridge.20031210_035000
ProductVersion : 5.6.7.asst_classic.smartbridge
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : SBC Self Support Tool Alerts
InternalName : version
LegalCopyright : Copyright 1998-2003
OriginalFilename : version

#:38 [type32.exe]
FilePath : C:\Program Files\Microsoft IntelliType Pro\
ProcessID : 2468
ThreadCreationTime : 1-7-2007 8:03:57 PM
BasePriority : Normal


#:39 [point32.exe]
FilePath : C:\Program Files\Microsoft IntelliPoint\
ProcessID : 2628
ThreadCreationTime : 1-7-2007 8:03:57 PM
BasePriority : Normal


#:40 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_09\bin\
ProcessID : 160
ThreadCreationTime : 1-7-2007 8:03:58 PM
BasePriority : Normal


#:41 [hkserv.exe]
FilePath : C:\Program Files\Sony\HotKey Utility\
ProcessID : 3060
ThreadCreationTime : 1-7-2007 8:04:08 PM
BasePriority : Normal


#:42 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 3072
ThreadCreationTime : 1-7-2007 8:04:08 PM
BasePriority : Normal
FileVersion : 6.14.10.4004
ProductVersion : 6.14.10.4004
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright (C) 1998-2002 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe

#:43 [ezsp_px.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2972
ThreadCreationTime : 1-7-2007 8:04:10 PM
BasePriority : Normal


#:44 [hpcmpmgr.exe]
FilePath : C:\Program Files\HP\hpcoretech\
ProcessID : 3204
ThreadCreationTime : 1-7-2007 8:04:12 PM
BasePriority : Normal
FileVersion : 2.1.1.0
ProductVersion : 2.1.4
ProductName : hp coretech (COmponent REuse TECHnology)
CompanyName : Hewlett-Packard Company
FileDescription : HP Framework Component Manager Service
InternalName : HPComponentManagerService module
LegalCopyright : Copyright (C) Hewlett-Packard. 2002-2003
OriginalFilename : HpCmpMgr.exe

#:45 [hpztsb10.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 3232
ThreadCreationTime : 1-7-2007 8:04:12 PM
BasePriority : Normal
FileVersion : 2.323.0.0
ProductVersion : 2.323.0.0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2004

#:46 [ituneshelper.exe]
FilePath : D:\Program Files\iTunes\
ProcessID : 3292
ThreadCreationTime : 1-7-2007 8:04:14 PM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:47 [avgas.exe]
FilePath : G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 3300
ThreadCreationTime : 1-7-2007 8:04:15 PM
BasePriority : Normal
FileVersion : 7, 5, 0, 50
ProductVersion : 7, 5, 0, 50
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware
InternalName : AVG Anti-Spyware
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : avgas.exe

#:48 [bdmcon.exe]
FilePath : G:\Program Files\Softwin\BitDefender10\
ProcessID : 3316
ThreadCreationTime : 1-7-2007 8:04:15 PM
BasePriority : Normal
FileVersion : 10, 0, 0, 2
ProductVersion : 10, 0, 0, 0
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Management Console
InternalName : Management Console
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : bdmcon.exe

#:49 [bdagent.exe]
FilePath : G:\Program Files\Softwin\BitDefender10\
ProcessID : 3328
ThreadCreationTime : 1-7-2007 8:04:16 PM
BasePriority : Normal
FileVersion : 10, 0, 0, 4
ProductVersion : 10, 0, 0, 1
ProductName : Bitdefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BDSwitch Application
InternalName : BDSwitch
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : BDSwitch.exe

#:50 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3352
ThreadCreationTime : 1-7-2007 8:04:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:51 [hkwnd.exe]
FilePath : C:\Program Files\Sony\HotKey Utility\
ProcessID : 3440
ThreadCreationTime : 1-7-2007 8:04:23 PM
BasePriority : Normal


#:52 [pppeuser.exe]
FilePath : G:\Program Files\CyberPower PowerPanel Personal Edition\
ProcessID : 2832
ThreadCreationTime : 1-7-2007 8:04:28 PM
BasePriority : Normal


#:53 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 3592
ThreadCreationTime : 1-7-2007 8:04:35 PM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:54 [taskmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1284
ThreadCreationTime : 1-7-2007 8:05:24 PM
BasePriority : High
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows TaskManager
InternalName : taskmgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : taskmgr.exe

#:55 [livesrv.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Update Service\
ProcessID : 1780
ThreadCreationTime : 1-7-2007 8:10:19 PM
BasePriority : Normal
FileVersion : 10, 0, 0, 4
ProductVersion : 10, 0, 0, 4
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : LiveSrv
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : livesrv.exe

#:56 [vsserv.exe]
FilePath : G:\Program Files\Softwin\BitDefender10\
ProcessID : 244
ThreadCreationTime : 1-7-2007 8:10:26 PM
BasePriority : Normal
FileVersion : 10, 0, 0, 40
ProductVersion : 10, 0, 0, 40
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : VSServ
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : vsserv.exe

#:57 [ad-aware.exe]
FilePath : D:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3864
ThreadCreationTime : 1-7-2007 8:39:23 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Deep scanning and examining files (G:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for G:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 28




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28

3:08:49 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:29:08.464
Objects scanned:236468
Objects identified:0
Objects ignored:0
New critical objects:0








//
//
// Product BitDefender Antivirus v10
// Product 10.0
//
// Created on: 05/01/2007 21:18:54
//
//


Virus Statistics

Scan path : C:\
D:\
G:\
Folders : 10574
Files : 649923
Memory processes scanned : 24
Archives : 9867
Runtime packers : 62647
Identified viruses : 1
Infected files : 1
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 2
Moved files : 0
I/O errors : 32
Scan time : 03:14:30
Scan speed (files/sec) : 55

Spyware Statistics

Registry keys scanned : 1960
Registry keys infected : 2
Cookies scanned : 0
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 2


Virus definitions : 397509
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 6
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\deep_scan\1168053534.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies


Summary:

<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MAGNET Detected: magne3t
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MAGNET Deleted
<System> Update
<System>=>HKEY_CLASSES_ROOT\MAGNET Detected: magne2t
<System>=>HKEY_CLASSES_ROOT\MAGNET Deleted
<System> Update
C:\Program Files\AIM\Sysfiles\WxBug.EXE=>wise0008 Detected: Adware.AWS.A
C:\Program Files\AIM\Sysfiles\WxBug.EXE=>wise0008 Disinfection failed
C:\Program Files\AIM\Sysfiles\WxBug.EXE=>wise0008 Move failed

Comments

  • edited January 2007
    This wouldnt fit on one post. Here is the HJT log.



    Logfile of HijackThis v1.99.1
    Scan saved at 11:37:11 PM, on 1/7/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ngvpnmgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    G:\Program Files\ProcessGuard\dcsuserprot.exe
    C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\system32\cba\pds.exe
    C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
    G:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
    C:\WINDOWS\system32\MsgSys.EXE
    C:\WINDOWS\system32\ams_ii\iao.exe
    C:\WINDOWS\system32\cba\xfr.exe
    C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    G:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Sony\HotKey Utility\HKserv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\ezSP_Px.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\Sony\HotKey Utility\HKWnd.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    G:\Program Files\Softwin\BitDefender10\bdagent.exe
    G:\Program Files\ProcessGuard\pgaccount.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\ctfmon.exe
    G:\Program Files\ProcessGuard\procguard.exe
    G:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\Avenger\Analyse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://yahoo.sbc.com/dsl"); (C:\Documents and Settings\gyyhhh\Application Data\Mozilla\Profiles\default\youjttup.slt\prefs.js)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
    O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
    O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [BDMCon] "G:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "G:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [!1_pgaccount] "G:\Program Files\ProcessGuard\pgaccount.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [PowerPanel Personal Edition User Interaction] "G:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe"
    O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "G:\Program Files\ProcessGuard\procguard.exe" -minimize
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://wirelesslogon.depaul.edu/postauthI/epi.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF04FD9E-5FB6-4CA8-BAE7-38F8AC693548}: NameServer = 66.73.20.40,151.164.8.201
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - G:\Program Files\ProcessGuard\dcsuserprot.exe
    O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel Alert Handler - Intel® Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
    O23 - Service: Intel Alert Originator - Intel® Corporation - C:\WINDOWS\system32\ams_ii\iao.exe
    O23 - Service: Intel File Transfer - Intel® Corporation - C:\WINDOWS\system32\cba\xfr.exe
    O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\WINDOWS\system32\ngvpnmgr.exe
    O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: PowerPanel Personal Edition Service (ppped) - Unknown owner - G:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
    O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
    O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
    O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - G:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  • edited January 2007
    I actually just recently was able to get a newer more up to date HJT log hopefully this helps.


    Logfile of HijackThis v1.99.1
    Scan saved at 9:10:06 PM, on 1/10/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ngvpnmgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    G:\Program Files\ProcessGuard\dcsuserprot.exe
    C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\system32\cba\pds.exe
    C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
    G:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
    C:\WINDOWS\system32\MsgSys.EXE
    C:\WINDOWS\system32\ams_ii\iao.exe
    C:\WINDOWS\system32\cba\xfr.exe
    C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    G:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Sony\HotKey Utility\HKserv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\system32\ezSP_Px.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 0.exe
    C:\Program Files\QuickTime\qttask.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    D:\Avenger\****yse.exe
    C:\Program Files\Sony\HotKey Utility\HKWnd.exe
    G:\Program Files\Softwin\BitDefender10\bdagent.exe
    G:\Program Files\ProcessGuard\pgaccount.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    G:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe
    G:\Program Files\ProcessGuard\procguard.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://yahoo.sbc.com/dsl"); (C:\Documents and Settings\gyyhhh\Application Data\Mozilla\Profiles\default\youjttup.slt\prefs.j s)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
    O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
    O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 0.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [BDMCon] "G:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "G:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [!1_pgaccount] "G:\Program Files\ProcessGuard\pgaccount.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [PowerPanel Personal Edition User Interaction] "G:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe"
    O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "G:\Program Files\ProcessGuard\procguard.exe" -minimize
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://wirelesslogon.depaul.edu/postauthI/epi.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF04FD9E-5FB6-4CA8-BAE7-38F8AC693548}: NameServer = 66.73.20.40,151.164.8.201
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - G:\Program Files\ProcessGuard\dcsuserprot.exe
    O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel Alert Handler - Intel® Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
    O23 - Service: Intel Alert Originator - Intel® Corporation - C:\WINDOWS\system32\ams_ii\iao.exe
    O23 - Service: Intel File Transfer - Intel® Corporation - C:\WINDOWS\system32\cba\xfr.exe
    O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\WINDOWS\system32\ngvpnmgr.exe
    O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: PowerPanel Personal Edition Service (ppped) - Unknown owner - G:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
    O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
    O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
    O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - G:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  • TroganTrogan London, UK
    edited January 2007
    Hi Chris,

    I don't see anything bad in the log.

    The problem may be due to the fact that you have TWO anti-virus programs (BitDefender and AntiVir) running. This is not a good idea, as you probably can tell as multiple anti-virus programs will conflict and cause problems such as instabilities and slow downs.

    You need to uninstall either BitDefender or AntiVir through Add/Remove programs.

    Once that is done, please post a new HijackThis log. Also, I need to see another log from HijackThis.
    • Run Hijackthis.
    • Click on Open the Misc Tools section.
    • Next click on Open uninstall manager.
    • Press the Save list button.
    • Save the file to your desktop, with the default name of uninstall_list
    • Copy & Paste the entire contents of that file in your in your next post.
  • edited January 2007
    OKay I uninstalled the Antivirus programs and I installed only one for now AVIRA Antivir Premium Suite. I ran an HJT log as well as the uninstall log.

    Logfile of HijackThis v1.99.1
    Scan saved at 12:14:22 AM, on 1/16/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5450.0004)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ngvpnmgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    G:\AVIRA ANTIVIR\Avira Premium Security Suite\sched.exe
    G:\AVIRA ANTIVIR\Avira Premium Security Suite\avguard.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    G:\AVIRA ANTIVIR\Avira Premium Security Suite\avesvc.exe
    G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    G:\Program Files\ProcessGuard\dcsuserprot.exe
    C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\system32\cba\pds.exe
    C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
    C:\WINDOWS\Explorer.EXE
    G:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    G:\AVIRA ANTIVIR\Avira Premium Security Suite\avmailc.exe
    C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
    C:\WINDOWS\system32\MsgSys.EXE
    C:\WINDOWS\system32\ams_ii\iao.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\cba\xfr.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Sony\HotKey Utility\HKserv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    G:\AVIRA ANTIVIR\Avira Premium Security Suite\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Sony\HotKey Utility\HKWnd.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    G:\Program Files\BitTorrent\bittorrent.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
    C:\Documents and Settings\gyyhhh\Desktop\procexp.exe
    C:\DOCUME~1\gyyhhh\LOCALS~1\Temp\AutoDL%3FBundleId=10878_b197838c.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\MsiExec.exe
    D:\Avenger\Analyse.exe
    C:\WINDOWS\system32\MsiExec.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\SearchBar.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://yahoo.sbc.com/dsl"); (C:\Documents and Settings\gyyhhh\Application Data\Mozilla\Profiles\default\youjttup.slt\prefs.js)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
    O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [avgnt] "G:\AVIRA ANTIVIR\Avira Premium Security Suite\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [BitTorrent] "G:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
    O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://wirelesslogon.depaul.edu/postauthI/epi.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF04FD9E-5FB6-4CA8-BAE7-38F8AC693548}: NameServer = 66.73.20.40,151.164.8.201
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - G:\AVIRA ANTIVIR\Avira Premium Security Suite\avfwsvc.exe
    O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - G:\AVIRA ANTIVIR\Avira Premium Security Suite\avmailc.exe
    O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - G:\AVIRA ANTIVIR\Avira Premium Security Suite\sched.exe
    O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - AVIRA GmbH - G:\AVIRA ANTIVIR\Avira Premium Security Suite\avguard.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - G:\AVIRA ANTIVIR\Avira Premium Security Suite\avesvc.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - G:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - G:\Program Files\ProcessGuard\dcsuserprot.exe
    O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel Alert Handler - Intel® Corporation - C:\WINDOWS\system32\ams_ii\hndlrsvc.exe
    O23 - Service: Intel Alert Originator - Intel® Corporation - C:\WINDOWS\system32\ams_ii\iao.exe
    O23 - Service: Intel File Transfer - Intel® Corporation - C:\WINDOWS\system32\cba\xfr.exe
    O23 - Service: Intel PDS - Intel® Corporation - C:\WINDOWS\system32\cba\pds.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\WINDOWS\system32\ngvpnmgr.exe
    O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: PowerPanel Personal Edition Service (ppped) - Unknown owner - G:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (file missing)
    O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
    O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\Photo Server\appsrv\PhotoAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
    O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe






    3ds max 7
    Ad-Aware SE Personal
    Adobe Acrobat 5.0
    Adobe Bridge 1.0
    Adobe Common File Installer
    Adobe Help Center 1.0
    Adobe Illustrator CS2
    Adobe MPEG Encoder
    Adobe Photoshop CS2
    Adobe Premiere 6.5
    Adobe Stock Photos 1.0
    Adobe SVG Viewer 3.0
    Advanced RealMedia Export Plug-in for Premiere 6.0
    Alien Skin Eye Candy 5 Nature
    Anti-Blaxx 1.17
    Anti-Leech Plugin for Netscape, Mozilla, Opera
    AOL Instant Messenger
    Apple Software Update
    ATI Control Panel
    ATI Display Driver
    Aventail Connect
    AVG Anti-Spyware 7.5
    Avira Premium Security Suite
    Belarc Advisor 7.2
    BitTorrent 5.0.4
    BroadJump Client Foundation
    CCleaner (remove only)
    Cheetah Audio Converter
    CyberPower PowerPanel Personal Edition
    DiamondCS ProcessGuard v3.150
    DivX Codec
    DivX Content Uploader
    DivX Converter
    DivX Player
    DivX Web Player
    DVgate Plus
    Experience VAIO
    FATE from Yahoo! (remove only)
    Feeding Frenzy 2 (remove only)
    Foxit Reader
    Gold Miner Vegas (remove only)
    Google Desktop Search
    Google Earth
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HijackThis 1.99.1
    Home Office Page for Experience VAIO
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    HotKey Utility
    HP Deskjet 5700
    HP Software Update
    Intel(R) PRO Network Adapters and Drivers
    InterActual Player
    InterVideo WinDVD 4
    iPod for Windows 2005-06-26
    iPod for Windows 2006-01-10
    iPod Update 2004-04-28
    IsoBuster 2.0
    iTunes
    J2SE Runtime Environment 5.0 Update 10
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    Java 2 Runtime Environment, SE v1.4.0_03
    Java Web Start
    Kaspersky Online Scanner
    K-Lite Codec Pack 2.81 Full
    LimeWire 4.12.6
    Linksys EasyLink Advisor 1.5 (1032)
    LiveUpdate 1.7 (Symantec Corporation)
    Macromedia Flash Player 8
    Macromedia Flash Player 8
    Macromedia Shockwave Player
    Memory Stick Formatter
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft .NET Framework 2.0
    Microsoft ActiveSync 3.7
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Money 2003
    Microsoft Money 2003 System Pack
    Microsoft Office Standard Edition 2003
    Microsoft Office XP Professional with FrontPage
    Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
    Microsoft Upgrade Offer
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    MioTransfer
    Mozilla Firefox (0.8.)
    Mozilla Firefox (2.0.0.1)
    MSN Music Assistant
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    Music Visualizer Library 1.4.00
    Nero - Burning Rom
    Netscape (7.02)
    Netscape Browser (remove only)
    Network Smart Capture
    Nokia Connectivity Cable Driver
    OpenMG Limited Patch 3.2-03-02-21-08
    OpenMG Limited Patch 3.2-03-02-25-01
    OpenMG Secure Module 3.2
    Opera 9.10
    palmOne
    Panda ActiveScan
    PCFriendly
    Picasa 2
    PowerPanel
    Quicken 2003 New User Edition
    QuickTime
    Rapala Pro Fishing
    RealPlayer
    RollerCoaster Tycoon® 3
    SBC Self Support Tool
    SBC Yahoo! Applications
    Security Update for Microsoft .NET Framework 2.0 (KB917283)
    Security Update for Microsoft .NET Framework 2.0 (KB922770)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB926255)
    Shockwave
    Sid Meier's Civilization 4
    SoftK56 Data Fax
    SonicStage 1.5.50
    Sony ACID Pro 5.0
    Sony Certificate PCH
    Sony Notebook Setup
    Sony on Yahoo! Essentials
    Sony Sound Forge 7.0
    Sony USB Mouse
    Sony Utilities DLL
    Sony Video Shared Library
    Spybot - Search & Destroy 1.4
    SpywareBlaster v3.5.1
    Symantec AntiVirus Client
    Symantec AntiVirus Quarantine Console Snap-in
    TDK Digital MixMaster
    Turbo Tax Offer
    Uninstall
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    VAIO DeepSea Wallpaper
    VAIO Help and Support
    VAIO Media 2.5
    VAIO Media Music Server 2.5
    VAIO Media Photo Server 2.5
    VAIO Media Platform 2.5
    VAIO Media Redistribution 2.5
    VAIO Media Setup 2.5
    VAIO Registration
    VAIO Support
    VAIO Survey Standalone
    Viewpoint Manager (Remove Only)
    Viewpoint Media Player
    WD Diagnostics
    Wheel of Fortune (remove only)
    WIDCOMM Bluetooth Software
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7 Beta 3
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows XP Hotfix - KB834707
    Windows XP Hotfix - KB867282
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893066
    Windows XP Hotfix - KB893086
    Windows XP Service Pack 2
    WinRAR archiver
    WinZip
    Wireless LAN
    Yahoo! Install Manager
    Yahoo! Mail Quick Select Tool
    Yahoo! Toolbar
    Yahoo! Widget Engine
  • TroganTrogan London, UK
    edited January 2007
    Hi Chris,

    From the Uninstall List, I see Symantec AntiVirus Client installed. You should uninstall this, as well as the other Norton related stuff since you have Avira Premium Security Suite.

    Please do the following...

    1. Click Start > Run > type in appwiz.cpl and hit enter. From the list uninstall the following, if present:

    Remove these Norton/Symantec products.

    Symantec AntiVirus Client
    Symantec AntiVirus Quarantine Console Snap-in
    LiveUpdate 1.7 (Symantec Corporation)


    Turbo Tax Offer <-- Remove this unless you know what it is.

    Also, remove any programs that you don't recognise or use.

    2. Open HijackThis
    - Click the Do a system scan only button
    - Check the following entries (below)

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\SearchBar.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}


    - Close ALL open windows (especially Internet Explorer!)
    - Click Fix Checked
    Close HiajckThis

    3. Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

    Updating Java:
    • Download the latest version of Java Runtime Environment (JRE) 6.
    • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications."
    • Click the "Download" button to the right.
    • Check the box that says: "Accept License Agreement."
    • The page will refresh.
    • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Control Panel double-click on Add/Remove programs and remove the following...
      • J2SE Runtime Environment 5.0 Update 6
      • J2SE Runtime Environment 5.0 Update 9
      • J2SE Runtime Environment 5.0 Update 10
      • Java 2 Runtime Environment, SE v1.4.0_03
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.
    4. Please post a new HijackThis log and Uninstall list.
  • TroganTrogan London, UK
    edited February 2007
    Whilst we appreciate that you may be busy, it has been 7 days or more since we heard from you.

    Infections can change and fresh instructions will now need to be given. This topic is now closed, if you still require assistance then please start a new topic in the Spyware & Virus Removal Forum

    If you wish this topic reopened, please send a Private Message (PM) to one of the Spyware Mods with a link to your thread.

    Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required.
    If you are not the user who started this thread, you must start a new Thread instead :)
This discussion has been closed.