HJT Log - Anything wrong?

[indi]

PC's been behaving weird recently, is there anything there that shouldn't be?

 

All help much appreciated.

 

Logfile of HijackThis v1.99.1

Scan saved at 15:42:33, on 19/03/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\windows\System32\smss.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe

C:\windows\System32\svchost.exe

C:\Program Files\Sygate\SPF\smc.exe

C:\windows\Explorer.EXE

C:\windows\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

e:\Program Files\ewido\security suite\ewidoctrl.exe

e:\Program Files\ewido\security suite\ewidoguard.exe

C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

C:\windows\system32\oodag.exe

C:\windows\System32\svchost.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

E:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

E:\Program Files\PeerGuardian2\pg2.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility.exe

E:\Program Files\SpywareGuard\sgmain.exe

E:\Program Files\SpywareGuard\sgbhp.exe

E:\Program Files\firefox.exe

E:\Program Files\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.skirge.pwp.blueyonder.co.uk/irc/chat/index.html

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - E:\Program Files\SpywareGuard\dlprotect.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [Norton Ghost 9.0] E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\windows\ime\imkr6_1\IMEKRMIG.EXE

O4 - HKLM\..\Run: [MSPY2002] C:\windows\system32\IME\PINTLGNT\ImScInst.exe /SYNC

O4 - HKLM\..\Run: [PHIME2002ASync] C:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "e:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe

O4 - HKCU\..\Run: [PeerGuardian] E:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe

O4 - HKCU\..\Run: [pbmini] E:\Program Files\pcast\PodcastbarMini\PodcastBarMiniStater.exe

O4 - Startup: SpywareGuard.lnk = E:\Program Files\SpywareGuard\sgmain.exe

O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ?

O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Ãâ·Ñ¾«²ÊÊÓƵ³¬Á÷³©ÔÚÏß¹Û¿´ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)

O9 - Extra 'Tools' menuitem: ²¥°ÔµçÊÓ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1129555740375

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1129561551687

O16 - DPF: {9BF607E0-4CC1-4099-9A07-362C9E4FB090} (WStarter Control) - http://live.pdbox.co.kr:8057/WStarter.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4635/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{1A1C2468-BA57-4784-8695-DA804CE0ED43}: NameServer = 212.158.248.5 83.146.21.6

O17 - HKLM\System\CS1\Services\Tcpip\..\{1A1C2468-BA57-4784-8695-DA804CE0ED43}: NameServer = 212.158.248.5 83.146.21.6

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: ewido security suite control - ewido networks - e:\Program Files\ewido\security suite\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - e:\Program Files\ewido\security suite\ewidoguard.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - e:\Program Files\Sony\MD Simple Burner\NetMDSB.exe

O23 - Service: Norton Ghost - Symantec Corporation - E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

O23 - Service: O&O Defrag - O&O Software GmbH - C:\windows\system32\oodag.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

 

 

[Guest StevieH84]

On 1st look its clean of nasties,will now look again more just

as a double check for you...

[Guest StevieH84]

Nope there are no nasties in that log,the only thing

i,d say is you have a hell of a lot of stuff starting up

when you dont need them,what made you think pc

was behaving weird like??

 

[indi]

Cheers Stevie.

 

A couple of things really:

 

I thought I had a hell of a lot of things starting up (as you say), some up which I didn't recognise.

 

Streaming problems: Usually I get perfect streams really good picture and sound quality with no buffering, but today every single one was crap, most were unwatchable.

 

Azureus problems: I keep getting the messages:

 

"UPnP: Mapping 'Peer Data Port (TCP/60700 [or whatever I've set it as])' Failed."

"UPnP: Mapping 'Client Data Port (TCP/60700 [or whatever I've set it as])' Failed."

"UPnP: Mapping 'NAT Tester (TCP/60700 [or whatever I've set it as])' Failed."

 

Plus, I don't think I've managed to resove whatever was causing the Blue Screen Errors.

 

See here: http://www.newcastle-online.com/nufcforum/index.php/topic,16616.0.html

[Guest StevieH84]

Indigo

cannot see the pc having any bearings on the streaming being poor

for you today if anything i,d blame the internet or your isp or your

broadband connection,maybes tweaking that would be a good idea.

to manage your apps that automatically start up i use StartUp Control Panel

its only 34 kb and its put itself in the Control Panel for easy access

its free as well and very simple to use you just take tick out of the box to

stop stuff from autostarting.ill be able to tell you what to untick..

 

Startup Control Panel

http://www.mlin.net/StartupCPL.shtml

 

PS about that blue screen prob ill look at that ok..

[indi]

Indigo

cannot see the pc having any bearings on the streaming being poor

for you today if anything i,d blame the internet or your isp or your

broadband connection,maybes tweaking that would be a good idea.

to manage your apps that automatically start up i use StartUp Control Panel

its only 34 kb and its put itself in the Control Panel for easy access

its free as well and very simple to use you just take tick out of the box to

stop stuff from autostarting.ill be able to tell you what to untick..

 

Startup Control Panel

http://www.mlin.net/StartupCPL.shtml

 

PS about that blue screen prob ill look at that ok..

 

Nice one, thanks mate. thumbup.gif

[Guest StevieH84]

Indigo

whats going on with pc now,have you stopped any stuff yet??

[indi]

Indigo

whats going on with pc now,have you stopped any stuff yet??

 

I've not stopped anything yet, but I removed a couple of things and I've downloaded a load of new drivers, but not installed them yet, I'm thinking of flashing my BIOS, but I'm scared!!

[Guest StevieH84]

You dont say what windows you have m8..

also flashing bios is easy but not for the faint

hearted,i still have all the commands in my notebook

the 1st time i did mine on win 98 2nd edition many moons ago.

would prefer it if you done other things and at last resort flash

bios coz if it go,s wrong,you have dead pc,if you do go ahead

make sure you have saved that bios you have now onto a formatted

floppy,better than none at all.and saving the bios is usually the 1st

option given when flashing your bios..

[indi]

It's XP Pro SP2 (2002 edition apparently).

 

I got some "guru" software with my motherboard, which apparently lets you flash the BIOS with one click within Windows, but I'm still dubious about doing it.

[Guest StevieH84]

does it go online and locate the newer bios for you,

or do you have that to do ??

coz having correct info is essential.did oyur pc come with sp2

or did you upgrade to it??

[Chrissy Bee]

Although saving your BIOS is fairly pointless if you actually bork it properly.

 

I've flashed my BIOS twice this year (thinking it might help fix something). It added some new features in the BIOS menu that I don't care about, but both times caused an untold amount of stress. If you don't know how to do a CMOS clear, it's really silly to even think about flashing it. Turning on the PC after a BIOS flash and listening to it go BEEP with a blank screen is really not fun (unless you like to get your adrenaline pumping).

 

Just stick the new drivers on for now (they can't really go wrong, so do it now!). Also, was there anything new you installed before the problems started? I don't think the monitor or hard drive will have caused the problem, but if there was anything else (even software), say.

 

Your motherboard looks new enough that it won't really need a BIOS flash in my opinion, unless you're running a high-spec X2 processor (possibly).

[indi]

does it go online and locate the newer bios for you,

or do you have that to do ??

coz having correct info is essential.did oyur pc come with sp2

or did you upgrade to it??

 

I'm not sure what it does, I haven't dared go near it yet.

 

I'm pretty sure it came with SP2, although I didn't get it with the pc, I got it from my mate, who works in the IT department of a certain very large education establishment in the Manchester area.

[indi]

Although saving your BIOS is fairly pointless if you actually bork it properly.

 

I've flashed my BIOS twice this year (thinking it might help fix something). It added some new features in the BIOS menu that I don't care about, but both times caused an untold amount of stress. If you don't know how to do a CMOS clear, it's really silly to even think about flashing it. Turning on the PC after a BIOS flash and listening to it go BEEP with a blank screen is really not fun (unless you like to get your adrenaline pumping).

 

Just stick the new drivers on for now (they can't really go wrong, so do it now!). Also, was there anything new you installed before the problems started? I don't think the monitor or hard drive will have caused the problem, but if there was anything else (even software), say.

 

Your motherboard looks new enough that it won't really need a BIOS flash in my opinion, unless you're running a high-spec X2 processor (possibly).

 

Yeah just the thought of that beeeeeeeeeep and seeing EE on the motherboard display makes me do this  yikes.gif :icon_pale: throw.gif crying.gif

 

I'll give the new drivers a go before I do anything more drastic. I'm always adding and removing software, so it's quite hard to remember what I installed about the time it started being weird, but there was a bit of VOD software, which I got rid of that might have had something to do with it.

 

My processor is pretty standard (unfortunately), one of these:

 

http://www.microdirect.co.uk/ProductInfo.aspx?ProductID=9392&GroupID=1083

[Guest StevieH84]

Has the pc been soopa doopa for you m8ty..

what hardware have you added??

[indi]

Has the pc been soopa doopa for you m8ty..

what hardware have you added??

 

Yeah, not bad, I haven't turned it off since Sunday and there's been no problems so far.

 

Hardware added since when? I've recently got a new monitor, and a new 250gb sata hdd. Oh and a new mouse.

[Guest StevieH84]

Since you got the pc from micro direct...

monitor wouldnt be a prob,nor mouse hard drive could be

a problem ,but i doubt it,what software have you installed.

since,i have heard mind SP2 causing probs with some people

thats why i asked if it came with SP2.

[indi]

Loads of stuff mate, it's been fine since Sunday, so I think it'll be ok, I'll do the new drivers over the next couple of days and let you know what happens, cheers.

[Andy]

I'd advise you pick it up, raise it above a large drop, let go of it, then neatly sweep up all the remains and throw them into the local skip.

 

Alternatively, sell it to some idiot on Ebay.

 

 

[indi]

I'd advise you pick it up, raise it above a large drop, let go of it, then neatly sweep up all the remains and throw them into the local skip.

 

Alternatively, sell it to some idiot on Ebay.

 

 

 

Will do.

[Guest StevieH84]

dont be cheeky Andy,your going OTT there like.

theres no idiots on EBay...