I have a pentium 4 3.2ghz running on 2gb of RAM. usually it all works fine and dandy but yesterday all of a sudden when i launched firefox the CPU went up to 100% and stayed there even after i had closed it (and some other programs) down.
On the box on my task manager it says that there are 2095596k of physical memory in total and 1052960k available so woud that mean that the RAM is not damaged or is this not a good enough indicator?
i have scanned my computer with malwarebites and the deckarrd (i think it was called this) scanner. below are my results. i really hope someone can help with this because it is very annoying. Also apologies if i have posted this in the wrong place, it wouldnt let me start a new topic in the malware bit
the following is my Mbam log
Malwarebytes' Anti-Malware 1.24
Database version: 1043
Windows 5.1.2600 Service Pack 2
12:25:49 12/08/2008
mbam-log-8-12-2008 (12-25-49).txt
Scan type: Quick Scan
Objects scanned: 42095
Time elapsed: 5 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
the following is my deckard log
Deckard's System Scanner v20071014.68
Run by Rob J on 2008-08-12 11:22:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
57: 2008-08-12 10:22:30 UTC - RP218 - Deckard's System Scanner Restore Point
56: 2008-08-10 12:01:47 UTC - RP217 - Installed Java™ 6 Update 7
55: 2008-08-03 20:46:42 UTC - RP216 - System Checkpoint
54: 2008-08-01 20:14:18 UTC - RP215 - System Checkpoint
53: 2008-07-27 21:50:06 UTC - RP214 - System Checkpoint
-- First Restore Point --
1: 2008-05-13 13:52:26 UTC - RP162 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-08-12 11:23:45
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16674)
Boot mode: Normal
Running processes:
E:\WINDOWS\system32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\explorer.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Comodo\Firewall\cfp.exe
E:\Program Files\Alwil Software\Avast4\ashDisp.exe
E:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9CE.EXE
E:\Program Files\Belkin Office Keyboard\MOffice.exe
E:\Program Files\Belkin Office Keyboard\KBDAP32A.EXE
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\Belkin Office Keyboard\mouse32a.dat
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Comodo\Firewall\cmdagent.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Windows Live\Messenger\msnmsgr.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Internet Download Manager\IDMan.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
E:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
E:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
E:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe
E:\Program Files\Canon\CAL\CALMAIN.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Internet Download Manager\IEMonitor.exe
E:\WINDOWS\system32\svchost.exe
E:\Documents and Settings\Rob J\My Documents\Programs\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\Comodo\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] E:\Program Files\Belkin Office Keyboard\moffice.exe
O4 - HKLM\..\Run: [OFFICEKB] E:\Program Files\Belkin Office Keyboard\kbdap32a.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "E:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] E:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://E:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: Download all links with IDM - E:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - E:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - E:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://E:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?c48d33f861c745aa8fe90aec410ebcc0
O8 - Extra context menu item: Open in new foreground tab - res://E:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?c48d33f861c745aa8fe90aec410ebcc0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - E:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: E:\WINDOWS\system32\guard32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - E:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - E:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - E:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
--
End of file - 11447 bytes
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sisidex - e:\windows\system32\drivers\sisidex.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
R0 sisperf (Add Performance Filter Driver) - e:\windows\system32\drivers\sisperf.sys <Not Verified; Silicon Integrated Systems Corp.; SiS Filer Driver>
R2 sbbotdi - e:\program files\speedbit video accelerator\sbbotdi.sys <Not Verified; SpeedBit Ltd.; Speedbit TDI Driver>
R3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - e:\windows\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
R3 pcouffin (VSO Software pcouffin) - e:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 FXDRV - d:\fxdrv.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Bonjour Service - "e:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 CCALib8 (Canon Camera Access Library 8) - e:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Video Controller
Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_90020070&REV_05\3&B1BFB68&0&48
Manufacturer:
Name: Multimedia Video Controller
PNP Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_90020070&REV_05\3&B1BFB68&0&48
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Controller
Device ID: PCI\VEN_14F1&DEV_8802&SUBSYS_90020070&REV_05\3&B1BFB68&0&4A
Manufacturer:
Name: Multimedia Controller
PNP Device ID: PCI\VEN_14F1&DEV_8802&SUBSYS_90020070&REV_05\3&B1BFB68&0&4A
Service:
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Controller
Device ID: PCI\VEN_14F1&DEV_8804&SUBSYS_90020070&REV_05\3&B1BFB68&0&4C
Manufacturer:
Name: Multimedia Controller
PNP Device ID: PCI\VEN_14F1&DEV_8804&SUBSYS_90020070&REV_05\3&B1BFB68&0&4C
Service:
-- Scheduled Tasks -------------------------------------------------------------
2008-08-12 10:56:00 256 --a------ E:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-07-25 17:15:00 390 --a------ E:\WINDOWS\Tasks\1-Click Maintenance.job
2008-07-13 13:31:29 284 --a------ E:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-07-12 and 2008-08-12 -----------------------------
2008-08-12 11:15:47 0 d-------- E:\Documents and Settings\Rob J\Application Data\Malwarebytes
2008-08-12 11:15:42 0 d-------- E:\Program Files\Malwarebytes' Anti-Malware
2008-08-12 11:15:42 0 d-------- E:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-11 23:43:48 18044 --ah----- E:\WINDOWS\system32\mlfcache.dat
2008-08-03 00:07:36 0 d-------- E:\Program Files\iPod
2008-07-20 16:06:14 0 d-------- E:\Program Files\Bonjour
2008-07-17 15:14:18 0 d-------- E:\WINDOWS\system32\NtmsData
-- Find3M Report ---------------------------------------------------------------
2008-08-12 10:39:37 0 d-------- E:\Documents and Settings\Rob J\Application Data\DMCache
2008-08-11 17:32:44 0 d-------- E:\Program Files\SpywareBlaster
2008-08-10 13:02:36 0 d-------- E:\Program Files\Java
2008-08-04 18:04:35 0 d-------- E:\Documents and Settings\Rob J\Application Data\IDM
2008-08-03 00:08:02 0 d-------- E:\Program Files\iTunes
2008-07-25 01:12:48 0 d-------- E:\Documents and Settings\Rob J\Application Data\uTorrent
2008-07-25 00:47:17 0 d-------- E:\Documents and Settings\Rob J\Application Data\Mozilla
2008-07-21 02:39:38 0 d-------- E:\Program Files\Internet Download Manager
2008-07-20 16:06:00 0 d-------- E:\Program Files\QuickTime
2008-07-17 16:03:28 0 d-------- E:\Program Files\SpeedBit Video Accelerator
2008-07-15 12:16:10 0 d-------- E:\Program Files\Avanquest update
2008-07-13 13:38:43 0 d-------- E:\Program Files\Apple Software Update
2008-07-13 13:32:23 0 d-------- E:\Program Files\Safari
2008-07-02 16:35:22 0 d-------- E:\Program Files\Coupon Printer
2008-07-02 16:35:21 31 --ah----- E:\WINDOWS\UKCpInfo.sys
2008-06-28 19:59:23 0 d-------- E:\Program Files\TuneUp Utilities 2007
2008-06-28 19:14:27 2075 --a------ E:\WINDOWS\mozver.dat
2008-06-15 18:19:58 0 d-------- E:\Program Files\DivX
2008-05-31 00:22:48 802816 --a------ E:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-31 00:22:48 823296 --a------ E:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-31 00:22:48 823296 --a------ E:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-31 00:22:46 815104 --a------ E:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-31 00:22:46 683520 --a------ E:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-22 23:22:18 3596288 --a------ E:\WINDOWS\system32\qt-dx331.dll
2008-05-22 23:19:46 196608 --a------ E:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-22 23:19:46 81920 --a------ E:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-22 23:18:54 12288 --a------ E:\WINDOWS\system32\DivXWMPExtType.dll
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [27/10/2004 07:49 E:\WINDOWS\SOUNDMAN.EXE]
"NvCplDaemon"="E:\WINDOWS\system32\NvCpl.dll" [26/07/2005 08:33]
"nwiz"="nwiz.exe" [26/07/2005 08:34 E:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="E:\WINDOWS\system32\NvMcTray.dll" [26/07/2005 08:34]
"COMODO Firewall Pro"="E:\Program Files\Comodo\Firewall\cfp.exe" [23/11/2007 21:38]
"avast!"="E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [19/07/2008 15:38]
"EPSON Stylus Photo RX420 Series"="E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe" [09/04/2004 04:00]
"FLMOFFICE4DMOUSE"="E:\Program Files\Belkin Office Keyboard\moffice.exe" [10/01/2008 00:12]
"OFFICEKB"="E:\Program Files\Belkin Office Keyboard\kbdap32a.exe" [10/01/2008 00:12]
"SunJavaUpdateSched"="E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27]
"SpeedBitVideoAccelerator"="E:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" [05/05/2008 15:59]
"Adobe Reader Speed Launcher"="E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"AppleSyncNotifier"="E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [10/07/2008 09:47]
"QuickTime Task"="E:\Program Files\QuickTime\QTTask.exe" [27/05/2008 10:50]
"iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [30/07/2008 10:47]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="E:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56]
"MsnMsgr"="E:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34]
"SpybotSD TeaTimer"="E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [07/10/2007 13:04]
"MSMSGS"="E:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24]
"IDMan"="E:\Program Files\Internet Download Manager\IDMan.exe" [29/07/2008 15:18]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= E:\WINDOWS\system32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Rob J^Start Menu^Programs^Startup^BUFFALO Disk Backup Utility.lnk]
path=E:\Documents and Settings\Rob J\Start Menu\Programs\Startup\BUFFALO Disk Backup Utility.lnk
backup=E:\WINDOWS\pss\BUFFALO Disk Backup Utility.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
"E:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
-- End of Deckard's System Scanner: finished at 2008-08-12 11:25:00 ------------
if you need me to do a hi-jack this log aswell please let me know.
edit: i should also add, i have recently updated my Java as instructed by my computer. could this have something to do with it? i'm not sure how to roll it back
2nd edit: i just did a kaspespy online scan and i think it is something to do with java as this file came up as being infected:
E:\Documents and Settings\Rob J\Application Data\Sun\Java\Deployment\cache\6.0\52\6d7493b4-46650317
I think this should help you guys. I'm just not sure what i should delete and dont want to rush into anything!