Logfile of HijackThis v1.99.1
Scan saved at 12:56:47 PM, on 10/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HighjackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.passport.net/uilogin.srf?lc=1033&id=2
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVG Free\avgupsvc.exe

I have been using Reg Cleaner on my new computer for a few weeks now. Every Friday I find this weird program entry.

Author: Preview
Software: ~~~~~^nnnnn|
Age: Old

I can not find what this is. Any help would be much appreciated.

Crow instructed me to post here.

Thx,
Dan

Hello DanTheMathlete, Welcome to the forum.


This is what I suggest you do.



Please do not delete anything unless instructed to.



Download CWShredder from my signature below. Unzip it on the desktop.
Open CWShredder and with ALL other windows closed, click fix.


Go here and run at least one of the online scans, allow them to delete whatever they find:

TrendMicro HouseCall
eTrust AntiVirus Web Scanner
Panda ActiveScan
Note any thing that can't be fixed
Reboot when done.

Next:

Even if you've already run these, make SURE they're up-to-date and run per instructions.

Make sure you have the up-to-date versions of Spybot V 1.4 and Ad-aware SE Build 1.06 . All are free and available below.

Download Spybot, install and update. Then download Ad-aware, install, and update.

Spybot:

Install the program and launch it.

Go to Start > Programs >Spybot > Search & Destroy and choose Spybot S&D

Close ALL windows except Spybot S&D
Click the button to "Search for Updates" and download and install the Updates.
Next click the button "Check for Problems"
When Spybot is complete, it will be showing "RED" (RED) entries "BLACK" entries and "GREEN" (GREEN) entries in the window
Put a check mark beside the RED (RED) entries ONLY.
Choose "Fix Selected Problems" and allow Spybot to fix the RED (RED) entries.

Ad-Aware FULL SCAN:

Install the program and launch it.

1. Launch Ad-Aware SE and run the WebUpdate feature. (Click on the Globe icon > Click connect > Click OK > Click Finish.)
2. Set up the Configurations as follows:
-- Click the Gear wheel at the top of the Ad-Aware window
-- Click General > Safety & Settings: Check (Green) all three.
-- Click Tweak > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
3. Click "Proceed"
4. Click "Scan Now"
5. Deselect "Search for negligible risk entries" as negligible risk entries (MRU's) are not considered to be a threat.
6. Select "Search for low-risk threats"
7. Run the scanner using the Full Scan (Perform full system scan) mode.
8. When the scan has completed, select Next.
9. In the Scanning Results window, select the "Scan Summary" tab.
10. Check the box next to each "target family" you wish to remove.
11. Click next > Click OK.



Empty Recycle Bin

Reboot and "copy/paste" a new log file into this thread.
Also please describe how your computer behaves at the moment.

LDTate,
Thx, I have Spybot and Adware as well as AVG Free Edition. All are up to date and as of 10/21 they ran without registering any problems.

My only computer issue is that sometimes when I shut down my computer, it reboots itself. Yes, I am sure that I am not restarting it by accident. I have a shutdown icon that I use. I got it from TweaksGuides. Also, I set my AVG update feature to manuel so that it would not run in the background but allow me to update it when I want, I do it every Friday at least. The setting keeps changing to disable? So, I have to reset it to manuel before I can update. Other than those there is nothing out of the ordinary that I see happening.

After a freash install of XP I had 17 applications running, with no additional programs running, and I still have 17 applications running with the same amount of memory usage, 105MB.

Does this change your advice? Do you have any idea what that program is?

Thx again,
Dan

This post has been edited by DanTheMathlete: Oct 23 2005, 03:42 PM

Does the same thing happen if you use the Start> Shutdown?

I think that might be a Grisoft issue. Last week I couldn't get updates for 2 days.

LDTate
Sorry, it has taken me so long to get back to you, I have been trying to find out the answer to your question. Yes, when I shut down the computer through the normal means it reboots itself?

Dan

http://www.windowsnetworking.com/articles_...s-Shutdown.html

See if these suggestions take care of it.

LDTate,
Thankyou. I have roxio6 and several usb devices. All of these were listed in the article as potential problems.

Dan

Did anything help with the shutdown issue?

LDTate,
I could not find a freeware version of the latest roxio, 8 I belive. I have 6 right now and the problem was associated with version 5 so I do not know if my version causes the same, or a different, reboot issue.

I already have the latest drivers for my mouse, headphones & keyboard and these are my only USB devices. So, I do not know if any of them are causing the problem.

In addition, the problem is intermitant. So, I have been unable to determine what, if any, program might be causing the problem. I shutdown, leave and come back a few hours later, and sometimes, my comp is running?

The short answer to your question is, no. However, not becausse of you but because I do not have the time to adequetly troubleshoot the issue so that I can give you a better idea of what is going on.

If you have any other ideas I can take a shot at I would really appreciate it.

Thank you for all your help,
Dan

The LAN cards have a "wake on demand" feature. If one of the computers on your network is in suspend mode when another PC requests info from it, the PC will automatically power up.) Can you check the settings on your Network card?

LDTate,
I have an MSI mother board with a built in lan card. Also, this is the only computer on my network. I use a Linxsys Router for its firewall protection.

I accessed the lan card through the device manager and under that advanced tab I have a "Wake Up Capabilities" option. There is an associated drop down menu and the current setting is "Magic Packet and Pattern|v" Should I select the "None" setting?

Also, under the the "Power Managment" tab I have the "Allow this device to bring the Computer out of Standby" box unchecked.

Thx,
Dan

I really don't know but if it were mine, I'd give that a try. Have you ever gone into the BIOS settings?

Ya, I am comfortable messing around in BIOS. What do you think I should try?

Dan

Go into the BIOS and look for the lan card and see what the settings are, maybe there's a setting for Wake Up / Wake on Demand. Something along that line.

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

Coyote's Installed programs for prevention:

http://forums.tomcoyote.org/index.php?showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php