51 replies to this topic

[ed3000gt]

I am trying to restore my computer to factory. It has been slowing down with time and has become an anoyance sometimes. I have all the cds to restore, but my internal cd-rom has been dead for the past 2 yrs. I own a sony DRX-710L, which I have tryed to use to acomplish the task, with no luck. Should I restore to factory or just try to clean it up a bit? What kind of info I should supply in order to be helped? Thanks for you time and attention towards this post. Happy Easter!

[Doug]

Attempting to use an External USB connected CD-RW in the process of restoring a system can be frought with difficulty, since the required USB drivers "may" not be available outside of the windows environment.
Yes, most modern machines support "legacy USB drivers", but we don't know that your particular External Drive will be supported by your particular machine pre-windows.

Do you know why your internal CD unit is not working?
--- Could be as simple as needing to reinstall the drivers via Device manager.
___________

An excellent way to acquire an overview of your present machine's hardware and software functioning is to use the Full Tests at PCPitstop.

Please go to http://www.pcpitstop.com
Select - Full Tests, Register and create your own password, then Run the Full Tests.

Once your Full tests are complete (takes about 2 minutes online) you will receive browseable Results for your machine.

Please Click on the TechExpress item in the brown box in the upper right of any Results page.
Then copy/paste the TechExpress Link (including the URL), including it in your next reply here in this thread.

We wil then be better able to assist you in any recommendations/repairs that may be necessary.

Best Regards

[ed3000gt]

Went to web site and created account and password, as soon as I started running got a window saying the following:
16 bit MS-DOS Subsystem
C:\WINDOWS\system32\pcpbios.exe
C:\PROGRA~1\Symantec\S32EVNT1.DLL. An installable Virtual Device Driver failed Dll initialization. Choose 'Close' to terminate the application.

Then the test would go on until getting this error message.


Internet Explorer
Internet Explorer has encountered a problem with an add-on and needs to close.

The following add-on was running when this problem ocured:

Add-on Name: PCPitstop.dll
Company Name: P.C. Pitstop LLC
Description: PCPitstop ActiveX


and when I would click Continue, everything closes down.

if I go to my computer, icon for cd-rom appears there. When access properties, shows that is working properly. but if I click to open tray, or press the open button, it won't respond.


http://www.pcpitstop...KNMFWNVMAWS1WUJ



Logfile of HijackThis v1.99.1
Scan saved at 3:26:35 PM, on 4/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Outlook Express\msimn.exe
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4nb.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=www-proxy:8080;http=www-proxy:8080;https=www-proxy:8080;socks=www-proxy:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [msig] C:\WINDOWS\system32\scamdisk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h20278.www2.h...DataManager.CAB
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://www.runaware....phin/wficat.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by118fd.bay11...es/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1170392359637
O16 - DPF: {94118C19-B178-4E43-BBE8-0EFDBB391BDB} - http://www.sponsorad...sWebTelecom.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe




My Computer Information - Hardware

Please wait while information is being collected...




100% (collecting Memory (RAM) information)

Refresh screen
Local Disk (partitioned) HITACHI_DK23EA-40

Installed Capacity - 23.50 MB
None Used: Unknown
Free: Unknown

(C:) Capacity - 37.24 GB
Used: 16.37 GB
Free: 20.87 GB





Display
Type: Default Monitor
Color: True Color (32 Bit)
Resolution: 1024 x 768
Screen Saver: Not Active


Modem
Manufacturer: Unknown
Model: Conexant 56K ACLink Modem
Driver: Unknown

Modem
Manufacturer: Unknown
Model: Sony Ericsson W600 USB WMC Data Modem
Driver: Unknown

Modem
Manufacturer: Unknown
Model: Sony Ericsson W600 USB WMC Modem
Driver: Unknown

Modem
Manufacturer: Unknown
Model: Motorola USB Modem
Driver: Unknown

Modem
Manufacturer: Unknown
Model: Motorola USB Modem
Driver: Unknown


USB Controller
Manufacturer: ACER Labs Inc.
Model: ALi PCI to USB Open Host Controller
Driver: usbohci.sys
Monday, March 31, 2003
Supported

USB Controller
Manufacturer: (Standard USB Host Controller)
Model: Standard Enhanced PCI to USB Host Controller
Driver: usbehci.sys
Monday, March 31, 2003
Supported

USB Controller
Manufacturer: NEC
Model: NEC PCI to USB Open Host Controller
Driver: usbohci.sys
Monday, March 31, 2003
Supported

USB Controller
Manufacturer: NEC
Model: NEC PCI to USB Open Host Controller
Driver: usbohci.sys
Monday, March 31, 2003
Supported


CD-ROM Drive (D:)
Manufacturer: (Standard CD-ROM drives)
Model: QSI CDRW/DVD SBW-241
Driver: cdrom.sys
Monday, March 31, 2003
Supported


Video Card
Model: RADEON IGP 320M
Driver: ati2mtag.sys
Friday, December 12, 2003
Not Supported


Sound Card
Manufacturer: Hewlett Packard
Model: Conexant AC-Link Audio
Driver: caliaud.sys
Saturday, January 17, 2004
Not Supported

Sound Card
Manufacturer: Microsoft
Model: Unimodem Half-Duplex Audio Device
Driver: modemcsa.sys
Monday, August 05, 2002
Supported


Network Card
Model: National Semiconductor Corp. DP83815 10/100 MacPhyter3v PCI Adapter - Packet Scheduler Miniport
Driver: dp83815.sys
Monday, May 20, 2002
Not Supported


Floppy Drive
Not Installed


Memory (RAM)
Capacity: 768 MB

Edited by ed3000gt, 05 April 2007 - 01:48 PM.

[Doug]

Count them.......... (13) thirteen McAfee processes running at StartUp (resting state before you begin using any Windows or applications) --- And that doesn't even count the "Services"! If you want your computer back under your own control and available to have it do what you want it to do, I recommend you consider Uninstalling McAfee. Select instead: AVG AntiVirus 7.5 (free version) Zone Alarm FireWall (free version) AVG AntiSpyware 7.5 (free version) SpywareBlaster (free) Spybot Search & Destroy (free version 1.4) CleanUp! 4.51 (free) _________ If you make the above changes, run a fresh PCPitstop Full Test and post the new TechExpress. There are additional items in StartUp that are highly optional and in one case hugely resource consuming. Best Regards

[ed3000gt]

when running PCPitstop got same errors as before.

whenever is goint to check drive: C is when the

Internet Explorer
Internet Explorer has encountered a problem with an add-on and needs to close.

The following add-on was running when this problem ocured:

Add-on Name: PCPitstop.dll
Company Name: P.C. Pitstop LLC
Description: PCPitstop ActiveX

comes up.

http://www.pcpitstop...NNMFWT4MAWS7CUJ

what is all the "svchost.exe"?

Logfile of HijackThis v1.99.1
Scan saved at 4:28:24 PM, on 4/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\HPConfig.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4nb.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=www-proxy:8080;http=www-proxy:8080;https=www-proxy:8080;socks=www-proxy:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [msig] C:\WINDOWS\system32\scamdisk.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h20278.www2.h...DataManager.CAB
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://www.runaware....phin/wficat.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by118fd.bay11...es/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1170392359637
O16 - DPF: {94118C19-B178-4E43-BBE8-0EFDBB391BDB} - http://www.sponsorad...sWebTelecom.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

what else should I get rid off?

I was only using mcafee cause it was free through comcast.


Just finished installing avg 7.5 and CleanUp! 4.51, already have spybot. what else should I install?

Thanks

Edited by ed3000gt, 05 April 2007 - 02:42 PM.

[Doug]

svchost.exe is a system process belonging to the Microsoft Windows Operating System which handles processes executed from DLLs. This program is important for the stable and secure running of your computer and should not be terminated.

It is not at all uncommon to have several instances of svchost.exe running active on a machine, since it is the main process through which other legitimate applications can gain access to the internet.
________

You do, however, have one item in your HJT Log that I am "suspicious of". (Citrix)238F6F83-B8B4-11CF-8771-00A024541EE3 -- It is almost always SAFE, but can be vulnerable to exploit.
So please run a fresh HJT and copy/paste the Log file over in our Malware Removal Forum for some expert advice.
__________

Windows Language Support - ctfmon.exe, is rarely used by anyone unless they require voice-activation disability access tools. If you do not require such tools, disable ctfmon.exe
Control Panel - Regional and Language Options - Languages - Details - Advanced - checkmark/tick the box that says "Turn off advanced text services"
__________

turn on IE page check:

Start Internet Explorer
Select Tools | Internet Options | General
Select Settings... under Temporary Internet files.
Select Automatically.
Click OK on both the Settings window and on the Internet options window to accept the changes.
__________

Apple iTunes Apple Inc. C:\Program Files\iTunes\iTunesHelper.exe
ATI taskbar icon ATI Technologies, Inc. C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Sun Java Update Sun Microsystems, Inc. C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

Disable these three items via MSCONFIG
_______________

Run and post a fresh PCPitstop Full Tests, now that you have uninstalled McAfee and installed AVG (and the other recommended utilities from my first post)

Best Regards

[ed3000gt]

still getting same errors from PC pitstop test

http://www.pcpitstop...KNMFWNVMAWS1WUJ

and just used a different pc to do the test and it went all the way.

when gets to:

PC Pitstop Tests: Check Disk Health
Checking drive C... 0%If your computer stops during these tests or an error message is displayed, please go back to the testing start page and click the bell for troubleshooting help.

is when the message:

Internet Explorer
Internet Explorer has encountered a problem with an add-on and needs to close.

The following add-on was running when this problem ocured:

Add-on Name: PCPitstop.dll
Company Name: P.C. Pitstop LLC
Description: PCPitstop ActiveX

comes up.



Logfile of HijackThis v1.99.1
Scan saved at 5:22:25 PM, on 4/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\HPConfig.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\system32\dwwin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4nb.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=www-proxy:8080;http=www-proxy:8080;https=www-proxy:8080;socks=www-proxy:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msig] C:\WINDOWS\system32\scamdisk.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h20278.www2.h...DataManager.CAB
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://www.runaware....phin/wficat.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by118fd.bay11...es/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150...ip/RdxIE601.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1170392359637
O16 - DPF: {94118C19-B178-4E43-BBE8-0EFDBB391BDB} - http://www.sponsorad...sWebTelecom.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe



should I have installed all of the suggested programs??

Edited by ed3000gt, 05 April 2007 - 03:26 PM.

[Doug]

OK. Looking much better.

Let's hold off on any further recommendations here in OCP regarding your Operating System and applications, until we get an "all clear" signal from an expert over in the Malware Removal Forums.

We do not analyze HJT Logs here. Please post your HJT Log over in Malware Removal.

After completing any necessary work in the Malware Removal Forum, please feel free to post back here with any additional questions.

Your Log is showing additional suspicious items!
Please Post your HJT Log over in our Malware Removal Forum, just as soon as you have Zone Alarm installed!

Best Regards

EDIT: Yes, install all of the recommended anti-malware utilities for best protection.

AT the VERY Least ---- Install Zone Alarm Firewall prior to doing anything else!!!

Edited by dough, 05 April 2007 - 03:55 PM.

[ed3000gt]

How about the errors when running PCpitstop??? should I do anything about it?

[Doug]

Not at this time. Let's get that Malware Check-Up before making any additional "system" changes. When you post over to the Malware Removal Forum, we will stop adding recommendations here in this thread until after any Malware Removal recommendations are complete. (to avoid confusion and conflicts which could be caused by multiple sources of recommendations overlapping each other) When you are released with an "all clear" for the malware part, please feel free to post back here with any additional questions. Best Regards

[ed3000gt]

How abou the CD-ROM, any ideas why it is showing to be fine, but I still get no responce when trying to play anything on it? It is being recognised by the system and, yet, is not responding to anything. Anyway to test it?

[Doug]

regarding CD-ROM

Look in your Device Manager - DVD/CD Drives - Double-click to View the Drivers.
Any yellow or red warning signs?

You can safely "Remove" the CD-ROM driver and allow Windows to "Find New Hardware" and "Install drivers for new hardware", when you reboot.

Removing and allowing Drivers to be reinstalled is often the best solution.

"If" the optical drive is a DVD unit, "removing" the driver is still possible, but Windows will only "find" it as a CD-ROM, until you install the "proprietary" software to enable it to handle DVD.

If the above doesn't help, then we'll be running Windows File Protection Utilities --- but not yet!

Again, I'd "wait" until completing any necessary work in Malware Removal Forum.
Please be patient with the folks over there. They are all Volunteers, and quite busy.

Best Regards

***
EDIT:
this appears to be your Optical Drive

QSI CDRW/DVD SBW-241 CD-RW 4224 KB/s (24X) 4236 KB/s (24X)

Since PCPitstop "found it". That means that it is installed, has drivers, and is being recognized by Windows.
Hmmm??? What Optical Drive "behavior" are you having trouble with?

Note: This is a CDRW/DVD Optical Drive.
My comment above regarding "specialized software" applies to both the RW functions and the DVD functions.
Make sure you have the correct installation CDs.

Edited by dough, 05 April 2007 - 10:21 PM.

[ed3000gt]

yep.. that is it... i removed.. and when restarted it was reinstalled.. but when right clicking on it end selecting eject, it wont open.. or when pressing the button on it. and when forcing it open by using a paper clip and closing it, cd doesn't spin. could it be some internal damage to the driver it self?

[Doug]

Make sure the "power connection plug" is firmly seated. Try another "power connection plug", any spare available of the same size/description available inside of case.

[ed3000gt]

I wouldn't had bought an external drive if I could do that.. but we are dealing with a laptop. not much access... took apart once and found no lose connections.. lost couple screws to the case though . ehehe