can someone check my registry

[oxforddian]

hi guys,
its me again.
i noticed some anomallies while running the laptop, some screens flash and when i tried to do a safeboot in restart i noticed that it was not available again.
here is my runnerscanner, can anyone help out.
thanks again




Runscanner logfile

* = signed file
- = file not found

General info
------------
Computer name : ADMIN
Creation time : 21/02/2009 14:38:22
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 6.0.2900.2180
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 1.8.0.0
User Language : English (United States)
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
* C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
* C:\Program Files\COMODO\SafeSurf\cssurf.exe (COMODO)
* C:\WINDOWS\system32\CTFMON.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
C:\Documents and Settings\admin\Desktop\Virus Removal Tool\is-FBM2E\is-FBM2E.exe (Kaspersky Lab)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\WINDOWS\regedit.exe (Microsoft Corporation)
C:\DOCUME~1\admin\LOCALS~1\Temp\Temporary Directory 1 for RRT.zip\RRT.exe (iSergiwa Software - www.sergiwa.com)
* C:\DOCUME~1\admin\LOCALS~1\Temp\Temporary Directory 3 for runscanner.zip\RunScanner.exe (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe (Conexant Systems Inc.)
* C:\WINDOWS\explorer.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\taskmgr.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)

Unrated items
-------------
002 C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe (Conexant Systems Inc.)
002 C:\DOCUME~1\admin\LOCALS~1\Temp\Temporary Directory 1 for RRT.zip\RRT.exe (iSergiwa Software - www.sergiwa.com)
010 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_state.exe (ASP.NET State Service)
010 C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (MSSQLSERVER)
011 * C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO Internet Security Firewall Driver)
011 * C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO Internet Security Helper Driver)
011 * C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver)
011 C:\WINDOWS\system32\DRIVERS\CnxEtU.sys (Conexant AccessRunner USB ADSL Interface Device Driver)
011 C:\WINDOWS\system32\DRIVERS\CnxTgN.sys (Conexant AccessRunner USB ADSL WAN Adapter Driver)
011 C:\WINDOWS\system32\DRIVERS\CnxEtP.sys (Conexant AccessRunner USB ADSL WAN Adapter Filter Driver)
011 C:\WINDOWS\gwiopm.sys (gwiopm)
011 * C:\WINDOWS\system32\DRIVERS\19880583.sys (is-FBM2Edrv)
011 * C:\Protector Plus\PPDrv.sys (Protector Plus Driver (UnRegistered))
011 * C:\Protector Plus\PPEMSCAN.sys (Protector Plus Email Scan Driver)
011 C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver)
011 C:\WINDOWS\System32\Drivers\Tiny.sys (Tiny Dongle Version 2.0)
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
035 C:\WINDOWS\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}
047 Zone: www.hotmail.com : https://www.hotmail.com
047 Zone: www.yahoo.com : https://www.yahoo.com
052 C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) {22BF413B-C6D2-4d91-82A9-A0F997BA588C}
061 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1D2680C9-0E2A-469d-B787-065558BC7D43}
062 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
100 Start Page HKCU : http://www.yahoo.com/
120 NameServer {15EF787B-3D23-4971-8C42-D690AD270BCB} : 89.165.0.13 4.2.2.3
150 DisableConfig : 1
173 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
221 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
225 GUID / CLSID not found {EBDF1F20-C829-11D1-8233-0020AF3E97A6}
225 GUID / CLSID not found {EBDF1F20-C829-11D1-8233-0020AF3E97A6}
225 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
225 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
227 GUID / CLSID not found {EBDF1F20-C829-11D1-8233-0020AF3E97A6}
231 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info

Missing files
-------------
010 C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\jkiorn.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\hpt3xx.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\IntelIde.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PCIIde.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
042 C:\Program Files\Messenger\msmsgs.exe
061 deskpan.dll
063 autocheck a.0
063 禐İ賠f

[brayden]

looks alright to me. but i'm not good at these. also might i suggest you change from IE to firefox? and upgrade your windows xp to service pack 3.

[hellnoire]

I agree with the SP3 comment, but as for changing browsers, there's no point. It's in the end up to the user for what they want to use for the net. Remember Bray, Lunar uses Chrome and even I use Iron. So it's up to the user.

[utkarsh30june]

Your logfile looks OK to me.

hi guys,
its me again.
i noticed some anomallies while running the laptop, some screens flash and when i tried to do a safeboot in restart i noticed that it was not available again.
here is my runnerscanner, can anyone help out.
thanks again

Runscanner logfile.....................

What kind of problem are you having? Can you please explain it better?

[brayden]

I agree with the SP3 comment, but as for changing browsers, there's no point. It's in the end up to the user for what they want to use for the net. Remember Bray, Lunar uses Chrome and even I use Iron. So it's up to the user.

i just suggested a new web browser as IE sucks out loud. i have a million reasons why it is the worst browser in the world.

[bahirzaheri8]

i just suggested a new web browser as IE sucks out loud. i have a million reasons why it is the worst browser in the world.

I agree but we should stop turning each thread into Browser Wars

[hellnoire]

i just suggested a new web browser as IE sucks out loud. i have a million reasons why it is the worst browser in the world.

I've got a million and one, but as bahirzaheri8, above said, we don't need browser wars.

[oxforddian]

Hi,
Thanks for the advice.
I have updated to sp3.
the problems are
1-the cursor moves slowly to left and up without moving it.
2-i try to use flash desinfector but i get a message nircmd and nircdm.exe not found and it does not work.
3-each time i insert my usb stick i get a message from rrt that there is a virus.
hope it covers it.

here is my new log

Runscanner logfile

* = signed file
- = file not found

General info
------------
Computer name : ADMIN
Creation time : 24/02/2009 13:56:17
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.13
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 1.8.0.0
User Language : English (United States)
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
* C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
* C:\Program Files\COMODO\SafeSurf\cssurf.exe (COMODO)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\DOCUME~1\admin\LOCALS~1\Temp\Temporary Directory 4 for runscanner.zip\RunScanner.exe (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe (Conexant Systems Inc.)
* C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\WgaTray.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\taskmgr.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)

Unrated items
-------------
002 C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe (Conexant Systems Inc.)
002 C:\DOCUME~1\admin\LOCALS~1\Temp\Temporary Directory 1 for RRT.zip\RRT.exe (iSergiwa Software - www.sergiwa.com)
010 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (ASP.NET State Service)
010 C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe (MSSQLSERVER)
011 * C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO Internet Security Firewall Driver)
011 * C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO Internet Security Helper Driver)
011 * C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver)
011 C:\WINDOWS\system32\DRIVERS\CnxEtU.sys (Conexant AccessRunner USB ADSL Interface Device Driver)
011 C:\WINDOWS\system32\DRIVERS\CnxTgN.sys (Conexant AccessRunner USB ADSL WAN Adapter Driver)
011 C:\WINDOWS\system32\DRIVERS\CnxEtP.sys (Conexant AccessRunner USB ADSL WAN Adapter Filter Driver)
011 C:\WINDOWS\gwiopm.sys (gwiopm)
011 * C:\WINDOWS\system32\DRIVERS\19880583.sys (is-FBM2Edrv)
011 * C:\Protector Plus\PPDrv.sys (Protector Plus Driver (UnRegistered))
011 * C:\Protector Plus\PPEMSCAN.sys (Protector Plus Email Scan Driver)
011 C:\WINDOWS\System32\Drivers\Tiny.sys (Tiny Dongle Version 2.0)
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
035 C:\WINDOWS\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}
047 Zone: www.hotmail.com : https://www.hotmail.com
047 Zone: www.yahoo.com : https://www.yahoo.com
052 C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) {22BF413B-C6D2-4d91-82A9-A0F997BA588C}
061 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1D2680C9-0E2A-469d-B787-065558BC7D43}
062 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
069 C:\WINDOWS\system32\mdimon.dll (Microsoft Corporation)
100 Start Page HKCU : http://www.yahoo.com/
150 DisableConfig : 1
173 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
221 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
225 GUID / CLSID not found {EBDF1F20-C829-11D1-8233-0020AF3E97A6}
225 GUID / CLSID not found {EBDF1F20-C829-11D1-8233-0020AF3E97A6}
225 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
225 C:\WINDOWS\system32\_PPCXM_.DLL (Proland Software) {e33318a0-7321-11d6-9c95-0040056df1d1}
227 GUID / CLSID not found {EBDF1F20-C829-11D1-8233-0020AF3E97A6}
231 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info

Missing files
-------------
010 C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\jkiorn.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\hpt3xx.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\IntelIde.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PCIIde.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
061 deskpan.dll
063 autoche

[hellnoire]

I'm not seeing any viruses myself. Someone else might though.

[fletch]

I think a HijackThis Log may be better to check for any Viruses etc

http://www.bleepingcomputer.com/files/hijackthis.php