Are there any faults with My Computer

Status
Not open for further replies.
Adam, I;m going to sort this out for you, hoping to better help you understand what's running. You give us no indication of having a problem and when someone just drops logs off with no comment, it isn't always possible to interpret everything:

#1: Re: C:\Program Files\Kontiki\KService.exe
Re: O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
Sky Broadband is an internet service provider for Sky Digital customers. (Wireless Router Included, Free McAfee Internet Security Software for 1 year, 24/7 Technical Support, Stay connected and get organised with Sky Email and Tools 'powered by Google':
It installs onto your system a P2P (Peer-to-Peer) application called Kontiki.:
Re: O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
Kontiki is a digital media distribution technology company.- A peer to peer network. It is based in the UK. KService.exe, Kontiki Delivery Manager provides the basis of many of the UK's video on demand services, including Sky Anytime, 4od and the BBC iPlayer.
Kontiki works using peer to peer technology. Rather than the user downloading the television program from a central server, the users download from each other. The purpose of this is to allow others to access the movie data that lives on your PC. This means that they entire Sky by Broadband system is a big P2P experiment and everyone wanting in on Sky by Broadband has to take part.
FAQ from Sky: "If you download and save content to your computer system (a "File"), during the license period for the relevant File, we may upload parcels of content from the File from your computer system for the purpose of transferring Files to other users of the Service."
Also, the P2P link continues to run in the background after you've shut down the main application, eating up bandwidth by allowing others to download the files from your PC. Kontiki installs itself onto the system as a service and uninstalling Sky by Broadband doesn't seem to uninstall it - it has to be removed manually after uninstalling Sky by Broadband.

Kontiki also collects and sends back to Sky a lot of information about your PC.
http://www.pcdoctor-guide.com/wordpress/?p=2452
 
#2: You are running multiple antivirus programs:
Antivirus:
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://amiuptodate.mcafee.com/vsc/bin/2,0,0,0/McUpdatePortal.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5105/mcfscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
C:\PROGRA~1\AVG\AVG8\avgrsx.exeAVG v8
D:\Documents and Settings\All Users\Desktop\Kaspersky Lab Tool\is-IE8O2\is-IE8O2.exe> AV scan and remover
You should only have one antivirus program.
 
we are not running mcafee we uninstalled that and used the mcafee removal tool as well all we have running is AVG and Spyware Terminator
 
#3: You have an excess of spyware/adware programs. You only need two:

Spyware/Adware programs:
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe> AVG v8
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
SuperAdBlocker
#4: Are these connections necessary?
C:\Program Files\Oxigen\bin\Oxigen.exe> Open University Oxigen screensaver admin client. Downloads the latest information from the net to display in the screen saver.
C:\Program Files\Oxigen\bin\OxiTray.exe
O4 - HKLM\..\Run: [OxigenClientAdmin] "C:\Program Files\Oxigen\bin\Oxigen.exe"
O4 - HKLM\..\Run: [OxigenTrayIcon] C:\Program Files\Oxigen\bin\OxiTray.exe
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab
 
#5: Games a frequent sources of adware and spyware. You have many loaded and running:
O9 - Extra button: ITV Poker - {33F9B98B-9321-4e16-B47B-7B510193A601} - C:\Program Files\ITV\ITVPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: ITV Poker - {33F9B98B-9321-4e16-B47B-7B510193A601} - C:\Program Files\ITV\ITVPoker\RunApp.exe
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
#6:Need verification: IF you enabled these processes, okay. Otherwise, remove:
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
Part of MS Input Method Editor which is used to ease the input of Asian characters in MS Office (Chinese, Korean and this one is Japanese)
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> Part of Microsoft's Input Message Editor (IME) for translating Japanese/Chinese text in IE, Outlook and Word
O16 - DPF: {759AA6A5-76B2-43E2-B940-B0C336C69E01} - http://202.106.184.51/download/VodoneActivex.cab> Video service from China
 
#7: File Sharing alert: These all give great potential for malware:
O2 - BHO: (no name) - {24be204e-fe37-41f0-9f62-20dbd99a89a7} - C:\WINDOWS\system32\jlsviwho.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
vmclink Class {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} X BHO [random filename] (examples: NSTPIBVZ.dll, MZQJTPKSSX.dll, RZPFGBDYDDMM.dll) Trojan downloader of Chinese origin connecting to various sites
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
#8. If this is your ISP, leave it, otherwise have HijjackThis remove it
:O14 - IERESET.INF: START_PAGE_URL=http://www.tesco.net
 
Status
Not open for further replies.
Back