Jump to content

Scottieson

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

 Content Type 

Everything posted by Scottieson

  1. Scottieson
    Nope its just the microsoft update website only seems to want to work on ie but other than that i think we are good. Thanks
  2. Scottieson
    GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-05-11 02:22:46 Windows 6.0.6001 Service Pack 1 ---- System - GMER 1.0.15 ---- SSDT 9D35858C ZwCreateThread SSDT 9D358578 ZwOpenProcess SSDT 9D35857D ZwOpenThread SSDT 9D358587 ZwTerminateProcess INT 0x61 ? 90EF2550 INT 0x62 ? 90ECD550 INT 0x71 ? 90EF27D0 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetTimerEx + 454 822FBA18 4 Bytes [8C, 85, 35, 9D] .text ntkrnlpa.exe!KeSetTimerEx + 624 822FBBE8 4 Bytes [78, 85, 35, 9D] .text ntkrnlpa.exe!KeSetTimerEx + 640 822FBC04 4 Bytes [7D, 85, 35, 9D] .text ntkrnlpa.exe!KeSetTimerEx + 854 822FBE18 4 Bytes [87, 85, 35, 9D] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[5916] kernel32.dll!SetUnhandledExceptionFilter 775E6E2D 5 Bytes JMP 64624FAF C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\USER32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!DefWindowProcA] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6113A40D] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [61139C3F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6113A37F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6113A33F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!GetStockObject] [6113909F] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!TrackPopupMenuEx] [61138FA4] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!TrackPopupMenu] [61138F66] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetSysColorBrush] [611390A5] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!GetSysColor] [61138FE2] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!DefWindowProcW] [61139856] C:\Program Files\Yahoo!\Messenger\yui.dll IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2484] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!AnimateWindow] [611390DD] C:\Program Files\Yahoo!\Messenger\yui.dll ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB) Device \Driver\BTHUSB \Device\00000080 bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) Device \Driver\BTHUSB \Device\0000007e bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e37b3c72e Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e37b3c72e ---- EOF - GMER 1.0.15 ----
  3. Scottieson
    I am not able to put the second part here because i wont let me upload it
  4. Scottieson
    Hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:46:00 AM, on 5/2/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16809) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Program Files\DigitalPersona\Bin\DpAgent.exe C:\Windows\system32\taskeng.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\system32\CF26412.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Windows\Explorer.exe C:\Windows\system32\notepad.exe C:\ComboFix\handle.cfexe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [JaaduVNCConnect] "C:\Program Files\Jugaari\Jaadu VNC Connect\JaaduConnect.exe" -autostart O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Vongo Tray.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O22 - SharedTaskScheduler: Fences - {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - C:\Program Files\Stardock\Fences\DesktopDock.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe -- End of file - 12079 bytes Combofix was too long i had to put it as an attachment combofix_part_1.txt combofix_part_1.txt
  5. Scottieson
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:46:00 AM, on 5/2/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16809) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Program Files\DigitalPersona\Bin\DpAgent.exe C:\Windows\system32\taskeng.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\system32\CF26412.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Windows\Explorer.exe C:\Windows\system32\notepad.exe C:\ComboFix\handle.cfexe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [JaaduVNCConnect] "C:\Program Files\Jugaari\Jaadu VNC Connect\JaaduConnect.exe" -autostart O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Vongo Tray.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O22 - SharedTaskScheduler: Fences - {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - C:\Program Files\Stardock\Fences\DesktopDock.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe -- End of file - 12079 bytes
  6. Scottieson
    The only real problem is when i try to go to the microsoft update website i get this message: Thank you for your interest in obtaining updates from our site. To use this site, you must be running Microsoft Internet Explorer 5 or later. To upgrade to the latest version of the browser, go to the Internet Explorer Downloads website. If you prefer to use a different web browser, you can obtain updates from the Microsoft Download Center or you can stay up to date with the latest critical and security updates by using Automatic Updates. To turn on Automatic Updates: 1. Click Start, click Control Panel, and then click Security. 2. Click Security Center, and then make sure Automatic updating is turned on. To enhance the security and performance of your computer, make sure Windows automatic updating is not turned off. And norton wont update but i am going to download avg or avira. But, other than that everything seems to be in order, i truly appreciate you taking your time to help me.
  7. Scottieson
    ComboFix 09-05-02.4 - Scott 05/02/2009 0:29.2 - NTFSx86 Microsoft
  8. Scottieson
    Update: windows automatically updated when i restarted my computer, but my norton still cannot update.
  9. Scottieson
    Sorry about jumping the gun i was just a little impatient. But i ran combofix and hijackthis. combofix1.txt hijackthis2.txt combofix1.txt hijackthis2.txt
  10. Scottieson
    Also an update: while i know im not out of the woods yet i can now get on the malwarebytes website without being taken to some bogus website, but when i try to get on windows update it states that i need to have ie 5 or above which i used, and i also tried on chrome, and firefox to no avail.
  11. Scottieson
    While waiting i also decided to run AntiRootkit and i have the log: GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-05-01 10:07:59 Windows 6.0.6000 ---- System - GMER 1.0.15 ---- SSDT 912CF738 ZwAlertResumeThread SSDT 912CF818 ZwAlertThread SSDT 912DB720 ZwAllocateVirtualMemory SSDT 90EF6B88 ZwAlpcConnectPort SSDT 912CF488 ZwCreateMutant SSDT 912BE498 ZwCreateThread SSDT 90FF4660 ZwDebugActiveProcess SSDT 912CFEF0 ZwFreeVirtualMemory SSDT 912CF578 ZwImpersonateAnonymousToken SSDT 912CF658 ZwImpersonateThread SSDT 90FACB08 ZwMapViewOfSection SSDT 90FF4900 ZwOpenEvent SSDT 9127F698 ZwOpenProcessToken SSDT 90FF4740 ZwOpenSection SSDT 912DE400 ZwOpenThreadToken SSDT 912DDAC0 ZwResumeThread SSDT 912DE340 ZwSetContextThread SSDT 90FAC9B0 ZwSetInformationProcess SSDT 912DE270 ZwSetInformationThread SSDT 90FF4820 ZwSuspendProcess SSDT 912CF960 ZwSuspendThread SSDT 90FFACC8 ZwTerminateProcess SSDT 912CFA40 ZwTerminateThread SSDT 912822C0 ZwUnmapViewOfSection SSDT 912CFFC0 ZwWriteVirtualMemory INT 0x61 ? 90894550 INT 0x62 ? 90891550 INT 0x71 ? 908947D0 ---- Kernel code sections - GMER 1.0.15 ---- ? C:\Windows\system32\drivers\rootrepeal.sys The system cannot find the file specified. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtCreateFile + 6 773CF41A 4 Bytes [25, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtCreateFile + B 773CF41F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + 6 773CFB6A 1 Byte [25] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + 6 773CFB6A 4 Bytes [25, 03, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtMapViewOfSection + B 773CFB6F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenFile + 6 773CFBFA 4 Bytes [65, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenFile + B 773CFBFF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcess + 6 773CFC7A 4 Bytes [A5, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcess + B 773CFC7F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessToken + 6 773CFC8A 4 Bytes [E5, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessToken + B 773CFC8F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessTokenEx + 6 773CFC9A 4 Bytes [A5, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenProcessTokenEx + B 773CFC9F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThread + 6 773CFCEA 4 Bytes [65, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThread + B 773CFCEF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadToken + 6 773CFCFA 4 Bytes [65, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadToken + B 773CFCFF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadTokenEx + 6 773CFD0A 4 Bytes [E5, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtOpenThreadTokenEx + B 773CFD0F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryAttributesFile + 6 773CFD9A 4 Bytes [A5, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryAttributesFile + B 773CFD9F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryFullAttributesFile + 6 773CFE4A 4 Bytes [E5, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtQueryFullAttributesFile + B 773CFE4F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationFile + 6 773D036A 4 Bytes [25, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationFile + B 773D036F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationThread + 6 773D03BA 4 Bytes [25, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtSetInformationThread + B 773D03BF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + 6 773D065A 1 Byte [65] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + 6 773D065A 4 Bytes [65, 03, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[1292] ntdll.dll!NtUnmapViewOfSection + B 773D065F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtCreateFile + 6 773CF41A 4 Bytes [25, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtCreateFile + B 773CF41F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtMapViewOfSection + 6 773CFB6A 1 Byte [25] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtMapViewOfSection + 6 773CFB6A 4 Bytes [25, 03, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtMapViewOfSection + B 773CFB6F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenFile + 6 773CFBFA 4 Bytes [65, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenFile + B 773CFBFF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenProcess + 6 773CFC7A 4 Bytes [A5, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenProcess + B 773CFC7F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenProcessToken + 6 773CFC8A 4 Bytes [E5, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenProcessToken + B 773CFC8F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenProcessTokenEx + 6 773CFC9A 4 Bytes [A5, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenProcessTokenEx + B 773CFC9F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenThread + 6 773CFCEA 4 Bytes [65, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenThread + B 773CFCEF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenThreadToken + 6 773CFCFA 4 Bytes [65, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenThreadToken + B 773CFCFF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenThreadTokenEx + 6 773CFD0A 4 Bytes [E5, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtOpenThreadTokenEx + B 773CFD0F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtQueryAttributesFile + 6 773CFD9A 4 Bytes [A5, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtQueryAttributesFile + B 773CFD9F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtQueryFullAttributesFile + 6 773CFE4A 4 Bytes [E5, 00, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtQueryFullAttributesFile + B 773CFE4F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtSetInformationFile + 6 773D036A 4 Bytes [25, 01, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtSetInformationFile + B 773D036F 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtSetInformationThread + 6 773D03BA 4 Bytes [25, 02, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtSetInformationThread + B 773D03BF 1 Byte [E2] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtUnmapViewOfSection + 6 773D065A 1 Byte [65] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtUnmapViewOfSection + 6 773D065A 4 Bytes [65, 03, 06, 00] .text C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe[5384] ntdll.dll!NtUnmapViewOfSection + B 773D065F 1 Byte [E2] ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation) Device \Driver\BTHUSB \Device\0000007d bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) Device \Driver\BTHUSB \Device\0000007f bthport.sys (Bluetooth Bus Driver/Microsoft Corporation) ---- Services - GMER 1.0.15 ---- Service system32\drivers\gaopdxjwrsvlapiexjmbtmejbledamwptjdajm.sys (*** hidden *** ) [sYSTEM] gaopdxserv.sys <-- ROOTKIT !!! ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e37b3c72e Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@group file system Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys@imagepath \systemroot\system32\drivers\gaopdxjwrsvlapiexjmbtmejbledamwptjdajm.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys\modules Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys\modules@gaopdxserv \\?\globalroot\systemroot\system32\drivers\gaopdxjwrsvlapiexjmbtmejbledamwptjdajm.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\gaopdxserv.sys\modules@gaopdxl \\?\globalroot\systemroot\system32\gaopdxicvslrqnpecbwyqskvoyqmvdjkmxikow.dll Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001e37b3c72e Reg HKLM\SYSTEM\ControlSet002\Services\gaopdxserv.sys@start 1 Reg HKLM\SYSTEM\ControlSet002\Services\gaopdxserv.sys@type 1 Reg HKLM\SYSTEM\ControlSet002\Services\gaopdxserv.sys@group file system Reg HKLM\SYSTEM\ControlSet002\Services\gaopdxserv.sys@imagepath \systemroot\system32\drivers\gaopdxjwrsvlapiexjmbtmejbledamwptjdajm.sys Reg HKLM\SYSTEM\ControlSet002\Services\gaopdxserv.sys\modules Reg HKLM\SYSTEM\ControlSet002\Services\gaopdxserv.sys\modules@gaopdxserv \\?\globalroot\systemroot\system32\drivers\gaopdxjwrsvlapiexjmbtmejbledamwptjdajm.sys Reg HKLM\SYSTEM\ControlSet002\Services\gaopdxserv.sys\modules@gaopdxl \\?\globalroot\systemroot\system32\gaopdxicvslrqnpecbwyqskvoyqmvdjkmxikow.dll ---- EOF - GMER 1.0.15 ----
  12. Scottieson
    here is my combofix log: ComboFix 09-04-30.05 - Scott 04/30/2009 23:37.1 - NTFSx86 Microsoft
  13. Scottieson
    I ran combo fix it found a root kit. Combofix is currently rebooting my computer. I will get you a log momentarily.
  14. Scottieson
    Just have recently found out i cant update windows or open some malware programs. i have tried the ultimate boot cd to no avail i am hoping through this to get malware bytes to work and fix most of my problems. Heres my log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:37:07 PM, on 4/30/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16809) Boot mode: Normal Running processes: C:\Program Files\DigitalPersona\Bin\DpAgent.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Jugaari\Jaadu VNC Connect\JaaduConnect.exe C:\Program Files\Registry Mechanic\RMTray.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:/ /www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F 0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [sMSERIAL] C :\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [JaaduVNCConnect] "C:\Program Files\Jugaari\Jaadu VNC Connect\JaaduConnect.exe" -autostart O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4=2 0- Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Vongo Tray.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\R EFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{80302C92-C9E2-4115-BBB1-A2A285CC3D74}: NameServer = 85.255.112.24,85.255.112.118 O17 - HKLM\System\CCS\Services\Tcpip\..\{B9B865CD-3CA8-4801-81B4-4E1A090CE17D}: NameServer = 85.255.112.24,85.255.112.118 O17 - HKLM\System\CCS\Services\Tcpip\..\{C291AC11-BCE1-440B-B420-58CA47498310}: NameServer = 85.255.112.24,85.255.112.118 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.24,85.255.112.118 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.24,85.255.112.118 O17 - HKLM\System\CCS\Services\Tcpip\Param eters: NameServer = 85.255.112.24,85.255.112.118 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O22 - SharedTaskScheduler: Fences - {EC654325-1273-C2A9-2B7C-45A29BCE2FBD} - C:\Program Files\Stardock\Fences\DesktopDock.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service=2 0(CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\V ongoService.exe -- End of file - 13921 bytes THANKS ALL!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.