Jump to content

ChowYungPHAT

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Yes, my PC was slow before I posted here. That's what brought me here. If the logs look clean then I'm assuming this is a hardware issue...?
  2. Yeah, I have a couple flash drives around here. I haven't experienced any redirects. I've run multiple scans that have produced no issues. I've dusted inside the case but the processor seems to be running very hot. I don't know what is a normal temperature but it will burn you almost instantly. No objects found. Log is too long to post so I'm attaching. TDSSKiller.2.8.16.0_09.04.2013_16.42.19_log.txt
  3. Requires frequent reboots due to Internet Explorer freezing. Often takes several minutes to switch between windows. Each IE window is using over 100 MB RAM, which seems high.
  4. You want me to actually attach the file itself? Not copy/paste? How do I do that?
  5. ComboFix 13-03-31.01 - Jared 03/31/2013 3:17.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1752 [GMT -4:00] Running from: c:\documents and settings\Jared\Desktop\ComboFix.exe AV: *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} AV: Norton Security Suite *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} FW: Norton Security Suite *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Jared\frnxwmmiey.tmp c:\documents and settings\Jared\g2mdlhlpx.exe c:\documents and settings\Jared\My Documents\~WRL0234.tmp c:\documents and settings\Jared\My Documents\~WRL0898.tmp c:\documents and settings\Jared\My Documents\~WRL2666.tmp c:\documents and settings\Jared\My Documents\~WRL4003.tmp c:\documents and settings\Jared\My Documents\~WRL4049.tmp c:\program files\Shared c:\windows\system32\535816040 c:\windows\system32\535816040\frt0.rar c:\windows\system32\535816040\frt0.rar.ver c:\windows\system32\535816040\frt1.rar c:\windows\system32\535816040\frt1.rar.ver c:\windows\system32\535816040\frt10.rar c:\windows\system32\535816040\frt10.rar.ver c:\windows\system32\535816040\frt11.rar c:\windows\system32\535816040\frt11.rar.ver c:\windows\system32\535816040\frt12.rar c:\windows\system32\535816040\frt12.rar.ver c:\windows\system32\535816040\frt13.rar c:\windows\system32\535816040\frt13.rar.ver c:\windows\system32\535816040\frt14.rar c:\windows\system32\535816040\frt14.rar.ver c:\windows\system32\535816040\frt15.rar c:\windows\system32\535816040\frt15.rar.ver c:\windows\system32\535816040\frt2.rar c:\windows\system32\535816040\frt2.rar.ver c:\windows\system32\535816040\frt3.rar c:\windows\system32\535816040\frt3.rar.ver c:\windows\system32\535816040\frt4.rar c:\windows\system32\535816040\frt4.rar.ver c:\windows\system32\535816040\frt5.rar c:\windows\system32\535816040\frt5.rar.ver c:\windows\system32\535816040\frt6.rar c:\windows\system32\535816040\frt6.rar.ver c:\windows\system32\535816040\frt7.rar c:\windows\system32\535816040\frt7.rar.ver c:\windows\system32\535816040\frt8.rar c:\windows\system32\535816040\frt8.rar.ver c:\windows\system32\535816040\frt9.rar c:\windows\system32\535816040\frt9.rar.ver c:\windows\system32\846861712 c:\windows\system32\846861712\new.i5.kwd c:\windows\system32\846861712\new.i6.kwd c:\windows\system32\akjqpiuf.ini c:\windows\system32\drivers\etc\lmhosts c:\windows\system32\drrqdsvh.ini c:\windows\system32\eejyyuxv.ini c:\windows\system32\eujjyrtw.ini c:\windows\system32\glppnbuo.ini c:\windows\system32\lqplmukm.ini c:\windows\system32\SCbddMoq.ini c:\windows\system32\SCbddMoq.ini2 c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\msvcr71.dll.int c:\windows\system32\URTTemp\regtlib.exe c:\windows\system32\xicnuffc.ini c:\windows\system32\xniigpkd.ini c:\windows\wininit.ini c:\windows\wt c:\windows\wt\data.wts c:\windows\wt\updater\wcmdmgr.exe c:\windows\wt\updater\wcmdmgrl.exe c:\windows\wt\updater\wt.ini c:\windows\wt\webdriver.dll c:\windows\wt\webdriver\4.1.1\actorobject.dll c:\windows\wt\webdriver\4.1.1\dx5drv.dll c:\windows\wt\webdriver\4.1.1\dx7drv.dll c:\windows\wt\webdriver\4.1.1\objectbundle.dll c:\windows\wt\webdriver\4.1.1\sound.dll c:\windows\wt\webdriver\4.1.1\wdcaps.ded c:\windows\wt\webdriver\4.1.1\wdengine.dll c:\windows\wt\webdriver\4.1.1\webdriver.dll c:\windows\wt\webdriver\4.1.1\wthost.exe c:\windows\wt\webdriver\4.1.1\wthostctl.dll c:\windows\wt\webdriver\4.1.1\wtmulti.dll c:\windows\wt\webdriver\4.1.1\wtmulti.jar c:\windows\wt\webdriver\4.1.1\wtwmplug.ax c:\windows\wt\webdriver\4.1.1\wtwmplug.ini c:\windows\wt\webdriver\export.dat c:\windows\wt\webdriver\jdriver.dll c:\windows\wt\webdriver\rdriver.dll c:\windows\wt\webdriver\wildtangent.jar c:\windows\wt\webdriver\wtdmmp.dll c:\windows\wt\webdriver\wtdmmpi.jar c:\windows\wt\webdriver\wtdmmpv.dll c:\windows\wt\wt3d.dll c:\windows\wt\wt3d.ini c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\controlPanel\index.html c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\update_info\data.wts c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmp.dll c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpi.jar c:\windows\wt\wtupdates\dmmp\3.0.2.000\files\wtdmmpv.dll c:\windows\wt\wtupdates\dmmp\3.0.2.000\install\dmmp.cdanfo c:\windows\wt\wtupdates\dmmp\3.0.2.000\install\DMMP_Uninstall.cdas c:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar c:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll c:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll c:\windows\wt\wtupdates\DRM\3.2.0.19\files\wt.sto c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll c:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll c:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dll c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wts c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll c:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dll c:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt c:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll c:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dll c:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dll c:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wts c:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.ded c:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dll c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas c:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dll c:\windows\wt\wtupdates\webd\4.1.1\files\wildtangent.jar c:\windows\wt\wtupdates\webd\4.1.1\files\wt3d.ini c:\windows\wt\wtupdates\webd\4.1.1\files\WTHost.exe c:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dll c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jar c:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dll c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.html c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfo c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdas c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dll c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\controlpanel\index.html c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl.cdanfo c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\install\WireControl_Uninstall.cdas c:\windows\wt\wtupdates\WireControl\1.1.0.23\files\WireControl.dll c:\windows\wt\wtupdates\wtdmmp\update_info\data.wts c:\windows\wt\wtupdates\wtupdater\appinfo.dat c:\windows\wt\wtupdates\wtwebdriver\update_info\data.wts c:\windows\wt\wtvh.dll . . ((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-31 ))))))))))))))))))))))))))))))) . . 2013-03-27 02:54 . 2013-03-27 02:54 -------- d-----w- c:\documents and settings\Jared\Application Data\Dell 2013-03-27 02:53 . 2013-03-27 02:53 -------- d-----w- c:\documents and settings\All Users\Application Data\PCDr 2013-03-26 21:26 . 2013-03-26 21:30 -------- d-----w- c:\documents and settings\Jared\Local Settings\Application Data\Deployment 2013-03-26 20:34 . 2013-03-26 20:34 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin 2013-03-26 20:34 . 2013-03-26 20:34 1 ----a-w- c:\windows\system32\nvdrssel.bin 2013-03-26 20:34 . 2013-03-26 20:34 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin 2013-03-26 20:33 . 2013-03-26 20:33 -------- d-----w- c:\program files\NVIDIA Corporation 2013-03-21 18:17 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys 2013-03-21 18:17 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023.sys 2013-03-21 02:12 . 2013-03-21 02:12 -------- d-----w- c:\documents and settings\Jared\Citrix 2013-03-15 05:42 . 2013-03-15 05:49 -------- d-----w- C:\67010e40712f819f74430b15d61eec41 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-12 00:32 . 2008-12-19 18:44 12928 ------w- c:\windows\system32\drivers\usb8023x.sys 2013-02-12 00:32 . 2004-08-11 23:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-02-08 09:03 . 2013-02-08 09:03 19189760 ----a-w- c:\windows\system32\nvoglnt.dll 2013-02-08 09:03 . 2013-02-08 09:03 1010464 ----a-w- c:\windows\system32\nvdispco32.dll 2013-02-08 09:03 . 2004-08-11 23:08 4494336 ----a-w- c:\windows\system32\nv4_disp.dll 2013-02-08 09:02 . 2013-02-08 09:02 7536640 ----a-w- c:\windows\system32\nvcuda.dll 2013-02-08 09:02 . 2013-02-08 09:02 2581792 ----a-w- c:\windows\system32\nvcuvid.dll 2013-02-08 09:02 . 2013-02-08 09:02 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll 2013-02-08 09:02 . 2013-02-08 09:02 2389504 ----a-w- c:\windows\system32\nvapi.dll 2013-02-08 09:02 . 2013-02-08 09:02 17551360 ----a-w- c:\windows\system32\nvcompiler.dll 2013-02-08 09:02 . 2004-08-11 23:08 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2013-02-08 09:02 . 2013-02-08 09:02 5967872 ----a-w- c:\windows\system32\nvopencl.dll 2013-02-08 09:02 . 2013-02-08 09:02 1869088 ----a-w- c:\windows\system32\nvcuvenc.dll 2013-02-05 20:05 . 2004-08-11 23:00 916480 ----a-w- c:\windows\system32\wininet.dll 2013-02-05 20:05 . 2004-08-11 23:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-02-05 20:05 . 2004-08-11 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-02-05 05:53 . 2004-08-11 23:00 385024 ----a-w- c:\windows\system32\html.iec 2013-01-26 18:37 . 2013-01-26 18:37 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2013-01-26 18:27 . 2013-01-26 18:27 82320 ----a-w- c:\windows\system32\drivers\AntiLog32.sys 2013-01-26 03:55 . 2004-08-11 23:00 552448 ------w- c:\windows\system32\oleaut32.dll 2013-01-23 05:34 . 2012-07-25 06:15 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-23 05:34 . 2011-11-27 23:14 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-07 01:19 . 2004-08-11 23:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 00:37 . 2004-08-04 04:59 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-06 01:39 . 2013-01-26 18:27 7369552 ----a-w- c:\windows\system32\ZALSDKCore.dll 2013-01-06 01:39 . 2013-01-26 18:27 25936 ----a-w- c:\windows\system32\drivers\KeyCrypt32.sys 2013-01-04 01:20 . 2004-08-11 23:00 1867264 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49 . 2004-08-11 23:00 1292288 ----a-w- c:\windows\system32\quartz.dll 2013-01-02 06:49 . 2004-08-11 23:00 148992 ----a-w- c:\windows\system32\mpg2splt.ax 2011-06-19 17:38 203776 --sh--w- c:\windows\system32\unrar.exe 2011-06-19 17:38 203776 --sh--w- c:\windows\system32\51117EEFCC491ABDD91EA9F0BA5AC18E\unrar.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{ad708c09-d51b-45b3-9d28-4eba2681febf}] 2011-03-28 16:22 176936 ----a-w- c:\program files\Download_Energy\prxtbDow0.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2008-10-24 206112] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784] "Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016] "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-13 1117184] "Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2009-11-10 443728] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2008-10-24 206112] "IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248] "DMXLauncher"="c:\program files\Sonic\Product\Media Experience\DMXLauncher.exe" [2007-04-02 113400] "dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064] "Mobile Connectivity Suite"="c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-19 598016] "InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-02-25 1770400] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-06-19 273544] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-12-01 103768] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KEYCRY~1\KeyCrypt32(1).dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk backup=c:\windows\pss\HP Photosmart Premier Fast Start.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Principia Online Update.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Principia Online Update.lnk backup=c:\windows\pss\Principia Online Update.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate] 2010-03-11 02:32 648536 ----a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "getPlusHelper"=3 (0x3) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Program Files\\Nortel Networks\\Extranet.exe"= "c:\\Program Files\\Thomson Financial\\Thomson ONE\\sharedrdc.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\Morningstar\\Office\\MStarAWD.exe"= "c:\\Program Files\\Morningstar\\Office\\AWDImport.exe"= "c:\\Program Files\\Morningstar\\Office\\MSUpdate.exe"= "c:\\Program Files\\Morningstar\\Office\\MSUpdateVista.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\FrostWire\\FrostWire.exe"= . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1402000.013\symds.sys [1/26/2013 3:44 PM 368288] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1402000.013\symefa.sys [1/26/2013 3:44 PM 927904] R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [1/26/2013 2:27 PM 82320] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130322.001\BHDrvx86.sys [3/21/2013 9:52 PM 997464] R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360\1402000.013\ccsetx86.sys [1/26/2013 3:44 PM 134304] R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [11/30/2009 4:29 PM 65584] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1402000.013\ironx86.sys [1/26/2013 3:44 PM 175264] R2 IDVaultSvc;CGPS Service;c:\program files\Constant Guard Protection Suite\IDVaultSvc.exe [1/14/2013 10:15 AM 66600] R2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\20.2.0.19\ccsvchst.exe [1/26/2013 3:44 PM 143928] R2 TF Update;TF Update;c:\program files\Thomson Financial\Thomson ONE\Softdist\TF Update.exe [11/6/2003 10:54 AM 225329] R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [2/28/2008 3:32 PM 24521] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/26/2013 3:00 PM 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130329.001\IDSXpx86.sys [3/30/2013 1:22 AM 373728] R3 keycrypt;keycrypt;c:\windows\system32\drivers\KeyCrypt32.sys [1/26/2013 2:27 PM 25936] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys --> c:\windows\system32\Drivers\ssadadb.sys [?] S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [12/28/2009 12:42 PM 18560] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [3/7/2011 6:29 PM 24576] S3 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [2/28/2008 3:32 PM 155184] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys --> c:\windows\system32\DRIVERS\ssadbus.sys [?] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 09:32 128512 ----a-w- c:\windows\system32\advpack.dll . Contents of the 'Scheduled Tasks' folder . 2013-03-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2013-03-27 22:00] . 2013-03-31 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3093809474-2614502595-1926233828-1008.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2013-03-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3093809474-2614502595-1926233828-1008.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 14:47] . 2013-03-31 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2013-03-27 22:00] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.yahoo.com/ mStart Page = about:blank IE: Download with &Shareaza - c:\program files\Morpheus Music\RazaWebHook.dll/3000 Trusted Zone: citigroup.com\site01.remoteoffice Trusted Zone: nsroot.net\ctrxnacts.wlb3.nam TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{657E195F-066D-435C-92DB-7C261E6FE832} - (no file) Toolbar-10 - (no file) Toolbar-!{ad708c09-d51b-45b3-9d28-4eba2681febf} - (no file) AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-03-31 16:22 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\20.2.0.19\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3093809474-2614502595-1926233828-1008\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(4468) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\SCardSvr.exe c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\windows\stsystra.exe c:\program files\Citrix\ICA Client\wfcrun32.exe c:\program files\Common Files\Teleca Shared\logger.exe c:\program files\Common Files\Teleca Shared\Generic.exe c:\program files\Common Files\Teleca Shared\CapabilityManager.exe c:\program files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe c:\program files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe c:\program files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe c:\program files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe . ************************************************************************** . Completion time: 2013-03-31 16:31:08 - machine was rebooted ComboFix-quarantined-files.txt 2013-03-31 20:31 . Pre-Run: 55,538,905,088 bytes free Post-Run: 55,352,414,208 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 92C880B7EC4DE2D902DF4D1F6E3EB7B7
  6. Steps Complete. GMER 2.1.19155 - http://www.gmer.net Rootkit scan 2013-03-30 02:12:13 Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e WDC_WD1600JS-75NCB1 rev.10.02E01 149.01GB Running: liunvtgm.exe; Driver: C:\DOCUME~1\Jared\LOCALS~1\Temp\pxtdypow.sys ---- System - GMER 2.1 ---- SSDT 8A8B8448 ZwAlertResumeThread SSDT 8A8B8528 ZwAlertThread SSDT 8A8B9D98 ZwAllocateVirtualMemory SSDT 8A89B140 ZwAssignProcessToJobObject SSDT 8A9526B8 ZwConnectPort SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwCreateFile [0xB45CFF12] SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwCreateKey [0xB48D0ED0] SSDT 8A8D8150 ZwCreateMutant SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwCreateSymbolicLinkObject [0xB45D04D8] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwCreateThread [0xB45CEB24] SSDT 8A89B008 ZwDebugActiveProcess SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwDeleteKey [0xB45CFAA6] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwDeleteValueKey [0xB45CF978] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwDeviceIoControlFile [0xB45D07D0] SSDT 8A77F138 ZwDuplicateObject SSDT 8A9678C0 ZwFreeVirtualMemory SSDT 8A906C68 ZwImpersonateAnonymousToken SSDT 8A906D48 ZwImpersonateThread SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwLoadDriver [0xB45CE720] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwMapViewOfSection [0xB45CE27C] SSDT 8A8D8070 ZwOpenEvent SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwOpenFile [0xB45D028E] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwOpenKey [0xB45CFECC] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwOpenProcess [0xB45CF104] SSDT 8A89ED78 ZwOpenProcessToken SSDT 8A8D5080 ZwOpenSection SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwOpenThread [0xB45CF430] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwProtectVirtualMemory [0xB45D0498] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwQueueApcThread [0xB45CEE4A] SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS ZwRenameKey [0xB48D1D80] SSDT 8A8C1E48 ZwResumeThread SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwSecureConnectPort [0xB45D0430] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwSetContextThread [0xB45CDFA8] SSDT 8A90FE38 ZwSetInformationProcess SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwSetSystemInformation [0xB45CEAB6] SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwSetValueKey [0xB45CFB72] SSDT 8A8D5160 ZwSuspendProcess SSDT 8A8C1F28 ZwSuspendThread SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwTerminateProcess [0xB45CF84E] SSDT 8A90BE48 ZwTerminateThread SSDT 8A90FF28 ZwUnmapViewOfSection SSDT \??\C:\WINDOWS\system32\drivers\AntiLog32.sys ZwWriteVirtualMemory [0xB45CDBFA] ---- Devices - GMER 2.1 ---- Device Ntfs.sys AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS Device mrxsmb.sys Device B12C4D20 AttachedDevice fltmgr.sys Device Cdfs.SYS Device tfsnifs.sys ---- Processes - GMER 2.1 ---- Process hidden process (*** hidden *** ) 5204 Process C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe (*** hidden *** ) 5652 ---- Registry - GMER 2.1 ---- Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher@TracesProcessed 8337 ---- Disk sectors - GMER 2.1 ---- Disk \Device\Harddisk0\DR0 unknown MBR code ---- EOF - GMER 2.1 ----
  7. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Jared at 2:43:52 on 2013-03-29 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2196 [GMT -4:00] . AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} AV: *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: *Disabled* FW: Norton Security Suite *Enabled* . ============== Running Processes ================ . C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe C:\Program Files\Thomson Financial\Thomson ONE\Softdist\TF Update.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\stsystra.exe C:\WINDOWS\System32\alg.exe C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Sonic\Product\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Common Files\Teleca Shared\logger.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uSearch Page = hxxp://www.google.com/hws/sb/dell/en/side.html uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = about:blank mSearchAssistant = hxxp://www.google.com/hws/sb/dell/en/side.html uURLSearchHooks: {657E195F-066D-435C-92DB-7C261E6FE832} - <orphaned> BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton security suite\engine\20.2.0.19\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton security suite\engine\20.2.0.19\ips\ipsbho.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: Download Energy Toolbar: {ad708c09-d51b-45b3-9d28-4eba2681febf} - c:\program files\download_energy\prxtbDow0.dll BHO: Constant Guard Protection Suite: {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - c:\documents and settings\all users\application data\white sky, inc\id vault\iebho1.13.111.1\NativeBHO.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.2.0.19\coieplg.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton security suite\engine\20.2.0.19\coieplg.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_5_502_146_ActiveX.exe -update activex mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe" mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe" mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe" mRun: [DMXLauncher] "c:\program files\sonic\product\media experience\DMXLauncher.exe" mRun: [dla] c:\windows\system32\dla\tfswctrl.exe mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [Mobile Connectivity Suite] "c:\program files\htc\htc sync\application launcher\Application Launcher.exe" /startoptions mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup uExplorerRun: [RClO1i7eA1] c:\documents and settings\all users\application data\apsbudit\yzcfgdwp.exe mExplorerRun: [RClO1i7eA1] c:\documents and settings\all users\application data\apsbudit\yzcfgdwp.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Download with &Shareaza - c:\program files\morpheus music\RazaWebHook.dll/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab DPF: {61F38134-94CB-491C-AECA-37B387E73C23} - hxxps://sgirydex.on.webvisuals.net/confmgr/mount/34898/branding/installs/ICWMInstall.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1358914122619 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343197078609 DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://fugentbe.webex.com/client/T26L10NSP49EP4/webex/ieatgpc.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://site02.remoteoffice.citigroup.com/dana-cached/sc/JuniperSetupClient.cab TCP: NameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{B7FCEF46-0203-4189-B561-61711A07FC36} : DHCPNameServer = 75.75.75.75 75.75.76.76 Filter: text/html - {c6377324-6c3c-45f5-b992-a1e2eabce0ae} - <orphaned> Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\progra~1\keycry~1\KEYCRY~3.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll LSA: Authentication Packages = msv1_0 c:\windows\system32\qoMddbCS.dll mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1402000.013\symds.sys [2013-1-26 368288] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1402000.013\symefa.sys [2013-1-26 927904] R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [2013-1-26 82320] R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20130322.001\BHDrvx86.sys [2013-3-21 997464] R1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\n360\1402000.013\ccsetx86.sys [2013-1-26 134304] R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-11-30 65584] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1402000.013\ironx86.sys [2013-1-26 175264] R2 IDVaultSvc;CGPS Service;c:\program files\constant guard protection suite\IDVaultSvc.exe [2013-1-14 66600] R2 N360;Norton Security Suite;c:\program files\norton security suite\engine\20.2.0.19\ccsvchst.exe [2013-1-26 143928] R2 TF Update;TF Update;c:\program files\thomson financial\thomson one\softdist\TF Update.exe [2003-11-6 225329] R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [2008-2-28 24521] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-1-26 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20130328.001\IDSXpx86.sys [2013-3-28 373728] R3 keycrypt;keycrypt;c:\windows\system32\drivers\KeyCrypt32.sys [2013-1-26 25936] R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130328.017\NAVENG.SYS [2013-3-28 93296] R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20130328.017\NAVEX15.SYS [2013-3-28 1603824] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys --> c:\windows\system32\drivers\ssadadb.sys [?] S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-12-28 18560] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-3-7 24576] S3 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [2008-2-28 155184] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys --> c:\windows\system32\drivers\ssadbus.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== File Associations =============== . ShellExec: TrialPDFFile.exe: Open=c:\progra~1\trialp~1\TrialPDF-file.exe "%1" . =============== Created Last 30 ================ . 2013-03-27 02:54:00 -------- d-----w- c:\documents and settings\jared\application data\Dell 2013-03-27 02:53:39 -------- d-----w- c:\documents and settings\all users\application data\PCDr 2013-03-26 21:26:00 -------- d-----w- c:\documents and settings\jared\local settings\application data\Deployment 2013-03-26 20:34:46 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin 2013-03-26 20:34:46 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin 2013-03-26 20:34:46 1 ----a-w- c:\windows\system32\nvdrssel.bin 2013-03-26 20:33:04 -------- d-----w- c:\program files\NVIDIA Corporation 2013-03-21 18:17:34 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys 2013-03-21 18:17:34 12928 ------w- c:\windows\system32\dllcache\usb8023.sys 2013-03-21 02:12:25 -------- d-----w- c:\documents and settings\jared\Citrix 2013-03-15 05:42:57 -------- d-----w- C:\67010e40712f819f74430b15d61eec41 . ==================== Find3M ==================== . 2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys 2013-02-08 09:03:02 19189760 ----a-w- c:\windows\system32\nvoglnt.dll 2013-02-08 09:03:02 1010464 ----a-w- c:\windows\system32\nvdispco32.dll 2013-02-08 09:03:00 4494336 ----a-w- c:\windows\system32\nv4_disp.dll 2013-02-08 09:02:58 7536640 ----a-w- c:\windows\system32\nvcuda.dll 2013-02-08 09:02:58 2581792 ----a-w- c:\windows\system32\nvcuvid.dll 2013-02-08 09:02:56 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll 2013-02-08 09:02:56 2389504 ----a-w- c:\windows\system32\nvapi.dll 2013-02-08 09:02:56 17551360 ----a-w- c:\windows\system32\nvcompiler.dll 2013-02-08 09:02:44 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2013-02-08 09:02:42 5967872 ----a-w- c:\windows\system32\nvopencl.dll 2013-02-08 09:02:42 1869088 ----a-w- c:\windows\system32\nvcuvenc.dll 2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll 2013-02-05 20:05:46 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-02-05 20:05:46 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-02-05 05:53:57 385024 ----a-w- c:\windows\system32\html.iec 2013-01-26 18:37:10 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2013-01-26 18:27:56 82320 ----a-w- c:\windows\system32\drivers\AntiLog32.sys 2013-01-26 03:55:44 552448 ------w- c:\windows\system32\oleaut32.dll 2013-01-23 05:34:25 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-01-23 05:34:25 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-06 01:39:44 7369552 ----a-w- c:\windows\system32\ZALSDKCore.dll 2013-01-06 01:39:40 25936 ----a-w- c:\windows\system32\drivers\KeyCrypt32.sys 2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax 2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll 2011-06-19 17:38:52 203776 --sh--w- c:\windows\system32\unrar.exe 2011-06-19 17:38:48 203776 --sh--w- c:\windows\system32\51117eefcc491abdd91ea9f0ba5ac18e\unrar.exe . ============= FINISH: 2:45:04.75 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 2/17/2006 1:34:31 PM System Uptime: 3/29/2013 1:11:02 AM (1 hours ago) . Motherboard: Dell Inc. | | 0WG261 Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 122 GiB total, 52.13 GiB free. D: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP871: 12/29/2012 4:13:07 AM - System Checkpoint RP872: 12/30/2012 5:24:14 AM - System Checkpoint RP873: 12/31/2012 4:12:08 PM - System Checkpoint RP874: 1/1/2013 4:54:14 PM - System Checkpoint RP875: 1/2/2013 5:54:14 PM - System Checkpoint RP876: 1/3/2013 6:54:14 PM - System Checkpoint RP877: 1/4/2013 7:06:14 PM - System Checkpoint RP878: 1/5/2013 8:18:14 PM - System Checkpoint RP879: 1/6/2013 9:42:14 PM - System Checkpoint RP880: 1/7/2013 9:54:14 PM - System Checkpoint RP881: 1/8/2013 10:54:15 PM - System Checkpoint RP882: 1/9/2013 11:18:14 PM - System Checkpoint RP883: 1/10/2013 11:42:14 PM - System Checkpoint RP884: 1/11/2013 11:54:14 PM - System Checkpoint RP885: 1/13/2013 12:06:15 AM - System Checkpoint RP886: 1/14/2013 1:18:14 AM - System Checkpoint RP887: 1/15/2013 7:13:20 PM - System Checkpoint RP888: 1/16/2013 7:54:14 PM - System Checkpoint RP889: 1/17/2013 8:54:14 PM - System Checkpoint RP890: 1/19/2013 3:19:06 AM - System Checkpoint RP891: 1/20/2013 4:30:14 AM - System Checkpoint RP892: 1/21/2013 5:30:14 AM - System Checkpoint RP893: 1/22/2013 5:54:14 AM - System Checkpoint RP894: 1/22/2013 10:33:34 PM - Removed Kaspersky Anti-Virus 2012. RP895: 1/22/2013 11:14:05 PM - Software Distribution Service 3.0 RP896: 1/23/2013 12:35:16 AM - Software Distribution Service 3.0 RP897: 1/24/2013 1:22:07 AM - System Checkpoint RP898: 1/25/2013 2:01:07 AM - System Checkpoint RP899: 1/26/2013 2:28:52 AM - System Checkpoint RP900: 1/26/2013 1:14:52 PM - Software Distribution Service 3.0 RP901: 1/27/2013 4:14:34 PM - System Checkpoint RP902: 1/28/2013 4:15:33 PM - System Checkpoint RP903: 1/28/2013 9:26:54 PM - Norton Security Suite Registry RP904: 1/30/2013 2:51:35 PM - System Checkpoint RP905: 2/1/2013 10:56:38 AM - System Checkpoint RP906: 2/2/2013 11:43:16 AM - System Checkpoint RP907: 2/3/2013 12:19:15 PM - System Checkpoint RP908: 2/5/2013 4:18:04 AM - System Checkpoint RP909: 2/5/2013 3:21:50 PM - Software Distribution Service 3.0 RP910: 2/5/2013 6:54:17 PM - Norton Security Suite Registry RP911: 2/6/2013 7:29:52 PM - System Checkpoint RP912: 2/8/2013 8:12:09 AM - System Checkpoint RP913: 2/9/2013 8:19:19 AM - System Checkpoint RP914: 2/11/2013 12:53:37 AM - System Checkpoint RP915: 2/12/2013 7:24:53 AM - System Checkpoint RP916: 2/15/2013 8:10:32 AM - System Checkpoint RP917: 2/16/2013 8:41:25 AM - System Checkpoint RP918: 2/17/2013 8:29:27 PM - System Checkpoint RP919: 2/19/2013 10:20:24 AM - System Checkpoint RP920: 2/20/2013 11:12:25 AM - System Checkpoint RP921: 2/21/2013 2:15:31 AM - Software Distribution Service 3.0 RP922: 2/21/2013 11:26:41 AM - Removed Java 6 Update 31 RP923: 2/22/2013 12:49:19 PM - System Checkpoint RP924: 2/25/2013 5:58:11 AM - System Checkpoint RP925: 2/26/2013 7:27:51 AM - System Checkpoint RP926: 2/27/2013 8:11:49 AM - System Checkpoint RP927: 2/28/2013 11:00:50 AM - System Checkpoint RP928: 3/1/2013 11:59:54 AM - System Checkpoint RP929: 3/2/2013 9:33:24 PM - System Checkpoint RP930: 3/3/2013 10:44:37 PM - System Checkpoint RP931: 3/4/2013 11:45:30 PM - System Checkpoint RP932: 3/6/2013 6:52:38 AM - System Checkpoint RP933: 3/7/2013 12:22:02 PM - System Checkpoint RP934: 3/8/2013 2:15:25 PM - System Checkpoint RP935: 3/9/2013 2:28:09 PM - System Checkpoint RP936: 3/10/2013 4:08:48 PM - System Checkpoint RP937: 3/11/2013 5:41:07 PM - System Checkpoint RP938: 3/13/2013 1:26:49 AM - System Checkpoint RP939: 3/14/2013 7:56:10 AM - System Checkpoint RP940: 3/15/2013 1:36:15 AM - Software Distribution Service 3.0 RP941: 3/16/2013 9:21:31 AM - System Checkpoint RP942: 3/18/2013 5:06:47 AM - System Checkpoint RP943: 3/19/2013 6:17:12 AM - System Checkpoint RP944: 3/20/2013 6:57:39 AM - System Checkpoint RP945: 3/22/2013 1:34:37 AM - Software Distribution Service 3.0 RP946: 3/23/2013 4:51:20 PM - System Checkpoint RP947: 3/24/2013 8:35:42 PM - System Checkpoint RP948: 3/26/2013 8:17:59 AM - System Checkpoint RP949: 3/27/2013 8:57:30 AM - System Checkpoint RP950: 3/28/2013 10:02:02 AM - System Checkpoint . ==== Installed Programs ====================== . Acrobat.com Activate ED Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader 9.5.3 AiO_Scan_CDA AiOSoftwareNPI AntiLogger SDK version 1.4.6.637 AOLIcon Apple Application Support Apple Software Update ATI Control Panel ATI Display Driver BCL easyPDF Printer Driver 5.1 Belkin Setup and Router Monitor BlackBerry Desktop Software 5.0.1 BlackBerry Device Software Updater BlackBerry® Media Sync Blackhawk Striker 2 Blasterball 2 BufferChm C6100 c6100_Help Casino Island To Go CCleaner Chuzzle Deluxe Citrix online plug-in - web Citrix online plug-in (DV) Citrix online plug-in (HDX) Citrix online plug-in (USB) Citrix online plug-in (Web) Compatibility Pack for the 2007 Office system Constant Guard Protection Suite Consumer Complete Care Services Agreement CoreAAC Audio Decoder (remove only) Corel Paint Shop Pro X CP_CalendarTemplates1 cp_OnlineProjectsConfig CP_Package_Basic1 CP_Panorama1Config cp_PosterPrintConfig Critical Update for Windows Media Player 11 (KB959772) CueTour Dell Digital Jukebox Driver Dell Driver Reset Tool Dell Game Console Dell Support Center Dell System Restore DellSupport Destinations DeviceManagementQFolder Digital Content Portal DocProc DocProcQFolder DocumentViewer DocumentViewerQFolder Download Energy Toolbar EarthLink setup files EducateU ELIcon EPSON NX510 Series Printer Uninstall eSupportQFolder Facebook Plug-In FATE Fax_CDA FullDPAppQFolder Get High Speed Internet! Gogo MP3 To CD Burner Google AFE Google Toolbar for Internet Explorer Gorilla Gorilla 2.3 GoToMeeting 4.0.0.320 High Definition Audio Driver Package - KB835221 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP Document Viewer 7.0 HP Imaging Device Functions 7.0 HP Photosmart Premier Software 6.5 HP Photosmart, Officejet and Deskjet 7.0.A HP Product Assistant HP Solution Center 7.0 HP Update HPPhotoSmartExpress HPProductAssistant HTC Driver Installer HTC Sync InstantShareDevices InstantShareDevicesMFC Intel® 537EP V9x DF PCI Modem Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers Intel® PROSet for Wired Connections IrfanView (remove only) J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_03 Java 6 Update 31 Juniper Citrix Services Client Juniper Networks, Inc. Setup Client LeapFrog Connect LeapFrog Tag Junior Plugin Learn2 Player (Uninstall Only) Lemonade Tycoon 2 Lernout & Hauspie TruVoice American English TTS Engine MCU Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office File Validation Add-In Microsoft Office Professional Edition 2003 Microsoft Outlook Personal Folders Backup Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft Silverlight Microsoft Speech Recognition Engine 4.0 (English) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Modem Event Monitor Modem Helper Modem On Hold Morningstar Office Morningstar Office Prerequisite 3.8 Move Media Player MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Musicmatch for Windows Media Player NetZeroInstallers NewCopy_CDA Norton Security Suite OCR Software by I.R.I.S 7.0 OGA Notifier 2.0.0048.0 PanoStandAlone Photo Click PhotoGallery Polar Bowler Polar Golfer PowerDVD 5.5 Principia ProductContextNPI Qualxserve Service Agreement QuickTime QUODD Equity+ RandMap Readme RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 Roxio Media Experience Roxio Media Manager Scan ScannerCopy SCRABBLE Security Task Manager 1.7h Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB2792100) Security Update for Windows Internet Explorer 8 (KB2797052) Security Update for Windows Internet Explorer 8 (KB2799329) Security Update for Windows Internet Explorer 8 (KB2809289) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2778344) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB2780091) Security Update for Windows XP (KB2799494) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Series 7 Drill and Practice SigTool Imager Plus v1.0 SigTool Imager Plus v1.1 SkinsHP1 SlideShow SolutionCenter Sonic CinePlayer Decoder Pack Sonic DLA Sonic RecordNow Audio Sonic RecordNow Copy Sonic RecordNow Data Sonic Update Manager Sonic_PrimoSDK Status Thomson Financial TTSLink 8.2 Build 45 Thomson ONE 4.4 Build 30 Toolbox Topaz e-Signatures SigPlus 3.74 Topaz MS Office Plug-In 2.0 Total Video2Dvd 2.61 Tradewinds TrayApp Trial PDF-file v3.0 Unload Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB975364) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2616676-v2) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) Vectorize Viewpoint Media Player Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WebCyberCoach 3.2 Dell WebEx WebFldrs XP WebReg WildTangent Web Driver Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live OneCare safety scanner Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player 11 Windows Vista Upgrade Advisor Windows XP Service Pack 3 WordPerfect Office 12 XLSTAT 2010 Xvid Video Codec Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 3/26/2013 4:42:26 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the CGPS Service service to connect. 3/26/2013 4:42:26 PM, error: Service Control Manager [7000] - The CGPS Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/26/2013 1:43:53 PM, error: DCOM [10000] - Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "%1450" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding 3/26/2013 1:43:52 PM, error: DCOM [10000] - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "%1450" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding 3/26/2013 1:37:13 PM, error: DCOM [10000] - Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error: "%1450" Happened while starting this command: "C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" -Embedding 3/22/2013 1:48:47 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect. . ==== End Of File ===========================
  8. Computer is deathly slow online (sometimes). Spent several months online, then reconnected with Norton via Comcast. Getting worse and worse, requiring daily reboots. 7 year old computer, P4 3.0, 3 GB RAM, 128 MB video. I know it needs upgrades but can I save this or is it just time to get a new computer? Hijackthis below: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:09:04 AM, on 3/29/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\stsystra.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Thomson Financial\Thomson ONE\Softdist\TF Update.exe C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Sonic\Product\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Common Files\Teleca Shared\logger.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Documents and Settings\Jared\Application Data\Juniper Networks\Setup Client\JuniperSetupClient.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\CCleaner\ccleaner.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R3 - URLSearchHook: (no name) - {657E195F-066D-435C-92DB-7C261E6FE832} - (no file) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Download Energy - {ad708c09-d51b-45b3-9d28-4eba2681febf} - C:\Program Files\Download_Energy\prxtbDow0.dll O2 - BHO: Constant Guard Protection Suite - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Documents and Settings\All Users\Application Data\White Sky, Inc\ID Vault\IEBHO1.13.111.1\NativeBHO.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file) O3 - Toolbar: (no name) - !{ad708c09-d51b-45b3-9d28-4eba2681febf} - (no file) O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\coIEPlg.dll O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Sonic\Product\Media Experience\DMXLauncher.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [instaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe O4 - HKLM\..\Policies\Explorer\Run: [RClO1i7eA1] C:\Documents and Settings\All Users\Application Data\apsbudit\yzcfgdwp.exe O4 - HKCU\..\Policies\Explorer\Run: [RClO1i7eA1] C:\Documents and Settings\All Users\Application Data\apsbudit\yzcfgdwp.exe O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Morpheus Music\RazaWebHook.dll/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase370.cab O16 - DPF: {61F38134-94CB-491C-AECA-37B387E73C23} (IWebVisualsInstallObj Class) - https://sgirydex.on.webvisuals.net/confmgr/mount/34898/branding/installs/ICWMInstall.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1358914122619 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1343197078609 O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://fugentbe.webex.com/client/T26L10NSP49EP4/webex/ieatgpc.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://site02.remoteoffice.citigroup.com/dana-cached/sc/JuniperSetupClient.cab O18 - Filter hijack: text/html - {c6377324-6c3c-45f5-b992-a1e2eabce0ae} - (no file) O20 - AppInit_DLLs: C:\PROGRA~1\KEYCRY~1\KEYCRY~3.DLL O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: CGPS Service (IDVaultSvc) - White Sky, Inc. - C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\20.2.0.19\ccSvcHst.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: TF Update - - C:\Program Files\Thomson Financial\Thomson ONE\Softdist\TF Update.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 12905 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.